All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.google.api.services.accesscontextmanager.v1.model.Binding Maven / Gradle / Ivy

There is a newer version: v1-rev20241113-2.0.0
Show newest version
/*
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 * in compliance with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software distributed under the License
 * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
 * or implied. See the License for the specific language governing permissions and limitations under
 * the License.
 */
/*
 * This code was generated by https://github.com/googleapis/google-api-java-client-services/
 * Modify at your own risk.
 */

package com.google.api.services.accesscontextmanager.v1.model;

/**
 * Associates `members`, or principals, with a `role`.
 *
 * 

This is the Java data model class that specifies how to parse/serialize into the JSON that is * transmitted over HTTP when working with the Access Context Manager API. For a detailed * explanation see: * https://developers.google.com/api-client-library/java/google-http-java-client/json *

* * @author Google, Inc. */ @SuppressWarnings("javadoc") public final class Binding extends com.google.api.client.json.GenericJson { /** * The condition that is associated with this binding. If the condition evaluates to `true`, then * this binding applies to the current request. If the condition evaluates to `false`, then this * binding does not apply to the current request. However, a different role binding might grant * the same role to one or more of the principals in this binding. To learn which resources * support conditions in their IAM policies, see the [IAM * documentation](https://cloud.google.com/iam/help/conditions/resource-policies). * The value may be {@code null}. */ @com.google.api.client.util.Key private Expr condition; /** * Specifies the principals requesting access for a Google Cloud resource. `members` can have the * following values: * `allUsers`: A special identifier that represents anyone who is on the * internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier * that represents anyone who is authenticated with a Google account or a service account. Does * not include identities that come from external identity providers (IdPs) through identity * federation. * `user:{emailid}`: An email address that represents a specific Google account. For * example, `[email protected]` . * `serviceAccount:{emailid}`: An email address that represents a * Google service account. For example, `[email protected]`. * * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a * [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes- * service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * * `group:{emailid}`: An email address that represents a Google group. For example, * `[email protected]`. * `domain:{domain}`: The G Suite domain (primary) that represents all the * users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis * .com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single * identity in a workforce identity pool. * * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: * All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/work * forcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities * with a specific attribute value. * * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}`: All identities * in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locat * ions/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single * identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_nu * mber}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity * pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/wor * kloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a * workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/ * {project_number}/locations/global/workloadIdentityPools/{pool_id}`: All identities in a * workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus * unique identifier) representing a user that has been recently deleted. For example, * `[email protected]?uid=123456789012345678901`. If the user is recovered, this value reverts to * `user:{emailid}` and the recovered user retains the role in the binding. * * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) * representing a service account that has been recently deleted. For example, `my-other- * [email protected]?uid=123456789012345678901`. If the service account is * undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account * retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address * (plus unique identifier) representing a Google group that has been recently deleted. For * example, `[email protected]?uid=123456789012345678901`. If the group is recovered, this value * reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `delete * d:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_att * ribute_value}`: Deleted single identity in a workforce identity pool. For example, * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my- * subject-attribute-value`. * The value may be {@code null}. */ @com.google.api.client.util.Key private java.util.List members; /** * Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, * `roles/editor`, or `roles/owner`. For an overview of the IAM roles and permissions, see the * [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For a list of the * available pre-defined roles, see [here](https://cloud.google.com/iam/docs/understanding-roles). * The value may be {@code null}. */ @com.google.api.client.util.Key private java.lang.String role; /** * The condition that is associated with this binding. If the condition evaluates to `true`, then * this binding applies to the current request. If the condition evaluates to `false`, then this * binding does not apply to the current request. However, a different role binding might grant * the same role to one or more of the principals in this binding. To learn which resources * support conditions in their IAM policies, see the [IAM * documentation](https://cloud.google.com/iam/help/conditions/resource-policies). * @return value or {@code null} for none */ public Expr getCondition() { return condition; } /** * The condition that is associated with this binding. If the condition evaluates to `true`, then * this binding applies to the current request. If the condition evaluates to `false`, then this * binding does not apply to the current request. However, a different role binding might grant * the same role to one or more of the principals in this binding. To learn which resources * support conditions in their IAM policies, see the [IAM * documentation](https://cloud.google.com/iam/help/conditions/resource-policies). * @param condition condition or {@code null} for none */ public Binding setCondition(Expr condition) { this.condition = condition; return this; } /** * Specifies the principals requesting access for a Google Cloud resource. `members` can have the * following values: * `allUsers`: A special identifier that represents anyone who is on the * internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier * that represents anyone who is authenticated with a Google account or a service account. Does * not include identities that come from external identity providers (IdPs) through identity * federation. * `user:{emailid}`: An email address that represents a specific Google account. For * example, `[email protected]` . * `serviceAccount:{emailid}`: An email address that represents a * Google service account. For example, `[email protected]`. * * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a * [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes- * service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * * `group:{emailid}`: An email address that represents a Google group. For example, * `[email protected]`. * `domain:{domain}`: The G Suite domain (primary) that represents all the * users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis * .com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single * identity in a workforce identity pool. * * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: * All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/work * forcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities * with a specific attribute value. * * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}`: All identities * in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locat * ions/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single * identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_nu * mber}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity * pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/wor * kloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a * workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/ * {project_number}/locations/global/workloadIdentityPools/{pool_id}`: All identities in a * workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus * unique identifier) representing a user that has been recently deleted. For example, * `[email protected]?uid=123456789012345678901`. If the user is recovered, this value reverts to * `user:{emailid}` and the recovered user retains the role in the binding. * * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) * representing a service account that has been recently deleted. For example, `my-other- * [email protected]?uid=123456789012345678901`. If the service account is * undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account * retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address * (plus unique identifier) representing a Google group that has been recently deleted. For * example, `[email protected]?uid=123456789012345678901`. If the group is recovered, this value * reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `delete * d:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_att * ribute_value}`: Deleted single identity in a workforce identity pool. For example, * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my- * subject-attribute-value`. * @return value or {@code null} for none */ public java.util.List getMembers() { return members; } /** * Specifies the principals requesting access for a Google Cloud resource. `members` can have the * following values: * `allUsers`: A special identifier that represents anyone who is on the * internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier * that represents anyone who is authenticated with a Google account or a service account. Does * not include identities that come from external identity providers (IdPs) through identity * federation. * `user:{emailid}`: An email address that represents a specific Google account. For * example, `[email protected]` . * `serviceAccount:{emailid}`: An email address that represents a * Google service account. For example, `[email protected]`. * * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a * [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes- * service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * * `group:{emailid}`: An email address that represents a Google group. For example, * `[email protected]`. * `domain:{domain}`: The G Suite domain (primary) that represents all the * users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis * .com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single * identity in a workforce identity pool. * * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: * All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/work * forcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities * with a specific attribute value. * * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}`: All identities * in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locat * ions/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single * identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_nu * mber}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity * pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/wor * kloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a * workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/ * {project_number}/locations/global/workloadIdentityPools/{pool_id}`: All identities in a * workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus * unique identifier) representing a user that has been recently deleted. For example, * `[email protected]?uid=123456789012345678901`. If the user is recovered, this value reverts to * `user:{emailid}` and the recovered user retains the role in the binding. * * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) * representing a service account that has been recently deleted. For example, `my-other- * [email protected]?uid=123456789012345678901`. If the service account is * undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account * retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address * (plus unique identifier) representing a Google group that has been recently deleted. For * example, `[email protected]?uid=123456789012345678901`. If the group is recovered, this value * reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `delete * d:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_att * ribute_value}`: Deleted single identity in a workforce identity pool. For example, * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my- * subject-attribute-value`. * @param members members or {@code null} for none */ public Binding setMembers(java.util.List members) { this.members = members; return this; } /** * Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, * `roles/editor`, or `roles/owner`. For an overview of the IAM roles and permissions, see the * [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For a list of the * available pre-defined roles, see [here](https://cloud.google.com/iam/docs/understanding-roles). * @return value or {@code null} for none */ public java.lang.String getRole() { return role; } /** * Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, * `roles/editor`, or `roles/owner`. For an overview of the IAM roles and permissions, see the * [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For a list of the * available pre-defined roles, see [here](https://cloud.google.com/iam/docs/understanding-roles). * @param role role or {@code null} for none */ public Binding setRole(java.lang.String role) { this.role = role; return this; } @Override public Binding set(String fieldName, Object value) { return (Binding) super.set(fieldName, value); } @Override public Binding clone() { return (Binding) super.clone(); } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy