com.google.auth.oauth2

Class CredentialAccessBoundary.AccessBoundaryRule

java.lang.Object

com.google.auth.oauth2.CredentialAccessBoundary.AccessBoundaryRule

Enclosing class:

CredentialAccessBoundary

public static final class CredentialAccessBoundary.AccessBoundaryRule
extends Object

Defines an upper bound of permissions on a particular resource.

The following snippet shows an AccessBoundaryRule that applies to the Cloud Storage bucket bucket-one to set the upper bound of permissions to those defined by the roles/storage.objectViewer role.

 AccessBoundaryRule rule = AccessBoundaryRule.newBuilder()
   .setAvailableResource("//storage.googleapis.com/projects/_/buckets/bucket-one")
   .addAvailablePermission("inRole:roles/storage.objectViewer")
   .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	CredentialAccessBoundary.AccessBoundaryRule.AvailabilityCondition An optional condition that can be used as part of a CredentialAccessBoundary.AccessBoundaryRule to further restrict permissions.
static class	CredentialAccessBoundary.AccessBoundaryRule.Builder

Method Summary

Modifier and Type	Method and Description
CredentialAccessBoundary.AccessBoundaryRule.AvailabilityCondition	getAvailabilityCondition()
List<String>	getAvailablePermissions()
String	getAvailableResource()
static CredentialAccessBoundary.AccessBoundaryRule.Builder	newBuilder()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getAvailableResource

public String getAvailableResource()

getAvailablePermissions

public List<String> getAvailablePermissions()

getAvailabilityCondition

@Nullable
public CredentialAccessBoundary.AccessBoundaryRule.AvailabilityCondition getAvailabilityCondition()

newBuilder

public static CredentialAccessBoundary.AccessBoundaryRule.Builder newBuilder()