Struct google_cloudkms1_beta1::api::Rule
source · pub struct Rule {
pub description: Option<String>,
pub conditions: Option<Vec<Condition>>,
pub log_config: Option<Vec<LogConfig>>,
pub in_: Option<Vec<String>>,
pub permissions: Option<Vec<String>>,
pub action: Option<String>,
pub not_in: Option<Vec<String>>,
}
Expand description
A rule to be applied in a Policy.
This type is not used in any activity, and only used as part of another schema.
Fields§
§description: Option<String>
Human-readable description of the rule.
conditions: Option<Vec<Condition>>
Additional restrictions that must be met
log_config: Option<Vec<LogConfig>>
The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
in_: Option<Vec<String>>
If one or more ‘in’ clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
permissions: Option<Vec<String>>
A permission is a string of form ‘
action: Option<String>
Required
not_in: Option<Vec<String>>
If one or more ‘not_in’ clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries. The format for in and not_in entries is the same as for members in a Binding (see google/iam/v1/policy.proto).