Class FirewallClient (2.34.0)

GitHub Repository Product Reference

Service Description: Firewall resources are used to define a collection of access control rules for an Application. Each rule is defined with a position which specifies the rule's order in the sequence of rules, an IP range to be matched against requests, and an action to take upon matching requests.

Every request is evaluated against the Firewall rules in priority order. Processesing stops at the first rule which matches the request's IP address. A final rule always specifies an action that applies to all remaining IP addresses. The default final rule for a newly-created application will be set to "allow" if not otherwise specified by the user.

This class provides the ability to make remote calls to the backing service through method calls that map to API methods. Sample code to get started:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(FirewallClientfirewallClient=FirewallClient.create()){
BatchUpdateIngressRulesRequestrequest=
BatchUpdateIngressRulesRequest.newBuilder()
.setName("name3373707")
.addAllIngressRules(newArrayList<FirewallRule>())
.build();
BatchUpdateIngressRulesResponseresponse=firewallClient.batchUpdateIngressRules(request);
}

Note: close() needs to be called on the FirewallClient object to clean up resources such as threads. In the example above, try-with-resources is used, which automatically calls close().

Methods
Method Description Method Variants

ListIngressRules

Lists the firewall rules of an application.

Request object method variants only take one parameter, a request object, which must be constructed before the call.

  • listIngressRules(ListIngressRulesRequest request)

Callable method variants take no parameters and return an immutable API callable object, which can be used to initiate calls to the service.

  • listIngressRulesPagedCallable()

  • listIngressRulesCallable()

BatchUpdateIngressRules

Replaces the entire firewall ruleset in one bulk operation. This overrides and replaces the rules of an existing firewall with the new rules.

If the final rule does not match traffic with the '*' wildcard IP range, then an "allow all" rule is explicitly added to the end of the list.

Request object method variants only take one parameter, a request object, which must be constructed before the call.

  • batchUpdateIngressRules(BatchUpdateIngressRulesRequest request)

Callable method variants take no parameters and return an immutable API callable object, which can be used to initiate calls to the service.

  • batchUpdateIngressRulesCallable()

CreateIngressRule

Creates a firewall rule for the application.

Request object method variants only take one parameter, a request object, which must be constructed before the call.

  • createIngressRule(CreateIngressRuleRequest request)

Callable method variants take no parameters and return an immutable API callable object, which can be used to initiate calls to the service.

  • createIngressRuleCallable()

GetIngressRule

Gets the specified firewall rule.

Request object method variants only take one parameter, a request object, which must be constructed before the call.

  • getIngressRule(GetIngressRuleRequest request)

Callable method variants take no parameters and return an immutable API callable object, which can be used to initiate calls to the service.

  • getIngressRuleCallable()

UpdateIngressRule

Updates the specified firewall rule.

Request object method variants only take one parameter, a request object, which must be constructed before the call.

  • updateIngressRule(UpdateIngressRuleRequest request)

Callable method variants take no parameters and return an immutable API callable object, which can be used to initiate calls to the service.

  • updateIngressRuleCallable()

DeleteIngressRule

Deletes the specified firewall rule.

Request object method variants only take one parameter, a request object, which must be constructed before the call.

  • deleteIngressRule(DeleteIngressRuleRequest request)

Callable method variants take no parameters and return an immutable API callable object, which can be used to initiate calls to the service.

  • deleteIngressRuleCallable()

See the individual methods for example code.

Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parse method to extract the individual identifiers contained within names that are returned.

This class can be customized by passing in a custom instance of FirewallSettings to create(). For example:

To customize credentials:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
FirewallSettingsfirewallSettings=
FirewallSettings.newBuilder()
.setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
.build();
FirewallClientfirewallClient=FirewallClient.create(firewallSettings);

To customize the endpoint:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
FirewallSettingsfirewallSettings=
FirewallSettings.newBuilder().setEndpoint(myEndpoint).build();
FirewallClientfirewallClient=FirewallClient.create(firewallSettings);

To use REST (HTTP1.1/JSON) transport (instead of gRPC) for sending and receiving requests over the wire:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
FirewallSettingsfirewallSettings=FirewallSettings.newHttpJsonBuilder().build();
FirewallClientfirewallClient=FirewallClient.create(firewallSettings);

Please refer to the GitHub repository's samples for more quickstart code snippets.

Inheritance

java.lang.Object > FirewallClient

Static Methods

create()

publicstaticfinalFirewallClientcreate()

Constructs an instance of FirewallClient with default settings.

Returns
Type Description
FirewallClient
Exceptions
Type Description
IOException

create(FirewallSettings settings)

publicstaticfinalFirewallClientcreate(FirewallSettingssettings)

Constructs an instance of FirewallClient, using the given settings. The channels are created based on the settings passed in, or defaults for any settings that are not set.

Parameter
Name Description
settings FirewallSettings
Returns
Type Description
FirewallClient
Exceptions
Type Description
IOException

create(FirewallStub stub)

publicstaticfinalFirewallClientcreate(FirewallStubstub)

Constructs an instance of FirewallClient, using the given stub for making calls. This is for advanced usage - prefer using create(FirewallSettings).

Parameter
Name Description
stub FirewallStub
Returns
Type Description
FirewallClient

Constructors

FirewallClient(FirewallSettings settings)

protectedFirewallClient(FirewallSettingssettings)

Constructs an instance of FirewallClient, using the given settings. This is protected so that it is easy to make a subclass, but otherwise, the static factory methods should be preferred.

Parameter
Name Description
settings FirewallSettings

FirewallClient(FirewallStub stub)

protectedFirewallClient(FirewallStubstub)
Parameter
Name Description
stub FirewallStub

Methods

awaitTermination(long duration, TimeUnit unit)

publicbooleanawaitTermination(longduration,TimeUnitunit)
Parameters
Name Description
duration long
unit TimeUnit
Returns
Type Description
boolean
Exceptions
Type Description
InterruptedException

batchUpdateIngressRules(BatchUpdateIngressRulesRequest request)

publicfinalBatchUpdateIngressRulesResponsebatchUpdateIngressRules(BatchUpdateIngressRulesRequestrequest)

Replaces the entire firewall ruleset in one bulk operation. This overrides and replaces the rules of an existing firewall with the new rules.

If the final rule does not match traffic with the '*' wildcard IP range, then an "allow all" rule is explicitly added to the end of the list.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(FirewallClientfirewallClient=FirewallClient.create()){
BatchUpdateIngressRulesRequestrequest=
BatchUpdateIngressRulesRequest.newBuilder()
.setName("name3373707")
.addAllIngressRules(newArrayList<FirewallRule>())
.build();
BatchUpdateIngressRulesResponseresponse=firewallClient.batchUpdateIngressRules(request);
}
Parameter
Name Description
request BatchUpdateIngressRulesRequest

The request object containing all of the parameters for the API call.
Returns
Type Description
BatchUpdateIngressRulesResponse

batchUpdateIngressRulesCallable()

publicfinalUnaryCallable<BatchUpdateIngressRulesRequest,BatchUpdateIngressRulesResponse>batchUpdateIngressRulesCallable()

Replaces the entire firewall ruleset in one bulk operation. This overrides and replaces the rules of an existing firewall with the new rules.

If the final rule does not match traffic with the '*' wildcard IP range, then an "allow all" rule is explicitly added to the end of the list.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(FirewallClientfirewallClient=FirewallClient.create()){
BatchUpdateIngressRulesRequestrequest=
BatchUpdateIngressRulesRequest.newBuilder()
.setName("name3373707")
.addAllIngressRules(newArrayList<FirewallRule>())
.build();
ApiFuture<BatchUpdateIngressRulesResponse>future=
firewallClient.batchUpdateIngressRulesCallable().futureCall(request);
// Do something.
BatchUpdateIngressRulesResponseresponse=future.get();
}
Returns
Type Description
UnaryCallable<BatchUpdateIngressRulesRequest,BatchUpdateIngressRulesResponse>

close()

publicfinalvoidclose()

createIngressRule(CreateIngressRuleRequest request)

publicfinalFirewallRulecreateIngressRule(CreateIngressRuleRequestrequest)

Creates a firewall rule for the application.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(FirewallClientfirewallClient=FirewallClient.create()){
CreateIngressRuleRequestrequest=
CreateIngressRuleRequest.newBuilder()
.setParent("parent-995424086")
.setRule(FirewallRule.newBuilder().build())
.build();
FirewallRuleresponse=firewallClient.createIngressRule(request);
}
Parameter
Name Description
request CreateIngressRuleRequest

The request object containing all of the parameters for the API call.
Returns
Type Description
FirewallRule

createIngressRuleCallable()

publicfinalUnaryCallable<CreateIngressRuleRequest,FirewallRule>createIngressRuleCallable()

Creates a firewall rule for the application.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(FirewallClientfirewallClient=FirewallClient.create()){
CreateIngressRuleRequestrequest=
CreateIngressRuleRequest.newBuilder()
.setParent("parent-995424086")
.setRule(FirewallRule.newBuilder().build())
.build();
ApiFuture<FirewallRule>future=
firewallClient.createIngressRuleCallable().futureCall(request);
// Do something.
FirewallRuleresponse=future.get();
}
Returns
Type Description
UnaryCallable<CreateIngressRuleRequest,FirewallRule>

deleteIngressRule(DeleteIngressRuleRequest request)

publicfinalvoiddeleteIngressRule(DeleteIngressRuleRequestrequest)

Deletes the specified firewall rule.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(FirewallClientfirewallClient=FirewallClient.create()){
DeleteIngressRuleRequestrequest=
DeleteIngressRuleRequest.newBuilder().setName("name3373707").build();
firewallClient.deleteIngressRule(request);
}
Parameter
Name Description
request DeleteIngressRuleRequest

The request object containing all of the parameters for the API call.

deleteIngressRuleCallable()

publicfinalUnaryCallable<DeleteIngressRuleRequest,Empty>deleteIngressRuleCallable()

Deletes the specified firewall rule.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(FirewallClientfirewallClient=FirewallClient.create()){
DeleteIngressRuleRequestrequest=
DeleteIngressRuleRequest.newBuilder().setName("name3373707").build();
ApiFuture<Empty>future=firewallClient.deleteIngressRuleCallable().futureCall(request);
// Do something.
future.get();
}
Returns
Type Description
UnaryCallable<DeleteIngressRuleRequest,Empty>

getIngressRule(GetIngressRuleRequest request)

publicfinalFirewallRulegetIngressRule(GetIngressRuleRequestrequest)

Gets the specified firewall rule.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(FirewallClientfirewallClient=FirewallClient.create()){
GetIngressRuleRequestrequest=
GetIngressRuleRequest.newBuilder().setName("name3373707").build();
FirewallRuleresponse=firewallClient.getIngressRule(request);
}
Parameter
Name Description
request GetIngressRuleRequest

The request object containing all of the parameters for the API call.
Returns
Type Description
FirewallRule

getIngressRuleCallable()

publicfinalUnaryCallable<GetIngressRuleRequest,FirewallRule>getIngressRuleCallable()

Gets the specified firewall rule.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(FirewallClientfirewallClient=FirewallClient.create()){
GetIngressRuleRequestrequest=
GetIngressRuleRequest.newBuilder().setName("name3373707").build();
ApiFuture<FirewallRule>future=firewallClient.getIngressRuleCallable().futureCall(request);
// Do something.
FirewallRuleresponse=future.get();
}
Returns
Type Description
UnaryCallable<GetIngressRuleRequest,FirewallRule>

getSettings()

publicfinalFirewallSettingsgetSettings()
Returns
Type Description
FirewallSettings

getStub()

publicFirewallStubgetStub()
Returns
Type Description
FirewallStub

isShutdown()

publicbooleanisShutdown()
Returns
Type Description
boolean

isTerminated()

publicbooleanisTerminated()
Returns
Type Description
boolean

listIngressRules(ListIngressRulesRequest request)

publicfinalFirewallClient.ListIngressRulesPagedResponselistIngressRules(ListIngressRulesRequestrequest)

Lists the firewall rules of an application.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(FirewallClientfirewallClient=FirewallClient.create()){
ListIngressRulesRequestrequest=
ListIngressRulesRequest.newBuilder()
.setParent("parent-995424086")
.setPageSize(883849137)
.setPageToken("pageToken873572522")
.setMatchingAddress("matchingAddress861962551")
.build();
for(FirewallRuleelement:firewallClient.listIngressRules(request).iterateAll()){
// doThingsWith(element);
}
}
Parameter
Name Description
request ListIngressRulesRequest

The request object containing all of the parameters for the API call.
Returns
Type Description
FirewallClient.ListIngressRulesPagedResponse

listIngressRulesCallable()

publicfinalUnaryCallable<ListIngressRulesRequest,ListIngressRulesResponse>listIngressRulesCallable()

Lists the firewall rules of an application.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(FirewallClientfirewallClient=FirewallClient.create()){
ListIngressRulesRequestrequest=
ListIngressRulesRequest.newBuilder()
.setParent("parent-995424086")
.setPageSize(883849137)
.setPageToken("pageToken873572522")
.setMatchingAddress("matchingAddress861962551")
.build();
while(true){
ListIngressRulesResponseresponse=firewallClient.listIngressRulesCallable().call(request);
for(FirewallRuleelement:response.getIngressRulesList()){
// doThingsWith(element);
}
StringnextPageToken=response.getNextPageToken();
if(!Strings.isNullOrEmpty(nextPageToken)){
request=request.toBuilder().setPageToken(nextPageToken).build();
}else{
break;
}
}
}
Returns
Type Description
UnaryCallable<ListIngressRulesRequest,ListIngressRulesResponse>

listIngressRulesPagedCallable()

publicfinalUnaryCallable<ListIngressRulesRequest,FirewallClient.ListIngressRulesPagedResponse>listIngressRulesPagedCallable()

Lists the firewall rules of an application.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(FirewallClientfirewallClient=FirewallClient.create()){
ListIngressRulesRequestrequest=
ListIngressRulesRequest.newBuilder()
.setParent("parent-995424086")
.setPageSize(883849137)
.setPageToken("pageToken873572522")
.setMatchingAddress("matchingAddress861962551")
.build();
ApiFuture<FirewallRule>future=
firewallClient.listIngressRulesPagedCallable().futureCall(request);
// Do something.
for(FirewallRuleelement:future.get().iterateAll()){
// doThingsWith(element);
}
}
Returns
Type Description
UnaryCallable<ListIngressRulesRequest,ListIngressRulesPagedResponse>

shutdown()

publicvoidshutdown()

shutdownNow()

publicvoidshutdownNow()

updateIngressRule(UpdateIngressRuleRequest request)

publicfinalFirewallRuleupdateIngressRule(UpdateIngressRuleRequestrequest)

Updates the specified firewall rule.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(FirewallClientfirewallClient=FirewallClient.create()){
UpdateIngressRuleRequestrequest=
UpdateIngressRuleRequest.newBuilder()
.setName("name3373707")
.setRule(FirewallRule.newBuilder().build())
.setUpdateMask(FieldMask.newBuilder().build())
.build();
FirewallRuleresponse=firewallClient.updateIngressRule(request);
}
Parameter
Name Description
request UpdateIngressRuleRequest

The request object containing all of the parameters for the API call.
Returns
Type Description
FirewallRule

updateIngressRuleCallable()

publicfinalUnaryCallable<UpdateIngressRuleRequest,FirewallRule>updateIngressRuleCallable()

Updates the specified firewall rule.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(FirewallClientfirewallClient=FirewallClient.create()){
UpdateIngressRuleRequestrequest=
UpdateIngressRuleRequest.newBuilder()
.setName("name3373707")
.setRule(FirewallRule.newBuilder().build())
.setUpdateMask(FieldMask.newBuilder().build())
.build();
ApiFuture<FirewallRule>future=
firewallClient.updateIngressRuleCallable().futureCall(request);
// Do something.
FirewallRuleresponse=future.get();
}
Returns
Type Description
UnaryCallable<UpdateIngressRuleRequest,FirewallRule>

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025年10月30日 UTC.