Class: Google::Apis::PolicytroubleshooterV1beta::GoogleCloudPolicytroubleshooterV1betaBindingExplanation
- Inherits:
-
Object
- Object
- Google::Apis::PolicytroubleshooterV1beta::GoogleCloudPolicytroubleshooterV1betaBindingExplanation
- Includes:
- Core::Hashable, Core::JsonObjectSupport
- Defined in:
- generated/google/apis/policytroubleshooter_v1beta/classes.rb,
generated/google/apis/policytroubleshooter_v1beta/representations.rb,
generated/google/apis/policytroubleshooter_v1beta/representations.rb
Overview
Details about how a binding in a policy affects a member's ability to use a permission.
Instance Attribute Summary collapse
-
#access ⇒ String
Indicates whether this binding provides the specified permission to the specified member for the specified resource.
-
#condition ⇒ Google::Apis::PolicytroubleshooterV1beta::GoogleTypeExpr
Represents a textual expression in the Common Expression Language (CEL) syntax.
-
#memberships ⇒ Hash<String,Google::Apis::PolicytroubleshooterV1beta::GoogleCloudPolicytroubleshooterV1betaBindingExplanationAnnotatedMembership>
Indicates whether each member in the binding includes the member specified in the request, either directly or indirectly.
-
#relevance ⇒ String
The relevance of this binding to the overall determination for the entire policy.
-
#role ⇒ String
The role that this binding grants.
-
#role_permission ⇒ String
Indicates whether the role granted by this binding contains the specified permission.
-
#role_permission_relevance ⇒ String
The relevance of the permission's existence, or nonexistence, in the role to the overall determination for the entire policy.
Instance Method Summary collapse
-
#initialize(**args) ⇒ GoogleCloudPolicytroubleshooterV1betaBindingExplanation
constructor
A new instance of GoogleCloudPolicytroubleshooterV1betaBindingExplanation.
-
#update!(**args) ⇒ Object
Update properties of this object.
Methods included from Core::JsonObjectSupport
Methods included from Core::Hashable
Constructor Details
#initialize(**args) ⇒ GoogleCloudPolicytroubleshooterV1betaBindingExplanation
Returns a new instance of GoogleCloudPolicytroubleshooterV1betaBindingExplanation.
157 158 159 |
# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 157 def initialize(**args) update!(**args) end |
Instance Attribute Details
#access ⇒ String
Indicates whether this binding provides the specified permission to the
specified member for the specified resource.
This field does not indicate whether the member actually has the
permission for the resource. There might be another binding that overrides
this binding. To determine whether the member actually has the permission,
use the access
field in the
TroubleshootIamPolicyResponse.
Corresponds to the JSON property access
84 85 86 |
# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 84 def access @access end |
#condition ⇒ Google::Apis::PolicytroubleshooterV1beta::GoogleTypeExpr
Represents a textual expression in the Common Expression Language (CEL)
syntax. CEL is a C-like expression language. The syntax and semantics of CEL
are documented at https://github.com/google/cel-spec.
Example (Comparison):
title: "Summary size limit"
description: "Determines if a summary is less than 100 chars"
expression: "document.summary.size() < 100"
Example (Equality):
title: "Requestor is owner"
description: "Determines if requestor is the document owner"
expression: "document.owner == request.auth.claims.email"
Example (Logic):
title: "Public documents"
description: "Determine whether the document should be publicly visible"
expression: "document.type != 'private' && document.type != 'internal'"
Example (Data Manipulation):
title: "Notification string"
description: "Create a notification string with a timestamp."
expression: "'New message received at ' + string(document.create_time)"
The exact variables and functions that may be referenced within an expression
are determined by the service that evaluates it. See the service
documentation for additional information.
Corresponds to the JSON property condition
110 111 112 |
# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 110 def condition @condition end |
#memberships ⇒ Hash<String,Google::Apis::PolicytroubleshooterV1beta::GoogleCloudPolicytroubleshooterV1betaBindingExplanationAnnotatedMembership>
Indicates whether each member in the binding includes the member specified in the request, either directly or indirectly. Each key identifies a member in the binding, and each value indicates whether the member in the binding includes the member in the request. For example, suppose that a binding includes the following members:
user:alice@example.com
group:product-eng@example.com
You want to troubleshoot access foruser:bob@example.com
. This user is a member of the groupgroup:product-eng@example.com
. For the first member in the binding, the key isuser:alice@example.com
, and themembership
field in the value is set toMEMBERSHIP_NOT_INCLUDED
. For the second member in the binding, the key isgroup:product-eng@example.com
, and themembership
field in the value is set toMEMBERSHIP_INCLUDED
. Corresponds to the JSON propertymemberships
129 130 131 |
# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 129 def memberships @memberships end |
#relevance ⇒ String
The relevance of this binding to the overall determination for the entire
policy.
Corresponds to the JSON property relevance
135 136 137 |
# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 135 def relevance @relevance end |
#role ⇒ String
The role that this binding grants. For example,
roles/compute.serviceAgent
.
For a complete list of predefined IAM roles, as well as the permissions in
each role, see https://cloud.google.com/iam/help/roles/reference.
Corresponds to the JSON property role
143 144 145 |
# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 143 def role @role end |
#role_permission ⇒ String
Indicates whether the role granted by this binding contains the specified
permission.
Corresponds to the JSON property rolePermission
149 150 151 |
# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 149 def @role_permission end |
#role_permission_relevance ⇒ String
The relevance of the permission's existence, or nonexistence, in the role
to the overall determination for the entire policy.
Corresponds to the JSON property rolePermissionRelevance
155 156 157 |
# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 155 def @role_permission_relevance end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
162 163 164 165 166 167 168 169 170 |
# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 162 def update!(**args) @access = args[:access] if args.key?(:access) @condition = args[:condition] if args.key?(:condition) @memberships = args[:memberships] if args.key?(:memberships) @relevance = args[:relevance] if args.key?(:relevance) @role = args[:role] if args.key?(:role) @role_permission = args[:role_permission] if args.key?(:role_permission) @role_permission_relevance = args[:role_permission_relevance] if args.key?(:role_permission_relevance) end |