Class: Google::Apis::CloudassetV1::PolicyInfo

Inherits:

Object

Object
Google::Apis::CloudassetV1::PolicyInfo

show all

Includes:: Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport

Defined in:: lib/google/apis/cloudasset_v1/classes.rb,
lib/google/apis/cloudasset_v1/representations.rb,
lib/google/apis/cloudasset_v1/representations.rb

Overview

The IAM policy and its attached resource.

Instance Attribute Summary collapse

#attached_resource ⇒ String
The full resource name the policy is directly attached to.
#policy ⇒ Google::Apis::CloudassetV1::Policy
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.

Instance Method Summary collapse

#initialize(**args) ⇒ PolicyInfo constructor
A new instance of PolicyInfo.
#update!(**args) ⇒ Object
Update properties of this object.

Constructor Details

#initialize(**args) ⇒ `PolicyInfo`

Returns a new instance of PolicyInfo.



3834
3835
3836

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 3834

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#attached_resource ⇒ `String`

The full resource name the policy is directly attached to. Corresponds to the JSON property attachedResource

Returns:

(String)



3801
3802
3803

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 3801

def attached_resource
  @attached_resource
end

#policy ⇒ `Google::Apis::CloudassetV1::Policy`

An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A Policy is a collection of bindings. A binding binds one or more members, or principals, to a single role. Principals can be user accounts, service accounts, Google groups, and domains ( such as G Suite). A role is a named list of permissions; each role can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a binding can also specify a condition, which is a logical expression that allows access to a resource only if the expression evaluates to true. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the IAM documentation. JSON example: " bindings": [ "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", " serviceAccount:my-project-id@appspot.gserviceaccount.com" ] , "role": " roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00: 00:00.000Z')", ], "etag": "BwWWja0YfJA=", "version": 3 YAML example: bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example. com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request. time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the IAM documentation. Corresponds to the JSON property policy

Returns:

(Google::Apis::CloudassetV1::Policy)



3832
3833
3834

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 3832

def policy
  @policy
end

Instance Method Details

#update!(**args) ⇒ `Object`

Update properties of this object

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 3839

def update!(**args)
  @attached_resource = args[:attached_resource] if args.key?(:attached_resource)
  @policy = args[:policy] if args.key?(:policy)
end