Reference documentation and code samples for the google-cloud-bigtable class Google::Cloud::Bigtable::Policy.
Policy
Represents a Cloud IAM Policy for Bigtable resources.
A common pattern for updating a resource's metadata, such as its policy,
is to read the current data from the service, update the data locally,
and then write the modified data back to the resource. This pattern may
result in a conflict if two or more processes attempt the sequence simultaneously.
IAM solves this problem with the #etag
property, which is used to verify whether the policy has changed since
the last request. When you make a request with an etag
value, Cloud
IAM compares the etag
value in the request with the existing etag
value associated with the policy. It writes the policy only if the
etag
values match.
Inherits
- Object
Example
require "google/cloud/bigtable" bigtable = Google::Cloud::Bigtable.new instance = bigtable.instance "my-instance" policy = instance.policy policy.remove "roles/owner", "user:owner@example.com" policy.add "roles/owner", "user:newowner@example.com" policy.roles["roles/viewer"] = ["allUsers"]
Methods
#add
def add(role_name, member)
Convenience method for adding a member to a binding on this policy. See Understanding Roles for a list of primitive and curated roles. See Binding for a list of values and patterns for members.
-
role_name (String) — A Cloud IAM role, such as
"roles/bigtable.admin"
. -
member (String) — A Cloud IAM identity, such as
"user:owner@example.com"
.
require "google/cloud/bigtable" bigtable = Google::Cloud::Bigtable.new instance = bigtable.instance "my-instance" policy = instance.policy policy.add "roles/owner", "user:newowner@example.com"
#etag
def etag() -> String
Used to check if the policy has changed since
the last request. The policy will be written only if the etag
values
match.
- (String) — the current value of etag
#etag=
def etag=(value) -> String
Used to check if the policy has changed since
the last request. The policy will be written only if the etag
values
match.
- value (String) — the newly set value
- (String) — the newly set value
#initialize
def initialize(etag, roles = nil) -> Policy
Creates a Policy instance.
- etag (String)
- roles (Array<String>)
- (Policy) — a new instance of Policy
#remove
def remove(role_name, member)
Convenience method for removing a member from a binding on this policy. See Understanding Roles for a list of primitive and curated roles.See Binding for a list of values and patterns for members.
-
role_name (String) — A Cloud IAM role, such as
"roles/Bigtable.admin"
. -
member (String) — A Cloud IAM identity, such as
"user:owner@example.com"
.
require "google/cloud/bigtable" bigtable = Google::Cloud::Bigtable.new instance = bigtable.instance "my-instance" policy = instance.policy policy.remove "roles/owner", "user:newowner@example.com"
#role
def role(role_name) -> Array<String>
Convenience method returning the array of members bound to a role in this policy. Returns an empty array if no value is present for the role in #roles. See Understanding Roles for a list of primitive and curated roles. See Binding for a list of values and patterns for members.
- (Array<String>) — The members strings, or an empty array.
require "google/cloud/bigtable" bigtable = Google::Cloud::Bigtable.new instance = bigtable.instance "my-instance" policy = instance.policy policy.role("roles/viewer") << "user:viewer@example.com"
#roles
def roles() -> Hash{String => Array<String>}
The bindings that associate roles with an array of members. See Understanding Roles for a listing of primitive and curated roles.
- (Hash{String => Array<String>}) — the current value of roles
#roles=
def roles=(value) -> Hash{String => Array<String>}
The bindings that associate roles with an array of members. See Understanding Roles for a listing of primitive and curated roles.
- value (Hash{String => Array<String>}) — the newly set value
- (Hash{String => Array<String>}) — the newly set value