Class: Google::Apis::StsV1::GoogleIdentityStsV1AccessBoundaryRule
- Inherits:
-
Object
- Object
- Google::Apis::StsV1::GoogleIdentityStsV1AccessBoundaryRule
- Includes:
- Core::Hashable, Core::JsonObjectSupport
- Defined in:
- lib/google/apis/sts_v1/classes.rb,
lib/google/apis/sts_v1/representations.rb,
lib/google/apis/sts_v1/representations.rb
Overview
An access boundary rule defines an upper bound of IAM permissions on a single resource.
Instance Attribute Summary collapse
-
#availability_condition ⇒ Google::Apis::StsV1::GoogleTypeExpr
Represents a textual expression in the Common Expression Language (CEL) syntax.
-
#available_permissions ⇒ Array<String>
A list of permissions that may be allowed for use on the specified resource.
-
#available_resource ⇒ String
The full resource name of a Google Cloud resource entity.
Instance Method Summary collapse
-
#initialize(**args) ⇒ GoogleIdentityStsV1AccessBoundaryRule
constructor
A new instance of GoogleIdentityStsV1AccessBoundaryRule.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ GoogleIdentityStsV1AccessBoundaryRule
Returns a new instance of GoogleIdentityStsV1AccessBoundaryRule.
190 191 192 |
# File 'lib/google/apis/sts_v1/classes.rb', line 190 def initialize(**args) update!(**args) end |
Instance Attribute Details
#availability_condition ⇒ Google::Apis::StsV1::GoogleTypeExpr
Represents a textual expression in the Common Expression Language (CEL) syntax.
CEL is a C-like expression language. The syntax and semantics of CEL are
documented at https://github.com/google/cel-spec. Example (Comparison): title:
"Summary size limit" description: "Determines if a summary is less than 100
chars" expression: "document.summary.size() < 100" Example (Equality): title: "
Requestor is owner" description: "Determines if requestor is the document
owner" expression: "document.owner == request.auth.claims.email" Example (
Logic): title: "Public documents" description: "Determine whether the document
should be publicly visible" expression: "document.type != 'private' &&
document.type != 'internal'" Example (Data Manipulation): title: "Notification
string" description: "Create a notification string with a timestamp."
expression: "'New message received at ' + string(document.create_time)" The
exact variables and functions that may be referenced within an expression are
determined by the service that evaluates it. See the service documentation for
additional information.
Corresponds to the JSON property availabilityCondition
172 173 174 |
# File 'lib/google/apis/sts_v1/classes.rb', line 172 def availability_condition @availability_condition end |
#available_permissions ⇒ Array<String>
A list of permissions that may be allowed for use on the specified resource.
The only supported values in the list are IAM roles, following the format of
google.iam.v1.Binding.role. Example value: inRole:roles/logging.viewer
for
predefined roles and inRole:organizations/
ORGANIZATION_ID/roles/logging.
viewer
for custom roles.
Corresponds to the JSON property availablePermissions
181 182 183 |
# File 'lib/google/apis/sts_v1/classes.rb', line 181 def @available_permissions end |
#available_resource ⇒ String
The full resource name of a Google Cloud resource entity. The format
definition is at https://cloud.google.com/apis/design/resource_names. Example
value: //cloudresourcemanager.googleapis.com/projects/my-project
.
Corresponds to the JSON property availableResource
188 189 190 |
# File 'lib/google/apis/sts_v1/classes.rb', line 188 def available_resource @available_resource end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
195 196 197 198 199 |
# File 'lib/google/apis/sts_v1/classes.rb', line 195 def update!(**args) @availability_condition = args[:availability_condition] if args.key?(:availability_condition) @available_permissions = args[:available_permissions] if args.key?(:available_permissions) @available_resource = args[:available_resource] if args.key?(:available_resource) end |