Package com.pulumi.gcp.iam.inputs
Class DenyPolicyRuleDenyRuleArgs
- java.lang.Object
-
- com.pulumi.resources.InputArgs
-
- com.pulumi.resources.ResourceArgs
-
- com.pulumi.gcp.iam.inputs.DenyPolicyRuleDenyRuleArgs
-
public final class DenyPolicyRuleDenyRuleArgs extends com.pulumi.resources.ResourceArgs
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classDenyPolicyRuleDenyRuleArgs.Builder
-
Field Summary
Fields Modifier and Type Field Description static DenyPolicyRuleDenyRuleArgsEmpty
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static DenyPolicyRuleDenyRuleArgs.Builderbuilder()static DenyPolicyRuleDenyRuleArgs.Builderbuilder(DenyPolicyRuleDenyRuleArgs defaults)com.pulumi.core.Output<DenyPolicyRuleDenyRuleDenialConditionArgs>denialCondition()java.util.Optional<com.pulumi.core.Output<java.util.List<java.lang.String>>>deniedPermissions()java.util.Optional<com.pulumi.core.Output<java.util.List<java.lang.String>>>deniedPrincipals()java.util.Optional<com.pulumi.core.Output<java.util.List<java.lang.String>>>exceptionPermissions()java.util.Optional<com.pulumi.core.Output<java.util.List<java.lang.String>>>exceptionPrincipals()
-
-
-
Field Detail
-
Empty
public static final DenyPolicyRuleDenyRuleArgs Empty
-
-
Method Detail
-
denialCondition
public com.pulumi.core.Output<DenyPolicyRuleDenyRuleDenialConditionArgs> denialCondition()
- Returns:
- User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. Structure is documented below.
-
deniedPermissions
public java.util.Optional<com.pulumi.core.Output<java.util.List<java.lang.String>>> deniedPermissions()
- Returns:
- The permissions that are explicitly denied by this rule. Each permission uses the format `{service-fqdn}/{resource}.{verb}`, where `{service-fqdn}` is the fully qualified domain name for the service. For example, `iam.googleapis.com/roles.list`.
-
deniedPrincipals
public java.util.Optional<com.pulumi.core.Output<java.util.List<java.lang.String>>> deniedPrincipals()
- Returns:
- The identities that are prevented from using one or more permissions on Google Cloud resources.
-
exceptionPermissions
public java.util.Optional<com.pulumi.core.Output<java.util.List<java.lang.String>>> exceptionPermissions()
- Returns:
- Specifies the permissions that this rule excludes from the set of denied permissions given by deniedPermissions. If a permission appears in deniedPermissions and in exceptionPermissions then it will not be denied. The excluded permissions can be specified using the same syntax as deniedPermissions.
-
exceptionPrincipals
public java.util.Optional<com.pulumi.core.Output<java.util.List<java.lang.String>>> exceptionPrincipals()
- Returns:
- The identities that are excluded from the deny rule, even if they are listed in the deniedPrincipals. For example, you could add a Google group to the deniedPrincipals, then exclude specific users who belong to that group.
-
builder
public static DenyPolicyRuleDenyRuleArgs.Builder builder()
-
builder
public static DenyPolicyRuleDenyRuleArgs.Builder builder(DenyPolicyRuleDenyRuleArgs defaults)
-
-