Reference documentation and code samples for the Google Cloud Network Services V1 Client class AuthzExtension.
AuthzExtension
is a resource that allows traffic forwarding
to a callout backend service to make an authorization decision.
Generated from protobuf message google.cloud.networkservices.v1.AuthzExtension
Namespace
Google \ Cloud \ NetworkServices \ V1Methods
__construct
Constructor.
data
array
Optional. Data for populating the Message object.
↳ name
string
Required. Identifier. Name of the AuthzExtension
resource in the following format: projects/{project}/locations/{location}/authzExtensions/{authz_extension}
.
↳ create_time
↳ update_time
↳ description
string
Optional. A human-readable description of the resource.
↳ labels
array| Google\Protobuf\Internal\MapField
Optional. Set of labels associated with the AuthzExtension
resource. The format must comply with the requirements for labels
for Google Cloud resources.
↳ load_balancing_scheme
int
Required. All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. Supported values: INTERNAL_MANAGED
, EXTERNAL_MANAGED
. For more information, refer to Backend services overview
.
↳ authority
string
Required. The :authority
header in the gRPC request sent from Envoy to the extension service.
↳ service
string
Required. The reference to the service that runs the extension. To configure a callout extension, service
must be a fully-qualified reference to a backend service
in the format: https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/backendServices/{backendService}
or https://www.googleapis.com/compute/v1/projects/{project}/global/backendServices/{backendService}
.
↳ timeout
Google\Protobuf\Duration
Required. Specifies the timeout for each individual message on the stream. The timeout must be between 10-10000 milliseconds.
↳ fail_open
bool
Optional. Determines how the proxy behaves if the call to the extension fails or times out. When set to TRUE
, request or response processing continues without error. Any subsequent extensions in the extension chain are also executed. When set to FALSE
or the default setting of FALSE
is used, one of the following happens: * * If response headers have not been delivered to the downstream client, a generic 500 error is returned to the client. The error response can be tailored by configuring a custom error response in the load balancer. * * If response headers have been delivered, then the HTTP stream to the downstream client is reset.
↳ metadata
Google\Protobuf\Struct
Optional. The metadata provided here is included as part of the metadata_context
(of type google.protobuf.Struct
) in the ProcessingRequest
message sent to the extension server. The metadata is available under the namespace com.google.authz_extension.<resource_name>
. The following variables are supported in the metadata Struct: {forwarding_rule_id}
- substituted with the forwarding rule's fully qualified resource name.
↳ forward_headers
array
Optional. List of the HTTP headers to forward to the extension (from the client). If omitted, all headers are sent. Each element is a string indicating the header name.
↳ wire_format
int
Optional. The format of communication supported by the callout extension. If not specified, the default value EXT_PROC_GRPC
is used.
getName
Required. Identifier. Name of the AuthzExtension
resource in the
following format: projects/{project}/locations/{location}/authzExtensions/{authz_extension}
.
string
setName
Required. Identifier. Name of the AuthzExtension
resource in the
following format: projects/{project}/locations/{location}/authzExtensions/{authz_extension}
.
var
string
$this
getCreateTime
Output only. The timestamp when the resource was created.
hasCreateTime
clearCreateTime
setCreateTime
Output only. The timestamp when the resource was created.
$this
getUpdateTime
Output only. The timestamp when the resource was updated.
hasUpdateTime
clearUpdateTime
setUpdateTime
Output only. The timestamp when the resource was updated.
$this
getDescription
Optional. A human-readable description of the resource.
string
setDescription
Optional. A human-readable description of the resource.
var
string
$this
getLabels
Optional. Set of labels associated with the AuthzExtension
resource.
The format must comply with the requirements for labels for Google Cloud resources.
setLabels
Optional. Set of labels associated with the AuthzExtension
resource.
The format must comply with the requirements for labels for Google Cloud resources.
$this
getLoadBalancingScheme
Required. All backend services and forwarding rules referenced by this
extension must share the same load balancing scheme. Supported values: INTERNAL_MANAGED
, EXTERNAL_MANAGED
. For more information, refer to Backend services
overview
.
int
setLoadBalancingScheme
Required. All backend services and forwarding rules referenced by this
extension must share the same load balancing scheme. Supported values: INTERNAL_MANAGED
, EXTERNAL_MANAGED
. For more information, refer to Backend services
overview
.
var
int
$this
getAuthority
Required. The :authority
header in the gRPC request sent from Envoy
to the extension service.
string
setAuthority
Required. The :authority
header in the gRPC request sent from Envoy
to the extension service.
var
string
$this
getService
Required. The reference to the service that runs the extension.
To configure a callout extension, service
must be a fully-qualified
reference
to a backend
service
in the format: https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/backendServices/{backendService}
or https://www.googleapis.com/compute/v1/projects/{project}/global/backendServices/{backendService}
.
string
setService
Required. The reference to the service that runs the extension.
To configure a callout extension, service
must be a fully-qualified
reference
to a backend
service
in the format: https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/backendServices/{backendService}
or https://www.googleapis.com/compute/v1/projects/{project}/global/backendServices/{backendService}
.
var
string
$this
getTimeout
Required. Specifies the timeout for each individual message on the stream.
The timeout must be between 10-10000 milliseconds.
hasTimeout
clearTimeout
setTimeout
Required. Specifies the timeout for each individual message on the stream.
The timeout must be between 10-10000 milliseconds.
$this
getFailOpen
Optional. Determines how the proxy behaves if the call to the extension fails or times out.
When set to TRUE
, request or response processing continues without
error. Any subsequent extensions in the extension chain are also
executed. When set to FALSE
or the default setting of FALSE
is used,
one of the following happens:
- If response headers have not been delivered to the downstream client, a generic 500 error is returned to the client. The error response can be tailored by configuring a custom error response in the load balancer.
- If response headers have been delivered, then the HTTP stream to the downstream client is reset.
bool
setFailOpen
Optional. Determines how the proxy behaves if the call to the extension fails or times out.
When set to TRUE
, request or response processing continues without
error. Any subsequent extensions in the extension chain are also
executed. When set to FALSE
or the default setting of FALSE
is used,
one of the following happens:
- If response headers have not been delivered to the downstream client, a generic 500 error is returned to the client. The error response can be tailored by configuring a custom error response in the load balancer.
- If response headers have been delivered, then the HTTP stream to the downstream client is reset.
var
bool
$this
getMetadata
Optional. The metadata provided here is included as part of the metadata_context
(of type google.protobuf.Struct
) in the ProcessingRequest
message sent to the extension
server. The metadata is available under the namespace com.google.authz_extension.<resource_name>
.
The following variables are supported in the metadata Struct: {forwarding_rule_id}
- substituted with the forwarding rule's fully
qualified resource name.
hasMetadata
clearMetadata
setMetadata
Optional. The metadata provided here is included as part of the metadata_context
(of type google.protobuf.Struct
) in the ProcessingRequest
message sent to the extension
server. The metadata is available under the namespace com.google.authz_extension.<resource_name>
.
The following variables are supported in the metadata Struct: {forwarding_rule_id}
- substituted with the forwarding rule's fully
qualified resource name.
$this
getForwardHeaders
Optional. List of the HTTP headers to forward to the extension (from the client). If omitted, all headers are sent.
Each element is a string indicating the header name.
setForwardHeaders
Optional. List of the HTTP headers to forward to the extension (from the client). If omitted, all headers are sent.
Each element is a string indicating the header name.
var
string[]
$this
getWireFormat
Optional. The format of communication supported by the callout extension.
If not specified, the default value EXT_PROC_GRPC
is used.
int
setWireFormat
Optional. The format of communication supported by the callout extension.
If not specified, the default value EXT_PROC_GRPC
is used.
var
int
$this
