Class: Google::Apis::CloudassetV1::IamPolicySearchResult

Inherits:

Object

• Object
• Google::Apis::CloudassetV1::IamPolicySearchResult

Includes:

Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport

Defined in:

lib/google/apis/cloudasset_v1/classes.rb,
lib/google/apis/cloudasset_v1/representations.rb,
lib/google/apis/cloudasset_v1/representations.rb

Overview

A result of IAM Policy search, containing information of an IAM policy.

Instance Attribute Summary

• #asset_type ⇒ String

  The type of the resource associated with this IAM policy.

• #explanation ⇒ Google::Apis::CloudassetV1::Explanation

  Explanation about the IAM policy search result.

• #folders ⇒ Array<String>

  The folder(s) that the IAM policy belongs to, in the form of folders/FOLDER_NUMBER.

• #organization ⇒ String

  The organization that the IAM policy belongs to, in the form of organizations/ORGANIZATION_NUMBER.

• #policy ⇒ Google::Apis::CloudassetV1::Policy

  An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.

• #project ⇒ String

  The project that the associated Google Cloud resource belongs to, in the form of projects/PROJECT_NUMBER.

• #resource ⇒ String

  The full resource name of the resource associated with this IAM policy.

Instance Method Summary

• #initialize(**args) ⇒ IamPolicySearchResult constructor

  A new instance of IamPolicySearchResult.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ IamPolicySearchResult

Returns a new instance of IamPolicySearchResult.

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 4069

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#asset_type ⇒ String

The type of the resource associated with this IAM policy. Example: compute. googleapis.com/Disk. To search against the asset_type: * specify the asset_types field in your search request. Corresponds to the JSON property assetType

Returns:

• (String)

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 3993

def asset_type
  @asset_type
end

#explanation ⇒ Google::Apis::CloudassetV1::Explanation

Explanation about the IAM policy search result. Corresponds to the JSON property explanation

Returns:

• (Google::Apis::CloudassetV1::Explanation)

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 3998

def explanation
  @explanation
end

#folders ⇒ Array<String>

The folder(s) that the IAM policy belongs to, in the form of folders/ FOLDER_NUMBER. This field is available when the IAM policy belongs to one or more folders. To search against folders: * use a field query. Example: folders:(123 OR 456) * use a free text query. Example: 123 * specify the scope field as this folder in your search request. Corresponds to the JSON property folders

Returns:

• (Array<String>)

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 4007

def folders
  @folders
end

#organization ⇒ String

The organization that the IAM policy belongs to, in the form of organizations/ ORGANIZATION_NUMBER. This field is available when the IAM policy belongs to an organization. To search against organization: * use a field query. Example: organization:123 * use a free text query. Example: 123 * specify the scope field as this organization in your search request. Corresponds to the JSON property organization

Returns:

• (String)

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 4016

def organization
  @organization
end

#policy ⇒ Google::Apis::CloudassetV1::Policy

An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A Policy is a collection of bindings. A binding binds one or more members, or principals, to a single role. Principals can be user accounts, service accounts, Google groups, and domains ( such as G Suite). A role is a named list of permissions; each role can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a binding can also specify a condition, which is a logical expression that allows access to a resource only if the expression evaluates to true. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the IAM documentation. JSON example: ` " bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", " serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": " roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00: 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` YAML example: bindings: - members: - user:mike@example.com - group:admins@ example.com - domain:google.com - serviceAccount:my-project-id@appspot. gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the IAM documentation. Corresponds to the JSON property policy

Returns:

• (Google::Apis::CloudassetV1::Policy)

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 4047

def policy
  @policy
end

#project ⇒ String

The project that the associated Google Cloud resource belongs to, in the form of projects/PROJECT_NUMBER. If an IAM policy is set on a resource (like VM instance, Cloud Storage bucket), the project field will indicate the project that contains the resource. If an IAM policy is set on a folder or orgnization, this field will be empty. To search against the project: * specify the scope field as this project in your search request. Corresponds to the JSON property project

Returns:

• (String)

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 4057

def project
  @project
end

#resource ⇒ String

The full resource name of the resource associated with this IAM policy. Example: //compute.googleapis.com/projects/my_project_123/zones/zone1/ instances/instance1. See Cloud Asset Inventory Resource Name Format for more information. To search against the resource: * use a field query. Example: resource:organizations/123 Corresponds to the JSON property resource

Returns:

• (String)

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 4067

def resource
  @resource
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'lib/google/apis/cloudasset_v1/classes.rb', line 4074

def update!(**args)
  @asset_type = args[:asset_type] if args.key?(:asset_type)
  @explanation = args[:explanation] if args.key?(:explanation)
  @folders = args[:folders] if args.key?(:folders)
  @organization = args[:organization] if args.key?(:organization)
  @policy = args[:policy] if args.key?(:policy)
  @project = args[:project] if args.key?(:project)
  @resource = args[:resource] if args.key?(:resource)
end