View Source GoogleApi.CloudAsset.V1.Model.GoogleIdentityAccesscontextmanagerV1AccessPolicy (google_api_cloud_asset v0.35.0)
AccessPolicy
is a container for AccessLevels
(which define the necessary attributes to use Google Cloud services) and ServicePerimeters
(which define regions of services able to freely pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization.
Attributes
-
etag
(type:String.t
, default:nil
) - Output only. An opaque identifier for the current version of theAccessPolicy
. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format. -
name
(type:String.t
, default:nil
) - Output only. Resource name of theAccessPolicy
. Format:accessPolicies/{access_policy}
-
parent
(type:String.t
, default:nil
) - Required. The parent of thisAccessPolicy
in the Cloud Resource Hierarchy. Currently immutable once created. Format:organizations/{organization_id}
-
scopes
(type:list(String.t)
, default:nil
) - The scopes of the AccessPolicy. Scopes define which resources a policy can restrict and where its resources can be referenced. For example, policy A withscopes=["folders/123"]
has the following behavior: - ServicePerimeter can only restrict projects withinfolders/123
. - ServicePerimeter within policy A can only reference access levels defined within policy A. - Only one policy can include a given scope; thus, attempting to create a second policy which includesfolders/123
will result in an error. If no scopes are provided, then any resource within the organization can be restricted. Scopes cannot be modified after a policy is created. Policies can only have a single scope. Format: list offolders/{folder_number}
orprojects/{project_number}
-
title
(type:String.t
, default:nil
) - Required. Human readable title. Does not affect behavior.
Summary
Functions
Unwrap a decoded JSON object into its complex fields.
Types
Functions
Unwrap a decoded JSON object into its complex fields.