Class: Google::Apis::StsV1beta::GoogleIdentityStsV1AccessBoundaryRule

Inherits:
Object
  • Object
show all
Includes:
Core::Hashable, Core::JsonObjectSupport
Defined in:
lib/google/apis/sts_v1beta/classes.rb,
lib/google/apis/sts_v1beta/representations.rb,
lib/google/apis/sts_v1beta/representations.rb

Overview

An access boundary rule defines an upper bound of IAM permissions on a single resource.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ GoogleIdentityStsV1AccessBoundaryRule

Returns a new instance of GoogleIdentityStsV1AccessBoundaryRule.



160
161
162
 
# File 'lib/google/apis/sts_v1beta/classes.rb', line 160

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#availability_conditionGoogle::Apis::StsV1beta::GoogleTypeExpr

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: " Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example ( Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. Corresponds to the JSON property availabilityCondition

Returns:



142
143
144
 
# File 'lib/google/apis/sts_v1beta/classes.rb', line 142

def availability_condition
  @availability_condition
end

#available_permissionsArray<String>

A list of permissions that may be allowed for use on the specified resource. The only supported values in the list are IAM roles, following the format of google.iam.v1.Binding.role. Example value: inRole:roles/logging.viewer for predefined roles and inRole:organizations/ORGANIZATION_ID/roles/logging. viewer for custom roles. Corresponds to the JSON property availablePermissions

Returns:

  • (Array<String>) 


151
152
153
 
# File 'lib/google/apis/sts_v1beta/classes.rb', line 151

def available_permissions
  @available_permissions
end

#available_resourceString

The full resource name of a Google Cloud resource entity. The format definition is at https://cloud.google.com/apis/design/resource_names. Example value: //cloudresourcemanager.googleapis.com/projects/my-project. Corresponds to the JSON property availableResource

Returns:

  • (String) 


158
159
160
 
# File 'lib/google/apis/sts_v1beta/classes.rb', line 158

def available_resource
  @available_resource
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



165
166
167
168
169
 
# File 'lib/google/apis/sts_v1beta/classes.rb', line 165

def update!(**args)
  @availability_condition = args[:availability_condition] if args.key?(:availability_condition)
  @available_permissions = args[:available_permissions] if args.key?(:available_permissions)
  @available_resource = args[:available_resource] if args.key?(:available_resource)
end