generated/google/apis/iap_v1beta1/classes.rb in google-api-client-0.39.2 vs generated/google/apis/iap_v1beta1/classes.rb in google-api-client-0.39.3
- old
+ new
@@ -195,10 +195,13 @@
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
# rejected.
# Requests for policies with any conditional bindings must specify version 3.
# Policies without any conditional bindings may specify any valid value or
# leave the field unset.
+ # To learn which resources support conditions in their IAM policies, see the
+ # [IAM
+ # documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
# Corresponds to the JSON property `requestedPolicyVersion`
# @return [Fixnum]
attr_accessor :requested_policy_version
def initialize(**args)
@@ -216,14 +219,17 @@
# A `Policy` is a collection of `bindings`. A `binding` binds one or more
# `members` to a single `role`. Members can be user accounts, service accounts,
# Google groups, and domains (such as G Suite). A `role` is a named list of
# permissions; each `role` can be an IAM predefined role or a user-created
# custom role.
- # Optionally, a `binding` can specify a `condition`, which is a logical
- # expression that allows access to a resource only if the expression evaluates
- # to `true`. A condition can add constraints based on attributes of the
- # request, the resource, or both.
+ # For some types of Google Cloud resources, a `binding` can also specify a
+ # `condition`, which is a logical expression that allows access to a resource
+ # only if the expression evaluates to `true`. A condition can add constraints
+ # based on attributes of the request, the resource, or both. To learn which
+ # resources support conditions in their IAM policies, see the
+ # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-
+ # policies).
# **JSON example:**
# `
# "bindings": [
# `
# "role": "roles/resourcemanager.organizationAdmin",
@@ -234,11 +240,13 @@
# "serviceAccount:my-project-id@appspot.gserviceaccount.com"
# ]
# `,
# `
# "role": "roles/resourcemanager.organizationViewer",
- # "members": ["user:eve@example.com"],
+ # "members": [
+ # "user:eve@example.com"
+ # ],
# "condition": `
# "title": "expirable access",
# "description": "Does not grant access after Sep 2020",
# "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')
# ",
@@ -307,10 +315,13 @@
# whenever you call `setIamPolicy`. If you omit this field, then IAM allows
# you to overwrite a version `3` policy with a version `1` policy, and all of
# the conditions in the version `3` policy are lost.
# If a policy does not include any conditions, operations on that policy may
# specify any valid version or leave the field unset.
+ # To learn which resources support conditions in their IAM policies, see the
+ # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-
+ # policies).
# Corresponds to the JSON property `version`
# @return [Fixnum]
attr_accessor :version
def initialize(**args)
@@ -334,14 +345,17 @@
# A `Policy` is a collection of `bindings`. A `binding` binds one or more
# `members` to a single `role`. Members can be user accounts, service accounts,
# Google groups, and domains (such as G Suite). A `role` is a named list of
# permissions; each `role` can be an IAM predefined role or a user-created
# custom role.
- # Optionally, a `binding` can specify a `condition`, which is a logical
- # expression that allows access to a resource only if the expression evaluates
- # to `true`. A condition can add constraints based on attributes of the
- # request, the resource, or both.
+ # For some types of Google Cloud resources, a `binding` can also specify a
+ # `condition`, which is a logical expression that allows access to a resource
+ # only if the expression evaluates to `true`. A condition can add constraints
+ # based on attributes of the request, the resource, or both. To learn which
+ # resources support conditions in their IAM policies, see the
+ # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-
+ # policies).
# **JSON example:**
# `
# "bindings": [
# `
# "role": "roles/resourcemanager.organizationAdmin",
@@ -352,10 +366,12 @@
# "serviceAccount:my-project-id@appspot.gserviceaccount.com"
# ]
# `,
# `
# "role": "roles/resourcemanager.organizationViewer",
- # "members": ["user:eve@example.com"],
+ # "members": [
+ # "user:eve@example.com"
+ # ],
# "condition": `
# "title": "expirable access",
# "description": "Does not grant access after Sep 2020",
# "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')
# ",