Class: Google::Apis::AccesscontextmanagerV1::GcpUserAccessBinding

Inherits:

Object

• Object
• Google::Apis::AccesscontextmanagerV1::GcpUserAccessBinding

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

lib/google/apis/accesscontextmanager_v1/classes.rb,
lib/google/apis/accesscontextmanager_v1/representations.rb,
lib/google/apis/accesscontextmanager_v1/representations.rb

Overview

Restricts access to Cloud Console and Google Cloud APIs for a set of users using Context-Aware Access.

Instance Attribute Summary

• #access_levels ⇒ Array<String>

  Optional.

• #dry_run_access_levels ⇒ Array<String>

  Optional.

• #group_key ⇒ String

  Required.

• #name ⇒ String

  Immutable.

• #reauth_settings ⇒ Google::Apis::AccesscontextmanagerV1::ReauthSettings

  Stores settings related to Google Cloud Session Length including session duration, the type of challenge (i.e. method) they should face when their session expires, and other related settings.

• #restricted_client_applications ⇒ Array<Google::Apis::AccesscontextmanagerV1::Application>

  Optional.

• #scoped_access_settings ⇒ Array<Google::Apis::AccesscontextmanagerV1::ScopedAccessSettings>

  Optional.

Instance Method Summary

• #initialize(**args) ⇒ GcpUserAccessBinding constructor

  A new instance of GcpUserAccessBinding.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ GcpUserAccessBinding

Returns a new instance of GcpUserAccessBinding.

# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 1075

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#access_levels ⇒ Array<String>

Optional. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted" Corresponds to the JSON property accessLevels

Returns:

• (Array<String>)

# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 1025

def access_levels
  @access_levels
end

#dry_run_access_levels ⇒ Array<String>

Optional. Dry run access level that will be evaluated but will not be enforced. The access denial based on dry run policy will be logged. Only one access level is supported, not multiple. This list must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted" Corresponds to the JSON property dryRunAccessLevels

Returns:

• (Array<String>)

# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 1033

def dry_run_access_levels
  @dry_run_access_levels
end

#group_key ⇒ String

Required. Immutable. Google Group id whose members are subject to this binding' s restrictions. See "id" in the G Suite Directory API's Groups resource . If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht" Corresponds to the JSON property groupKey

Returns:

• (String)

# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 1043

def group_key
  @group_key
end

#name ⇒ String

Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by RFC 3986 Section 2.3). Should not be specified by the client during creation. Example: "organizations/256/ gcpUserAccessBindings/b3-BhcX_Ud5N" Corresponds to the JSON property name

Returns:

• (String)

# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 1052

def name
  @name
end

#reauth_settings ⇒ Google::Apis::AccesscontextmanagerV1::ReauthSettings

Stores settings related to Google Cloud Session Length including session duration, the type of challenge (i.e. method) they should face when their session expires, and other related settings. Corresponds to the JSON property reauthSettings

Returns:

• (Google::Apis::AccesscontextmanagerV1::ReauthSettings)

# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 1059

def reauth_settings
  @reauth_settings
end

#restricted_client_applications ⇒ Array<Google::Apis::AccesscontextmanagerV1::Application>

Optional. A list of applications that are subject to this binding's restrictions. If the list is empty, the binding restrictions will universally apply to all applications. Corresponds to the JSON property restrictedClientApplications

Returns:

• (Array<Google::Apis::AccesscontextmanagerV1::Application>)

# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 1066

def restricted_client_applications
  @restricted_client_applications
end

#scoped_access_settings ⇒ Array<Google::Apis::AccesscontextmanagerV1::ScopedAccessSettings>

Optional. A list of scoped access settings that set this binding's restrictions on a subset of applications. This field cannot be set if restricted_client_applications is set. Corresponds to the JSON property scopedAccessSettings

Returns:

• (Array<Google::Apis::AccesscontextmanagerV1::ScopedAccessSettings>)

# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 1073

def scoped_access_settings
  @scoped_access_settings
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'lib/google/apis/accesscontextmanager_v1/classes.rb', line 1080

def update!(**args)
  @access_levels = args[:access_levels] if args.key?(:access_levels)
  @dry_run_access_levels = args[:dry_run_access_levels] if args.key?(:dry_run_access_levels)
  @group_key = args[:group_key] if args.key?(:group_key)
  @name = args[:name] if args.key?(:name)
  @reauth_settings = args[:reauth_settings] if args.key?(:reauth_settings)
  @restricted_client_applications = args[:restricted_client_applications] if args.key?(:restricted_client_applications)
  @scoped_access_settings = args[:scoped_access_settings] if args.key?(:scoped_access_settings)
end