Binding(mapping=None, *, ignore_unknown_fields=False, **kwargs)Associates members, or principals, with a role.
.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields
Attributes |
|
|---|---|
| Name | Description |
binding_id |
str
This field is a member of oneof_ _binding_id.
|
condition |
google.cloud.compute_v1beta.types.Expr
The condition that is associated with this binding. If the condition evaluates to true, then this binding
applies to the current request.
If the condition evaluates to false, then this binding
does not apply to the current request. However, a different
role binding might grant the same role to one or more of the
principals in this binding.
To learn which resources support conditions in their IAM
policies, see the `IAM
documentation |
members |
MutableSequence[str]
Specifies the principals requesting access for a Google Cloud resource. members can have the following values:
- allUsers: A special identifier that represents anyone
who is on the internet; with or without a Google account.
- allAuthenticatedUsers: A special identifier that
represents anyone who is authenticated with a Google
account or a service account. Does not include identities
that come from external identity providers (IdPs) through
identity federation.
- user:{emailid}: An email address that represents a
specific Google account. For example,
alice@example.com .
- serviceAccount:{emailid}: An email address that
represents a Google service account. For example,
my-other-app@appspot.gserviceaccount.com.
- serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]:
An identifier for a `Kubernetes service
account |
role |
str
Role that is assigned to the list of members, or
principals. For example, roles/viewer, roles/editor,
or roles/owner.
For an overview of the IAM roles and permissions, see the
`IAM
documentation |