| Enforcement | disabled |
| Including optional dependencies | enabled |
| Reporting debug logs | disabled |
| Policy state | READY | ||||||
| Source | FILE | ||||||
| Local path | vertex-genai-dataplane.outboundacl | ||||||
| Path in google3 | //production/pod/realms/cloud_ml/projects/default/vertex-genai-dataplane/manifest.bzl| Loaded at | 2025-12-05 19:44:39 | Policy violations receiver | mdb/cloud-ml-vertex-genai-dataplane-staging-jobs (go/outboundacl:notification-receiver) | RPC exemptions mode | disabled | |
| Layer name | CROSS_CLUSTER_INFRASTRUCTURE |
| Layer value | 50 |
| Source | POLICY |
| Model ID | Local Instance | state | missing model verdict |
|---|
| RPC Service name | RPC command | Importance | Constraints | Explanation | Template origin |
|---|---|---|---|---|---|
| PlardisService | Exists | OPTIONAL | | Returns replication status for Midas packages (go/midas). | //configs/production/outboundacl/templates/sawmill:sawmill |
| SecureDataCollectionPublisher | OPTIONAL | | Sends messages to the Secure Data Collection Service (local) (go/secure-collection). | //configs/production/outboundacl/templates/security:secure_data_collection | |
| BalancerChannelControl | ALWAYS_CRITICAL | | GSLB (go/gslb). | //configs/production/outboundacl/templates/sawmill:sawmill //configs/production/outboundacl/templates/traffic:gslb | |
| BorgletClient | ALWAYS_CRITICAL | | Sends messages to a local Borglet on port 4901 (read from $BORGLET_PORT). | //configs/production/outboundacl/templates/borg:local_borglet //configs/production/outboundacl/templates/sawmill:sawmill | |
| CFS.API | ALWAYS_CRITICAL | | CFS Coprocessor (API) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| Cns2Router | ALWAYS_CRITICAL | | CNS2 Router (go/cns2). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-bigtable_builtin-Watch | ALWAYS_CRITICAL | | Bigtable Coprocessor (go/bigtable). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| LoadReportingService | ALWAYS_CRITICAL | | TrafficDirector is GSLB client in prod | //configs/production/outboundacl/templates/sawmill:sawmill //configs/production/outboundacl/templates/traffic:gslb | |
| SvelteClient | ALWAYS_CRITICAL | | Notifies about changes to files for Svelte (go/svelte). | //configs/production/outboundacl/templates/chubby:chubby //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_namespace-DeleteDir | ALWAYS_CRITICAL | | CNS Coprocessor (DeleteDir) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| Namespace | ALWAYS_CRITICAL | | CNS Coprocessor (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_namespace-GetCapability | ALWAYS_CRITICAL | | CNS Coprocessor (GetCapability) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| SawmillLiteMutation | ALWAYS_CRITICAL | | Sawmill Lite Mutation service (go/sawmill-lite). Provides the server-side implementation of Sawmill Write API (go/sawmill-write-api). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| RegistrationService | ALWAYS_CRITICAL | | Registers with the CDPush health aggregators (go/cdpush). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| ConsensusEventRecorder | OPTIONAL | | Sends client generated events to chubby observability tables (go/chubby). | //configs/production/outboundacl/templates/chubby:chubby //configs/production/outboundacl/templates/sawmill:sawmill | |
| Override | ALWAYS_CRITICAL | | Gets data on CDPush push definitions (go/cdpush). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_curator-Split | ALWAYS_CRITICAL | | CFS Coprocessor curator (Split) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| MasterFolderInterface | ALWAYS_CRITICAL | | CFS2 Folder Management Interface (go/cfsv2-folder-management). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_namespace-OpenFile | ALWAYS_CRITICAL | | CNS Coprocessor (OpenFile) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| Streamz | OPTIONAL | | Deprecated tech API for Streamz (go/streamz-docs). | //configs/production/outboundacl/templates/monitoring:monarch | |
| StreamzManualSampling | OPTIONAL | | Deprecated protocol used by ManuallySampledMetrics for Streamz (go/streamz-docs). | //configs/production/outboundacl/templates/monitoring:monarch | |
| JustificationValidation | ALWAYS_CRITICAL | | Justification Validation Service integration (go/jvs). | //configs/production/outboundacl/templates/security:data_access_logging | |
| StorageD | ALWAYS_CRITICAL | | D is a low-level storage system that stores bytes directly to disk or flash (go/dserver). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| StreamzAggregation | OPTIONAL | | Streamz2: the default API (go/streamz-docs). | //configs/production/outboundacl/templates/monitoring:monarch //configs/production/outboundacl/templates/sawmill:sawmill | |
| LogsMetadataService | ALWAYS_CRITICAL | | Sawmill-region scoped, read-only service that acts as serving facade for Logs metadata entities (go/logs-metadata-service). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| LocAS | ALWAYS_CRITICAL | | Local Authentication Service for localhost (go/loas). | //configs/production/outboundacl/templates/loas:local_locas | |
| LocAS | ALWAYS_CRITICAL | | Local Authentication Service (go/loas). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_namespace-StatFile | ALWAYS_CRITICAL | | CNS Coprocessor (StatFile) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| PackageMetadataService | ALWAYS_CRITICAL | | Returns metadata for Midas packages (go/midas). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| LoggingService | ALWAYS_CRITICAL | | Unified Logging Service (go/sawmill-uls). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| ProtectedMPMAccessService | ALWAYS_CRITICAL | | Gets thinmints to access protected MPMs (go/cdpush-transparent-encryption). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CrossUniverseSigning | ALWAYS_CRITICAL | | Cross-universe signer service (go/tpc-rpc-integrity-thinmint-direction). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_curator-Delete | ALWAYS_CRITICAL | | CFS Coprocessor curator (Delete) (go/colossus) | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_curator-UpdateStripe | ALWAYS_CRITICAL | | CFS Coprocessor curator (UpdateStripe) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| RecordCollector | OPTIONAL | | Collects and analyzes a sample of Census measurements (see go/census-record-collector). | //configs/production/outboundacl/templates/monitoring:monarch //configs/production/outboundacl/templates/sawmill:sawmill | |
| LogsProxy | ALWAYS_CRITICAL | | Logs proxy service for Sawmill (go/logsproxy). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_curator-Match | ALWAYS_CRITICAL | | CFS Coprocessor curator (Match) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| NodeNetworkDelegation | OPTIONAL | | bwe delegation | //configs/production/outboundacl/templates/sawmill:sawmill | |
| PantographService | ALWAYS_CRITICAL | | L4wC stripe placement service (go/l4wc). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| Logger | LogGFile | OPTIONAL | | Simple logging service to collect data about gFile invocations. | //configs/production/outboundacl/templates/sawmill:sawmill |
| Logger | Log | OPTIONAL | | Simple logging service to collect data about mpm CLI invocations. | //configs/production/outboundacl/templates/sawmill:sawmill |
| RevocationStatus | ALWAYS_CRITICAL | | Used for the LOAS handshake (go/loas). | //configs/production/outboundacl/templates/loas:local_locas | |
| StreamzCollection | OPTIONAL | | Streamz2: the default API (go/streamz-docs). | //configs/production/outboundacl/templates/monitoring:monarch //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_namespace-MatchEntries | ALWAYS_CRITICAL | | CNS Coprocessor (MatchEntries) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| DStoreResolverService | ALWAYS_CRITICAL | | Low-dep storage layer for Midas packages (go/midas). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_curator-Lookup | ALWAYS_CRITICAL | | CFS Coprocessor curator (Lookup) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| LockServerWire | ALWAYS_CRITICAL | | Sends information from proxies about the client to the lockserver (go/chubby). | //configs/production/outboundacl/templates/chubby:chubby //configs/production/outboundacl/templates/sawmill:sawmill | |
| BamRpcMetaService | ALWAYS_CRITICAL | | Baremetal RPC API used by D storage (go/bamrpc). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_namespace-Snapshot | ALWAYS_CRITICAL | | CNS Coprocessor (Snapshot) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_namespace-Truncate | ALWAYS_CRITICAL | | CNS Coprocessor (Truncate) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| ServerAuthorizationService | ALWAYS_CRITICAL | | Server Authorization (go/server-authorization). | //configs/production/outboundacl/templates/sawmill:sawmill //configs/production/outboundacl/templates/traffic:gslb | |
| Health | ALWAYS_CRITICAL | | Needed by grpc to do a health check | //configs/production/outboundacl/templates/sawmill:sawmill | |
| Health | ALWAYS_CRITICAL | | TrafficDirector is GSLB client in prod | //configs/production/outboundacl/templates/sawmill:sawmill //configs/production/outboundacl/templates/traffic:gslb | |
| BorgMaster | ALWAYS_CRITICAL | | Sends requests to Borgmaster. | //configs/production/outboundacl/templates/sawmill:sawmill | |
| IndexService | ALWAYS_CRITICAL | | L4 cluster-level caching service (go/l4). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CuratorInterface | ALWAYS_CRITICAL | | CFSv2 (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| LampreySubscriber | ALWAYS_CRITICAL | | Used by Go pubsub clients (via Lamprey) (go/pubsub2). | //configs/production/outboundacl/templates/ipc/pubsub2:goops | |
| CatalogLogsReader | ALWAYS_CRITICAL | | Logs Catalog service API (read-only) for Sawmill (go/logs-catalog). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| Reporter | ALWAYS_CRITICAL | | Reports the acceptance status of a CDPush version (go/cdpush). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| BTI_Master | ALWAYS_CRITICAL | | Communicates with Bigtable Masters (go/bigtable). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| Wavemill | ALWAYS_CRITICAL | | Wavemill service for Sawmill micro-mutations. | //configs/production/outboundacl/templates/sawmill:sawmill | |
| DataAccessController | ALWAYS_CRITICAL | | Data access controller dependency for Gin logging through Envelope (go/gin) and Admin Access Control Platform (go/aac-platform). | //configs/production/outboundacl/templates/security:data_access_logging | |
| CP-colossus_curator-SetAttr | ALWAYS_CRITICAL | | CFS Coprocessor curator (SetAttr) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| ProbingLoadBalancerService | ALWAYS_CRITICAL | | Load balancing service used with Logs Proxy. | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_namespace-CreateDir | ALWAYS_CRITICAL | | CNS Coprocessor (CreateDir) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| PreferredEncoding | ALWAYS_CRITICAL | | Preferred Encoding Service | //configs/production/outboundacl/templates/sawmill:sawmill | |
| LampreyBigtable | ALWAYS_CRITICAL | | Used by Go bigtable clients via Lamprey (go/bigtable). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| RrcpCache | ALWAYS_CRITICAL | | Role-Realm Control Policy (RRCP) Cache Service (go/rrcp-cache:design). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| QuotaServer | ALWAYS_CRITICAL | | Sent by //security/data_access/admin/approvers:admin_access_rate_limiter | //configs/production/outboundacl/templates/security:data_access_logging | |
| ThinMintService | ALWAYS_CRITICAL | | ThinMints provide a secure way for a client process to delegate small bits of privileges to "friend" processes (go/thinmint). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_curator-CloseStripe | ALWAYS_CRITICAL | | CFS Coprocessor curator (CloseStripe) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| SecureCollectionAggregationService | OPTIONAL | | Sends messages to the Secure Data Collection Service (go/secure-collection). | //configs/production/outboundacl/templates/security:secure_data_collection | |
| MetadataCacheInterface | ALWAYS_CRITICAL | | Colossus Metadata Cache is a mechanism to offload metadata traffic from busy Colossus namespace coprocessors and curators (go/colossus-meta-cache). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| LampreyPublisher | ALWAYS_CRITICAL | | Used by Go pubsub clients (via Lamprey) (go/pubsub2). | //configs/production/outboundacl/templates/ipc/pubsub2:goops | |
| SawmillLiteRouter | ALWAYS_CRITICAL | | Sawmill Lite Router service (go/sawmill-lite). Provides the server-side implementation for routing clients to the right Sawmill region and instance. | //configs/production/outboundacl/templates/sawmill:sawmill | |
| RoutingService | ALWAYS_CRITICAL | | PubSub Routing service (go/pubsub2). | //configs/production/outboundacl/templates/ipc/pubsub2:goops | |
| CP-colossus_namespace-DeleteFile | ALWAYS_CRITICAL | | CNS Coprocessor (DeleteFile) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| Shredmill | ALWAYS_CRITICAL | | Shredmill service - replies with ephemeral plaintext, ciphertext, or key material | //configs/production/outboundacl/templates/sawmill:sawmill | |
| MetadataCache | ALWAYS_CRITICAL | | Colossus Metadata Cache is a mechanism to offload metadata traffic from busy Colossus namespace coprocessors and curators (go/colossus-meta-cache). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_namespace-StartWatch | ALWAYS_CRITICAL | | CNS Coprocessor (StartWatch) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| FolderManagementInterface | ALWAYS_CRITICAL | | CFS2 Folder Management Interface (go/cfsv2-folder-management). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| BTI_TabletServer | ALWAYS_CRITICAL | | Communicates with Bigtable Tablet Servers (go/bigtable). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| SawmillLiteWriter | ALWAYS_CRITICAL | | Sawmill Lite Writer service (go/sawmill-lite). Provides the server-side implementation of Sawmill Write API (go/sawmill-write-api). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| PublisherService | ALWAYS_CRITICAL | | PubSub Publisher service (go/pubsub2). | //configs/production/outboundacl/templates/ipc/pubsub2:goops | |
| L4ReportingService | ALWAYS_CRITICAL | | L4 client operations reports (go/l4). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_namespace-PreSplit | ALWAYS_CRITICAL | | CNS Coprocessor (PreSplit) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| ChubbySessionlessInternal | ALWAYS_CRITICAL | | Internal part of the Chubby sessionless protocol between Envelope and Stout (go/chubby). | //configs/production/outboundacl/templates/chubby:chubby //configs/production/outboundacl/templates/sawmill:sawmill | |
| Watcher | ALWAYS_CRITICAL | | CDPush watcher (go/cdpush). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| Watcher | ALWAYS_CRITICAL | | Watcher implementation in the Envelope (go/chubby-concepts:envelope). | //configs/production/outboundacl/templates/chubby:chubby //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_curator-Create | ALWAYS_CRITICAL | | CFS Coprocessor curator (Create) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CatalogLogsWriter | ALWAYS_CRITICAL | | Logs writer Catalog service API (read-write) for Sawmill (go/logs-catalog). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| SubscriberService | ALWAYS_CRITICAL | | PubSub Subscriber service (go/pubsub2). | //configs/production/outboundacl/templates/ipc/pubsub2:goops | |
| CP-colossus_namespace-NotifyFileClosed | ALWAYS_CRITICAL | | CNS Coprocessor (NotifyFileClosed) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_namespace-Match | ALWAYS_CRITICAL | | CNS Coprocessor (Match) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| Curator | ALWAYS_CRITICAL | | CFS Coprocessor curator (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| ApprovalService | ALWAYS_CRITICAL | | MPA request approval store for go/mpa-ld. | //configs/production/outboundacl/templates/security:data_access_logging | |
| OffloadBorgletClient | ALWAYS_CRITICAL | | Sends messages to a local offload_borglet on port 5011. | //configs/production/outboundacl/templates/borg:local_borglet //configs/production/outboundacl/templates/sawmill:sawmill | |
| StripeProxyService | ALWAYS_CRITICAL | | Rodos Colossus cross-metro proxy service (go/rodos). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| ChubbyWatcher | ALWAYS_CRITICAL | | ChubbyWatcher is simply a renaming of Watcher. We want a Chubby-specific name that can be distinguished from other implementations of Watcher (b/199405002). | //configs/production/outboundacl/templates/chubby:chubby //configs/production/outboundacl/templates/sawmill:sawmill | |
| MonarchCollector | OPTIONAL | | Streamz2: the default API (go/streamz-docs). | //configs/production/outboundacl/templates/monitoring:monarch //configs/production/outboundacl/templates/sawmill:sawmill | |
| ProxiedLoggingService | ALWAYS_CRITICAL | | ULS Forwarding Proxy (go/uls-forwarding-proxy). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| ProxiedLoggingService | OPTIONAL | | ULS Forwarding Proxy (go/uls-forwarding-proxy). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| SawmillLiteReader | ALWAYS_CRITICAL | | Sawmill Lite Reader service (go/sawmill-lite). Provides the server-side implementation of Sawmill Read API (go/sawmill-read-api). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| EnvelopeControlService | ALWAYS_CRITICAL | | The Envelope provides access to infrastructure services that require a fat client library to work well (go/envelope). | //configs/production/outboundacl/templates/ti:envelope | |
| CP-colossus_curator-NotifyError | ALWAYS_CRITICAL | | CFS Coprocessor curator (NotifyError) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| Keystore | ALWAYS_CRITICAL | | Keystore key management service (go/keystore). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| DiskLayer | ALWAYS_CRITICAL | | API to interact with D storage (go/dserver). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| LogCollector | OPTIONAL | | Optional dependency to CDD LogCollector by Svelte (go/svelte). | //configs/production/outboundacl/templates/chubby:chubby //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_namespace-FetchWatchEvents | ALWAYS_CRITICAL | | CNS Coprocessor (FetchWatchEvents) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CiphertextTransferService | ALWAYS_CRITICAL | | Shredmill ciphertext transfer service - move ciphertext in and out Shredmill with crypto protection | //configs/production/outboundacl/templates/sawmill:sawmill | |
| ServerStatus | ALWAYS_CRITICAL | | Sends messages to a local Borglet (container manager) on port 5000. | //configs/production/outboundacl/templates/borg:local_borglet //configs/production/outboundacl/templates/sawmill:sawmill | |
| ServerStatus | ALWAYS_CRITICAL | | Wavemill client dependency used to obtain peer user information. | //configs/production/outboundacl/templates/sawmill:sawmill | |
| TrafficShaper | OPTIONAL | | bwe delegation | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CrossUniverseDatSigning | ALWAYS_CRITICAL | | Cross-universe DAT signer service (go/tpc-rpc-integrity-thinmint-direction). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| TouchReceiver | Touch | OPTIONAL | | MPM package usage tracking. | //configs/production/outboundacl/templates/sawmill:sawmill |
| ConsistencyMonitorService | ALWAYS_CRITICAL | | Reports Colossus operations to the lockserver (go/chubby). | //configs/production/outboundacl/templates/chubby:chubby //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-bigtable_builtin | ALWAYS_CRITICAL | | Bigtable Coprocessor (go/bigtable). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_curator-LookupStripes | ALWAYS_CRITICAL | | CFS Coprocessor curator (LookupStripes) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| File | ALWAYS_CRITICAL | | File API for Colossus (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| ResourceIdentificationService | ALWAYS_CRITICAL | | Federated Resource Identification Service integration (go/fris). | //configs/production/outboundacl/templates/security:data_access_logging | |
| TabletLocationService | ALWAYS_CRITICAL | | Bigtable Location Cache Proxy | //configs/production/outboundacl/templates/sawmill:sawmill | |
| AdminService | ALWAYS_CRITICAL | | PubSub Admin service (go/pubsub2). | //configs/production/outboundacl/templates/ipc/pubsub2:goops | |
| CP-colossus_namespace-SetAttr | ALWAYS_CRITICAL | | CNS Coprocessor (SetAttr) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| DataAccessLogService | ALWAYS_CRITICAL | | Gin audit logging (go/gin). | //configs/production/outboundacl/templates/security:data_access_logging | |
| DataAccessLogService | ALWAYS_CRITICAL | | Gin audit logging (go/gin) conforming to go/auth-libraries-backend-dependencies | //configs/production/outboundacl/templates/security:data_access_logging | |
| AggregatedDiscoveryService | ALWAYS_CRITICAL | | TrafficDirector is GSLB client in prod | //configs/production/outboundacl/templates/sawmill:sawmill //configs/production/outboundacl/templates/traffic:gslb | |
| CP-colossus_curator-OpenStripe | ALWAYS_CRITICAL | | CFS Coprocessor curator (OpenStripe) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| BTI_CP_StateNotifier | ALWAYS_CRITICAL | | Bigtable Coprocessor state notifications (go/bigtable). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| CP-colossus_curator-Snapshot | ALWAYS_CRITICAL | | CFS Coprocessor curator (Snapshot) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| ErasureScopeService | ALWAYS_CRITICAL | | Shredmill erasure scope service - interface for granular lifetime management | //configs/production/outboundacl/templates/sawmill:sawmill | |
| LogServiceAdmin | ALWAYS_CRITICAL | | Local configuration and administrative functions on the Unified Logging Service (go/sawmill-uls). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| Papermill | ALWAYS_CRITICAL | | Papermill service API for Sawmill (go/papermill). | //configs/production/outboundacl/templates/sawmill:sawmill | |
| SecureDataCollectionPublisher_AuthMetrics | OPTIONAL | | Sends messages to the Secure Data Collection Service (local) (go/secure-collection). Owned by go/af-auth. | //configs/production/outboundacl/templates/security:secure_data_collection | |
| CP-colossus_curator-Stat | ALWAYS_CRITICAL | | CFS Coprocessor curator (Stat) (go/colossus). | //configs/production/outboundacl/templates/sawmill:sawmill |
| Service | Method | Proto Package | Target | RemoteUser | RemoteJob | RemoteCell | Verdict | Reasons | Exempted | Protocol | Pushed |
|---|---|---|---|---|---|---|---|---|---|---|---|
| GalaxyProxy | LookUpDatabaseLocation | spanner.galaxyproxy | blade:spanner-galaxy-proxy-global-1 | spanner | global.yudfwra.span_galaxy_proxy | yudfwra | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |
| SvelteClient | AwaitChange | net-bns-svelte-cluster | yudfwra-bns-svelteshard-cluster.svelte.svelte | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |||
| Span-_span | Ping | spanner | global.jx.0510.span_server | jx | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| LocationProxyService | GetTabletLocations | spanner | spanner | global.jx.span_location_proxy | jx | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| StreamzCollection | DefineMetrics | streamz | monarch-streamzproxy-auto-jobs | auto-default-root.streamzproxy | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | ||
| ThrottlingService | Update | spanner | global.yucbfac.8280.span_server | yucbfac | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| Span-_span | RootRangeLookup | spanner | global.jv.0510.span_server | jv | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| Span-_span | RootRangeLookup | spanner | global.yucbfac.8280.span_server | yucbfac | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| MonarchCollector | Write | monitoring.streamz | monarch-streamzproxy-auto-jobs | auto-default-root.streamzproxy | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | ||
| ProberService | UpdateTargets | spanner | blade:spanner-global-prober | spanner | global.span_prober | yudfwra | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |
| ClientFlagsService | GetClientFlags | dos_quotas.pb | blade:quotaserver-quota-server-prod-quota-service | quotaserver-local-quota-service | prod-quota-service.quotaserver-local | yudfwra | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |
| AssignerService | WatchAssignment | ipc.slicer | slicer-proxy-google-regional | prod-google-us-dfw-1-e.proxy | rq,rr | VERDICT_REJECTED | false | PROTOCOL_STUBBY | true | ||
| AggregatedDiscoveryService | StreamAggregatedResources | envoy.service.discovery.v3 | trafficdirector-tdfe-p2p | prod-p2p-global.tdfe | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_STUBBY | true | ||
| Span-_span | RangeLookup | spanner | global.gg.8280.span_server | gg | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| PingService | Ping | spanner | spanner | global.ic.0510.span_server | ic | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| PingService | Ping | spanner | spanner | global.oj.span_location_proxy | oj | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| Span-_span | RootRangeLookup | spanner | global.ic.0510.span_server | ic | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| SvelteClient | ModifyWaitSet | net-bns-svelte-prodregion | yudfwra-bns-svelteshard-prodregion.svelte.svelte | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |||
| SvelteClient | InitialModifyWaitSet | svelte-cluster | yudfwra-svelteshard-cluster.svelte.svelte | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |||
| Span-_span | RootRangeLookup | spanner | global.oj.0530.span_server | oj | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| Span-_span | RangeLookup | spanner | global.oj.0530.span_server | oj | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| SvelteClient | ModifyWaitSet | net-bns-svelte-cluster | yudfwra-bns-svelteshard-cluster.svelte.svelte | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |||
| BlobstorePartitionLookupService | RouteLookup | blobstore2 | blade:blobstore2.blobstorepartitionlookupservice-prod | blobstore-partition-lookup-service | prod.blobstore-partition-lookup-service | yudfwra | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |
| LocationProxyService | GetTabletLocations | spanner | spanner | global.in.span_location_proxy | in | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| PingService | Ping | spanner | spanner | global.jx.0510.span_server | jx | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| ProxiedLoggingService | Put | unified_logging.proxy | blade:unified-logging-forwarding-proxy-thin-client | unified-logging-sawmill-relay | uls.relay.relay | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |
| SvelteClient | InitialModifyWaitSet | net-bns-svelte-prodregion | yudfwra-bns-svelteshard-prodregion.svelte.svelte | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |||
| Health | Watch | grpc.health.v1 | trafficdirector-tdfe-p2p | prod-p2p-global.tdfe | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_GRPC | true | ||
| MonarchCollector | ReadSchedules | monitoring.streamz | monarch-streamzproxy-auto-jobs | auto-default-root.streamzproxy | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | ||
| LocationProxyService | GetTabletLocations | spanner | spanner | global.iw.span_location_proxy | iw | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| PingService | Ping | spanner | spanner | global.yucbfac.8280.span_server | yucbfac | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| PingService | Ping | spanner | spanner | global.iw.span_location_proxy | iw | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| ProxiedLoggingService | Quiesce | unified_logging.proxy | blade:unified-logging-forwarding-proxy-thin-client | unified-logging-sawmill-relay | uls.relay.relay | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |
| Span-_span | Ping | spanner | global.ic.0510.span_server | ic | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| Span-_span | RangeLookup | spanner | global.yucbfac.8280.span_server | yucbfac | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| SvelteClient | AwaitChange | net-bns-svelte-prodregion | yudfwra-bns-svelteshard-prodregion.svelte.svelte | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |||
| LocationProxyService | GetTabletLocations | spanner | spanner | global.gg.span_location_proxy | gg | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| PingService | Ping | spanner | spanner | global.oj.0530.span_server | oj | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| PingService | Ping | spanner | spanner | global.jv.span_location_proxy | jv | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| SvelteClient | ModifyWaitSet | net-bns-svelte-global | yudfwra-bns-svelteshard-global.svelte.svelte | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |||
| BalancerChannelControl | PickTargetAndReport | loadbalancer_gslb.client | bladeservice-prod | bladeservice_dsc.load_balancer_common | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | ||
| SvelteClient | InitialModifyWaitSet | net-bns-svelte-global | yudfwra-bns-svelteshard-global.svelte.svelte | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |||
| LocAS | GetRevocationStatus | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | ||||||
| BorgletClient | TaskStatus | borg | borg-admin-co | borglet | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | ||
| PingService | Ping | spanner | spanner | global.jx.span_location_proxy | jx | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| LocationProxyService | GetTabletLocations | spanner | spanner | global.os.span_location_proxy | os | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| LocationProxyService | GetTabletLocations | spanner | spanner | global.yucbfac.span_location_proxy | yucbfac | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| QuotaConfigService | GetQuotaConfiguration | dos_quotas.pb | blade:dos_quotas.pb.quotaconfigservice-prod-cloud-shared-global | quota-config-server-cloud-shared | prod-cloud-shared-global.quota-config-server | oj | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |
| PingService | Ping | spanner | spanner | global.oj.7790.span_server | oj | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| Span-_span | Ping | spanner | global.yucbfac.8280.span_server | yucbfac | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| MemcachegService | Stats | cacheserving_memcacheg | cloud-ml-aiplatform-memcacheg | staging-us.aiplatform-memcacheg | uc,uh,qw,ug,vt | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| SvelteClient | InitialModifyWaitSet | svelte-global | yudfwra-svelteshard-global.svelte.svelte | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |||
| Span-_span | Ping | spanner | global.oj.0530.span_server | oj | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| AggregatedDiscoveryService | StreamAggregatedResources | envoy.service.discovery.v3 | trafficdirector-tdfe-p2p | prod-p2p-global.tdfe | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_GRPC | true | ||
| GalaxyProxy | LookUpRootRanges | spanner.galaxyproxy | blade:spanner-galaxy-proxy-global-1 | spanner | global.yudfwra.span_galaxy_proxy | yudfwra | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |
| Span-_span | Ping | spanner | global.oj.7790.span_server | oj | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| Span-_span | RangeLookup | spanner | global.os.7790.span_server | os | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| PingService | Ping | spanner | spanner | global.in.span_location_proxy | in | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| PingService | Ping | spanner | spanner | global.ym.span_location_proxy | ym | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| BalancerChannelControl | GetAssignment | loadbalancer_gslb.client | bladeservice-prod | bladeservice_dsc.load_balancer_common | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | ||
| PingService | Ping | spanner | spanner | global.jv.0510.span_server | jv | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| Span-_span | RangeLookup | spanner | global.jx.0510.span_server | jx | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| SvelteClient | AwaitChange | svelte-cluster | yudfwra-svelteshard-cluster.svelte.svelte | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |||
| SvelteClient | InitialModifyWaitSet | net-bns-svelte-cluster | yudfwra-bns-svelteshard-cluster.svelte.svelte | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |||
| SvelteClient | AwaitChange | svelte-global | yudfwra-svelteshard-global.svelte.svelte | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |||
| AssignerService | WatchAssignment | ipc.slicer | VERDICT_REJECTED | false | PROTOCOL_STUBBY | true | |||||
| PingService | Ping | spanner | spanner | global.gg.8280.span_server | gg | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| LocationProxyService | GetTabletLocations | spanner | spanner | global.ym.span_location_proxy | ym | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| SvelteClient | ModifyWaitSet | svelte-cluster | yudfwra-svelteshard-cluster.svelte.svelte | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |||
| Span-_span | RootRangeLookup | spanner | global.os.7790.span_server | os | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| PingService | Ping | spanner | spanner | global.os.7790.span_server | os | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| LocationProxyService | GetTabletLocations | spanner | spanner | global.oj.span_location_proxy | oj | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| PingService | Ping | spanner | spanner | global.gg.span_location_proxy | gg | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| SvelteClient | ModifyWaitSet | svelte-global | yudfwra-svelteshard-global.svelte.svelte | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |||
| AggregatedDiscoveryService | StreamAggregatedResources | envoy.service.discovery.v3 | VERDICT_ALLOWED | false | PROTOCOL_STUBBY | true | |||||
| Span-_span | RangeLookup | spanner | global.ic.0510.span_server | ic | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| Span-_span | RangeLookup | spanner | global.jv.0510.span_server | jv | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| PingService | Ping | spanner | spanner | global.os.span_location_proxy | os | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| LoadReportingService | StreamLoadStats | envoy.service.load_stats.v3 | trafficdirector-tdfe-p2p | prod-p2p-global.tdfe | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_GRPC | true | ||
| Span-_span | RangeLookup | spanner | global.oj.7790.span_server | oj | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | |||
| PingService | Ping | spanner | spanner | global.ic.span_location_proxy | ic | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| LocationProxyService | GetTabletLocations | spanner | spanner | global.ic.span_location_proxy | ic | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| PingService | Ping | spanner | spanner | global.yucbfac.span_location_proxy | yucbfac | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true | ||
| SvelteClient | AwaitChange | net-bns-svelte-global | yudfwra-bns-svelteshard-global.svelte.svelte | yudfwra | VERDICT_ALLOWED | false | PROTOCOL_UNKNOWN | true | |||
| LocationProxyService | GetTabletLocations | spanner | spanner | global.jv.span_location_proxy | jv | VERDICT_REJECTED | false | PROTOCOL_UNKNOWN | true |