com.google.api.services.servicemanagement.model.Binding Maven / Gradle / Ivy
/*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
* in compliance with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software distributed under the License
* is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
* or implied. See the License for the specific language governing permissions and limitations under
* the License.
*/
/*
* This code was generated by https://github.com/googleapis/google-api-java-client-services/
* Modify at your own risk.
*/
package com.google.api.services.servicemanagement.model;
/**
* Associates `members`, or principals, with a `role`.
*
* This is the Java data model class that specifies how to parse/serialize into the JSON that is
* transmitted over HTTP when working with the Service Management API. For a detailed explanation
* see:
* https://developers.google.com/api-client-library/java/google-http-java-client/json
*
*
* @author Google, Inc.
*/
@SuppressWarnings("javadoc")
public final class Binding extends com.google.api.client.json.GenericJson {
/**
* The condition that is associated with this binding. If the condition evaluates to `true`, then
* this binding applies to the current request. If the condition evaluates to `false`, then this
* binding does not apply to the current request. However, a different role binding might grant
* the same role to one or more of the principals in this binding. To learn which resources
* support conditions in their IAM policies, see the [IAM
* documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
* The value may be {@code null}.
*/
@com.google.api.client.util.Key
private Expr condition;
/**
* Specifies the principals requesting access for a Google Cloud resource. `members` can have the
* following values: * `allUsers`: A special identifier that represents anyone who is on the
* internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier
* that represents anyone who is authenticated with a Google account or a service account. Does
* not include identities that come from external identity providers (IdPs) through identity
* federation. * `user:{emailid}`: An email address that represents a specific Google account. For
* example, `[email protected]` . * `serviceAccount:{emailid}`: An email address that represents a
* Google service account. For example, `[email protected]`. *
* `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a
* [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-
* service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. *
* `group:{emailid}`: An email address that represents a Google group. For example,
* `[email protected]`. * `domain:{domain}`: The G Suite domain (primary) that represents all the
* users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis
* .com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single
* identity in a workforce identity pool. *
* `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`:
* All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/work
* forcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities
* with a specific attribute value. *
* `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}`: All identities
* in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locat
* ions/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single
* identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_nu
* mber}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity
* pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/wor
* kloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a
* workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/
* {project_number}/locations/global/workloadIdentityPools/{pool_id}`: All identities in a
* workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus
* unique identifier) representing a user that has been recently deleted. For example,
* `[email protected]?uid=123456789012345678901`. If the user is recovered, this value reverts to
* `user:{emailid}` and the recovered user retains the role in the binding. *
* `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier)
* representing a service account that has been recently deleted. For example, `my-other-
* [email protected]?uid=123456789012345678901`. If the service account is
* undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account
* retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address
* (plus unique identifier) representing a Google group that has been recently deleted. For
* example, `[email protected]?uid=123456789012345678901`. If the group is recovered, this value
* reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `delete
* d:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_att
* ribute_value}`: Deleted single identity in a workforce identity pool. For example,
* `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-
* subject-attribute-value`.
* The value may be {@code null}.
*/
@com.google.api.client.util.Key
private java.util.List members;
/**
* Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`,
* `roles/editor`, or `roles/owner`. For an overview of the IAM roles and permissions, see the
* [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For a list of the
* available pre-defined roles, see [here](https://cloud.google.com/iam/docs/understanding-roles).
* The value may be {@code null}.
*/
@com.google.api.client.util.Key
private java.lang.String role;
/**
* The condition that is associated with this binding. If the condition evaluates to `true`, then
* this binding applies to the current request. If the condition evaluates to `false`, then this
* binding does not apply to the current request. However, a different role binding might grant
* the same role to one or more of the principals in this binding. To learn which resources
* support conditions in their IAM policies, see the [IAM
* documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
* @return value or {@code null} for none
*/
public Expr getCondition() {
return condition;
}
/**
* The condition that is associated with this binding. If the condition evaluates to `true`, then
* this binding applies to the current request. If the condition evaluates to `false`, then this
* binding does not apply to the current request. However, a different role binding might grant
* the same role to one or more of the principals in this binding. To learn which resources
* support conditions in their IAM policies, see the [IAM
* documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
* @param condition condition or {@code null} for none
*/
public Binding setCondition(Expr condition) {
this.condition = condition;
return this;
}
/**
* Specifies the principals requesting access for a Google Cloud resource. `members` can have the
* following values: * `allUsers`: A special identifier that represents anyone who is on the
* internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier
* that represents anyone who is authenticated with a Google account or a service account. Does
* not include identities that come from external identity providers (IdPs) through identity
* federation. * `user:{emailid}`: An email address that represents a specific Google account. For
* example, `[email protected]` . * `serviceAccount:{emailid}`: An email address that represents a
* Google service account. For example, `[email protected]`. *
* `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a
* [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-
* service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. *
* `group:{emailid}`: An email address that represents a Google group. For example,
* `[email protected]`. * `domain:{domain}`: The G Suite domain (primary) that represents all the
* users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis
* .com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single
* identity in a workforce identity pool. *
* `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`:
* All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/work
* forcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities
* with a specific attribute value. *
* `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}`: All identities
* in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locat
* ions/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single
* identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_nu
* mber}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity
* pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/wor
* kloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a
* workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/
* {project_number}/locations/global/workloadIdentityPools/{pool_id}`: All identities in a
* workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus
* unique identifier) representing a user that has been recently deleted. For example,
* `[email protected]?uid=123456789012345678901`. If the user is recovered, this value reverts to
* `user:{emailid}` and the recovered user retains the role in the binding. *
* `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier)
* representing a service account that has been recently deleted. For example, `my-other-
* [email protected]?uid=123456789012345678901`. If the service account is
* undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account
* retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address
* (plus unique identifier) representing a Google group that has been recently deleted. For
* example, `[email protected]?uid=123456789012345678901`. If the group is recovered, this value
* reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `delete
* d:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_att
* ribute_value}`: Deleted single identity in a workforce identity pool. For example,
* `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-
* subject-attribute-value`.
* @return value or {@code null} for none
*/
public java.util.List getMembers() {
return members;
}
/**
* Specifies the principals requesting access for a Google Cloud resource. `members` can have the
* following values: * `allUsers`: A special identifier that represents anyone who is on the
* internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier
* that represents anyone who is authenticated with a Google account or a service account. Does
* not include identities that come from external identity providers (IdPs) through identity
* federation. * `user:{emailid}`: An email address that represents a specific Google account. For
* example, `[email protected]` . * `serviceAccount:{emailid}`: An email address that represents a
* Google service account. For example, `[email protected]`. *
* `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a
* [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-
* service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. *
* `group:{emailid}`: An email address that represents a Google group. For example,
* `[email protected]`. * `domain:{domain}`: The G Suite domain (primary) that represents all the
* users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis
* .com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single
* identity in a workforce identity pool. *
* `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`:
* All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/work
* forcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities
* with a specific attribute value. *
* `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}`: All identities
* in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locat
* ions/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single
* identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_nu
* mber}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity
* pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/wor
* kloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a
* workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/
* {project_number}/locations/global/workloadIdentityPools/{pool_id}`: All identities in a
* workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus
* unique identifier) representing a user that has been recently deleted. For example,
* `[email protected]?uid=123456789012345678901`. If the user is recovered, this value reverts to
* `user:{emailid}` and the recovered user retains the role in the binding. *
* `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier)
* representing a service account that has been recently deleted. For example, `my-other-
* [email protected]?uid=123456789012345678901`. If the service account is
* undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account
* retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address
* (plus unique identifier) representing a Google group that has been recently deleted. For
* example, `[email protected]?uid=123456789012345678901`. If the group is recovered, this value
* reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `delete
* d:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_att
* ribute_value}`: Deleted single identity in a workforce identity pool. For example,
* `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-
* subject-attribute-value`.
* @param members members or {@code null} for none
*/
public Binding setMembers(java.util.List members) {
this.members = members;
return this;
}
/**
* Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`,
* `roles/editor`, or `roles/owner`. For an overview of the IAM roles and permissions, see the
* [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For a list of the
* available pre-defined roles, see [here](https://cloud.google.com/iam/docs/understanding-roles).
* @return value or {@code null} for none
*/
public java.lang.String getRole() {
return role;
}
/**
* Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`,
* `roles/editor`, or `roles/owner`. For an overview of the IAM roles and permissions, see the
* [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For a list of the
* available pre-defined roles, see [here](https://cloud.google.com/iam/docs/understanding-roles).
* @param role role or {@code null} for none
*/
public Binding setRole(java.lang.String role) {
this.role = role;
return this;
}
@Override
public Binding set(String fieldName, Object value) {
return (Binding) super.set(fieldName, value);
}
@Override
public Binding clone() {
return (Binding) super.clone();
}
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy