Package com.google.auth.oauth2

Class CredentialAccessBoundary.AccessBoundaryRule.Builder

java.lang.Object

com.google.auth.oauth2.CredentialAccessBoundary.AccessBoundaryRule.Builder

Enclosing class:

CredentialAccessBoundary.AccessBoundaryRule

public static class CredentialAccessBoundary.AccessBoundaryRule.Builder
extends Object

Method Summary

Modifier and Type	Method	Description
CredentialAccessBoundary.AccessBoundaryRule.Builder	addAvailablePermission(String availablePermission)	Adds a permission that can be used on the resource.
CredentialAccessBoundary.AccessBoundaryRule	build()
CredentialAccessBoundary.AccessBoundaryRule.Builder	setAvailabilityCondition(CredentialAccessBoundary.AccessBoundaryRule.AvailabilityCondition availabilityCondition)	Sets the availability condition which is an IAM condition that defines constraints to apply to the token expressed in CEL format.
CredentialAccessBoundary.AccessBoundaryRule.Builder	setAvailablePermissions(List<String> availablePermissions)	Sets the list of permissions that can be used on the resource.
CredentialAccessBoundary.AccessBoundaryRule.Builder	setAvailableResource(String availableResource)	Sets the available resource, which is the full resource name of the GCP resource to allow access to.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

setAvailableResource

@CanIgnoreReturnValue
public CredentialAccessBoundary.AccessBoundaryRule.Builder setAvailableResource(String availableResource)

Sets the available resource, which is the full resource name of the GCP resource to allow access to.

For example: "//storage.googleapis.com/projects/_/buckets/example".

Parameters:

availableResource - the resource name to set

Returns:

this Builder object

setAvailablePermissions

@CanIgnoreReturnValue
public CredentialAccessBoundary.AccessBoundaryRule.Builder setAvailablePermissions(List<String> availablePermissions)

Sets the list of permissions that can be used on the resource. This should be a list of IAM roles prefixed by inRole.

For example: {"inRole:roles/storage.objectViewer"}.

Parameters:

availablePermissions - the collection of permissions to set, should not be null

Returns:

this Builder object

addAvailablePermission

public CredentialAccessBoundary.AccessBoundaryRule.Builder addAvailablePermission(String availablePermission)

Adds a permission that can be used on the resource. This should be an IAM role prefixed by inRole.

For example: "inRole:roles/storage.objectViewer".

Parameters:

availablePermission - a permission to add, should not be null

Returns:

this Builder object

setAvailabilityCondition

@CanIgnoreReturnValue
public CredentialAccessBoundary.AccessBoundaryRule.Builder setAvailabilityCondition(CredentialAccessBoundary.AccessBoundaryRule.AvailabilityCondition availabilityCondition)

Sets the availability condition which is an IAM condition that defines constraints to apply to the token expressed in CEL format.

Parameters:

availabilityCondition - the AvailabilityCondition to set

Returns:

this Builder object

build

public CredentialAccessBoundary.AccessBoundaryRule build()