Class: Google::Apis::CloudassetV1p5beta1::Asset
- Inherits:
-
Object
- Object
- Google::Apis::CloudassetV1p5beta1::Asset
- Includes:
- Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
- Defined in:
- generated/google/apis/cloudasset_v1p5beta1/classes.rb,
generated/google/apis/cloudasset_v1p5beta1/representations.rb,
generated/google/apis/cloudasset_v1p5beta1/representations.rb
Overview
An asset in Google Cloud. An asset can be any resource in the Google Cloud resource hierarchy, a resource outside the Google Cloud resource hierarchy (such as Google Kubernetes Engine clusters and objects), or a policy (e.g. Cloud IAM policy). See Supported asset types for more information.
Instance Attribute Summary collapse
-
#access_level ⇒ Google::Apis::CloudassetV1p5beta1::GoogleIdentityAccesscontextmanagerV1AccessLevel
An
AccessLevel
is a label that can be applied to requests to Google Cloud services, along with a list of requirements necessary for the label to be applied. -
#access_policy ⇒ Google::Apis::CloudassetV1p5beta1::GoogleIdentityAccesscontextmanagerV1AccessPolicy
AccessPolicy
is a container forAccessLevels
(which define the necessary attributes to use Google Cloud services) andServicePerimeters
(which define regions of services able to freely pass data within a perimeter). -
#ancestors ⇒ Array<String>
The ancestry path of an asset in Google Cloud resource hierarchy, represented as a list of relative resource names.
-
#asset_type ⇒ String
The type of the asset.
-
#iam_policy ⇒ Google::Apis::CloudassetV1p5beta1::Policy
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
-
#name ⇒ String
The full name of the asset.
-
#org_policy ⇒ Array<Google::Apis::CloudassetV1p5beta1::GoogleCloudOrgpolicyV1Policy>
A representation of an organization policy.
-
#resource ⇒ Google::Apis::CloudassetV1p5beta1::Resource
A representation of a Google Cloud resource.
-
#service_perimeter ⇒ Google::Apis::CloudassetV1p5beta1::GoogleIdentityAccesscontextmanagerV1ServicePerimeter
ServicePerimeter
describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of theServicePerimeter
.
Instance Method Summary collapse
-
#initialize(**args) ⇒ Asset
constructor
A new instance of Asset.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ Asset
Returns a new instance of Asset.
132 133 134 |
# File 'generated/google/apis/cloudasset_v1p5beta1/classes.rb', line 132 def initialize(**args) update!(**args) end |
Instance Attribute Details
#access_level ⇒ Google::Apis::CloudassetV1p5beta1::GoogleIdentityAccesscontextmanagerV1AccessLevel
An AccessLevel
is a label that can be applied to requests to Google Cloud
services, along with a list of requirements necessary for the label to be
applied.
Corresponds to the JSON property accessLevel
39 40 41 |
# File 'generated/google/apis/cloudasset_v1p5beta1/classes.rb', line 39 def access_level @access_level end |
#access_policy ⇒ Google::Apis::CloudassetV1p5beta1::GoogleIdentityAccesscontextmanagerV1AccessPolicy
AccessPolicy
is a container for AccessLevels
(which define the necessary
attributes to use Google Cloud services) and ServicePerimeters
(which define
regions of services able to freely pass data within a perimeter). An access
policy is globally visible within an organization, and the restrictions it
specifies apply to all projects within an organization.
Corresponds to the JSON property accessPolicy
48 49 50 |
# File 'generated/google/apis/cloudasset_v1p5beta1/classes.rb', line 48 def access_policy @access_policy end |
#ancestors ⇒ Array<String>
The ancestry path of an asset in Google Cloud resource hierarchy,
represented as a list of relative resource names. An ancestry path starts with
the closest ancestor in the hierarchy and ends at root. If the asset is a
project, folder, or organization, the ancestry path starts from the asset
itself. Example: ["projects/123456789", "folders/5432", "organizations/1234"]
Corresponds to the JSON property ancestors
58 59 60 |
# File 'generated/google/apis/cloudasset_v1p5beta1/classes.rb', line 58 def ancestors @ancestors end |
#asset_type ⇒ String
The type of the asset. Example: compute.googleapis.com/Disk
See Supported
asset types for more information.
Corresponds to the JSON property assetType
65 66 67 |
# File 'generated/google/apis/cloudasset_v1p5beta1/classes.rb', line 65 def asset_type @asset_type end |
#iam_policy ⇒ Google::Apis::CloudassetV1p5beta1::Policy
An Identity and Access Management (IAM) policy, which specifies access
controls for Google Cloud resources. A Policy
is a collection of bindings
.
A binding
binds one or more members
to a single role
. Members can be
user accounts, service accounts, Google groups, and domains (such as G Suite).
A role
is a named list of permissions; each role
can be an IAM predefined
role or a user-created custom role. For some types of Google Cloud resources,
a binding
can also specify a condition
, which is a logical expression that
allows access to a resource only if the expression evaluates to true
. A
condition can add constraints based on attributes of the request, the resource,
or both. To learn which resources support conditions in their IAM policies,
see the IAM documentation. JSON example: "bindings": [
"role": "roles/
resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
appspot.gserviceaccount.com" ] ,
"role": "roles/resourcemanager.
organizationViewer", "members": [ "user:eve@example.com" ], "condition": "
title": "expirable access", "description": "Does not grant access after Sep
2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')",
], "etag": "BwWWja0YfJA=", "version": 3
YAML example: bindings: -
members: - user:mike@example.com - group:admins@example.com - domain:google.
com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
resourcemanager.organizationAdmin - members: - user:eve@example.com role:
roles/resourcemanager.organizationViewer condition: title: expirable access
description: Does not grant access after Sep 2020 expression: request.time <
timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a
description of IAM and its features, see the IAM documentation.
Corresponds to the JSON property iamPolicy
96 97 98 |
# File 'generated/google/apis/cloudasset_v1p5beta1/classes.rb', line 96 def iam_policy @iam_policy end |
#name ⇒ String
The full name of the asset. Example: //compute.googleapis.com/projects/
my_project_123/zones/zone1/instances/instance1
See Resource names for more
information.
Corresponds to the JSON property name
104 105 106 |
# File 'generated/google/apis/cloudasset_v1p5beta1/classes.rb', line 104 def name @name end |
#org_policy ⇒ Array<Google::Apis::CloudassetV1p5beta1::GoogleCloudOrgpolicyV1Policy>
A representation of an organization policy. There can be
more than one organization policy with different constraints set on a given
resource.
Corresponds to the JSON property orgPolicy
112 113 114 |
# File 'generated/google/apis/cloudasset_v1p5beta1/classes.rb', line 112 def org_policy @org_policy end |
#resource ⇒ Google::Apis::CloudassetV1p5beta1::Resource
A representation of a Google Cloud resource.
Corresponds to the JSON property resource
117 118 119 |
# File 'generated/google/apis/cloudasset_v1p5beta1/classes.rb', line 117 def resource @resource end |
#service_perimeter ⇒ Google::Apis::CloudassetV1p5beta1::GoogleIdentityAccesscontextmanagerV1ServicePerimeter
ServicePerimeter
describes a set of Google Cloud resources which can freely
import and export data amongst themselves, but not export outside of the
ServicePerimeter
. If a request with a source within this ServicePerimeter
has a target outside of the ServicePerimeter
, the request will be blocked.
Otherwise the request is allowed. There are two types of Service Perimeter -
Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google
Cloud project can only belong to a single regular Service Perimeter. Service
Perimeter Bridges can contain only Google Cloud projects as members, a single
Google Cloud project may belong to multiple Service Perimeter Bridges.
Corresponds to the JSON property servicePerimeter
130 131 132 |
# File 'generated/google/apis/cloudasset_v1p5beta1/classes.rb', line 130 def service_perimeter @service_perimeter end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
137 138 139 140 141 142 143 144 145 146 147 |
# File 'generated/google/apis/cloudasset_v1p5beta1/classes.rb', line 137 def update!(**args) @access_level = args[:access_level] if args.key?(:access_level) @access_policy = args[:access_policy] if args.key?(:access_policy) @ancestors = args[:ancestors] if args.key?(:ancestors) @asset_type = args[:asset_type] if args.key?(:asset_type) @iam_policy = args[:iam_policy] if args.key?(:iam_policy) @name = args[:name] if args.key?(:name) @org_policy = args[:org_policy] if args.key?(:org_policy) @resource = args[:resource] if args.key?(:resource) @service_perimeter = args[:service_perimeter] if args.key?(:service_perimeter) end |