Class: Google::Apis::StsV1::GoogleIdentityStsV1betaAccessBoundaryRule

Inherits:
Object
  • Object
show all
Includes:
Core::Hashable, Core::JsonObjectSupport
Defined in:
lib/google/apis/sts_v1/classes.rb,
lib/google/apis/sts_v1/representations.rb,
lib/google/apis/sts_v1/representations.rb

Overview

An access boundary rule defines an upper bound of IAM permissions on a single resource.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ GoogleIdentityStsV1betaAccessBoundaryRule

Returns a new instance of GoogleIdentityStsV1betaAccessBoundaryRule.



498
499
500
# File 'lib/google/apis/sts_v1/classes.rb', line 498

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#availability_conditionGoogle::Apis::StsV1::GoogleTypeExpr

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: " Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example ( Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. Corresponds to the JSON property availabilityCondition



480
481
482
# File 'lib/google/apis/sts_v1/classes.rb', line 480

def availability_condition
  @availability_condition
end

#available_permissionsArray<String>

A list of permissions that may be allowed for use on the specified resource. The only supported values in the list are IAM roles, following the format of google.iam.v1.Binding.role. Example value: inRole:roles/logging.viewer for predefined roles and inRole:organizations/ORGANIZATION_ID/roles/logging. viewer for custom roles. Corresponds to the JSON property availablePermissions

Returns:

  • (Array<String>)


489
490
491
# File 'lib/google/apis/sts_v1/classes.rb', line 489

def available_permissions
  @available_permissions
end

#available_resourceString

The full resource name of a Google Cloud resource entity. The format definition is at https://cloud.google.com/apis/design/resource_names. Example value: //cloudresourcemanager.googleapis.com/projects/my-project. Corresponds to the JSON property availableResource

Returns:

  • (String)


496
497
498
# File 'lib/google/apis/sts_v1/classes.rb', line 496

def available_resource
  @available_resource
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



503
504
505
506
507
# File 'lib/google/apis/sts_v1/classes.rb', line 503

def update!(**args)
  @availability_condition = args[:availability_condition] if args.key?(:availability_condition)
  @available_permissions = args[:available_permissions] if args.key?(:available_permissions)
  @available_resource = args[:available_resource] if args.key?(:available_resource)
end