Class: Google::Apis::IapV1::SetIamPolicyRequest
- Inherits:
-
Object
- Object
- Google::Apis::IapV1::SetIamPolicyRequest
- Includes:
- Core::Hashable, Core::JsonObjectSupport
- Defined in:
- generated/google/apis/iap_v1/classes.rb,
generated/google/apis/iap_v1/representations.rb,
generated/google/apis/iap_v1/representations.rb
Overview
Request message for SetIamPolicy
method.
Instance Attribute Summary collapse
-
#policy ⇒ Google::Apis::IapV1::Policy
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
Instance Method Summary collapse
-
#initialize(**args) ⇒ SetIamPolicyRequest
constructor
A new instance of SetIamPolicyRequest.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ SetIamPolicyRequest
Returns a new instance of SetIamPolicyRequest.
837 838 839 |
# File 'generated/google/apis/iap_v1/classes.rb', line 837 def initialize(**args) update!(**args) end |
Instance Attribute Details
#policy ⇒ Google::Apis::IapV1::Policy
An Identity and Access Management (IAM) policy, which specifies access
controls for Google Cloud resources. A Policy
is a collection of bindings
.
A binding
binds one or more members
to a single role
. Members can be
user accounts, service accounts, Google groups, and domains (such as G Suite).
A role
is a named list of permissions; each role
can be an IAM predefined
role or a user-created custom role. For some types of Google Cloud resources,
a binding
can also specify a condition
, which is a logical expression that
allows access to a resource only if the expression evaluates to true
. A
condition can add constraints based on attributes of the request, the resource,
or both. To learn which resources support conditions in their IAM policies,
see the IAM documentation. JSON example: "bindings": [
"role": "roles/
resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
appspot.gserviceaccount.com" ] ,
"role": "roles/resourcemanager.
organizationViewer", "members": [ "user:eve@example.com" ], "condition": "
title": "expirable access", "description": "Does not grant access after Sep
2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')",
], "etag": "BwWWja0YfJA=", "version": 3
YAML example: bindings: -
members: - user:mike@example.com - group:admins@example.com - domain:google.
com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
resourcemanager.organizationAdmin - members: - user:eve@example.com role:
roles/resourcemanager.organizationViewer condition: title: expirable access
description: Does not grant access after Sep 2020 expression: request.time <
timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a
description of IAM and its features, see the IAM documentation.
Corresponds to the JSON property policy
835 836 837 |
# File 'generated/google/apis/iap_v1/classes.rb', line 835 def policy @policy end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
842 843 844 |
# File 'generated/google/apis/iap_v1/classes.rb', line 842 def update!(**args) @policy = args[:policy] if args.key?(:policy) end |