class Google::Apis::IapV1::PolicyDelegationSettings
PolicyDelegationConfig allows google-internal teams to use IAP for apps hosted in a tenant project. Using these settings, the app can delegate permission check to happen against the linked customer project. This is only ever supposed to be used by google internal teams, hence the restriction on the proto.
Attributes
Permission to check in IAM. Corresponds to the JSON property `iamPermission` @return [String]
The DNS name of the service (e.g. “resourcemanager.googleapis.com”). This should be the domain name part of the full resource names (see aip.dev/ 122#full-resource-names), which is usually the same as IamServiceSpec.service of the service where the resource type is defined. Corresponds to the JSON property `iamServiceName` @return [String]
An internal name for an IAM policy, based on the resource to which the policy applies. Not to be confused with a resource's external full resource name. For more information on this distinction, see go/iam-full-resource-names. Corresponds to the JSON property `policyName` @return [Google::Apis::IapV1::PolicyName]
IAM resource to check permission on Corresponds to the JSON property `resource` @return [Google::Apis::IapV1::Resource]
Public Class Methods
# File lib/google/apis/iap_v1/classes.rb, line 687 def initialize(**args) update!(**args) end
Public Instance Methods
Update properties of this object
# File lib/google/apis/iap_v1/classes.rb, line 692 def update!(**args) @iam_permission = args[:iam_permission] if args.key?(:iam_permission) @iam_service_name = args[:iam_service_name] if args.key?(:iam_service_name) @policy_name = args[:policy_name] if args.key?(:policy_name) @resource = args[:resource] if args.key?(:resource) end