Class: Google::Apis::CloudassetV1::Asset
- Inherits:
-
Object
- Object
- Google::Apis::CloudassetV1::Asset
- Defined in:
- generated/google/apis/cloudasset_v1/classes.rb,
generated/google/apis/cloudasset_v1/representations.rb,
generated/google/apis/cloudasset_v1/representations.rb
Overview
Cloud asset. This includes all Google Cloud Platform resources, Cloud IAM policies, and other non-GCP assets.
Instance Attribute Summary collapse
-
#access_level ⇒ Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1AccessLevel
An
AccessLevel
is a label that can be applied to requests to GCP services, along with a list of requirements necessary for the label to be applied. -
#access_policy ⇒ Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1AccessPolicy
AccessPolicy
is a container forAccessLevels
(which define the necessary attributes to use GCP services) andServicePerimeters
(which define regions of services able to freely pass data within a perimeter). -
#asset_type ⇒ String
Type of the asset.
-
#iam_policy ⇒ Google::Apis::CloudassetV1::Policy
Defines an Identity and Access Management (IAM) policy.
-
#name ⇒ String
The full name of the asset.
-
#org_policy ⇒ Array<Google::Apis::CloudassetV1::GoogleCloudOrgpolicyV1Policy>
Representation of the Cloud Organization Policy set on an asset.
-
#resource ⇒ Google::Apis::CloudassetV1::Resource
Representation of a cloud resource.
-
#service_perimeter ⇒ Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1ServicePerimeter
ServicePerimeter
describes a set of GCP resources which can freely import and export data amongst themselves, but not export outside of theServicePerimeter
.
Instance Method Summary collapse
-
#initialize(**args) ⇒ Asset
constructor
A new instance of Asset.
-
#update!(**args) ⇒ Object
Update properties of this object.
Methods included from Google::Apis::Core::JsonObjectSupport
Methods included from Google::Apis::Core::Hashable
Constructor Details
#initialize(**args) ⇒ Asset
Returns a new instance of Asset
126 127 128 |
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 126 def initialize(**args) update!(**args) end |
Instance Attribute Details
#access_level ⇒ Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1AccessLevel
An AccessLevel
is a label that can be applied to requests to GCP services,
along with a list of requirements necessary for the label to be applied.
Corresponds to the JSON property accessLevel
34 35 36 |
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 34 def access_level @access_level end |
#access_policy ⇒ Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1AccessPolicy
AccessPolicy
is a container for AccessLevels
(which define the necessary
attributes to use GCP services) and ServicePerimeters
(which define regions
of services able to freely pass data within a perimeter). An access policy is
globally visible within an organization, and the restrictions it specifies
apply to all projects within an organization.
Corresponds to the JSON property accessPolicy
43 44 45 |
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 43 def access_policy @access_policy end |
#asset_type ⇒ String
Type of the asset. Example: "compute.googleapis.com/Disk".
Corresponds to the JSON property assetType
48 49 50 |
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 48 def asset_type @asset_type end |
#iam_policy ⇒ Google::Apis::CloudassetV1::Policy
Defines an Identity and Access Management (IAM) policy. It is used to
specify access control policies for Cloud Platform resources.
A Policy
consists of a list of bindings
. A binding
binds a list of
members
to a role
, where the members can be user accounts, Google groups,
Google domains, and service accounts. A role
is a named list of permissions
defined by IAM.
JSON Example
"bindings": [
"role": "roles/owner",
"members": [
"user:mike@example.com",
"group:admins@example.com",
"domain:google.com",
"serviceAccount:my-other-app@appspot.gserviceaccount.com"
]
,
"role": "roles/viewer",
"members": ["user:sean@example.com"]
]
YAML Example
bindings:
- members:
- user:mike@example.com
- group:admins@example.com
- domain:google.com
- serviceAccount:my-other-app@appspot.gserviceaccount.com role: roles/owner
- members:
- user:sean@example.com
role: roles/viewer
For a description of IAM and its features, see the
IAM developer's guide.
Corresponds to the JSON property
iamPolicy
89 90 91 |
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 89 def iam_policy @iam_policy end |
#name ⇒ String
The full name of the asset. For example:
//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/
instance1
.
See Resource
Names
for more information.
Corresponds to the JSON property name
99 100 101 |
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 99 def name @name end |
#org_policy ⇒ Array<Google::Apis::CloudassetV1::GoogleCloudOrgpolicyV1Policy>
Representation of the Cloud Organization Policy set on an asset. For each
asset, there could be multiple Organization policies with different
constraints.
Corresponds to the JSON property orgPolicy
106 107 108 |
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 106 def org_policy @org_policy end |
#resource ⇒ Google::Apis::CloudassetV1::Resource
Representation of a cloud resource.
Corresponds to the JSON property resource
111 112 113 |
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 111 def resource @resource end |
#service_perimeter ⇒ Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1ServicePerimeter
ServicePerimeter
describes a set of GCP resources which can freely import
and export data amongst themselves, but not export outside of the
ServicePerimeter
. If a request with a source within this ServicePerimeter
has a target outside of the ServicePerimeter
, the request will be blocked.
Otherwise the request is allowed. There are two types of Service Perimeter -
Regular and Bridge. Regular Service Perimeters cannot overlap, a single GCP
project can only belong to a single regular Service Perimeter. Service
Perimeter Bridges can contain only GCP projects as members, a single GCP
project may belong to multiple Service Perimeter Bridges.
Corresponds to the JSON property servicePerimeter
124 125 126 |
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 124 def service_perimeter @service_perimeter end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
131 132 133 134 135 136 137 138 139 140 |
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 131 def update!(**args) @access_level = args[:access_level] if args.key?(:access_level) @access_policy = args[:access_policy] if args.key?(:access_policy) @asset_type = args[:asset_type] if args.key?(:asset_type) @iam_policy = args[:iam_policy] if args.key?(:iam_policy) @name = args[:name] if args.key?(:name) @org_policy = args[:org_policy] if args.key?(:org_policy) @resource = args[:resource] if args.key?(:resource) @service_perimeter = args[:service_perimeter] if args.key?(:service_perimeter) end |