Class: Google::Apis::CloudassetV1p7beta1::GoogleCloudAssetV1p7beta1Asset
- Inherits:
-
Object
- Object
- Google::Apis::CloudassetV1p7beta1::GoogleCloudAssetV1p7beta1Asset
- Includes:
- Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
- Defined in:
- lib/google/apis/cloudasset_v1p7beta1/classes.rb,
lib/google/apis/cloudasset_v1p7beta1/representations.rb,
lib/google/apis/cloudasset_v1p7beta1/representations.rb
Overview
An asset in Google Cloud. An asset can be any resource in the Google Cloud resource hierarchy, a resource outside the Google Cloud resource hierarchy (such as Google Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy). See Supported asset types for more information.
Instance Attribute Summary collapse
-
#access_level ⇒ Google::Apis::CloudassetV1p7beta1::GoogleIdentityAccesscontextmanagerV1AccessLevel
An
AccessLevel
is a label that can be applied to requests to Google Cloud services, along with a list of requirements necessary for the label to be applied. -
#access_policy ⇒ Google::Apis::CloudassetV1p7beta1::GoogleIdentityAccesscontextmanagerV1AccessPolicy
AccessPolicy
is a container forAccessLevels
(which define the necessary attributes to use Google Cloud services) andServicePerimeters
(which define regions of services able to freely pass data within a perimeter). -
#ancestors ⇒ Array<String>
The ancestry path of an asset in Google Cloud resource hierarchy, represented as a list of relative resource names.
-
#asset_type ⇒ String
The type of the asset.
-
#iam_policy ⇒ Google::Apis::CloudassetV1p7beta1::Policy
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
-
#name ⇒ String
The full name of the asset.
-
#org_policy ⇒ Array<Google::Apis::CloudassetV1p7beta1::GoogleCloudOrgpolicyV1Policy>
A representation of an organization policy.
-
#related_assets ⇒ Google::Apis::CloudassetV1p7beta1::GoogleCloudAssetV1p7beta1RelatedAssets
The detailed related assets with the
relationship_type
. -
#resource ⇒ Google::Apis::CloudassetV1p7beta1::GoogleCloudAssetV1p7beta1Resource
A representation of a Google Cloud resource.
-
#service_perimeter ⇒ Google::Apis::CloudassetV1p7beta1::GoogleIdentityAccesscontextmanagerV1ServicePerimeter
ServicePerimeter
describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of theServicePerimeter
. -
#update_time ⇒ String
The last update timestamp of an asset.
Instance Method Summary collapse
-
#initialize(**args) ⇒ GoogleCloudAssetV1p7beta1Asset
constructor
A new instance of GoogleCloudAssetV1p7beta1Asset.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ GoogleCloudAssetV1p7beta1Asset
Returns a new instance of GoogleCloudAssetV1p7beta1Asset.
403 404 405 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 403 def initialize(**args) update!(**args) end |
Instance Attribute Details
#access_level ⇒ Google::Apis::CloudassetV1p7beta1::GoogleIdentityAccesscontextmanagerV1AccessLevel
An AccessLevel
is a label that can be applied to requests to Google Cloud
services, along with a list of requirements necessary for the label to be
applied.
Corresponds to the JSON property accessLevel
298 299 300 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 298 def access_level @access_level end |
#access_policy ⇒ Google::Apis::CloudassetV1p7beta1::GoogleIdentityAccesscontextmanagerV1AccessPolicy
AccessPolicy
is a container for AccessLevels
(which define the necessary
attributes to use Google Cloud services) and ServicePerimeters
(which define
regions of services able to freely pass data within a perimeter). An access
policy is globally visible within an organization, and the restrictions it
specifies apply to all projects within an organization.
Corresponds to the JSON property accessPolicy
307 308 309 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 307 def access_policy @access_policy end |
#ancestors ⇒ Array<String>
The ancestry path of an asset in Google Cloud resource hierarchy,
represented as a list of relative resource names. An ancestry path starts with
the closest ancestor in the hierarchy and ends at root. If the asset is a
project, folder, or organization, the ancestry path starts from the asset
itself. Example: ["projects/123456789", "folders/5432", "organizations/1234"]
Corresponds to the JSON property ancestors
317 318 319 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 317 def ancestors @ancestors end |
#asset_type ⇒ String
The type of the asset. Example: compute.googleapis.com/Disk
See Supported
asset types for more information.
Corresponds to the JSON property assetType
324 325 326 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 324 def asset_type @asset_type end |
#iam_policy ⇒ Google::Apis::CloudassetV1p7beta1::Policy
An Identity and Access Management (IAM) policy, which specifies access
controls for Google Cloud resources. A Policy
is a collection of bindings
.
A binding
binds one or more members
, or principals, to a single role
.
Principals can be user accounts, service accounts, Google groups, and domains (
such as G Suite). A role
is a named list of permissions; each role
can be
an IAM predefined role or a user-created custom role. For some types of Google
Cloud resources, a binding
can also specify a condition
, which is a
logical expression that allows access to a resource only if the expression
evaluates to true
. A condition can add constraints based on attributes of
the request, the resource, or both. To learn which resources support
conditions in their IAM policies, see the IAM documentation. JSON example: ` "
bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
"user:mike@example.com", "group:admins@example.com", "domain:google.com", "
serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
], "condition": ` "title": "expirable access", "description": "Does not grant
access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 `
YAML
example: bindings: - members: - user:mike@example.com - group:admins@
example.com - domain:google.com - serviceAccount:my-project-id@appspot.
gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: -
user:eve@example.com role: roles/resourcemanager.organizationViewer condition:
title: expirable access description: Does not grant access after Sep 2020
expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag:
BwWWja0YfJA= version: 3
For a description of IAM and its features, see the
IAM documentation.
Corresponds to the JSON property iamPolicy
355 356 357 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 355 def iam_policy @iam_policy end |
#name ⇒ String
The full name of the asset. Example: //compute.googleapis.com/projects/
my_project_123/zones/zone1/instances/instance1
See Resource names for more
information.
Corresponds to the JSON property name
363 364 365 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 363 def name @name end |
#org_policy ⇒ Array<Google::Apis::CloudassetV1p7beta1::GoogleCloudOrgpolicyV1Policy>
A representation of an organization policy. There can be
more than one organization policy with different constraints set on a given
resource.
Corresponds to the JSON property orgPolicy
371 372 373 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 371 def org_policy @org_policy end |
#related_assets ⇒ Google::Apis::CloudassetV1p7beta1::GoogleCloudAssetV1p7beta1RelatedAssets
The detailed related assets with the relationship_type
.
Corresponds to the JSON property relatedAssets
376 377 378 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 376 def @related_assets end |
#resource ⇒ Google::Apis::CloudassetV1p7beta1::GoogleCloudAssetV1p7beta1Resource
A representation of a Google Cloud resource.
Corresponds to the JSON property resource
381 382 383 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 381 def resource @resource end |
#service_perimeter ⇒ Google::Apis::CloudassetV1p7beta1::GoogleIdentityAccesscontextmanagerV1ServicePerimeter
ServicePerimeter
describes a set of Google Cloud resources which can freely
import and export data amongst themselves, but not export outside of the
ServicePerimeter
. If a request with a source within this ServicePerimeter
has a target outside of the ServicePerimeter
, the request will be blocked.
Otherwise the request is allowed. There are two types of Service Perimeter -
Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google
Cloud project or VPC network can only belong to a single regular Service
Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as
members, a single Google Cloud project may belong to multiple Service
Perimeter Bridges.
Corresponds to the JSON property servicePerimeter
395 396 397 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 395 def service_perimeter @service_perimeter end |
#update_time ⇒ String
The last update timestamp of an asset. update_time is updated when create/
update/delete operation is performed.
Corresponds to the JSON property updateTime
401 402 403 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 401 def update_time @update_time end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
408 409 410 411 412 413 414 415 416 417 418 419 420 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 408 def update!(**args) @access_level = args[:access_level] if args.key?(:access_level) @access_policy = args[:access_policy] if args.key?(:access_policy) @ancestors = args[:ancestors] if args.key?(:ancestors) @asset_type = args[:asset_type] if args.key?(:asset_type) @iam_policy = args[:iam_policy] if args.key?(:iam_policy) @name = args[:name] if args.key?(:name) @org_policy = args[:org_policy] if args.key?(:org_policy) @related_assets = args[:related_assets] if args.key?(:related_assets) @resource = args[:resource] if args.key?(:resource) @service_perimeter = args[:service_perimeter] if args.key?(:service_perimeter) @update_time = args[:update_time] if args.key?(:update_time) end |