1. class
  2. Google
  3. \
  4. Cloud
  5. \
  6. Iam
  7. \
  8. V1
  9. \
  10. Policy

Policy

class Policy extends Message

Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources.

A Policy consists of a list of bindings. A Binding binds a list of members to a role, where the members can be user accounts, Google groups, Google domains, and service accounts. A role is a named list of permissions defined by IAM. Example { "bindings": [ { "role": "roles/owner", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-other-app@appspot.gserviceaccount.com", ] }, { "role": "roles/viewer", "members": ["user:sean@example.com"] } ] } For a description of IAM and its features, see the IAM developer's guide.

Generated from protobuf message google.iam.v1.Policy

Methods

__construct(array $data = NULL)

Constructor.

int
getVersion()

Version of the Policy. The default version is 0.

$this
setVersion(int $var)

Version of the Policy. The default version is 0.

RepeatedField
getBindings()

Associates a list of members to a role.

$this
setBindings(Binding[]|RepeatedField $var)

Associates a list of members to a role.

string
getEtag()

etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.

$this
setEtag(string $var)

etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.

Details

at line 96
__construct(array $data = NULL)

Constructor.

Parameters

array $data { Optional. Data for populating the Message object.

@type int $version
      Version of the `Policy`. The default version is 0.
@type \Google\Cloud\Iam\V1\Binding[]|\Google\Protobuf\Internal\RepeatedField $bindings
      Associates a list of `members` to a `role`.
      Multiple `bindings` must not be specified for the same `role`.
      `bindings` with no members will result in an error.
@type string $etag
      `etag` is used for optimistic concurrency control as a way to help
      prevent simultaneous updates of a policy from overwriting each other.
      It is strongly suggested that systems make use of the `etag` in the
      read-modify-write cycle to perform policy updates in order to avoid race
      conditions: An `etag` is returned in the response to `getIamPolicy`, and
      systems are expected to put that etag in the request to `setIamPolicy` to
      ensure that their change will be applied to the same version of the policy.
      If no `etag` is provided in the call to `setIamPolicy`, then the existing
      policy is overwritten blindly.

}

at line 107
int getVersion()

Version of the Policy. The default version is 0.

Generated from protobuf field int32 version = 1;

Return Value

int

at line 119
$this setVersion(int $var)

Version of the Policy. The default version is 0.

Generated from protobuf field int32 version = 1;

Parameters

int $var

Return Value

$this

at line 135
RepeatedField getBindings()

Associates a list of members to a role.

Multiple bindings must not be specified for the same role. bindings with no members will result in an error.

Generated from protobuf field repeated .google.iam.v1.Binding bindings = 4;

Return Value

RepeatedField

at line 149
$this setBindings(Binding[]|RepeatedField $var)

Associates a list of members to a role.

Multiple bindings must not be specified for the same role. bindings with no members will result in an error.

Generated from protobuf field repeated .google.iam.v1.Binding bindings = 4;

Parameters

Binding[]|RepeatedField $var

Return Value

$this

at line 171
string getEtag()

etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.

It is strongly suggested that systems make use of the etag in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An etag is returned in the response to getIamPolicy, and systems are expected to put that etag in the request to setIamPolicy to ensure that their change will be applied to the same version of the policy. If no etag is provided in the call to setIamPolicy, then the existing policy is overwritten blindly.

Generated from protobuf field bytes etag = 3;

Return Value

string

at line 191
$this setEtag(string $var)

etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.

It is strongly suggested that systems make use of the etag in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An etag is returned in the response to getIamPolicy, and systems are expected to put that etag in the request to setIamPolicy to ensure that their change will be applied to the same version of the policy. If no etag is provided in the call to setIamPolicy, then the existing policy is overwritten blindly.

Generated from protobuf field bytes etag = 3;

Parameters

string $var

Return Value

$this