Class GoogleIamV3PrincipalAccessBoundaryPolicyRuleOperation

An operation attribute that defines the permissions applicable to this rule.

Inheritance

object

GoogleIamV3PrincipalAccessBoundaryPolicyRuleOperation

Implements

IDirectResponseSchema

Inherited Members

object.Equals(object)

object.Equals(object, object)

object.GetHashCode()

object.GetType()

object.MemberwiseClone()

object.ReferenceEquals(object, object)

object.ToString()

Namespace: Google.Apis.PolicyTroubleshooter.v3beta.Data

Assembly: Google.Apis.PolicyTroubleshooter.v3beta.dll

Syntax

public class GoogleIamV3PrincipalAccessBoundaryPolicyRuleOperation : IDirectResponseSchema

Properties

ETag

The ETag of the item.

Declaration

public virtual string ETag { get; set; }

Property Value

Type	Description
string

ExcludedPermissions

Optional. Specifies the permissions that this rule excludes from the set of affected permissions given by permissions. The number of excluded permission strings in this field is limited to 50 across all rules in the policy. If a permission appears in both permissions and excluded_permissions then it will not be subject to the policy effect. The excluded permissions can be specified using the same syntax as permissions.

Declaration

[JsonProperty("excludedPermissions")]
public virtual IList<string> ExcludedPermissions { get; set; }

Property Value

Type	Description
IList<string>

Permissions

Optional. The permissions that are explicitly affected by this rule. The number of permission strings in this field is limited to 50 across all rules in the policy. Each permission uses the format {service_fqdn}/{resource}.{verb}, where {service_fqdn} is the fully qualified domain name for the service. * can be used as a wildcard to match all permissions for a specific service, resource type, or verb. The following formats are supported: * {service_fqdn}/{resource}.{verb}: A specific permission. * {service_fqdn}/{resource}.*: All permissions for a specific resource type. * {service_fqdn}/*.*: All permissions for all resource types under a specific service. * {service_fqdn}/*.{verb}: All permissions with a specific verb under a specific service. * *: All permissions across all services. For example, compute.googleapis.com/*.setIamPolicy refers to all setIamPolicy permissions for any compute resource. Wildcards expand only to the permissions specified in the enforcement_version of the policy. If the enforcement_version is updated, the wildcard will automatically expand to include new permissions in the updated version.

Declaration

[JsonProperty("permissions")]
public virtual IList<string> Permissions { get; set; }

Property Value

Type	Description
IList<string>

Implements

IDirectResponseSchema