Binding(mapping=None, *, ignore_unknown_fields=False, **kwargs)Associates members, or principals, with a role.
Attributes
| Name | Description |
| binding_id |
str
This is deprecated and has no effect. Do not use. This field is a member of `oneof`_ ``_binding_id``. |
| condition |
google.cloud.compute_v1.types.Expr
The condition that is associated with this binding. If the condition evaluates to ``true``, then this binding applies to the current request. If the condition evaluates to ``false``, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the `IAM documentation |
| members |
Sequence[str]
Specifies the principals requesting access for a Google Cloud resource. ``members`` can have the following values: \* ``allUsers``: A special identifier that represents anyone who is on the internet; with or without a Google account. \* ``allAuthenticatedUsers``: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. \* ``user:{emailid}``: An email address that represents a specific Google account. For example, ``alice@example.com`` . \* ``serviceAccount:{emailid}``: An email address that represents a Google service account. For example, ``my-other-app@appspot.gserviceaccount.com``. \* ``serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]``: An identifier for a `Kubernetes service account |
| role |
str
Role that is assigned to the list of ``members``, or principals. For example, ``roles/viewer``, ``roles/editor``, or ``roles/owner``. This field is a member of `oneof`_ ``_role``. |