Class GoogleIdentityAccesscontextmanagerV1AccessPolicy

AccessPolicy is a container for AccessLevels (which define the necessary attributes to use Google Cloud services) and ServicePerimeters (which define regions of services able to freely pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization.

Inheritance

object

GoogleIdentityAccesscontextmanagerV1AccessPolicy

Implements

IDirectResponseSchema

Inherited Members

object.Equals(object)

object.Equals(object, object)

object.GetHashCode()

object.GetType()

object.MemberwiseClone()

object.ReferenceEquals(object, object)

object.ToString()

Namespace: Google.Apis.CloudAsset.v1p7beta1.Data

Assembly: Google.Apis.CloudAsset.v1p7beta1.dll

Syntax

public class GoogleIdentityAccesscontextmanagerV1AccessPolicy : IDirectResponseSchema

Properties

ETag

Output only. An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Policies will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.

Declaration

[JsonProperty("etag")]
public virtual string ETag { get; set; }

Property Value

Type	Description
string

Name

Output only. Identifier. Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}

Declaration

[JsonProperty("name")]
public virtual string Name { get; set; }

Property Value

Type	Description
string

Parent

Required. The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}

Declaration

[JsonProperty("parent")]
public virtual string Parent { get; set; }

Property Value

Type	Description
string

Scopes

The scopes of the AccessPolicy. Scopes define which resources a policy can restrict and where its resources can be referenced. For example, policy A with scopes=["folders/123"] has the following behavior: - ServicePerimeter can only restrict projects within folders/123. - ServicePerimeter within policy A can only reference access levels defined within policy A. - Only one policy can include a given scope; thus, attempting to create a second policy which includes folders/123 will result in an error. If no scopes are provided, then any resource within the organization can be restricted. Scopes cannot be modified after a policy is created. Policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}

Declaration

[JsonProperty("scopes")]
public virtual IList<string> Scopes { get; set; }

Property Value

Type	Description
IList<string>

Title

Required. Human readable title. Does not affect behavior.

Declaration

[JsonProperty("title")]
public virtual string Title { get; set; }

Property Value

Type	Description
string

Implements

IDirectResponseSchema