Cloud Storage API - Class Google::Cloud::Storage::Policy::Bindings (v1.41.0)

Reference documentation and code samples for the Cloud Storage API class Google::Cloud::Storage::Policy::Bindings.

Bindings

Enumerable object for managing Cloud IAM bindings associated with a bucket.

Inherits

  • Object

Includes

  • Enumerable

Example

Updating a Policy from version 1 to version 3:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new
bucket = storage.bucket "my-bucket"

bucket.uniform_bucket_level_access = true

bucket.policy requested_policy_version: 3 do |p|
  p.version # the value is 1
  p.version = 3 # Must be explicitly set to opt-in to support for conditions.

  expr = "resource.name.startsWith(\"projects/_/buckets/bucket-name/objects/prefix-a-\")"
  p.bindings.insert({
                      role: "roles/storage.admin",
                      members: ["user:owner@example.com"],
                      condition: {
                        title: "my-condition",
                        description: "description of condition",
                        expression: expr
                      }
                    })
end

Methods

#each

def each(&block) { |binding| ... } -> Enumerator

Calls the block once for each binding in the collection, passing a Binding object as parameter. A Binding object is passed even when the arguments to #insert were hash objects.

If no block is given, an enumerator is returned instead.

Yields
  • (binding) — A binding in this bindings collection.
Yield Parameter
Returns
  • (Enumerator)
Example
require "google/cloud/storage"

storage = Google::Cloud::Storage.new
bucket = storage.bucket "my-bucket"

policy = bucket.policy requested_policy_version: 3
policy.bindings.each do |binding|
  puts binding.role
end

#insert

def insert(*bindings) -> Bindings

Adds a binding or bindings to the collection. The arguments may be Binding objects or equivalent hash objects that will be implicitly coerced to binding objects.

Parameter
  • bindings (Google::Cloud::Storage::Policy::Binding, Hash) — One or more bindings to be added to the policy owning the collection. The arguments may be Binding objects or equivalent hash objects that will be implicitly coerced to binding objects.
Returns
Example

Updating a Policy from version 1 to version 3:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new
bucket = storage.bucket "my-bucket"

bucket.uniform_bucket_level_access = true

bucket.policy requested_policy_version: 3 do |p|
  p.version # the value is 1
  p.version = 3 # Must be explicitly set to opt-in to support for conditions.

  expr = "resource.name.startsWith(\"projects/_/buckets/bucket-name/objects/prefix-a-\")"
  p.bindings.insert({
                      role: "roles/storage.admin",
                      members: ["user:owner@example.com"],
                      condition: {
                        title: "my-condition",
                        description: "description of condition",
                        expression: expr
                      }
                    })
end

#remove

def remove(*bindings) -> Bindings

Deletes the binding or bindings from the collection that are equal to the arguments. The specification arguments may be Binding objects or equivalent hash objects that will be implicitly coerced to binding objects.

Parameter
  • bindings (Google::Cloud::Storage::Policy::Binding, Hash) — One or more specifications for bindings to be removed from the collection. The arguments may be Binding objects or equivalent hash objects that will be implicitly coerced to binding objects.
Returns
Example
require "google/cloud/storage"

storage = Google::Cloud::Storage.new
bucket = storage.bucket "my-bucket"

bucket.policy requested_policy_version: 3 do |p|
  expr = "resource.name.startsWith(\"projects/_/buckets/bucket-name/objects/prefix-a-\")"
  p.bindings.remove({
                      role: "roles/storage.admin",
                      members: ["user:owner@example.com"],
                      condition: {
                        title: "my-condition",
                        description: "description of condition",
                        expression: expr
                      }
                    })
end