Class: Google::Apis::StsV1::GoogleIdentityStsV1betaAccessBoundaryRule

Inherits:
Object
  • Object
show all
Includes:
Core::Hashable, Core::JsonObjectSupport
Defined in:
lib/google/apis/sts_v1/classes.rb,
lib/google/apis/sts_v1/representations.rb,
lib/google/apis/sts_v1/representations.rb

Overview

An access boundary rule defines an upper bound of IAM permissions on a single resource.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ GoogleIdentityStsV1betaAccessBoundaryRule

Returns a new instance of GoogleIdentityStsV1betaAccessBoundaryRule.



496
497
498
# File 'lib/google/apis/sts_v1/classes.rb', line 496

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#availability_conditionGoogle::Apis::StsV1::GoogleTypeExpr

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: " Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example ( Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. Corresponds to the JSON property availabilityCondition



478
479
480
# File 'lib/google/apis/sts_v1/classes.rb', line 478

def availability_condition
  @availability_condition
end

#available_permissionsArray<String>

A list of permissions that may be allowed for use on the specified resource. The only supported values in the list are IAM roles, following the format of google.iam.v1.Binding.role. Example value: inRole:roles/logging.viewer for predefined roles and inRole:organizations/ORGANIZATION_ID/roles/logging. viewer for custom roles. Corresponds to the JSON property availablePermissions

Returns:

  • (Array<String>)


487
488
489
# File 'lib/google/apis/sts_v1/classes.rb', line 487

def available_permissions
  @available_permissions
end

#available_resourceString

The full resource name of a Google Cloud resource entity. The format definition is at https://cloud.google.com/apis/design/resource_names. Example value: //cloudresourcemanager.googleapis.com/projects/my-project. Corresponds to the JSON property availableResource

Returns:

  • (String)


494
495
496
# File 'lib/google/apis/sts_v1/classes.rb', line 494

def available_resource
  @available_resource
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



501
502
503
504
505
# File 'lib/google/apis/sts_v1/classes.rb', line 501

def update!(**args)
  @availability_condition = args[:availability_condition] if args.key?(:availability_condition)
  @available_permissions = args[:available_permissions] if args.key?(:available_permissions)
  @available_resource = args[:available_resource] if args.key?(:available_resource)
end