Class: Google::Apis::CloudassetV1p1beta1::IamPolicySearchResult

Inherits:
Object
  • Object
show all
Includes:
Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
Defined in:
generated/google/apis/cloudasset_v1p1beta1/classes.rb,
generated/google/apis/cloudasset_v1p1beta1/representations.rb,
generated/google/apis/cloudasset_v1p1beta1/representations.rb

Overview

The result for a IAM Policy search.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ IamPolicySearchResult

Returns a new instance of IamPolicySearchResult.



299
300
301
# File 'generated/google/apis/cloudasset_v1p1beta1/classes.rb', line 299

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#explanationGoogle::Apis::CloudassetV1p1beta1::Explanation

Explanation about the IAM policy search result. Corresponds to the JSON property explanation



251
252
253
# File 'generated/google/apis/cloudasset_v1p1beta1/classes.rb', line 251

def explanation
  @explanation
end

#policyGoogle::Apis::CloudassetV1p1beta1::Policy

An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A Policy is a collection of bindings. A binding binds one or more members to a single role. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions; each role can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a binding can also specify a condition, which is a logical expression that allows access to a resource only if the expression evaluates to true. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the IAM documentation. JSON example: "bindings": [ "role": "roles/ resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", " group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@ appspot.gserviceaccount.com" ] , "role": "roles/resourcemanager. organizationViewer", "members": [ "user:eve@example.com" ], "condition": " title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", ], "etag": "BwWWja0YfJA=", "version": 3 YAML example: bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google. com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/ resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the IAM documentation. Corresponds to the JSON property policy



282
283
284
# File 'generated/google/apis/cloudasset_v1p1beta1/classes.rb', line 282

def policy
  @policy
end

#projectString

The project that the associated GCP resource belongs to, in the form of projects/project_number`. If an IAM policy is set on a resource (like VM instance, Cloud Storage bucket), the project field will indicate the project that contains the resource. If an IAM policy is set on a folder or orgnization, the project field will be empty. Corresponds to the JSON propertyproject`

Returns:

  • (String)


291
292
293
# File 'generated/google/apis/cloudasset_v1p1beta1/classes.rb', line 291

def project
  @project
end

#resourceString

The full resource name of the resource associated with this IAM policy. Corresponds to the JSON property resource

Returns:

  • (String)


297
298
299
# File 'generated/google/apis/cloudasset_v1p1beta1/classes.rb', line 297

def resource
  @resource
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



304
305
306
307
308
309
# File 'generated/google/apis/cloudasset_v1p1beta1/classes.rb', line 304

def update!(**args)
  @explanation = args[:explanation] if args.key?(:explanation)
  @policy = args[:policy] if args.key?(:policy)
  @project = args[:project] if args.key?(:project)
  @resource = args[:resource] if args.key?(:resource)
end