- Resource: PrincipalAccessBoundaryPolicy
- PrincipalAccessBoundaryPolicyDetails
- PrincipalAccessBoundaryPolicyRule
- Effect
- Methods
Resource: PrincipalAccessBoundaryPolicy
An IAM principal access boundary policy resource.
JSON representation |
---|
{
"name": string,
"uid": string,
"etag": string,
"displayName": string,
"annotations": {
string: string,
...
},
"createTime": string,
"updateTime": string,
"details": {
object ( |
Fields | |
---|---|
name |
Identifier. The resource name of the principal access boundary policy. The following format is supported: |
uid |
Output only. The globally unique ID of the principal access boundary policy. |
etag |
Optional. The etag for the principal access boundary. If this is provided on update, it must match the server's etag. |
display |
Optional. The description of the principal access boundary policy. Must be less than or equal to 63 characters. |
annotations |
Optional. User defined annotations. See https://google.aip.dev/148#annotations for more details such as format and size limitations An object containing a list of |
create |
Output only. The time when the principal access boundary policy was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
update |
Output only. The time when the principal access boundary policy was most recently updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
details |
Optional. The details for the principal access boundary policy. |
PrincipalAccessBoundaryPolicyDetails
Principal access boundary policy details
JSON representation |
---|
{
"rules": [
{
object ( |
Fields | |
---|---|
rules[] |
Required. A list of principal access boundary policy rules. The number of rules in a policy is limited to 500. |
enforcement |
Optional. The version number that indicates which Google Cloud services are included in the enforcement (e.g. "latest", "1", ...). If empty, the PAB policy version will be set to the current latest version, and this version won't get updated when new versions are released. |
PrincipalAccessBoundaryPolicyRule
Principal access boundary policy rule that defines the resource boundary.
JSON representation |
---|
{
"description": string,
"resources": [
string
],
"effect": enum ( |
Fields | |
---|---|
description |
Optional. The description of the principal access boundary policy rule. Must be less than or equal to 256 characters. |
resources[] |
Required. A list of Cloud Resource Manager resources. The resource and all the descendants are included. The number of resources in a policy is limited to 500 across all rules. The following resource types are supported:
|
effect |
Required. The access relationship of principals to the resources in this rule. |
Effect
An effect to describe the access relationship.
Enums | |
---|---|
EFFECT_UNSPECIFIED |
Effect unspecified. |
ALLOW |
Allows access to the resources in this rule. |
Methods |
|
---|---|
|
Creates a principal access boundary policy, and returns a long running operation. |
|
Deletes a principal access boundary policy. |
|
Gets a principal access boundary policy. |
|
Lists principal access boundary policies. |
|
Updates a principal access boundary policy. |
|
Returns all policy bindings that bind a specific policy if a user has searchPolicyBindings permission on that policy. |