Class: Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1DevicePolicy

Inherits:

Object

• Object
• Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1DevicePolicy

Includes:

Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport

Defined in:

generated/google/apis/cloudasset_v1/classes.rb,
generated/google/apis/cloudasset_v1/representations.rb,
generated/google/apis/cloudasset_v1/representations.rb

Overview

DevicePolicy specifies device specific restrictions necessary to acquire a given access level. A DevicePolicy specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. DevicePolicy acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.

Instance Attribute Summary

• #allowed_device_management_levels ⇒ Array<String>

  Allowed device management levels, an empty list allows all management levels.

• #allowed_encryption_statuses ⇒ Array<String>

  Allowed encryptions statuses, an empty list allows all statuses.

• #os_constraints ⇒ Array<Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1OsConstraint>

  Allowed OS versions, an empty list allows all types and all versions.

• #require_admin_approval ⇒ Boolean (also: #require_admin_approval?)

  Whether the device needs to be approved by the customer admin.

• #require_corp_owned ⇒ Boolean (also: #require_corp_owned?)

  Whether the device needs to be corp owned.

• #require_screenlock ⇒ Boolean (also: #require_screenlock?)

  Whether or not screenlock is required for the DevicePolicy to be true.

Instance Method Summary

• #initialize(**args) ⇒ GoogleIdentityAccesscontextmanagerV1DevicePolicy constructor

  A new instance of GoogleIdentityAccesscontextmanagerV1DevicePolicy.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ GoogleIdentityAccesscontextmanagerV1DevicePolicy

Returns a new instance of GoogleIdentityAccesscontextmanagerV1DevicePolicy.

# File 'generated/google/apis/cloudasset_v1/classes.rb', line 1650

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#allowed_device_management_levels ⇒ Array<String>

Allowed device management levels, an empty list allows all management levels. Corresponds to the JSON property allowedDeviceManagementLevels

Returns:

• (Array<String>)

# File 'generated/google/apis/cloudasset_v1/classes.rb', line 1619

def allowed_device_management_levels
  @allowed_device_management_levels
end

#allowed_encryption_statuses ⇒ Array<String>

Allowed encryptions statuses, an empty list allows all statuses. Corresponds to the JSON property allowedEncryptionStatuses

Returns:

• (Array<String>)

# File 'generated/google/apis/cloudasset_v1/classes.rb', line 1624

def allowed_encryption_statuses
  @allowed_encryption_statuses
end

#os_constraints ⇒ Array<Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1OsConstraint>

Allowed OS versions, an empty list allows all types and all versions. Corresponds to the JSON property osConstraints

Returns:

• (Array<Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1OsConstraint>)

# File 'generated/google/apis/cloudasset_v1/classes.rb', line 1629

def os_constraints
  @os_constraints
end

#require_admin_approval ⇒ Boolean Also known as: require_admin_approval?

Whether the device needs to be approved by the customer admin. Corresponds to the JSON property requireAdminApproval

Returns:

• (Boolean)

# File 'generated/google/apis/cloudasset_v1/classes.rb', line 1634

def require_admin_approval
  @require_admin_approval
end

#require_corp_owned ⇒ Boolean Also known as: require_corp_owned?

Whether the device needs to be corp owned. Corresponds to the JSON property requireCorpOwned

Returns:

• (Boolean)

# File 'generated/google/apis/cloudasset_v1/classes.rb', line 1640

def require_corp_owned
  @require_corp_owned
end

#require_screenlock ⇒ Boolean Also known as: require_screenlock?

Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false. Corresponds to the JSON property requireScreenlock

Returns:

• (Boolean)

# File 'generated/google/apis/cloudasset_v1/classes.rb', line 1647

def require_screenlock
  @require_screenlock
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'generated/google/apis/cloudasset_v1/classes.rb', line 1655

def update!(**args)
  @allowed_device_management_levels = args[:allowed_device_management_levels] if args.key?(:allowed_device_management_levels)
  @allowed_encryption_statuses = args[:allowed_encryption_statuses] if args.key?(:allowed_encryption_statuses)
  @os_constraints = args[:os_constraints] if args.key?(:os_constraints)
  @require_admin_approval = args[:require_admin_approval] if args.key?(:require_admin_approval)
  @require_corp_owned = args[:require_corp_owned] if args.key?(:require_corp_owned)
  @require_screenlock = args[:require_screenlock] if args.key?(:require_screenlock)
end