Privileged access that this service can be used to gate.
JSON representation |
---|
{ // Union field |
Fields | |
---|---|
Union field
|
|
gcpIamAccess |
Access to a Google Cloud resource through IAM. |
GcpIamAccess
GcpIamAccess
represents IAM based access control on a Google Cloud resource. Refer to https://cloud.google.com/iam/docs to understand more about IAM.
JSON representation |
---|
{
"resourceType": string,
"resource": string,
"roleBindings": [
{
object ( |
Fields | |
---|---|
resourceType |
Required. The type of this resource. |
resource |
Required. Name of the resource. |
roleBindings[] |
Required. Role bindings that are created on successful grant. |
RoleBinding
IAM role bindings that are created after a successful grant.
JSON representation |
---|
{ "role": string, "conditionExpression": string } |
Fields | |
---|---|
role |
Required. IAM role to be granted. https://cloud.google.com/iam/docs/roles-overview. |
conditionExpression |
Optional. The expression field of the IAM condition to be associated with the role. If specified, a user with an active grant for this entitlement is able to access the resource only if this condition evaluates to true for their request. This field uses the same CEL format as IAM and supports all attributes that IAM supports, except tags. https://cloud.google.com/iam/docs/conditions-overview#attributes. |