Class: Google::Apis::CloudassetV1p1beta1::GoogleIdentityAccesscontextmanagerV1AccessPolicy
- Inherits:
-
Object
- Object
- Google::Apis::CloudassetV1p1beta1::GoogleIdentityAccesscontextmanagerV1AccessPolicy
- Includes:
- Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
- Defined in:
- lib/google/apis/cloudasset_v1p1beta1/classes.rb,
lib/google/apis/cloudasset_v1p1beta1/representations.rb,
lib/google/apis/cloudasset_v1p1beta1/representations.rb
Overview
AccessPolicy is a container for AccessLevels (which define the necessary
attributes to use Google Cloud services) and ServicePerimeters (which define
regions of services able to freely pass data within a perimeter). An access
policy is globally visible within an organization, and the restrictions it
specifies apply to all projects within an organization.
Instance Attribute Summary collapse
-
#etag ⇒ String
Output only.
-
#name ⇒ String
Output only.
-
#parent ⇒ String
Required.
-
#scopes ⇒ Array<String>
The scopes of the AccessPolicy.
-
#title ⇒ String
Required.
Instance Method Summary collapse
-
#initialize(**args) ⇒ GoogleIdentityAccesscontextmanagerV1AccessPolicy
constructor
A new instance of GoogleIdentityAccesscontextmanagerV1AccessPolicy.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ GoogleIdentityAccesscontextmanagerV1AccessPolicy
Returns a new instance of GoogleIdentityAccesscontextmanagerV1AccessPolicy.
978 979 980 |
# File 'lib/google/apis/cloudasset_v1p1beta1/classes.rb', line 978 def initialize(**args) update!(**args) end |
Instance Attribute Details
#etag ⇒ String
Output only. An opaque identifier for the current version of the AccessPolicy
. This will always be a strongly validated etag, meaning that two Access
Polices will be identical if and only if their etags are identical. Clients
should not expect this to be in any specific format.
Corresponds to the JSON property etag
945 946 947 |
# File 'lib/google/apis/cloudasset_v1p1beta1/classes.rb', line 945 def etag @etag end |
#name ⇒ String
Output only. Resource name of the AccessPolicy. Format: accessPolicies/
access_policy`
Corresponds to the JSON propertyname`
951 952 953 |
# File 'lib/google/apis/cloudasset_v1p1beta1/classes.rb', line 951 def name @name end |
#parent ⇒ String
Required. The parent of this AccessPolicy in the Cloud Resource Hierarchy.
Currently immutable once created. Format: organizations/organization_id`
Corresponds to the JSON propertyparent`
957 958 959 |
# File 'lib/google/apis/cloudasset_v1p1beta1/classes.rb', line 957 def parent @parent end |
#scopes ⇒ Array<String>
The scopes of the AccessPolicy. Scopes define which resources a policy can
restrict and where its resources can be referenced. For example, policy A with
scopes=["folders/123"] has the following behavior: - ServicePerimeter can
only restrict projects within folders/123. - ServicePerimeter within policy
A can only reference access levels defined within policy A. - Only one policy
can include a given scope; thus, attempting to create a second policy which
includes folders/123 will result in an error. If no scopes are provided,
then any resource within the organization can be restricted. Scopes cannot be
modified after a policy is created. Policies can only have a single scope.
Format: list of folders/folder_numberor `projects/`project_number
Corresponds to the JSON property scopes
971 972 973 |
# File 'lib/google/apis/cloudasset_v1p1beta1/classes.rb', line 971 def scopes @scopes end |
#title ⇒ String
Required. Human readable title. Does not affect behavior.
Corresponds to the JSON property title
976 977 978 |
# File 'lib/google/apis/cloudasset_v1p1beta1/classes.rb', line 976 def title @title end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
983 984 985 986 987 988 989 |
# File 'lib/google/apis/cloudasset_v1p1beta1/classes.rb', line 983 def update!(**args) @etag = args[:etag] if args.key?(:etag) @name = args[:name] if args.key?(:name) @parent = args[:parent] if args.key?(:parent) @scopes = args[:scopes] if args.key?(:scopes) @title = args[:title] if args.key?(:title) end |