Binding(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Associates members
, or principals, with a role
.
.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields
Attributes |
|
---|---|
Name | Description |
binding_id |
str
This field is a member of oneof _ _binding_id .
|
condition |
google.cloud.compute_v1.types.Expr
The condition that is associated with this binding. If the condition evaluates to true , then this binding applies
to the current request. If the condition evaluates to
false , then this binding does not apply to the current
request. However, a different role binding might grant the
same role to one or more of the principals in this binding.
To learn which resources support conditions in their IAM
policies, see the `IAM
documentation |
members |
MutableSequence[str]
Specifies the principals requesting access for a Google Cloud resource. members can have the following values:
\* allUsers : A special identifier that represents anyone
who is on the internet; with or without a Google account. \*
allAuthenticatedUsers : A special identifier that
represents anyone who is authenticated with a Google account
or a service account. Does not include identities that come
from external identity providers (IdPs) through identity
federation. \* user:{emailid} : An email address that
represents a specific Google account. For example,
alice@example.com . \* serviceAccount:{emailid} : An
email address that represents a Google service account. For
example, my-other-app@appspot.gserviceaccount.com . \*
serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}] :
An identifier for a `Kubernetes service
account |
role |
str
Role that is assigned to the list of members , or
principals. For example, roles/viewer , roles/editor ,
or roles/owner . For an overview of the IAM roles and
permissions, see the `IAM
documentation |