Class: Google::Cloud::Iap::V1::AttributePropagationSettings
- Inherits:
-
Object
- Object
- Google::Cloud::Iap::V1::AttributePropagationSettings
- Extended by:
- Protobuf::MessageExts::ClassMethods
- Includes:
- Protobuf::MessageExts
- Defined in:
- proto_docs/google/cloud/iap/v1/service.rb
Overview
Configuration for propagating attributes to applications protected by IAP.
Defined Under Namespace
Modules: OutputCredentials
Instance Attribute Summary collapse
-
#enable ⇒ ::Boolean
Whether the provided attribute propagation settings should be evaluated on user requests.
-
#expression ⇒ ::String
Raw string CEL expression.
-
#output_credentials ⇒ ::Array<::Google::Cloud::Iap::V1::AttributePropagationSettings::OutputCredentials>
Which output credentials attributes selected by the CEL expression should be propagated in.
Instance Attribute Details
#enable ⇒ ::Boolean
Returns Whether the provided attribute propagation settings should be evaluated on user requests. If set to true, attributes returned from the expression will be propagated in the set output credentials.
404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 |
# File 'proto_docs/google/cloud/iap/v1/service.rb', line 404 class AttributePropagationSettings include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Supported output credentials for attribute propagation. Each output # credential maps to a "field" in the response. For example, selecting JWT # will propagate all attributes in the IAP JWT, header in the headers, etc. module OutputCredentials # An output credential is required. OUTPUT_CREDENTIALS_UNSPECIFIED = 0 # Propagate attributes in the headers with "x-goog-iap-attr-" prefix. HEADER = 1 # Propagate attributes in the JWT of the form: `"additional_claims": { # "my_attribute": ["value1", "value2"] }` JWT = 2 # Propagate attributes in the RCToken of the form: `"additional_claims": { # "my_attribute": ["value1", "value2"] }` RCTOKEN = 3 end end |
#expression ⇒ ::String
Returns Raw string CEL expression. Must return a list of attributes. A maximum of
45 attributes can be selected. Expressions can select different attribute
types from attributes
: attributes.saml_attributes
,
attributes.iap_attributes
. The following functions are supported:
filter
<list>.filter(<iter_var>, <predicate>)
: Returns a subset of<list>
where<predicate>
is true for every item.in
<var> in <list>
: Returns true if<list>
contains<var>
.selectByName
<list>.selectByName(<string>)
: Returns the attribute in<list>
with the given<string>
name, otherwise returns empty.emitAs
<attribute>.emitAs(<string>)
: Sets the<attribute>
name field to the given<string>
for propagation in selected output credentials.strict
<attribute>.strict()
: Ignores thex-goog-iap-attr-
prefix for the provided<attribute>
when propagating with theHEADER
output credential, such as request headers.append
<target_list>.append(<attribute>)
OR<target_list>.append(<list>)
: Appends the provided<attribute>
or<list>
to the end of<target_list>
.
Example expression: attributes.saml_attributes.filter(x, x.name in
['test']).append(attributes.iap_attributes.selectByName('exact').emitAs('custom').strict())
.
404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 |
# File 'proto_docs/google/cloud/iap/v1/service.rb', line 404 class AttributePropagationSettings include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Supported output credentials for attribute propagation. Each output # credential maps to a "field" in the response. For example, selecting JWT # will propagate all attributes in the IAP JWT, header in the headers, etc. module OutputCredentials # An output credential is required. OUTPUT_CREDENTIALS_UNSPECIFIED = 0 # Propagate attributes in the headers with "x-goog-iap-attr-" prefix. HEADER = 1 # Propagate attributes in the JWT of the form: `"additional_claims": { # "my_attribute": ["value1", "value2"] }` JWT = 2 # Propagate attributes in the RCToken of the form: `"additional_claims": { # "my_attribute": ["value1", "value2"] }` RCTOKEN = 3 end end |
#output_credentials ⇒ ::Array<::Google::Cloud::Iap::V1::AttributePropagationSettings::OutputCredentials>
Returns Which output credentials attributes selected by the CEL expression should be propagated in. All attributes will be fully duplicated in each selected output credential.
404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 |
# File 'proto_docs/google/cloud/iap/v1/service.rb', line 404 class AttributePropagationSettings include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Supported output credentials for attribute propagation. Each output # credential maps to a "field" in the response. For example, selecting JWT # will propagate all attributes in the IAP JWT, header in the headers, etc. module OutputCredentials # An output credential is required. OUTPUT_CREDENTIALS_UNSPECIFIED = 0 # Propagate attributes in the headers with "x-goog-iap-attr-" prefix. HEADER = 1 # Propagate attributes in the JWT of the form: `"additional_claims": { # "my_attribute": ["value1", "value2"] }` JWT = 2 # Propagate attributes in the RCToken of the form: `"additional_claims": { # "my_attribute": ["value1", "value2"] }` RCTOKEN = 3 end end |