Class: Google::Apis::IamV1::LintPolicyRequest

Inherits:

Object

• Object
• Google::Apis::IamV1::LintPolicyRequest

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

generated/google/apis/iam_v1/classes.rb,
generated/google/apis/iam_v1/representations.rb,
generated/google/apis/iam_v1/representations.rb

Overview

The request to lint a Cloud IAM policy object. LintPolicy is currently functional only for lint_object of type condition.

Instance Attribute Summary

• #binding ⇒ Google::Apis::IamV1::Binding

  Associates members with a role.

• #condition ⇒ Google::Apis::IamV1::Expr

  Represents an expression text.

• #context ⇒ Hash<String,Object>

  context contains additional permission-controlled data that any lint unit may depend on, in form of key: value pairs.

• #full_resource_name ⇒ String

  The full resource name of the policy this lint request is about.

• #policy ⇒ Google::Apis::IamV1::Policy

  Defines an Identity and Access Management (IAM) policy.

Instance Method Summary

• #initialize(**args) ⇒ LintPolicyRequest constructor

  A new instance of LintPolicyRequest.

• #update!(**args) ⇒ Object

  Update properties of this object.

Methods included from Core::JsonObjectSupport

#to_json

Methods included from Core::Hashable

process_value, #to_h

Constructor Details

#initialize(**args) ⇒ LintPolicyRequest

Returns a new instance of LintPolicyRequest

# File 'generated/google/apis/iam_v1/classes.rb', line 574

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#binding ⇒ Google::Apis::IamV1::Binding

Associates members with a role. Corresponds to the JSON property binding

Returns:

• (Google::Apis::IamV1::Binding)

# File 'generated/google/apis/iam_v1/classes.rb', line 492

def binding
  @binding
end

#condition ⇒ Google::Apis::IamV1::Expr

Represents an expression text. Example: title: "User account presence" description: "Determines whether the request has a user account" expression: "size(request.user) > 0" Corresponds to the JSON property condition

Returns:

• (Google::Apis::IamV1::Expr)

# File 'generated/google/apis/iam_v1/classes.rb', line 500

def condition
  @condition
end

#context ⇒ Hash<String,Object>

context contains additional permission-controlled data that any lint unit may depend on, in form of key: value pairs. Currently, this field is non-operational and it will not be used during the lint operation. Corresponds to the JSON property context

Returns:

• (Hash<String,Object>)

# File 'generated/google/apis/iam_v1/classes.rb', line 507

def context
  @context
end

#full_resource_name ⇒ String

The full resource name of the policy this lint request is about. The name follows the Google Cloud Platform (GCP) resource format. For example, a GCP project with ID my-project will be named //cloudresourcemanager.googleapis.com/projects/my-project. The resource name is not used to read the policy instance from the Cloud IAM database. The candidate policy for lint has to be provided in the same request object. Corresponds to the JSON property fullResourceName

Returns:

• (String)

# File 'generated/google/apis/iam_v1/classes.rb', line 518

def full_resource_name
  @full_resource_name
end

#policy ⇒ Google::Apis::IamV1::Policy

Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources. A Policy is a collection of bindings. A binding binds one or more members to a single role. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions (defined by IAM or configured by users). A binding can optionally specify a condition, which is a logic expression that further constrains the role binding based on attributes about the request and/or target resource. JSON Example "bindings": [ "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] , "role": "roles/resourcemanager.organizationViewer", "members": ["user:eve@example.com"], "condition": "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", ] YAML Example bindings:

• members:
• user:mike@example.com
• group:admins@example.com
• domain:google.com
• serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin
• members:
• user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') For a description of IAM and its features, see the IAM developer's guide. Corresponds to the JSON property policy

Returns:

• (Google::Apis::IamV1::Policy)

# File 'generated/google/apis/iam_v1/classes.rb', line 572

def policy
  @policy
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'generated/google/apis/iam_v1/classes.rb', line 579

def update!(**args)
  @binding = args[:binding] if args.key?(:binding)
  @condition = args[:condition] if args.key?(:condition)
  @context = args[:context] if args.key?(:context)
  @full_resource_name = args[:full_resource_name] if args.key?(:full_resource_name)
  @policy = args[:policy] if args.key?(:policy)
end