Class GoogleIdentityAccesscontextmanagerV1AccessPolicy
AccessPolicy
is a container for AccessLevels
(which define the necessary attributes to use Google Cloud
services) and ServicePerimeters
(which define regions of services able to freely pass data within a
perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply
to all projects within an organization.
Implements
Inherited Members
Namespace: Google.Apis.CloudAsset.v1p1beta1.Data
Assembly: Google.Apis.CloudAsset.v1p1beta1.dll
Syntax
public class GoogleIdentityAccesscontextmanagerV1AccessPolicy : IDirectResponseSchema
Properties
ETag
Output only. An opaque identifier for the current version of the AccessPolicy
. This will always be a
strongly validated etag, meaning that two Access Policies will be identical if and only if their etags are
identical. Clients should not expect this to be in any specific format.
Declaration
[JsonProperty("etag")]
public virtual string ETag { get; set; }
Property Value
Type | Description |
---|---|
string |
Name
Output only. Identifier. Resource name of the AccessPolicy
. Format: accessPolicies/{access_policy}
Declaration
[JsonProperty("name")]
public virtual string Name { get; set; }
Property Value
Type | Description |
---|---|
string |
Parent
Required. The parent of this AccessPolicy
in the Cloud Resource Hierarchy. Currently immutable once
created. Format: organizations/{organization_id}
Declaration
[JsonProperty("parent")]
public virtual string Parent { get; set; }
Property Value
Type | Description |
---|---|
string |
Scopes
The scopes of the AccessPolicy. Scopes define which resources a policy can restrict and where its resources
can be referenced. For example, policy A with scopes=["folders/123"]
has the following behavior: -
ServicePerimeter can only restrict projects within folders/123
. - ServicePerimeter within policy A can
only reference access levels defined within policy A. - Only one policy can include a given scope; thus,
attempting to create a second policy which includes folders/123
will result in an error. If no scopes are
provided, then any resource within the organization can be restricted. Scopes cannot be modified after a
policy is created. Policies can only have a single scope. Format: list of folders/{folder_number}
or
projects/{project_number}
Declaration
[JsonProperty("scopes")]
public virtual IList<string> Scopes { get; set; }
Property Value
Type | Description |
---|---|
IList<string> |
Title
Required. Human readable title. Does not affect behavior.
Declaration
[JsonProperty("title")]
public virtual string Title { get; set; }
Property Value
Type | Description |
---|---|
string |