Class: Google::Apis::AccesscontextmanagerV1::AccessPolicy

Inherits:
Object
  • Object
show all
Includes:
Core::Hashable, Core::JsonObjectSupport
Defined in:
lib/google/apis/accesscontextmanager_v1/classes.rb,
lib/google/apis/accesscontextmanager_v1/representations.rb,
lib/google/apis/accesscontextmanager_v1/representations.rb

Overview

AccessPolicy is a container for AccessLevels (which define the necessary attributes to use Google Cloud services) and ServicePerimeters (which define regions of services able to freely pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ AccessPolicy

Returns a new instance of AccessPolicy.



136
137
138
 
# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 136

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#etagString

Output only. An opaque identifier for the current version of the AccessPolicy . This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format. Corresponds to the JSON property etag

Returns:

  • (String) 


102
103
104
 
# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 102

def etag
  @etag
end

#nameString

Output only. Resource name of the AccessPolicy. Format: accessPolicies/ access_policy` Corresponds to the JSON propertyname`

Returns:

  • (String) 


108
109
110
 
# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 108

def name
  @name
end

#parentString

Required. The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/organization_id` Corresponds to the JSON propertyparent`

Returns:

  • (String) 


114
115
116
 
# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 114

def parent
  @parent
end

#scopesArray<String>

The scopes of a policy define which resources an ACM policy can restrict, and where ACM resources can be referenced. For example, a policy with scopes=[" folders/123"] has the following behavior: - vpcsc perimeters can only restrict projects within folders/123 - access levels can only be referenced by resources within folders/123. If empty, there are no limitations on which resources can be restricted by an ACM policy, and there are no limitations on where ACM resources can be referenced. Only one policy can include a given scope (attempting to create a second policy which includes "folders/123" will result in an error). Currently, scopes cannot be modified after a policy is created. Currently, policies can only have a single scope. Format: list of folders/folder_numberor `projects/`project_number Corresponds to the JSON property scopes

Returns:

  • (Array<String>) 


129
130
131
 
# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 129

def scopes
  @scopes
end

#titleString

Required. Human readable title. Does not affect behavior. Corresponds to the JSON property title

Returns:

  • (String) 


134
135
136
 
# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 134

def title
  @title
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



141
142
143
144
145
146
147
 
# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 141

def update!(**args)
  @etag = args[:etag] if args.key?(:etag)
  @name = args[:name] if args.key?(:name)
  @parent = args[:parent] if args.key?(:parent)
  @scopes = args[:scopes] if args.key?(:scopes)
  @title = args[:title] if args.key?(:title)
end