lib/google/cloud/asset/v1beta1/doc/google/iam/v1/policy.rb in google-cloud-asset-0.2.1 vs lib/google/cloud/asset/v1beta1/doc/google/iam/v1/policy.rb in google-cloud-asset-0.3.0
- old
+ new
@@ -18,44 +18,57 @@
module V1
# Defines an Identity and Access Management (IAM) policy. It is used to
# specify access control policies for Cloud Platform resources.
#
#
- # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
+ # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
# `members` to a `role`, where the members can be user accounts, Google groups,
# Google domains, and service accounts. A `role` is a named list of permissions
# defined by IAM.
#
- # **Example**
+ # **JSON Example**
#
# {
# "bindings": [
# {
# "role": "roles/owner",
# "members": [
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com",
+ # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
# ]
# },
# {
# "role": "roles/viewer",
# "members": ["user:sean@example.com"]
# }
# ]
# }
#
- # For a description of IAM and its features, see the
- # [IAM developer's guide](https://cloud.google.com/iam).
+ # **YAML Example**
+ #
+ # bindings:
+ # * members:
+ # * user:mike@example.com
+ # * group:admins@example.com
+ # * domain:google.com
+ # * serviceAccount:my-other-app@appspot.gserviceaccount.com
+ # role: roles/owner
+ # * members:
+ # * user:sean@example.com
+ # role: roles/viewer
+ #
+ #
+ # For a description of IAM and its features, see the
+ # [IAM developer's guide](https://cloud.google.com/iam/docs).
# @!attribute [rw] version
# @return [Integer]
- # Version of the `Policy`. The default version is 0.
+ # Deprecated.
# @!attribute [rw] bindings
# @return [Array<Google::Iam::V1::Binding>]
# Associates a list of `members` to a `role`.
- # Multiple `bindings` must not be specified for the same `role`.
# `bindings` with no members will result in an error.
# @!attribute [rw] etag
# @return [String]
# `etag` is used for optimistic concurrency control as a way to help
# prevent simultaneous updates of a policy from overwriting each other.
@@ -72,11 +85,10 @@
# Associates `members` with a `role`.
# @!attribute [rw] role
# @return [String]
# Role that is assigned to `members`.
# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
- # Required
# @!attribute [rw] members
# @return [Array<String>]
# Specifies the identities requesting access for a Cloud Platform resource.
# `members` can have the following values:
#
@@ -85,20 +97,27 @@
#
# * `allAuthenticatedUsers`: A special identifier that represents anyone
# who is authenticated with a Google account or a service account.
#
# * `user:{emailid}`: An email address that represents a specific Google
- # account. For example, `alice@gmail.com` or `joe@example.com`.
+ # account. For example, `alice@gmail.com` .
#
#
# * `serviceAccount:{emailid}`: An email address that represents a service
# account. For example, `my-other-app@appspot.gserviceaccount.com`.
#
# * `group:{emailid}`: An email address that represents a Google group.
# For example, `admins@example.com`.
#
- # * `domain:{domain}`: A Google Apps domain name that represents all the
+ #
+ # * `domain:{domain}`: The G Suite domain (primary) that represents all the
# users of that domain. For example, `google.com` or `example.com`.
+ # @!attribute [rw] condition
+ # @return [Google::Type::Expr]
+ # The condition that is associated with this binding.
+ # NOTE: An unsatisfied condition will not allow user access via current
+ # binding. Different bindings, including their conditions, are examined
+ # independently.
class Binding; end
end
end
end
\ No newline at end of file