class Google::Apis::IapV1::PolicyDelegationSettings

PolicyDelegationConfig allows google-internal teams to use IAP for apps hosted in a tenant project. Using these settings, the app can delegate permission check to happen against the linked customer project. This is only ever supposed to be used by google internal teams, hence the restriction on the proto.

Attributes

iam_permission[RW]

Permission to check in IAM. Corresponds to the JSON property `iamPermission` @return [String]

iam_service_name[RW]

The DNS name of the service (e.g. “resourcemanager.googleapis.com”). This should be the domain name part of the full resource names (see aip.dev/ 122#full-resource-names), which is usually the same as IamServiceSpec.service of the service where the resource type is defined. Corresponds to the JSON property `iamServiceName` @return [String]

policy_name[RW]

An internal name for an IAM policy, based on the resource to which the policy applies. Not to be confused with a resource's external full resource name. For more information on this distinction, see go/iam-full-resource-names. Corresponds to the JSON property `policyName` @return [Google::Apis::IapV1::PolicyName]

resource[RW]

IAM resource to check permission on Corresponds to the JSON property `resource` @return [Google::Apis::IapV1::Resource]

Public Class Methods

new(**args) click to toggle source
# File lib/google/apis/iap_v1/classes.rb, line 687
def initialize(**args)
   update!(**args)
end

Public Instance Methods

update!(**args) click to toggle source

Update properties of this object

# File lib/google/apis/iap_v1/classes.rb, line 692
def update!(**args)
  @iam_permission = args[:iam_permission] if args.key?(:iam_permission)
  @iam_service_name = args[:iam_service_name] if args.key?(:iam_service_name)
  @policy_name = args[:policy_name] if args.key?(:policy_name)
  @resource = args[:resource] if args.key?(:resource)
end