target.apidocs.com.google.api.services.servicemanagement.model.Binding.html Maven / Gradle / Ivy
Binding (Service Management API v1-rev20240920-2.0.0)
com.google.api.services.servicemanagement.model
Class Binding
- java.lang.Object
-
- java.util.AbstractMap<String,Object>
-
- com.google.api.client.util.GenericData
-
- com.google.api.client.json.GenericJson
-
- com.google.api.services.servicemanagement.model.Binding
-
public final class Binding
extends com.google.api.client.json.GenericJson
Associates `members`, or principals, with a `role`.
This is the Java data model class that specifies how to parse/serialize into the JSON that is
transmitted over HTTP when working with the Service Management API. For a detailed explanation
see:
https://developers.google.com/api-client-library/java/google-http-java-client/json
- Author:
- Google, Inc.
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class com.google.api.client.util.GenericData
com.google.api.client.util.GenericData.Flags
-
Nested classes/interfaces inherited from class java.util.AbstractMap
AbstractMap.SimpleEntry<K,V>, AbstractMap.SimpleImmutableEntry<K,V>
-
Constructor Summary
Constructors
Constructor and Description
Binding()
-
Method Summary
All Methods Instance Methods Concrete Methods
Modifier and Type
Method and Description
Binding
clone()
Expr
getCondition()
The condition that is associated with this binding.
List<String>
getMembers()
Specifies the principals requesting access for a Google Cloud resource.
String
getRole()
Role that is assigned to the list of `members`, or principals.
Binding
set(String fieldName,
Object value)
Binding
setCondition(Expr condition)
The condition that is associated with this binding.
Binding
setMembers(List<String> members)
Specifies the principals requesting access for a Google Cloud resource.
Binding
setRole(String role)
Role that is assigned to the list of `members`, or principals.
-
Methods inherited from class com.google.api.client.json.GenericJson
getFactory, setFactory, toPrettyString, toString
-
Methods inherited from class com.google.api.client.util.GenericData
entrySet, equals, get, getClassInfo, getUnknownKeys, hashCode, put, putAll, remove, setUnknownKeys
-
Methods inherited from class java.util.AbstractMap
clear, containsKey, containsValue, isEmpty, keySet, size, values
-
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface java.util.Map
compute, computeIfAbsent, computeIfPresent, forEach, getOrDefault, merge, putIfAbsent, remove, replace, replace, replaceAll
-
-
Method Detail
-
getCondition
public Expr getCondition()
The condition that is associated with this binding. If the condition evaluates to `true`, then
this binding applies to the current request. If the condition evaluates to `false`, then this
binding does not apply to the current request. However, a different role binding might grant
the same role to one or more of the principals in this binding. To learn which resources
support conditions in their IAM policies, see the [IAM
documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
- Returns:
- value or
null
for none
-
setCondition
public Binding setCondition(Expr condition)
The condition that is associated with this binding. If the condition evaluates to `true`, then
this binding applies to the current request. If the condition evaluates to `false`, then this
binding does not apply to the current request. However, a different role binding might grant
the same role to one or more of the principals in this binding. To learn which resources
support conditions in their IAM policies, see the [IAM
documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
- Parameters:
condition
- condition or null
for none
-
getMembers
public List<String> getMembers()
Specifies the principals requesting access for a Google Cloud resource. `members` can have the
following values: * `allUsers`: A special identifier that represents anyone who is on the
internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier
that represents anyone who is authenticated with a Google account or a service account. Does
not include identities that come from external identity providers (IdPs) through identity
federation. * `user:{emailid}`: An email address that represents a specific Google account. For
example, `[email protected]` . * `serviceAccount:{emailid}`: An email address that represents a
Google service account. For example, `[email protected]`. *
`serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a
[Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-
service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. *
`group:{emailid}`: An email address that represents a Google group. For example,
`[email protected]`. * `domain:{domain}`: The G Suite domain (primary) that represents all the
users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis
.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single
identity in a workforce identity pool. *
`principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`:
All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/work
forcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities
with a specific attribute value. *
`principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}`: All identities
in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locat
ions/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single
identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_nu
mber}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity
pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/wor
kloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a
workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/
{project_number}/locations/global/workloadIdentityPools/{pool_id}`: All identities in a
workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus
unique identifier) representing a user that has been recently deleted. For example,
`[email protected]?uid=123456789012345678901`. If the user is recovered, this value reverts to
`user:{emailid}` and the recovered user retains the role in the binding. *
`deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier)
representing a service account that has been recently deleted. For example, `my-other-
[email protected]?uid=123456789012345678901`. If the service account is
undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account
retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address
(plus unique identifier) representing a Google group that has been recently deleted. For
example, `[email protected]?uid=123456789012345678901`. If the group is recovered, this value
reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `delete
d:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_att
ribute_value}`: Deleted single identity in a workforce identity pool. For example,
`deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-
subject-attribute-value`.
- Returns:
- value or
null
for none
-
setMembers
public Binding setMembers(List<String> members)
Specifies the principals requesting access for a Google Cloud resource. `members` can have the
following values: * `allUsers`: A special identifier that represents anyone who is on the
internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier
that represents anyone who is authenticated with a Google account or a service account. Does
not include identities that come from external identity providers (IdPs) through identity
federation. * `user:{emailid}`: An email address that represents a specific Google account. For
example, `[email protected]` . * `serviceAccount:{emailid}`: An email address that represents a
Google service account. For example, `[email protected]`. *
`serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a
[Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-
service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. *
`group:{emailid}`: An email address that represents a Google group. For example,
`[email protected]`. * `domain:{domain}`: The G Suite domain (primary) that represents all the
users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis
.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single
identity in a workforce identity pool. *
`principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`:
All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/work
forcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities
with a specific attribute value. *
`principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}`: All identities
in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locat
ions/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single
identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_nu
mber}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity
pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/wor
kloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a
workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/
{project_number}/locations/global/workloadIdentityPools/{pool_id}`: All identities in a
workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus
unique identifier) representing a user that has been recently deleted. For example,
`[email protected]?uid=123456789012345678901`. If the user is recovered, this value reverts to
`user:{emailid}` and the recovered user retains the role in the binding. *
`deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier)
representing a service account that has been recently deleted. For example, `my-other-
[email protected]?uid=123456789012345678901`. If the service account is
undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account
retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address
(plus unique identifier) representing a Google group that has been recently deleted. For
example, `[email protected]?uid=123456789012345678901`. If the group is recovered, this value
reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `delete
d:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_att
ribute_value}`: Deleted single identity in a workforce identity pool. For example,
`deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-
subject-attribute-value`.
- Parameters:
members
- members or null
for none
-
getRole
public String getRole()
Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`,
`roles/editor`, or `roles/owner`. For an overview of the IAM roles and permissions, see the
[IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For a list of the
available pre-defined roles, see [here](https://cloud.google.com/iam/docs/understanding-roles).
- Returns:
- value or
null
for none
-
setRole
public Binding setRole(String role)
Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`,
`roles/editor`, or `roles/owner`. For an overview of the IAM roles and permissions, see the
[IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For a list of the
available pre-defined roles, see [here](https://cloud.google.com/iam/docs/understanding-roles).
- Parameters:
role
- role or null
for none
-
set
public Binding set(String fieldName,
Object value)
- Overrides:
set
in class com.google.api.client.json.GenericJson
-
clone
public Binding clone()
- Overrides:
clone
in class com.google.api.client.json.GenericJson
Copyright © 2011–2024 Google. All rights reserved.
© 2015 - 2024 Weber Informatics LLC | Privacy Policy