Class: Google::Apis::CloudassetV1p1beta1::IamPolicySearchResult

Inherits:
Object
  • Object
show all
Includes:
Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
Defined in:
generated/google/apis/cloudasset_v1p1beta1/classes.rb,
generated/google/apis/cloudasset_v1p1beta1/representations.rb,
generated/google/apis/cloudasset_v1p1beta1/representations.rb

Overview

The result for a IAM Policy search.

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Google::Apis::Core::JsonObjectSupport

#to_json

Methods included from Google::Apis::Core::Hashable

process_value, #to_h

Constructor Details

#initialize(**args) ⇒ IamPolicySearchResult

Returns a new instance of IamPolicySearchResult.



395
396
397
# File 'generated/google/apis/cloudasset_v1p1beta1/classes.rb', line 395

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#explanationGoogle::Apis::CloudassetV1p1beta1::Explanation

Explanation about the IAM policy search result. Corresponds to the JSON property explanation



317
318
319
# File 'generated/google/apis/cloudasset_v1p1beta1/classes.rb', line 317

def explanation
  @explanation
end

#policyGoogle::Apis::CloudassetV1p1beta1::Policy

An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A Policy is a collection of bindings. A binding binds one or more members to a single role. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions; each role can be an IAM predefined role or a user-created custom role. Optionally, a binding can specify a condition, which is a logical expression that allows access to a resource only if the expression evaluates to true. A condition can add constraints based on attributes of the request, the resource, or both. JSON example: "bindings": [ "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] , "role": "roles/resourcemanager.organizationViewer", "members": ["user:eve@example.com"], "condition": "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z') ", ], "etag": "BwWWja0YfJA=", "version": 3 YAML example: bindings:

  • members:
  • user:mike@example.com
  • group:admins@example.com
  • domain:google.com
  • serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin
  • members:
  • user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
  • etag: BwWWja0YfJA=
  • version: 3 For a description of IAM and its features, see the IAM documentation. Corresponds to the JSON property policy


377
378
379
# File 'generated/google/apis/cloudasset_v1p1beta1/classes.rb', line 377

def policy
  @policy
end

#projectString

The project that the associated GCP resource belongs to, in the form of projects/project_number`. If an IAM policy is set on a resource (like VM instance, Cloud Storage bucket), the project field will indicate the project that contains the resource. If an IAM policy is set on a folder or orgnization, the project field will be empty. Corresponds to the JSON propertyproject`

Returns:

  • (String)


386
387
388
# File 'generated/google/apis/cloudasset_v1p1beta1/classes.rb', line 386

def project
  @project
end

#resourceString

The full resource name of the resource associated with this IAM policy. Corresponds to the JSON property resource

Returns:

  • (String)


393
394
395
# File 'generated/google/apis/cloudasset_v1p1beta1/classes.rb', line 393

def resource
  @resource
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



400
401
402
403
404
405
# File 'generated/google/apis/cloudasset_v1p1beta1/classes.rb', line 400

def update!(**args)
  @explanation = args[:explanation] if args.key?(:explanation)
  @policy = args[:policy] if args.key?(:policy)
  @project = args[:project] if args.key?(:project)
  @resource = args[:resource] if args.key?(:resource)
end