Package com.pulumi.gcp.iam.inputs

Class DenyPolicyRuleDenyRuleArgs.Builder

  • Enclosing class:
    DenyPolicyRuleDenyRuleArgs
    public static final class DenyPolicyRuleDenyRuleArgs.Builder
extends java.lang.Object

    • Method Detail

      • denialCondition

        public DenyPolicyRuleDenyRuleArgs.Builder denialCondition​(@Nullable
                                                          com.pulumi.core.Output<DenyPolicyRuleDenyRuleDenialConditionArgs> denialCondition)
        Parameters:
        denialCondition - User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. Structure is documented below.
        Returns:
        builder

      • denialCondition

        public DenyPolicyRuleDenyRuleArgs.Builder denialCondition​(DenyPolicyRuleDenyRuleDenialConditionArgs denialCondition)
        Parameters:
        denialCondition - User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. Structure is documented below.
        Returns:
        builder

      • deniedPermissions

        public DenyPolicyRuleDenyRuleArgs.Builder deniedPermissions​(@Nullable
                                                            com.pulumi.core.Output<java.util.List<java.lang.String>> deniedPermissions)
        Parameters:
        deniedPermissions - The permissions that are explicitly denied by this rule. Each permission uses the format `{service-fqdn}/{resource}.{verb}`, where `{service-fqdn}` is the fully qualified domain name for the service. For example, `iam.googleapis.com/roles.list`.
        Returns:
        builder

      • deniedPermissions

        public DenyPolicyRuleDenyRuleArgs.Builder deniedPermissions​(java.util.List<java.lang.String> deniedPermissions)
        Parameters:
        deniedPermissions - The permissions that are explicitly denied by this rule. Each permission uses the format `{service-fqdn}/{resource}.{verb}`, where `{service-fqdn}` is the fully qualified domain name for the service. For example, `iam.googleapis.com/roles.list`.
        Returns:
        builder

      • deniedPermissions

        public DenyPolicyRuleDenyRuleArgs.Builder deniedPermissions​(java.lang.String... deniedPermissions)
        Parameters:
        deniedPermissions - The permissions that are explicitly denied by this rule. Each permission uses the format `{service-fqdn}/{resource}.{verb}`, where `{service-fqdn}` is the fully qualified domain name for the service. For example, `iam.googleapis.com/roles.list`.
        Returns:
        builder

      • deniedPrincipals

        public DenyPolicyRuleDenyRuleArgs.Builder deniedPrincipals​(@Nullable
                                                           com.pulumi.core.Output<java.util.List<java.lang.String>> deniedPrincipals)
        Parameters:
        deniedPrincipals - The identities that are prevented from using one or more permissions on Google Cloud resources.
        Returns:
        builder

      • deniedPrincipals

        public DenyPolicyRuleDenyRuleArgs.Builder deniedPrincipals​(java.util.List<java.lang.String> deniedPrincipals)
        Parameters:
        deniedPrincipals - The identities that are prevented from using one or more permissions on Google Cloud resources.
        Returns:
        builder

      • deniedPrincipals

        public DenyPolicyRuleDenyRuleArgs.Builder deniedPrincipals​(java.lang.String... deniedPrincipals)
        Parameters:
        deniedPrincipals - The identities that are prevented from using one or more permissions on Google Cloud resources.
        Returns:
        builder

      • exceptionPermissions

        public DenyPolicyRuleDenyRuleArgs.Builder exceptionPermissions​(@Nullable
                                                               com.pulumi.core.Output<java.util.List<java.lang.String>> exceptionPermissions)
        Parameters:
        exceptionPermissions - Specifies the permissions that this rule excludes from the set of denied permissions given by deniedPermissions. If a permission appears in deniedPermissions and in exceptionPermissions then it will not be denied. The excluded permissions can be specified using the same syntax as deniedPermissions.
        Returns:
        builder

      • exceptionPermissions

        public DenyPolicyRuleDenyRuleArgs.Builder exceptionPermissions​(java.util.List<java.lang.String> exceptionPermissions)
        Parameters:
        exceptionPermissions - Specifies the permissions that this rule excludes from the set of denied permissions given by deniedPermissions. If a permission appears in deniedPermissions and in exceptionPermissions then it will not be denied. The excluded permissions can be specified using the same syntax as deniedPermissions.
        Returns:
        builder

      • exceptionPermissions

        public DenyPolicyRuleDenyRuleArgs.Builder exceptionPermissions​(java.lang.String... exceptionPermissions)
        Parameters:
        exceptionPermissions - Specifies the permissions that this rule excludes from the set of denied permissions given by deniedPermissions. If a permission appears in deniedPermissions and in exceptionPermissions then it will not be denied. The excluded permissions can be specified using the same syntax as deniedPermissions.
        Returns:
        builder

      • exceptionPrincipals

        public DenyPolicyRuleDenyRuleArgs.Builder exceptionPrincipals​(@Nullable
                                                              com.pulumi.core.Output<java.util.List<java.lang.String>> exceptionPrincipals)
        Parameters:
        exceptionPrincipals - The identities that are excluded from the deny rule, even if they are listed in the deniedPrincipals. For example, you could add a Google group to the deniedPrincipals, then exclude specific users who belong to that group.
        Returns:
        builder

      • exceptionPrincipals

        public DenyPolicyRuleDenyRuleArgs.Builder exceptionPrincipals​(java.util.List<java.lang.String> exceptionPrincipals)
        Parameters:
        exceptionPrincipals - The identities that are excluded from the deny rule, even if they are listed in the deniedPrincipals. For example, you could add a Google group to the deniedPrincipals, then exclude specific users who belong to that group.
        Returns:
        builder

      • exceptionPrincipals

        public DenyPolicyRuleDenyRuleArgs.Builder exceptionPrincipals​(java.lang.String... exceptionPrincipals)
        Parameters:
        exceptionPrincipals - The identities that are excluded from the deny rule, even if they are listed in the deniedPrincipals. For example, you could add a Google group to the deniedPrincipals, then exclude specific users who belong to that group.
        Returns:
        builder