Class: Google::Apis::IapV1::Resource

Inherits:

Object

• Object
• Google::Apis::IapV1::Resource

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

lib/google/apis/iap_v1/classes.rb,
lib/google/apis/iap_v1/representations.rb,
lib/google/apis/iap_v1/representations.rb

Instance Attribute Summary

• #expected_next_state ⇒ Hash<String,Object>

  The proto or JSON formatted expected next state of the resource, wrapped in a google.protobuf.Any proto, against which the policy rules are evaluated.

• #labels ⇒ Hash<String,String>

  The service defined labels of the resource on which the conditions will be evaluated.

• #locations ⇒ Array<String>

  The locations of the resource.

• #name ⇒ String

  The relative name of the resource, which is the URI path of the resource without the leading "/".

• #next_state_of_tags ⇒ Google::Apis::IapV1::NextStateOfTags

  Used for calculating the next state of tags on the resource being passed for the CheckCustomConstraints RPC call.

• #service ⇒ String

  The name of the service this resource belongs to.

• #type ⇒ String

  The public resource type name of the resource.

Instance Method Summary

• #initialize(**args) ⇒ Resource constructor

  A new instance of Resource.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ Resource

Returns a new instance of Resource.

# File 'lib/google/apis/iap_v1/classes.rb', line 1160

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#expected_next_state ⇒ Hash<String,Object>

The proto or JSON formatted expected next state of the resource, wrapped in a google.protobuf.Any proto, against which the policy rules are evaluated. Services not integrated with custom org policy can omit this field. Services integrated with custom org policy must populate this field for all requests where the API call changes the state of the resource. Custom org policy backend uses these attributes to enforce custom org policies. For create operations, GCP service is expected to pass resource from customer request as is. For update/patch operations, GCP service is expected to compute the next state with the patch provided by the user. See go/federated-custom-org-policy- integration-guide for additional details. Corresponds to the JSON property expectedNextState

Returns:

• (Hash<String,Object>)

# File 'lib/google/apis/iap_v1/classes.rb', line 1081

def expected_next_state
  @expected_next_state
end

#labels ⇒ Hash<String,String>

The service defined labels of the resource on which the conditions will be evaluated. The semantics - including the key names - are vague to IAM. If the effective condition has a reference to a resource.labels[foo] construct, IAM consults with this map to retrieve the values associated with foo key for Conditions evaluation. If the provided key is not found in the labels map, the condition would evaluate to false. This field is in limited use. If your intended use case is not expected to express resource.labels attribute in IAM Conditions, leave this field empty. Before planning on using this attribute please: * Read go/iam-conditions-labels-comm and ensure your service can meet the data availability and management requirements. * Talk to iam-conditions- eng@ about your use case. Corresponds to the JSON property labels

Returns:

• (Hash<String,String>)

# File 'lib/google/apis/iap_v1/classes.rb', line 1096

def labels
  @labels
end

#locations ⇒ Array<String>

The locations of the resource. This field is used to determine whether the request is compliant with Trust Boundaries. Usage: - Must not be empty for services in-scope for Trust Boundaries. Once Trust Boundaries is GA, empty values will cause the request to be rejected if customers enforce Trust Boundaries on the parent CRM nodes. - For global resources: use a single value of "global". - For regional/multi-regional resources: use name of the GCP region(s) where the resource exists (e.g., ["us-east1", "us-west1"]). For multi-regional resources specify the name of each GCP region in the resource's multi-region. NOTE: Only GCP cloud region names are supported - go/cloud- region-names. - Constraints: - Individual location strings must be less than 1000 bytes. - The cumulative size of all locations must be less than 16KB. Corresponds to the JSON property locations

Returns:

• (Array<String>)

# File 'lib/google/apis/iap_v1/classes.rb', line 1111

def locations
  @locations
end

#name ⇒ String

The relative name of the resource, which is the URI path of the resource without the leading "/". See https://cloud.google.com/iam/docs/conditions- resource-attributes#resource-name for examples used by other GCP Services. This field is required for services integrated with resource-attribute- based IAM conditions and/or CustomOrgPolicy. This field requires special handling for parents-only permissions such as create and list. See the document linked below for further details. See go/iam-conditions-sig-g3# populate-resource-attributes for specific details on populating this field. Corresponds to the JSON property name

Returns:

• (String)

# File 'lib/google/apis/iap_v1/classes.rb', line 1123

def name
  @name
end

#next_state_of_tags ⇒ Google::Apis::IapV1::NextStateOfTags

Used for calculating the next state of tags on the resource being passed for the CheckCustomConstraints RPC call. The detail evaluation of each field is described in go/op-create-update-time-tags and go/tags-in-orgpolicy-requests. Corresponds to the JSON property nextStateOfTags

Returns:

• (Google::Apis::IapV1::NextStateOfTags)

# File 'lib/google/apis/iap_v1/classes.rb', line 1130

def next_state_of_tags
  @next_state_of_tags
end

#service ⇒ String

The name of the service this resource belongs to. It is configured using the official_service_name of the Service as defined in service configurations under //configs/cloud/resourcetypes. For example, the official_service_name of cloud resource manager service is set as 'cloudresourcemanager.googleapis.com' according to //configs/cloud/resourcetypes/google/cloud/resourcemanager/prod. yaml This field is required for services integrated with resource- attribute-based IAM conditions and/or CustomOrgPolicy. This field requires special handling for parents-only permissions such as create and list. See the document linked below for further details. See go/iam-conditions-sig-g3# populate-resource-attributes for specific details on populating this field. Corresponds to the JSON property service

Returns:

• (String)

# File 'lib/google/apis/iap_v1/classes.rb', line 1144

def service
  @service
end

#type ⇒ String

The public resource type name of the resource. It is configured using the official_name of the ResourceType as defined in service configurations under // configs/cloud/resourcetypes. For example, the official_name for GCP projects is set as 'cloudresourcemanager.googleapis.com/Project' according to //configs/ cloud/resourcetypes/google/cloud/resourcemanager/prod.yaml This field is ** required** for services integrated with resource-attribute-based IAM conditions and/or CustomOrgPolicy. This field requires special handling for parents-only permissions such as create and list. See the document linked below for further details. See go/iam-conditions-sig-g3#populate-resource- attributes for specific details on populating this field. Corresponds to the JSON property type

Returns:

• (String)

# File 'lib/google/apis/iap_v1/classes.rb', line 1158

def type
  @type
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'lib/google/apis/iap_v1/classes.rb', line 1165

def update!(**args)
  @expected_next_state = args[:expected_next_state] if args.key?(:expected_next_state)
  @labels = args[:labels] if args.key?(:labels)
  @locations = args[:locations] if args.key?(:locations)
  @name = args[:name] if args.key?(:name)
  @next_state_of_tags = args[:next_state_of_tags] if args.key?(:next_state_of_tags)
  @service = args[:service] if args.key?(:service)
  @type = args[:type] if args.key?(:type)
end