Class: Google::Apis::RunV1::SetIamPolicyRequest
- Inherits:
-
Object
- Object
- Google::Apis::RunV1::SetIamPolicyRequest
- Includes:
- Core::Hashable, Core::JsonObjectSupport
- Defined in:
- lib/google/apis/run_v1/classes.rb,
lib/google/apis/run_v1/representations.rb,
lib/google/apis/run_v1/representations.rb
Overview
Request message for SetIamPolicy
method.
Instance Attribute Summary collapse
-
#policy ⇒ Google::Apis::RunV1::Policy
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
-
#update_mask ⇒ String
OPTIONAL: A FieldMask specifying which fields of the policy to modify.
Instance Method Summary collapse
-
#initialize(**args) ⇒ SetIamPolicyRequest
constructor
A new instance of SetIamPolicyRequest.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ SetIamPolicyRequest
Returns a new instance of SetIamPolicyRequest.
2718 2719 2720 |
# File 'lib/google/apis/run_v1/classes.rb', line 2718 def initialize(**args) update!(**args) end |
Instance Attribute Details
#policy ⇒ Google::Apis::RunV1::Policy
An Identity and Access Management (IAM) policy, which specifies access
controls for Google Cloud resources. A Policy
is a collection of bindings
.
A binding
binds one or more members
to a single role
. Members can be
user accounts, service accounts, Google groups, and domains (such as G Suite).
A role
is a named list of permissions; each role
can be an IAM predefined
role or a user-created custom role. For some types of Google Cloud resources,
a binding
can also specify a condition
, which is a logical expression that
allows access to a resource only if the expression evaluates to true
. A
condition can add constraints based on attributes of the request, the resource,
or both. To learn which resources support conditions in their IAM policies,
see the IAM documentation. JSON example: "bindings": [
"role": "roles/
resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
appspot.gserviceaccount.com" ] ,
"role": "roles/resourcemanager.
organizationViewer", "members": [ "user:eve@example.com" ], "condition": "
title": "expirable access", "description": "Does not grant access after Sep
2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')",
], "etag": "BwWWja0YfJA=", "version": 3
YAML example: bindings: -
members: - user:mike@example.com - group:admins@example.com - domain:google.
com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
resourcemanager.organizationAdmin - members: - user:eve@example.com role:
roles/resourcemanager.organizationViewer condition: title: expirable access
description: Does not grant access after Sep 2020 expression: request.time <
timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a
description of IAM and its features, see the IAM documentation.
Corresponds to the JSON property policy
2709 2710 2711 |
# File 'lib/google/apis/run_v1/classes.rb', line 2709 def policy @policy end |
#update_mask ⇒ String
OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
the fields in the mask will be modified. If no mask is provided, the following
default mask is used: paths: "bindings, etag"
Corresponds to the JSON property updateMask
2716 2717 2718 |
# File 'lib/google/apis/run_v1/classes.rb', line 2716 def update_mask @update_mask end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
2723 2724 2725 2726 |
# File 'lib/google/apis/run_v1/classes.rb', line 2723 def update!(**args) @policy = args[:policy] if args.key?(:policy) @update_mask = args[:update_mask] if args.key?(:update_mask) end |