public sealed class SecurityPolicyRuleRateLimitOptions : IMessage<SecurityPolicyRuleRateLimitOptions>, IEquatable<SecurityPolicyRuleRateLimitOptions>, IDeepCloneable<SecurityPolicyRuleRateLimitOptions>, IBufferMessage, IMessageImplements
IMessage<SecurityPolicyRuleRateLimitOptions>, IEquatable<SecurityPolicyRuleRateLimitOptions>, IDeepCloneable<SecurityPolicyRuleRateLimitOptions>, IBufferMessage, IMessageNamespace
Google.Cloud.Compute.V1Assembly
Google.Cloud.Compute.V1.dll
Constructors
SecurityPolicyRuleRateLimitOptions()
public SecurityPolicyRuleRateLimitOptions()SecurityPolicyRuleRateLimitOptions(SecurityPolicyRuleRateLimitOptions)
public SecurityPolicyRuleRateLimitOptions(SecurityPolicyRuleRateLimitOptions other)| Parameter | |
|---|---|
| Name | Description |
other |
SecurityPolicyRuleRateLimitOptions |
Properties
BanDurationSec
public int BanDurationSec { get; set; }Can only be specified if the action for the rule is "rate_based_ban". If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold.
| Property Value | |
|---|---|
| Type | Description |
Int32 |
|
BanThreshold
public SecurityPolicyRuleRateLimitOptionsThreshold BanThreshold { get; set; }Can only be specified if the action for the rule is "rate_based_ban". If specified, the key will be banned for the configured 'ban_duration_sec' when the number of requests that exceed the 'rate_limit_threshold' also exceed this 'ban_threshold'.
| Property Value | |
|---|---|
| Type | Description |
SecurityPolicyRuleRateLimitOptionsThreshold |
|
ConformAction
public string ConformAction { get; set; }Action to take for requests that are under the configured rate limit threshold. Valid option is "allow" only.
| Property Value | |
|---|---|
| Type | Description |
String |
|
EnforceOnKey
public string EnforceOnKey { get; set; }Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if this field 'enforce_on_key' is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under "enforce_on_key_name". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforce_on_key_name". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. Check the EnforceOnKey enum for the list of possible values.
| Property Value | |
|---|---|
| Type | Description |
String |
|
EnforceOnKeyName
public string EnforceOnKeyName { get; set; }Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value.
| Property Value | |
|---|---|
| Type | Description |
String |
|
ExceedAction
public string ExceedAction { get; set; }Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. Valid options are "deny(status)", where valid values for status are 403, 404, 429, and 502, and "redirect" where the redirect parameters come from exceedRedirectOptions below.
| Property Value | |
|---|---|
| Type | Description |
String |
|
ExceedRedirectOptions
public SecurityPolicyRuleRedirectOptions ExceedRedirectOptions { get; set; }Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect.
| Property Value | |
|---|---|
| Type | Description |
SecurityPolicyRuleRedirectOptions |
|
HasBanDurationSec
public bool HasBanDurationSec { get; }Gets whether the "ban_duration_sec" field is set
| Property Value | |
|---|---|
| Type | Description |
Boolean |
|
HasConformAction
public bool HasConformAction { get; }Gets whether the "conform_action" field is set
| Property Value | |
|---|---|
| Type | Description |
Boolean |
|
HasEnforceOnKey
public bool HasEnforceOnKey { get; }Gets whether the "enforce_on_key" field is set
| Property Value | |
|---|---|
| Type | Description |
Boolean |
|
HasEnforceOnKeyName
public bool HasEnforceOnKeyName { get; }Gets whether the "enforce_on_key_name" field is set
| Property Value | |
|---|---|
| Type | Description |
Boolean |
|
HasExceedAction
public bool HasExceedAction { get; }Gets whether the "exceed_action" field is set
| Property Value | |
|---|---|
| Type | Description |
Boolean |
|
RateLimitThreshold
public SecurityPolicyRuleRateLimitOptionsThreshold RateLimitThreshold { get; set; }Threshold at which to begin ratelimiting.
| Property Value | |
|---|---|
| Type | Description |
SecurityPolicyRuleRateLimitOptionsThreshold |
|