google_api_service_management v0.1.0 GoogleApi.ServiceManagement.V1.Model.Policy View Source

Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources. A `Policy` consists of a list of `bindings`. A `binding` binds a list of `members` to a `role`, where the members can be user accounts, Google groups, Google domains, and service accounts. A `role` is a named list of permissions defined by IAM. JSON Example { "bindings": [ { "role": "roles/owner", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-other-app@appspot.gserviceaccount.com" ] }, { "role": "roles/viewer", "members": ["user:sean@example.com"] } ] } YAML Example bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-other-app@appspot.gserviceaccount.com role: roles/owner - members: - user:sean@example.com role: roles/viewer For a description of IAM and its features, see the IAM developer's guide.

Attributes

  • auditConfigs ([AuditConfig]): Specifies cloud audit logging configuration for this policy. Defaults to: null.
  • bindings ([Binding]): Associates a list of `members` to a `role`. `bindings` with no members will result in an error. Defaults to: null.
  • etag (binary()): `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. If no `etag` is provided in the call to `setIamPolicy`, then the existing policy is overwritten blindly. Defaults to: null.
  • version (integer()): Deprecated. Defaults to: null.

Link to this section Summary

Functions

Unwrap a decoded JSON object into its complex fields

Link to this section Types

Link to this type t() View Source
t() :: %GoogleApi.ServiceManagement.V1.Model.Policy{
  auditConfigs: [GoogleApi.ServiceManagement.V1.Model.AuditConfig.t()],
  bindings: [GoogleApi.ServiceManagement.V1.Model.Binding.t()],
  etag: any(),
  version: any()
}

Link to this section Functions

Link to this function decode(value, options) View Source
decode(struct(), keyword()) :: struct()

Unwrap a decoded JSON object into its complex fields.