Class: Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccess

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/cloud/privilegedaccessmanager/v1/privilegedaccessmanager.rb

Overview

Privileged access that this service can be used to gate.

Defined Under Namespace

Classes: GcpIamAccess

Instance Attribute Summary collapse

Instance Attribute Details

#gcp_iam_access::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccess::GcpIamAccess

Returns Access to a Google Cloud resource through IAM.

Returns:



270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
 
# File 'proto_docs/google/cloud/privilegedaccessmanager/v1/privilegedaccessmanager.rb', line 270

class PrivilegedAccess
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # `GcpIamAccess` represents IAM based access control on a Google Cloud
  # resource. Refer to https://cloud.google.com/iam/docs to understand more
  # about IAM.
  # @!attribute [rw] resource_type
  #   @return [::String]
  #     Required. The type of this resource.
  # @!attribute [rw] resource
  #   @return [::String]
  #     Required. Name of the resource.
  # @!attribute [rw] role_bindings
  #   @return [::Array<::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccess::GcpIamAccess::RoleBinding>]
  #     Required. Role bindings that are created on successful grant.
  class GcpIamAccess
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # IAM role bindings that are created after a successful grant.
    # @!attribute [rw] role
    #   @return [::String]
    #     Required. IAM role to be granted.
    #     https://cloud.google.com/iam/docs/roles-overview.
    # @!attribute [rw] condition_expression
    #   @return [::String]
    #     Optional. The expression field of the IAM condition to be associated
    #     with the role. If specified, a user with an active grant for this
    #     entitlement is able to access the resource only if this condition
    #     evaluates to true for their request.
    #
    #     This field uses the same CEL format as IAM and supports all attributes
    #     that IAM supports, except tags.
    #     https://cloud.google.com/iam/docs/conditions-overview#attributes.
    class RoleBinding
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods
    end
  end
end