You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
name: string, Required. The security settings to retrieve. Format: `groups/{group_id}/securitySettings` (required)
304
+
readMask: string, Field-level read mask of which fields to return. "*" returns all fields. If not specified, all fields will be returned. May only contain the following field: `member_restriction`.
305
+
x__xgafv: string, V1 error format.
306
+
Allowed values
307
+
1 - v1 error format
308
+
2 - v2 error format
309
+
310
+
Returns:
311
+
An object of the form:
312
+
313
+
{ # The definiion of security settings.
314
+
"memberRestriction": { # The definition of MemberRestriction # The Member Restriction value
315
+
"evaluation": { # The evaluated state of this restriction. # The evaluated state of this restriction on a group.
316
+
"state": "A String", # Output only. The current state of the restriction
317
+
},
318
+
"query": "A String", # Member Restriction as defined by CEL expression. Supported restrictions are: `member.customer_id` and `member.type`. Valid values for `member.type` are `1`, `2` and `3`. They correspond to USER, SERVICE_ACCOUNT, and GROUP respectively. The value for `member.customer_id` only supports `groupCustomerId()` currently which means the customer id of the group will be used for restriction. Supported operators are `&&`, `||` and `==`, corresponding to AND, OR, and EQUAL. Examples: Allow only service accounts of given customer to be members. `member.type == 2 && member.customer_id == groupCustomerId()` Allow only users or groups to be members. `member.type == 1 || member.type == 3`
319
+
},
320
+
"name": "A String", # Output only. The resource name of the security settings. Shall be of the form `groups/{group_id}/securitySettings`.
name: string, Output only. The resource name of the security settings. Shall be of the form `groups/{group_id}/securitySettings`. (required)
593
+
body: object, The request body.
594
+
The object takes the form of:
595
+
596
+
{ # The definiion of security settings.
597
+
"memberRestriction": { # The definition of MemberRestriction # The Member Restriction value
598
+
"evaluation": { # The evaluated state of this restriction. # The evaluated state of this restriction on a group.
599
+
"state": "A String", # Output only. The current state of the restriction
600
+
},
601
+
"query": "A String", # Member Restriction as defined by CEL expression. Supported restrictions are: `member.customer_id` and `member.type`. Valid values for `member.type` are `1`, `2` and `3`. They correspond to USER, SERVICE_ACCOUNT, and GROUP respectively. The value for `member.customer_id` only supports `groupCustomerId()` currently which means the customer id of the group will be used for restriction. Supported operators are `&&`, `||` and `==`, corresponding to AND, OR, and EQUAL. Examples: Allow only service accounts of given customer to be members. `member.type == 2 && member.customer_id == groupCustomerId()` Allow only users or groups to be members. `member.type == 1 || member.type == 3`
602
+
},
603
+
"name": "A String", # Output only. The resource name of the security settings. Shall be of the form `groups/{group_id}/securitySettings`.
604
+
}
605
+
606
+
updateMask: string, Required. The fully-qualified names of fields to update. May only contain the following field: `member_restriction.query`.
607
+
x__xgafv: string, V1 error format.
608
+
Allowed values
609
+
1 - v1 error format
610
+
2 - v2 error format
611
+
612
+
Returns:
613
+
An object of the form:
614
+
615
+
{ # This resource represents a long-running operation that is the result of a network API call.
616
+
"done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
617
+
"error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
618
+
"code": 42, # The status code, which should be an enum value of google.rpc.Code.
619
+
"details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
620
+
{
621
+
"a_key": "", # Properties of the object. Contains field @type with type URL.
622
+
},
623
+
],
624
+
"message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
625
+
},
626
+
"metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
627
+
"a_key": "", # Properties of the object. Contains field @type with type URL.
628
+
},
629
+
"name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
630
+
"response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
631
+
"a_key": "", # Properties of the object. Contains field @type with type URL.
Copy file name to clipboardExpand all lines: docs/dyn/cloudidentity_v1beta1.groups.memberships.html
+30Lines changed: 30 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -168,6 +168,11 @@ <h3>Method Details</h3>
168
168
"expireTime": "A String", # The time at which the `MembershipRole` will expire.
169
169
},
170
170
"name": "A String", # The name of the `MembershipRole`. Must be one of `OWNER`, `MANAGER`, `MEMBER`.
171
+
"restrictionEvaluations": { # Evaluations of restrictions applied to parent group on this membership. # Evaluations of restrictions applied to parent group on this membership.
172
+
"memberRestrictionEvaluation": { # The evaluated state of this restriction. # Evaluation of the member restriction applied to this membership. Empty if the user lacks permission to view the restriction evaluation.
173
+
"state": "A String", # Output only. The current state of the restriction
174
+
},
175
+
},
171
176
},
172
177
],
173
178
"type": "A String", # Output only. The type of the membership.
@@ -269,6 +274,11 @@ <h3>Method Details</h3>
269
274
"expireTime": "A String", # The time at which the `MembershipRole` will expire.
270
275
},
271
276
"name": "A String", # The name of the `MembershipRole`. Must be one of `OWNER`, `MANAGER`, `MEMBER`.
277
+
"restrictionEvaluations": { # Evaluations of restrictions applied to parent group on this membership. # Evaluations of restrictions applied to parent group on this membership.
278
+
"memberRestrictionEvaluation": { # The evaluated state of this restriction. # Evaluation of the member restriction applied to this membership. Empty if the user lacks permission to view the restriction evaluation.
279
+
"state": "A String", # Output only. The current state of the restriction
280
+
},
281
+
},
272
282
},
273
283
],
274
284
"type": "A String", # Output only. The type of the membership.
@@ -351,6 +361,11 @@ <h3>Method Details</h3>
351
361
"expireTime": "A String", # The time at which the `MembershipRole` will expire.
352
362
},
353
363
"name": "A String", # The name of the `MembershipRole`. Must be one of `OWNER`, `MANAGER`, `MEMBER`.
364
+
"restrictionEvaluations": { # Evaluations of restrictions applied to parent group on this membership. # Evaluations of restrictions applied to parent group on this membership.
365
+
"memberRestrictionEvaluation": { # The evaluated state of this restriction. # Evaluation of the member restriction applied to this membership. Empty if the user lacks permission to view the restriction evaluation.
366
+
"state": "A String", # Output only. The current state of the restriction
367
+
},
368
+
},
354
369
},
355
370
],
356
371
"type": "A String", # Output only. The type of the membership.
@@ -412,6 +427,11 @@ <h3>Method Details</h3>
412
427
"expireTime": "A String", # The time at which the `MembershipRole` will expire.
413
428
},
414
429
"name": "A String", # The name of the `MembershipRole`. Must be one of `OWNER`, `MANAGER`, `MEMBER`.
430
+
"restrictionEvaluations": { # Evaluations of restrictions applied to parent group on this membership. # Evaluations of restrictions applied to parent group on this membership.
431
+
"memberRestrictionEvaluation": { # The evaluated state of this restriction. # Evaluation of the member restriction applied to this membership. Empty if the user lacks permission to view the restriction evaluation.
432
+
"state": "A String", # Output only. The current state of the restriction
433
+
},
434
+
},
415
435
},
416
436
],
417
437
"removeRoles": [ # The `name`s of the `MembershipRole`s to be removed. Adding or removing roles in the same request as updating roles is not supported. It is not possible to remove the `MEMBER` `MembershipRole`. If you wish to delete a `Membership`, call MembershipsService.DeleteMembership instead. Must not contain `MEMBER`. Must not be set if `update_roles_params` is set.
@@ -425,6 +445,11 @@ <h3>Method Details</h3>
425
445
"expireTime": "A String", # The time at which the `MembershipRole` will expire.
426
446
},
427
447
"name": "A String", # The name of the `MembershipRole`. Must be one of `OWNER`, `MANAGER`, `MEMBER`.
448
+
"restrictionEvaluations": { # Evaluations of restrictions applied to parent group on this membership. # Evaluations of restrictions applied to parent group on this membership.
449
+
"memberRestrictionEvaluation": { # The evaluated state of this restriction. # Evaluation of the member restriction applied to this membership. Empty if the user lacks permission to view the restriction evaluation.
450
+
"state": "A String", # Output only. The current state of the restriction
451
+
},
452
+
},
428
453
},
429
454
},
430
455
],
@@ -456,6 +481,11 @@ <h3>Method Details</h3>
456
481
"expireTime": "A String", # The time at which the `MembershipRole` will expire.
457
482
},
458
483
"name": "A String", # The name of the `MembershipRole`. Must be one of `OWNER`, `MANAGER`, `MEMBER`.
484
+
"restrictionEvaluations": { # Evaluations of restrictions applied to parent group on this membership. # Evaluations of restrictions applied to parent group on this membership.
485
+
"memberRestrictionEvaluation": { # The evaluated state of this restriction. # Evaluation of the member restriction applied to this membership. Empty if the user lacks permission to view the restriction evaluation.
486
+
"state": "A String", # Output only. The current state of the restriction
487
+
},
488
+
},
459
489
},
460
490
],
461
491
"type": "A String", # Output only. The type of the membership.
0 commit comments