Google Cloud PHP shared dependency, providing functionality useful to all components. Client - Class PolicyBuilder (1.48.1)

Reference documentation and code samples for the Google Cloud PHP shared dependency, providing functionality useful to all components. Client class PolicyBuilder.

Helper class for creating valid IAM policies

Example:

use Google\Cloud\Core\Iam\PolicyBuilder;

$builder = new PolicyBuilder();
$builder->addBinding('roles/admin', [ 'user:admin@domain.com' ]);
$result = $builder->result();

Methods

__construct

Create a PolicyBuilder.

To use conditions in the bindings, the version of the policy must be set to 3.

Parameter
Name	Description
`policy`	`array` A policy array

setBindings

Override all stored bindings on the policy.

Example:

$builder->setBindings([
    [
        'role' => 'roles/admin',
        'members' => [
            'user:admin@domain.com'
        ],
        'condition' => [
            'expression' =>
                'request.time < timestamp("2020-07-01T00:00:00.000Z")'
        ]
    ]
]);

Parameter
Name	Description
`bindings`	`array` [optional] An array of bindings

Returns
Type	Description
`Google\Cloud\Core\Iam\PolicyBuilder`

addBinding

Add a new binding to the policy.

This method will fail with an InvalidOpereationException if it is called on a Policy with a version greater than 1 as that indicates a more complicated policy than this method is prepared to handle. Changes to such policies must be made manually by the setBindings() method.

Example:

$builder->addBinding('roles/admin', [ 'user:admin@domain.com' ]);

Parameters
Name	Description
`role`	`string` A valid role for the service
`members`	`array` An array of members to assign to the binding

Returns
Type	Description
`Google\Cloud\Core\Iam\PolicyBuilder`

removeBinding

Remove a binding from the policy.

This method will fail with a BadMethodCallException if it is called on a Policy with a version greater than 1 as that indicates a more complicated policy than this method is prepared to handle. Changes to such policies must be made manually by the setBindings() method.

Example:

$builder->setBindings([
    [
        'role' => 'roles/admin',
        'members' => [
            'user:admin@domain.com',
            'user2:admin@domain.com'
        ]
    ]
]);
$builder->removeBinding('roles/admin', [ 'user:admin@domain.com' ]);

Parameters
Name	Description
`role`	`string` A valid role for the service
`members`	`array` An array of members to remove from the role

Returns
Type	Description
`Google\Cloud\Core\Iam\PolicyBuilder`

setEtag

Update the etag on the policy.

Example:

$builder->setEtag($oldPolicy['etag']);

Parameter
Name	Description
`etag`	`string` used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that updates to existing policies make use of the etag to avoid race conditions.

Returns
Type	Description
`Google\Cloud\Core\Iam\PolicyBuilder`

setVersion

Update the version of the policy.

Example:

$builder->setVersion(1);

Parameter
Name	Description
`version`	`int` Version of the Policy. Defaults to `0`.

Returns
Type	Description
`Google\Cloud\Core\Iam\PolicyBuilder`

result

Create a policy array with data in the correct format.

Example:

$policy = $builder->result();

Returns
Type	Description
`array`	An array of policy data