Class: Google::Apis::SecretmanagerV1::SetIamPolicyRequest
- Inherits:
-
Object
- Object
- Google::Apis::SecretmanagerV1::SetIamPolicyRequest
- Includes:
- Core::Hashable, Core::JsonObjectSupport
- Defined in:
- lib/google/apis/secretmanager_v1/classes.rb,
lib/google/apis/secretmanager_v1/representations.rb,
lib/google/apis/secretmanager_v1/representations.rb
Overview
Request message for SetIamPolicy
method.
Instance Attribute Summary collapse
-
#policy ⇒ Google::Apis::SecretmanagerV1::Policy
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
-
#update_mask ⇒ String
OPTIONAL: A FieldMask specifying which fields of the policy to modify.
Instance Method Summary collapse
-
#initialize(**args) ⇒ SetIamPolicyRequest
constructor
A new instance of SetIamPolicyRequest.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ SetIamPolicyRequest
Returns a new instance of SetIamPolicyRequest.
1109 1110 1111 |
# File 'lib/google/apis/secretmanager_v1/classes.rb', line 1109 def initialize(**args) update!(**args) end |
Instance Attribute Details
#policy ⇒ Google::Apis::SecretmanagerV1::Policy
An Identity and Access Management (IAM) policy, which specifies access
controls for Google Cloud resources. A Policy
is a collection of bindings
.
A binding
binds one or more members
, or principals, to a single role
.
Principals can be user accounts, service accounts, Google groups, and domains (
such as G Suite). A role
is a named list of permissions; each role
can be
an IAM predefined role or a user-created custom role. For some types of Google
Cloud resources, a binding
can also specify a condition
, which is a
logical expression that allows access to a resource only if the expression
evaluates to true
. A condition can add constraints based on attributes of
the request, the resource, or both. To learn which resources support
conditions in their IAM policies, see the IAM documentation. JSON example: ` "
bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
"user:mike@example.com", "group:admins@example.com", "domain:google.com", "
serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
], "condition": ` "title": "expirable access", "description": "Does not grant
access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 `
YAML
example: bindings: - members: - user:mike@example.com - group:admins@
example.com - domain:google.com - serviceAccount:my-project-id@appspot.
gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: -
user:eve@example.com role: roles/resourcemanager.organizationViewer condition:
title: expirable access description: Does not grant access after Sep 2020
expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag:
BwWWja0YfJA= version: 3
For a description of IAM and its features, see the
IAM documentation.
Corresponds to the JSON property policy
1100 1101 1102 |
# File 'lib/google/apis/secretmanager_v1/classes.rb', line 1100 def policy @policy end |
#update_mask ⇒ String
OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
the fields in the mask will be modified. If no mask is provided, the following
default mask is used: paths: "bindings, etag"
Corresponds to the JSON property updateMask
1107 1108 1109 |
# File 'lib/google/apis/secretmanager_v1/classes.rb', line 1107 def update_mask @update_mask end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
1114 1115 1116 1117 |
# File 'lib/google/apis/secretmanager_v1/classes.rb', line 1114 def update!(**args) @policy = args[:policy] if args.key?(:policy) @update_mask = args[:update_mask] if args.key?(:update_mask) end |