allowed = $allowed; } /** * @return FirewallAllowed[] */ public function getAllowed() { return $this->allowed; } /** * Output only. [Output Only] Creation timestamp inRFC3339 text format. * * @param string $creationTimestamp */ public function setCreationTimestamp($creationTimestamp) { $this->creationTimestamp = $creationTimestamp; } /** * @return string */ public function getCreationTimestamp() { return $this->creationTimestamp; } /** * The list of DENY rules specified by this firewall. Each rule specifies a * protocol and port-range tuple that describes a denied connection. * * @param FirewallDenied[] $denied */ public function setDenied($denied) { $this->denied = $denied; } /** * @return FirewallDenied[] */ public function getDenied() { return $this->denied; } /** * An optional description of this resource. Provide this field when you * create the resource. * * @param string $description */ public function setDescription($description) { $this->description = $description; } /** * @return string */ public function getDescription() { return $this->description; } /** * If destination ranges are specified, the firewall rule applies only to * traffic that has destination IP address in these ranges. These ranges must * be expressed inCIDR format. Both IPv4 and IPv6 are supported. * * @param string[] $destinationRanges */ public function setDestinationRanges($destinationRanges) { $this->destinationRanges = $destinationRanges; } /** * @return string[] */ public function getDestinationRanges() { return $this->destinationRanges; } /** * Direction of traffic to which this firewall applies, either `INGRESS` or * `EGRESS`. The default is `INGRESS`. For `EGRESS` traffic, you cannot * specify the sourceTags fields. * * Accepted values: EGRESS, INGRESS * * @param self::DIRECTION_* $direction */ public function setDirection($direction) { $this->direction = $direction; } /** * @return self::DIRECTION_* */ public function getDirection() { return $this->direction; } /** * Denotes whether the firewall rule is disabled. When set to true, the * firewall rule is not enforced and the network behaves as if it did not * exist. If this is unspecified, the firewall rule will be enabled. * * @param bool $disabled */ public function setDisabled($disabled) { $this->disabled = $disabled; } /** * @return bool */ public function getDisabled() { return $this->disabled; } /** * Output only. [Output Only] The unique identifier for the resource. This * identifier is defined by the server. * * @param string $id */ public function setId($id) { $this->id = $id; } /** * @return string */ public function getId() { return $this->id; } /** * Output only. [Output Only] Type of the resource. Always compute#firewall * for firewall rules. * * @param string $kind */ public function setKind($kind) { $this->kind = $kind; } /** * @return string */ public function getKind() { return $this->kind; } /** * This field denotes the logging options for a particular firewall rule. If * logging is enabled, logs will be exported to Cloud Logging. * * @param FirewallLogConfig $logConfig */ public function setLogConfig(FirewallLogConfig $logConfig) { $this->logConfig = $logConfig; } /** * @return FirewallLogConfig */ public function getLogConfig() { return $this->logConfig; } /** * Name of the resource; provided by the client when the resource is created. * The name must be 1-63 characters long, and comply withRFC1035. * Specifically, the name must be 1-63 characters long and match the regular * expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a * lowercase letter, and all following characters (except for the last * character) must be a dash, lowercase letter, or digit. The last character * must be a lowercase letter or digit. * * @param string $name */ public function setName($name) { $this->name = $name; } /** * @return string */ public function getName() { return $this->name; } /** * URL of the network resource for this firewall rule. If not specified when * creating a firewall rule, the default network is used: * * global/networks/default * * If you choose to specify this field, you can specify the network as a full * or partial URL. For example, the following are all valid URLs: - * https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my * -network - projects/myproject/global/networks/my-network - * global/networks/default * * @param string $network */ public function setNetwork($network) { $this->network = $network; } /** * @return string */ public function getNetwork() { return $this->network; } /** * Input only. [Input Only] Additional params passed with the request, but not * persisted as part of resource payload. * * @param FirewallParams $params */ public function setParams(FirewallParams $params) { $this->params = $params; } /** * @return FirewallParams */ public function getParams() { return $this->params; } /** * Priority for this rule. This is an integer between `0` and `65535`, both * inclusive. The default value is `1000`. Relative priorities determine which * rule takes effect if multiple rules apply. Lower values indicate higher * priority. For example, a rule with priority `0` has higher precedence than * a rule with priority `1`. DENY rules take precedence over ALLOW rules if * they have equal priority. Note that VPC networks have implied rules with a * priority of `65535`. To avoid conflicts with the implied rules, use a * priority number less than `65535`. * * @param int $priority */ public function setPriority($priority) { $this->priority = $priority; } /** * @return int */ public function getPriority() { return $this->priority; } /** * [Output Only] Server-defined URL for the resource. * * @param string $selfLink */ public function setSelfLink($selfLink) { $this->selfLink = $selfLink; } /** * @return string */ public function getSelfLink() { return $this->selfLink; } /** * If source ranges are specified, the firewall rule applies only to traffic * that has a source IP address in these ranges. These ranges must be * expressed inCIDR format. One or both of sourceRanges and sourceTags may be * set. If both fields are set, the rule applies to traffic that has a source * IP address within sourceRanges OR a source IP from a resource with a * matching tag listed in thesourceTags field. The connection does not need to * match both fields for the rule to apply. Both IPv4 and IPv6 are supported. * * @param string[] $sourceRanges */ public function setSourceRanges($sourceRanges) { $this->sourceRanges = $sourceRanges; } /** * @return string[] */ public function getSourceRanges() { return $this->sourceRanges; } /** * If source service accounts are specified, the firewall rules apply only to * traffic originating from an instance with a service account in this list. * Source service accounts cannot be used to control traffic to an instance's * external IP address because service accounts are associated with an * instance, not an IP address.sourceRanges can be set at the same time * assourceServiceAccounts. If both are set, the firewall applies to traffic * that has a source IP address within the sourceRanges OR a source IP that * belongs to an instance with service account listed insourceServiceAccount. * The connection does not need to match both fields for the firewall to * apply.sourceServiceAccounts cannot be used at the same time assourceTags or * targetTags. * * @param string[] $sourceServiceAccounts */ public function setSourceServiceAccounts($sourceServiceAccounts) { $this->sourceServiceAccounts = $sourceServiceAccounts; } /** * @return string[] */ public function getSourceServiceAccounts() { return $this->sourceServiceAccounts; } /** * If source tags are specified, the firewall rule applies only to traffic * with source IPs that match the primary network interfaces of VM instances * that have the tag and are in the same VPC network. Source tags cannot be * used to control traffic to an instance's external IP address, it only * applies to traffic between instances in the same virtual network. Because * tags are associated with instances, not IP addresses. One or both of * sourceRanges and sourceTags may be set. If both fields are set, the * firewall applies to traffic that has a source IP address within * sourceRanges OR a source IP from a resource with a matching tag listed in * the sourceTags field. The connection does not need to match both fields for * the firewall to apply. * * @param string[] $sourceTags */ public function setSourceTags($sourceTags) { $this->sourceTags = $sourceTags; } /** * @return string[] */ public function getSourceTags() { return $this->sourceTags; } /** * A list of service accounts indicating sets of instances located in the * network that may make network connections as specified * inallowed[].targetServiceAccounts cannot be used at the same time * astargetTags or sourceTags. If neither targetServiceAccounts nor targetTags * are specified, the firewall rule applies to all instances on the specified * network. * * @param string[] $targetServiceAccounts */ public function setTargetServiceAccounts($targetServiceAccounts) { $this->targetServiceAccounts = $targetServiceAccounts; } /** * @return string[] */ public function getTargetServiceAccounts() { return $this->targetServiceAccounts; } /** * A list of tags that controls which instances the firewall rule applies to. * If targetTags are specified, then the firewall rule applies only to * instances in the VPC network that have one of those tags. If no targetTags * are specified, the firewall rule applies to all instances on the specified * network. * * @param string[] $targetTags */ public function setTargetTags($targetTags) { $this->targetTags = $targetTags; } /** * @return string[] */ public function getTargetTags() { return $this->targetTags; } } // Adding a class alias for backwards compatibility with the previous class name. class_alias(Firewall::class, 'Google_Service_Compute_Firewall');