Class: Google::Apis::BinaryauthorizationV1beta1::SetIamPolicyRequest
- Inherits:
-
Object
- Object
- Google::Apis::BinaryauthorizationV1beta1::SetIamPolicyRequest
- Includes:
- Core::Hashable, Core::JsonObjectSupport
- Defined in:
- generated/google/apis/binaryauthorization_v1beta1/classes.rb,
generated/google/apis/binaryauthorization_v1beta1/representations.rb,
generated/google/apis/binaryauthorization_v1beta1/representations.rb
Overview
Request message for SetIamPolicy
method.
Instance Attribute Summary collapse
-
#policy ⇒ Google::Apis::BinaryauthorizationV1beta1::IamPolicy
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
Instance Method Summary collapse
-
#initialize(**args) ⇒ SetIamPolicyRequest
constructor
A new instance of SetIamPolicyRequest.
-
#update!(**args) ⇒ Object
Update properties of this object.
Methods included from Core::JsonObjectSupport
Methods included from Core::Hashable
Constructor Details
#initialize(**args) ⇒ SetIamPolicyRequest
Returns a new instance of SetIamPolicyRequest.
661 662 663 |
# File 'generated/google/apis/binaryauthorization_v1beta1/classes.rb', line 661 def initialize(**args) update!(**args) end |
Instance Attribute Details
#policy ⇒ Google::Apis::BinaryauthorizationV1beta1::IamPolicy
An Identity and Access Management (IAM) policy, which specifies access
controls for Google Cloud resources.
A Policy
is a collection of bindings
. A binding
binds one or more
members
to a single role
. Members can be user accounts, service accounts,
Google groups, and domains (such as G Suite). A role
is a named list of
permissions; each role
can be an IAM predefined role or a user-created
custom role.
Optionally, a binding
can specify a condition
, which is a logical
expression that allows access to a resource only if the expression evaluates
to true
. A condition can add constraints based on attributes of the
request, the resource, or both.
JSON example:
"bindings": [
"role": "roles/resourcemanager.organizationAdmin",
"members": [
"user:mike@example.com",
"group:admins@example.com",
"domain:google.com",
"serviceAccount:my-project-id@appspot.gserviceaccount.com"
]
,
"role": "roles/resourcemanager.organizationViewer",
"members": ["user:eve@example.com"],
"condition":
"title": "expirable access",
"description": "Does not grant access after Sep 2020",
"expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')
",
],
"etag": "BwWWja0YfJA=",
"version": 3
YAML example:
bindings:
- members:
- user:mike@example.com
- group:admins@example.com
- domain:google.com
- serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin
- members:
- user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
- etag: BwWWja0YfJA=
- version: 3
For a description of IAM and its features, see the
IAM documentation.
Corresponds to the JSON property
policy
659 660 661 |
# File 'generated/google/apis/binaryauthorization_v1beta1/classes.rb', line 659 def policy @policy end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
666 667 668 |
# File 'generated/google/apis/binaryauthorization_v1beta1/classes.rb', line 666 def update!(**args) @policy = args[:policy] if args.key?(:policy) end |