public sealed class PolicyBinding : IMessage<PolicyBinding>, IEquatable<PolicyBinding>, IDeepCloneable<PolicyBinding>, IBufferMessage, IMessageReference documentation and code samples for the Identity and Access Management (IAM) v3beta API class PolicyBinding.
IAM policy binding resource.
Implements
IMessagePolicyBinding, IEquatablePolicyBinding, IDeepCloneablePolicyBinding, IBufferMessage, IMessageNamespace
Google.Cloud.Iam.V3BetaAssembly
Google.Cloud.Iam.V3Beta.dll
Constructors
PolicyBinding()
public PolicyBinding()PolicyBinding(PolicyBinding)
public PolicyBinding(PolicyBinding other)| Parameter | |
|---|---|
| Name | Description |
other |
PolicyBinding |
Properties
Annotations
public MapField<string, string> Annotations { get; }Optional. User-defined annotations. See https://google.aip.dev/148#annotations for more details such as format and size limitations
| Property Value | |
|---|---|
| Type | Description |
MapFieldstringstring |
|
Condition
public Expr Condition { get; set; }Optional. The condition to apply to the policy binding. When set, the
expression field in the Expr must include from 1 to 10 subexpressions,
joined by the
"||"(Logical OR), "&&"(Logical AND) or "!"(Logical NOT) operators and
cannot contain more than 250 characters.
The condition is currently only supported when bound to policies of kind principal access boundary.
When the bound policy is a principal access boundary policy, the only
supported attributes in any subexpression are principal.type and
principal.subject. An example expression is: "principal.type ==
'iam.googleapis.com/ServiceAccount'" or "principal.subject ==
'bob@example.com'".
Allowed operations for principal.subject:
principal.subject == <principal subject string>principal.subject != <principal subject string>principal.subject in [<list of principal subjects>]principal.subject.startsWith(<string>)principal.subject.endsWith(<string>)
Allowed operations for principal.type:
principal.type == <principal type string>principal.type != <principal type string>principal.type in [<list of principal types>]
Supported principal types are Workspace, Workforce Pool, Workload Pool and Service Account. Allowed string must be one of:
- iam.googleapis.com/WorkspaceIdentity
- iam.googleapis.com/WorkforcePoolIdentity
- iam.googleapis.com/WorkloadPoolIdentity
- iam.googleapis.com/ServiceAccount
| Property Value | |
|---|---|
| Type | Description |
Expr |
|
CreateTime
public Timestamp CreateTime { get; set; }Output only. The time when the policy binding was created.
| Property Value | |
|---|---|
| Type | Description |
Timestamp |
|
DisplayName
public string DisplayName { get; set; }Optional. The description of the policy binding. Must be less than or equal to 63 characters.
| Property Value | |
|---|---|
| Type | Description |
string |
|
Etag
public string Etag { get; set; }Optional. The etag for the policy binding. If this is provided on update, it must match the server's etag.
| Property Value | |
|---|---|
| Type | Description |
string |
|
Name
public string Name { get; set; }Identifier. The name of the policy binding, in the format
{binding_parent/locations/{location}/policyBindings/{policy_binding_id}.
The binding parent is the closest Resource Manager resource (project,
folder, or organization) to the binding target.
Format:
projects/{project_id}/locations/{location}/policyBindings/{policy_binding_id}projects/{project_number}/locations/{location}/policyBindings/{policy_binding_id}folders/{folder_id}/locations/{location}/policyBindings/{policy_binding_id}organizations/{organization_id}/locations/{location}/policyBindings/{policy_binding_id}
| Property Value | |
|---|---|
| Type | Description |
string |
|
Policy
public string Policy { get; set; }Required. Immutable. The resource name of the policy to be bound. The binding parent and policy must belong to the same organization.
| Property Value | |
|---|---|
| Type | Description |
string |
|
PolicyBindingName
public PolicyBindingName PolicyBindingName { get; set; }PolicyBindingName-typed view over the Name resource name property.
| Property Value | |
|---|---|
| Type | Description |
PolicyBindingName |
|
PolicyKind
public PolicyBinding.Types.PolicyKind PolicyKind { get; set; }Immutable. The kind of the policy to attach in this binding. This field must be one of the following:
- Left empty (will be automatically set to the policy kind)
- The input policy kind
| Property Value | |
|---|---|
| Type | Description |
PolicyBindingTypesPolicyKind |
|
PolicyUid
public string PolicyUid { get; set; }Output only. The globally unique ID of the policy to be bound.
| Property Value | |
|---|---|
| Type | Description |
string |
|
Target
public PolicyBinding.Types.Target Target { get; set; }Required. Immutable. Target is the full resource name of the resource to which the policy will be bound. Immutable once set.
| Property Value | |
|---|---|
| Type | Description |
PolicyBindingTypesTarget |
|
Uid
public string Uid { get; set; }Output only. The globally unique ID of the policy binding. Assigned when the policy binding is created.
| Property Value | |
|---|---|
| Type | Description |
string |
|
UpdateTime
public Timestamp UpdateTime { get; set; }Output only. The time when the policy binding was most recently updated.
| Property Value | |
|---|---|
| Type | Description |
Timestamp |
|