Class: Google::Iam::V3beta::PolicyBinding::Target

Inherits:

Object

Object
Google::Iam::V3beta::PolicyBinding::Target

show all

Extended by:: Protobuf::MessageExts::ClassMethods

Includes:: Protobuf::MessageExts

Defined in:: proto_docs/google/iam/v3beta/policy_binding_resources.rb

Overview

The full resource name of the resource to which the policy will be bound. Immutable once set.

Instance Attribute Details

#principal_set ⇒ `::String`

Returns Immutable. The full resource name that's used for principal access boundary policy bindings. The principal set must be directly parented by the policy binding's parent or same as the parent if the target is a project, folder, or organization.

Examples:

For bindings parented by an organization:
- Organization: //cloudresourcemanager.googleapis.com/organizations/ORGANIZATION_ID
- Workforce Identity: //iam.googleapis.com/locations/global/workforcePools/WORKFORCE_POOL_ID
- Workspace Identity: //iam.googleapis.com/locations/global/workspace/WORKSPACE_ID
For bindings parented by a folder:
- Folder: //cloudresourcemanager.googleapis.com/folders/FOLDER_ID
For bindings parented by a project:
- Project:
  - //cloudresourcemanager.googleapis.com/projects/PROJECT_NUMBER
  - //cloudresourcemanager.googleapis.com/projects/PROJECT_ID
- Workload Identity Pool: //iam.googleapis.com/projects/PROJECT_NUMBER/locations/LOCATION/workloadIdentityPools/WORKLOAD_POOL_ID

Note: The following fields are mutually exclusive: principal_set, resource. If a field in that set is populated, all other fields in the set will automatically be cleared.

Returns:

(::String) —
Immutable. The full resource name that's used for principal access boundary policy bindings. The principal set must be directly parented by the policy binding's parent or same as the parent if the target is a project, folder, or organization.

Examples:
- For bindings parented by an organization:
  - Organization: //cloudresourcemanager.googleapis.com/organizations/ORGANIZATION_ID
  - Workforce Identity: //iam.googleapis.com/locations/global/workforcePools/WORKFORCE_POOL_ID
  - Workspace Identity: //iam.googleapis.com/locations/global/workspace/WORKSPACE_ID
- For bindings parented by a folder:
  - Folder: //cloudresourcemanager.googleapis.com/folders/FOLDER_ID
- For bindings parented by a project:
  - Project:
    - //cloudresourcemanager.googleapis.com/projects/PROJECT_NUMBER
    - //cloudresourcemanager.googleapis.com/projects/PROJECT_ID
  - Workload Identity Pool: //iam.googleapis.com/projects/PROJECT_NUMBER/locations/LOCATION/workloadIdentityPools/WORKLOAD_POOL_ID
Note: The following fields are mutually exclusive: principal_set, resource. If a field in that set is populated, all other fields in the set will automatically be cleared.

# File 'proto_docs/google/iam/v3beta/policy_binding_resources.rb', line 165

class Target
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#resource ⇒ `::String`

Returns Immutable. The full resource name that's used for access policy bindings.