1label: Config Connector AccessContextManagerServicePerimeter
2markdownDescription: Creates yaml for a AccessContextManagerServicePerimeter resource
3insertText: |
4 apiVersion: accesscontextmanager.cnrm.cloud.google.com/v1beta1
5 kind: AccessContextManagerServicePerimeter
6 metadata:
7 name: \${1:accesscontextmanagerserviceperimeter-name}
8 spec:
9 spec:
10 accessLevels:
11 - name: \${2:serviceperimeterdep2}
12 resources:
13 - projectRef:
14 external: \${3:projects/[PROJECT_NUMBER1]}
15 - projectRef:
16 external: \${4:projects/[PROJECT_NUMBER2]}
17 restrictedServices:
18 - \${5:storage.googleapis.com}
19 vpcAccessibleServices:
20 allowedServices:
21 - \${6:storage.googleapis.com}
22 - \${7:pubsub.googleapis.com}
23 enableRestriction: \${8:true}
24 egressPolicies:
25 - egressFrom:
26 identities:
27 - name: \${9:serviceperimeterengressdep}
28 - egressTo:
29 resources:
30 - projectRef:
31 external: \${10:projects/[PROJECT_NUMBER1]}
32 ingressPolicies:
33 - ingressFrom:
34 identities:
35 - name: \${11:serviceperimeteringressdep}
36 sources:
37 - accessLevelRef:
38 name: \${12:serviceperimeterdep2}
39 ingressTo:
40 resources:
41 - projectRef:
42 external: \${13:projects/[PROJECT_NUMBER2]}
43 status:
44 accessLevels:
45 - name: \${14:serviceperimeterdep2}
46 resources:
47 - projectRef:
48 external: \${15:projects/[PROJECT_NUMBER3]}
49 - projectRef:
50 external: \${16:projects/[PROJECT_NUMBER4]}
51 restrictedServices:
52 - \${17:bigquery.googleapis.com}
53 vpcAccessibleServices:
54 allowedServices:
55 - \${18:bigquery.googleapis.com}
56 - \${19:logging.googleapis.com}
57 enableRestriction: \${20:true}
58 title: \${21:Service Perimeter created by Config Connector}
59 useExplicitDryRunSpec: \${22:true}
60 accessPolicyRef:
61 external: \${23:accessPolicies/[ACCESS_POLICY_NUMBER]}
62 description: \${24:A Service Perimeter Created by Config Connector}
63 perimeterType: \${25:PERIMETER_TYPE_REGULAR}
View as plain text