- Resource: PrincipalAccessBoundaryPolicy
- PrincipalAccessBoundaryPolicyDetails
- PrincipalAccessBoundaryPolicyRule
- Effect
- Methods
Resource: PrincipalAccessBoundaryPolicy
An IAM principal access boundary policy resource.
| JSON representation |
|---|
{
"name": string,
"uid": string,
"etag": string,
"displayName": string,
"annotations": {
string: string,
...
},
"createTime": string,
"updateTime": string,
"details": {
object ( |
| Fields | |
|---|---|
name |
Identifier. The resource name of the principal access boundary policy. The following format is supported: |
uid |
Output only. The globally unique ID of the principal access boundary policy. |
etag |
Optional. The etag for the principal access boundary. If this is provided on update, it must match the server's etag. |
display |
Optional. The description of the principal access boundary policy. Must be less than or equal to 63 characters. |
annotations |
Optional. User defined annotations. See https://google.aip.dev/148#annotations for more details such as format and size limitations An object containing a list of |
create |
Output only. The time when the principal access boundary policy was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
update |
Output only. The time when the principal access boundary policy was most recently updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
details |
Optional. The details for the principal access boundary policy. |
PrincipalAccessBoundaryPolicyDetails
Principal access boundary policy details
| JSON representation |
|---|
{
"rules": [
{
object ( |
| Fields | |
|---|---|
rules[] |
Required. A list of principal access boundary policy rules. The number of rules in a policy is limited to 500. |
enforcement |
Optional. The version number (for example, |
PrincipalAccessBoundaryPolicyRule
Principal access boundary policy rule that defines the resource boundary.
| JSON representation |
|---|
{
"description": string,
"resources": [
string
],
"effect": enum ( |
| Fields | |
|---|---|
description |
Optional. The description of the principal access boundary policy rule. Must be less than or equal to 256 characters. |
resources[] |
Required. A list of Resource Manager resources. If a resource is listed in the rule, then the rule applies for that resource and its descendants. The number of resources in a policy is limited to 500 across all rules in the policy. The following resource types are supported:
|
effect |
Required. The access relationship of principals to the resources in this rule. |
Effect
An effect to describe the access relationship.
| Enums | |
|---|---|
EFFECT_UNSPECIFIED |
Effect unspecified. |
ALLOW |
Allows access to the resources in this rule. |
Methods |
|
|---|---|
|
Creates a principal access boundary policy, and returns a long running operation. |
|
Deletes a principal access boundary policy. |
|
Gets a principal access boundary policy. |
|
Lists principal access boundary policies. |
|
Updates a principal access boundary policy. |
|
Returns all policy bindings that bind a specific policy if a user has searchPolicyBindings permission on that policy. |