Google Cloud PHP shared dependency, providing functionality useful to all components. Client - Class PolicyBuilder (1.50.0)

Reference documentation and code samples for the Google Cloud PHP shared dependency, providing functionality useful to all components. Client class PolicyBuilder.

Helper class for creating valid IAM policies

Example:

use Google\Cloud\Core\Iam\PolicyBuilder;

$builder = new PolicyBuilder();
$builder->addBinding('roles/admin', [ 'user:admin@domain.com' ]);
$result = $builder->result();

Methods

__construct

Create a PolicyBuilder.

To use conditions in the bindings, the version of the policy must be set to 3.

Parameter
NameDescription
policy array

A policy array

setBindings

Override all stored bindings on the policy.

Example:

$builder->setBindings([
    [
        'role' => 'roles/admin',
        'members' => [
            'user:admin@domain.com'
        ],
        'condition' => [
            'expression' =>
                'request.time < timestamp("2020-07-01T00:00:00.000Z")'
        ]
    ]
]);
Parameter
NameDescription
bindings array

[optional] An array of bindings

Returns
TypeDescription
Google\Cloud\Core\Iam\PolicyBuilder

addBinding

Add a new binding to the policy.

This method will fail with an InvalidOpereationException if it is called on a Policy with a version greater than 1 as that indicates a more complicated policy than this method is prepared to handle. Changes to such policies must be made manually by the setBindings() method.

Example:

$builder->addBinding('roles/admin', [ 'user:admin@domain.com' ]);
Parameters
NameDescription
role string

A valid role for the service

members array

An array of members to assign to the binding

Returns
TypeDescription
Google\Cloud\Core\Iam\PolicyBuilder

removeBinding

Remove a binding from the policy.

This method will fail with a BadMethodCallException if it is called on a Policy with a version greater than 1 as that indicates a more complicated policy than this method is prepared to handle. Changes to such policies must be made manually by the setBindings() method.

Example:

$builder->setBindings([
    [
        'role' => 'roles/admin',
        'members' => [
            'user:admin@domain.com',
            'user2:admin@domain.com'
        ]
    ]
]);
$builder->removeBinding('roles/admin', [ 'user:admin@domain.com' ]);
Parameters
NameDescription
role string

A valid role for the service

members array

An array of members to remove from the role

Returns
TypeDescription
Google\Cloud\Core\Iam\PolicyBuilder

setEtag

Update the etag on the policy.

Example:

$builder->setEtag($oldPolicy['etag']);
Parameter
NameDescription
etag string

used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that updates to existing policies make use of the etag to avoid race conditions.

Returns
TypeDescription
Google\Cloud\Core\Iam\PolicyBuilder

setVersion

Update the version of the policy.

Example:

$builder->setVersion(1);
Parameter
NameDescription
version int

Version of the Policy. Defaults to 0.

Returns
TypeDescription
Google\Cloud\Core\Iam\PolicyBuilder

result

Create a policy array with data in the correct format.

Example:

$policy = $builder->result();
Returns
TypeDescription
arrayAn array of policy data