Class: Google::Apis::StsV1beta::GoogleIdentityStsV1AccessBoundaryRule

Inherits:
Object
  • Object
show all
Includes:
Core::Hashable, Core::JsonObjectSupport
Defined in:
lib/google/apis/sts_v1beta/classes.rb,
lib/google/apis/sts_v1beta/representations.rb,
lib/google/apis/sts_v1beta/representations.rb

Overview

An access boundary rule defines an upper bound of IAM permissions on a single resource.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ GoogleIdentityStsV1AccessBoundaryRule

Returns a new instance of GoogleIdentityStsV1AccessBoundaryRule.



190
191
192
 
# File 'lib/google/apis/sts_v1beta/classes.rb', line 190

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#availability_conditionGoogle::Apis::StsV1beta::GoogleTypeExpr

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: " Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example ( Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. Corresponds to the JSON property availabilityCondition

Returns:



172
173
174
 
# File 'lib/google/apis/sts_v1beta/classes.rb', line 172

def availability_condition
  @availability_condition
end

#available_permissionsArray<String>

A list of permissions that may be allowed for use on the specified resource. The only supported values in the list are IAM roles, following the format of google.iam.v1.Binding.role. Example value: inRole:roles/logging.viewer for predefined roles and inRole:organizations/ORGANIZATION_ID/roles/logging. viewer for custom roles. Corresponds to the JSON property availablePermissions

Returns:

  • (Array<String>) 


181
182
183
 
# File 'lib/google/apis/sts_v1beta/classes.rb', line 181

def available_permissions
  @available_permissions
end

#available_resourceString

The full resource name of a Google Cloud resource entity. The format definition is at https://cloud.google.com/apis/design/resource_names. Example value: //cloudresourcemanager.googleapis.com/projects/my-project. Corresponds to the JSON property availableResource

Returns:

  • (String) 


188
189
190
 
# File 'lib/google/apis/sts_v1beta/classes.rb', line 188

def available_resource
  @available_resource
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



195
196
197
198
199
 
# File 'lib/google/apis/sts_v1beta/classes.rb', line 195

def update!(**args)
  @availability_condition = args[:availability_condition] if args.key?(:availability_condition)
  @available_permissions = args[:available_permissions] if args.key?(:available_permissions)
  @available_resource = args[:available_resource] if args.key?(:available_resource)
end