Class ClientSideAccessBoundaryRule.Builder (1.42.1)

An access boundary rule that defines an upper bound of IAM permissions on a single resource. This proto has a compiled version of the availability_condition in the STS API AccessBoundaryRule (google3/google/identity/sts/v1/access_boundary.proto). It is used to format the access boundary restriction in the Client-Side CAB access token.

Protobuf type cloud.identity.unifiedauth.proto.ClientSideAccessBoundaryRule

A list of permissions that may be allowed for use on the specified resource.

The only supported values in the list are IAM roles, following the format of [google.iam.v1.Binding.role][].

Example value: inRole:roles/logging.viewer for predefined roles and inRole:organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.

repeated string available_permissions = 2;

A list of permissions that may be allowed for use on the specified resource.

The only supported values in the list are IAM roles, following the format of [google.iam.v1.Binding.role][].

Example value: inRole:roles/logging.viewer for predefined roles and inRole:organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.

repeated string available_permissions = 2;

A list of permissions that may be allowed for use on the specified resource.

The only supported values in the list are IAM roles, following the format of [google.iam.v1.Binding.role][].

Example value: inRole:roles/logging.viewer for predefined roles and inRole:organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.

repeated string available_permissions = 2;

A list of permissions that may be allowed for use on the specified resource.

The only supported values in the list are IAM roles, following the format of [google.iam.v1.Binding.role][].

Example value: inRole:roles/logging.viewer for predefined roles and inRole:organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.

repeated string available_permissions = 2;

The full resource name of a Google Cloud resource entity. The format definition is at https://cloud.google.com/apis/design/resource_names.

Example value: //cloudresourcemanager.googleapis.com/projects/my-project.

string available_resource = 1 [features = { ... }

The compiled version of the availability_condition in the STS API AccessBoundaryRule (google3/google/identity/sts/v1/access_boundary.proto) with limited function support.

.google.api.expr.Expr compiled_availability_condition = 4;

A list of permissions that may be allowed for use on the specified resource.

The only supported values in the list are IAM roles, following the format of [google.iam.v1.Binding.role][].

Example value: inRole:roles/logging.viewer for predefined roles and inRole:organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.

repeated string available_permissions = 2;

A list of permissions that may be allowed for use on the specified resource.

The only supported values in the list are IAM roles, following the format of [google.iam.v1.Binding.role][].

Example value: inRole:roles/logging.viewer for predefined roles and inRole:organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.

repeated string available_permissions = 2;

A list of permissions that may be allowed for use on the specified resource.

The only supported values in the list are IAM roles, following the format of [google.iam.v1.Binding.role][].

Example value: inRole:roles/logging.viewer for predefined roles and inRole:organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.

repeated string available_permissions = 2;

A list of permissions that may be allowed for use on the specified resource.

The only supported values in the list are IAM roles, following the format of [google.iam.v1.Binding.role][].

Example value: inRole:roles/logging.viewer for predefined roles and inRole:organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.

repeated string available_permissions = 2;

The full resource name of a Google Cloud resource entity. The format definition is at https://cloud.google.com/apis/design/resource_names.

Example value: //cloudresourcemanager.googleapis.com/projects/my-project.

string available_resource = 1 [features = { ... }

The full resource name of a Google Cloud resource entity. The format definition is at https://cloud.google.com/apis/design/resource_names.

Example value: //cloudresourcemanager.googleapis.com/projects/my-project.

string available_resource = 1 [features = { ... }

The compiled version of the availability_condition in the STS API AccessBoundaryRule (google3/google/identity/sts/v1/access_boundary.proto) with limited function support.

.google.api.expr.Expr compiled_availability_condition = 4;

The compiled version of the availability_condition in the STS API AccessBoundaryRule (google3/google/identity/sts/v1/access_boundary.proto) with limited function support.

.google.api.expr.Expr compiled_availability_condition = 4;

The compiled version of the availability_condition in the STS API AccessBoundaryRule (google3/google/identity/sts/v1/access_boundary.proto) with limited function support.

.google.api.expr.Expr compiled_availability_condition = 4;

The compiled version of the availability_condition in the STS API AccessBoundaryRule (google3/google/identity/sts/v1/access_boundary.proto) with limited function support.

.google.api.expr.Expr compiled_availability_condition = 4;

The compiled version of the availability_condition in the STS API AccessBoundaryRule (google3/google/identity/sts/v1/access_boundary.proto) with limited function support.

.google.api.expr.Expr compiled_availability_condition = 4;

A list of permissions that may be allowed for use on the specified resource.

The only supported values in the list are IAM roles, following the format of [google.iam.v1.Binding.role][].

Example value: inRole:roles/logging.viewer for predefined roles and inRole:organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.

repeated string available_permissions = 2;

The full resource name of a Google Cloud resource entity. The format definition is at https://cloud.google.com/apis/design/resource_names.

Example value: //cloudresourcemanager.googleapis.com/projects/my-project.

string available_resource = 1 [features = { ... }

The full resource name of a Google Cloud resource entity. The format definition is at https://cloud.google.com/apis/design/resource_names.

Example value: //cloudresourcemanager.googleapis.com/projects/my-project.

string available_resource = 1 [features = { ... }

The compiled version of the availability_condition in the STS API AccessBoundaryRule (google3/google/identity/sts/v1/access_boundary.proto) with limited function support.

.google.api.expr.Expr compiled_availability_condition = 4;

The compiled version of the availability_condition in the STS API AccessBoundaryRule (google3/google/identity/sts/v1/access_boundary.proto) with limited function support.

.google.api.expr.Expr compiled_availability_condition = 4;