Class: Google::Apis::StsV1beta::GoogleIdentityStsV1betaAccessBoundaryRule

Inherits:
Object
  • Object
show all
Includes:
Core::Hashable, Core::JsonObjectSupport
Defined in:
lib/google/apis/sts_v1beta/classes.rb,
lib/google/apis/sts_v1beta/representations.rb,
lib/google/apis/sts_v1beta/representations.rb

Overview

An access boundary rule defines an upper bound of IAM permissions on a single resource.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ GoogleIdentityStsV1betaAccessBoundaryRule

Returns a new instance of GoogleIdentityStsV1betaAccessBoundaryRule.



298
299
300
 
# File 'lib/google/apis/sts_v1beta/classes.rb', line 298

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#availability_conditionGoogle::Apis::StsV1beta::GoogleTypeExpr

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: " Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example ( Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. Corresponds to the JSON property availabilityCondition

Returns:



280
281
282
 
# File 'lib/google/apis/sts_v1beta/classes.rb', line 280

def availability_condition
  @availability_condition
end

#available_permissionsArray<String>

A list of permissions that may be allowed for use on the specified resource. The only supported values in the list are IAM roles, following the format of google.iam.v1.Binding.role. Example value: inRole:roles/logging.viewer for predefined roles and inRole:organizations/ORGANIZATION_ID/roles/logging. viewer for custom roles. Corresponds to the JSON property availablePermissions

Returns:

  • (Array<String>) 


289
290
291
 
# File 'lib/google/apis/sts_v1beta/classes.rb', line 289

def available_permissions
  @available_permissions
end

#available_resourceString

The full resource name of a Google Cloud resource entity. The format definition is at https://cloud.google.com/apis/design/resource_names. Example value: //cloudresourcemanager.googleapis.com/projects/my-project. Corresponds to the JSON property availableResource

Returns:

  • (String) 


296
297
298
 
# File 'lib/google/apis/sts_v1beta/classes.rb', line 296

def available_resource
  @available_resource
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



303
304
305
306
307
 
# File 'lib/google/apis/sts_v1beta/classes.rb', line 303

def update!(**args)
  @availability_condition = args[:availability_condition] if args.key?(:availability_condition)
  @available_permissions = args[:available_permissions] if args.key?(:available_permissions)
  @available_resource = args[:available_resource] if args.key?(:available_resource)
end