class Google::Apis::CloudassetV1::IamPolicySearchResult

A result of IAM Policy search, containing information of an IAM policy.

Attributes

asset_type[RW]

The type of the resource associated with this IAM policy. Example: `compute. googleapis.com/Disk`. To search against the `asset_type`: * specify the ` asset_types` field in your search request. Corresponds to the JSON property `assetType` @return [String]

explanation[RW]

Explanation about the IAM policy search result. Corresponds to the JSON property `explanation` @return [Google::Apis::CloudassetV1::Explanation]

folders[RW]

The folder(s) that the IAM policy belongs to, in the form of folders/` FOLDER_NUMBER`. This field is available when the IAM policy belongs to one or more folders. To search against `folders`: * use a field query. Example: ` folders:(123 OR 456)` * use a free text query. Example: `123` * specify the ` scope` field as this folder in your search request. Corresponds to the JSON property `folders` @return [Array<String>]

organization[RW]

The organization that the IAM policy belongs to, in the form of organizations/` ORGANIZATION_NUMBER`. This field is available when the IAM policy belongs to an organization. To search against `organization`: * use a field query. Example: `organization:123` * use a free text query. Example: `123` * specify the `scope` field as this organization in your search request. Corresponds to the JSON property `organization` @return [String]

policy[RW]

An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](cloud.google.com/iam/help/conditions/ resource-policies). **JSON example:** ` “bindings”: [ ` “role”: “roles/ resourcemanager.organizationAdmin”, “members”: [ “user:mike@example.com”, “ group:admins@example.com”, “domain:google.com”, “serviceAccount:my-project-id@ appspot.gserviceaccount.com” ] `, ` “role”: “roles/resourcemanager. organizationViewer”, “members”: [ “user:eve@example.com” ], “condition”: ` “ title”: “expirable access”, “description”: “Does not grant access after Sep 2020”, “expression”: “request.time < timestamp('2020-10-01T00:00:00.000Z')”, ` ` ], “etag”: “BwWWja0YfJA=”, “version”: 3 ` **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google. com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/ resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](cloud. google.com/iam/docs/). Corresponds to the JSON property `policy` @return [Google::Apis::CloudassetV1::Policy]

project[RW]

The project that the associated GCP resource belongs to, in the form of projects/`PROJECT_NUMBER`. If an IAM policy is set on a resource (like VM instance, Cloud Storage bucket), the project field will indicate the project that contains the resource. If an IAM policy is set on a folder or orgnization, this field will be empty. To search against the `project`: * specify the ` scope` field as this project in your search request. Corresponds to the JSON property `project` @return [String]

resource[RW]

The full resource name of the resource associated with this IAM policy. Example: `//compute.googleapis.com/projects/my_project_123/zones/zone1/ instances/instance1`. See [Cloud Asset Inventory Resource Name Format](https:// cloud.google.com/asset-inventory/docs/resource-name-format) for more information. To search against the `resource`: * use a field query. Example: ` resource:organizations/123` Corresponds to the JSON property `resource` @return [String]

Public Class Methods

new(**args) click to toggle source
# File lib/google/apis/cloudasset_v1/classes.rb, line 2996
def initialize(**args)
   update!(**args)
end

Public Instance Methods

update!(**args) click to toggle source

Update properties of this object

# File lib/google/apis/cloudasset_v1/classes.rb, line 3001
def update!(**args)
  @asset_type = args[:asset_type] if args.key?(:asset_type)
  @explanation = args[:explanation] if args.key?(:explanation)
  @folders = args[:folders] if args.key?(:folders)
  @organization = args[:organization] if args.key?(:organization)
  @policy = args[:policy] if args.key?(:policy)
  @project = args[:project] if args.key?(:project)
  @resource = args[:resource] if args.key?(:resource)
end