com.google.iam.v1

Class Policy.Builder

java.lang.Object

com.google.protobuf.AbstractMessageLite.Builder

com.google.protobuf.AbstractMessage.Builder<BuilderType>

com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

com.google.iam.v1.Policy.Builder

All Implemented Interfaces:

PolicyOrBuilder, com.google.protobuf.Message.Builder, com.google.protobuf.MessageLite.Builder, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, Cloneable

Enclosing class:

Policy

public static final class Policy.Builder
extends com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>
implements PolicyOrBuilder

 Defines an Identity and Access Management (IAM) policy. It is used to
 specify access control policies for Cloud Platform resources.
 A `Policy` is a collection of `bindings`. A `binding` binds one or more
 `members` to a single `role`. Members can be user accounts, service accounts,
 Google groups, and domains (such as G Suite). A `role` is a named list of
 permissions (defined by IAM or configured by users). A `binding` can
 optionally specify a `condition`, which is a logic expression that further
 constrains the role binding based on attributes about the request and/or
 target resource.
 **JSON Example**
     {
       "bindings": [
         {
           "role": "roles/resourcemanager.organizationAdmin",
           "members": [
             "user:mike@example.com",
             "group:admins@example.com",
             "domain:google.com",
             "serviceAccount:my-project-id@appspot.gserviceaccount.com"
           ]
         },
         {
           "role": "roles/resourcemanager.organizationViewer",
           "members": ["user:eve@example.com"],
           "condition": {
             "title": "expirable access",
             "description": "Does not grant access after Sep 2020",
             "expression": "request.time <
             timestamp('2020-10-01T00:00:00.000Z')",
           }
         }
       ]
     }
 **YAML Example**
     bindings:
     - members:
       - user:mike@example.com
       - group:admins@example.com
       - domain:google.com
       - serviceAccount:my-project-id@appspot.gserviceaccount.com
       role: roles/resourcemanager.organizationAdmin
     - members:
       - user:eve@example.com
       role: roles/resourcemanager.organizationViewer
       condition:
         title: expirable access
         description: Does not grant access after Sep 2020
         expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
 For a description of IAM and its features, see the
 [IAM developer's guide](https://cloud.google.com/iam/docs).
 

Protobuf type google.iam.v1.Policy

Method Summary

Modifier and Type	Method and Description
Policy.Builder	addAllBindings(Iterable<? extends Binding> values) Associates a list of `members` to a `role`.
Policy.Builder	addBindings(Binding.Builder builderForValue) Associates a list of `members` to a `role`.
Policy.Builder	addBindings(Binding value) Associates a list of `members` to a `role`.
Policy.Builder	addBindings(int index, Binding.Builder builderForValue) Associates a list of `members` to a `role`.
Policy.Builder	addBindings(int index, Binding value) Associates a list of `members` to a `role`.
Binding.Builder	addBindingsBuilder() Associates a list of `members` to a `role`.
Binding.Builder	addBindingsBuilder(int index) Associates a list of `members` to a `role`.
Policy.Builder	addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
Policy	build()
Policy	buildPartial()
Policy.Builder	clear()
Policy.Builder	clearBindings() Associates a list of `members` to a `role`.
Policy.Builder	clearEtag() `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.
Policy.Builder	clearField(com.google.protobuf.Descriptors.FieldDescriptor field)
Policy.Builder	clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)
Policy.Builder	clearVersion() Specifies the format of the policy.
Policy.Builder	clone()
Binding	getBindings(int index) Associates a list of `members` to a `role`.
Binding.Builder	getBindingsBuilder(int index) Associates a list of `members` to a `role`.
List<Binding.Builder>	getBindingsBuilderList() Associates a list of `members` to a `role`.
int	getBindingsCount() Associates a list of `members` to a `role`.
List<Binding>	getBindingsList() Associates a list of `members` to a `role`.
BindingOrBuilder	getBindingsOrBuilder(int index) Associates a list of `members` to a `role`.
List<? extends BindingOrBuilder>	getBindingsOrBuilderList() Associates a list of `members` to a `role`.
Policy	getDefaultInstanceForType()
static com.google.protobuf.Descriptors.Descriptor	getDescriptor()
com.google.protobuf.Descriptors.Descriptor	getDescriptorForType()
com.google.protobuf.ByteString	getEtag() `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.
int	getVersion() Specifies the format of the policy.
protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable	internalGetFieldAccessorTable()
boolean	isInitialized()
Policy.Builder	mergeFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
Policy.Builder	mergeFrom(com.google.protobuf.Message other)
Policy.Builder	mergeFrom(Policy other)
Policy.Builder	mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
Policy.Builder	removeBindings(int index) Associates a list of `members` to a `role`.
Policy.Builder	setBindings(int index, Binding.Builder builderForValue) Associates a list of `members` to a `role`.
Policy.Builder	setBindings(int index, Binding value) Associates a list of `members` to a `role`.
Policy.Builder	setEtag(com.google.protobuf.ByteString value) `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.
Policy.Builder	setField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
Policy.Builder	setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, int index, Object value)
Policy.Builder	setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
Policy.Builder	setVersion(int value) Specifies the format of the policy.

Methods inherited from class com.google.protobuf.GeneratedMessageV3.Builder

getAllFields, getField, getFieldBuilder, getOneofFieldDescriptor, getParentForChildren, getRepeatedField, getRepeatedFieldBuilder, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof, internalGetMapField, internalGetMutableMapField, isClean, markClean, newBuilderForField, onBuilt, onChanged, setUnknownFieldsProto3

Methods inherited from class com.google.protobuf.AbstractMessage.Builder

findInitializationErrors, getInitializationErrorString, internalMergeFrom, mergeDelimitedFrom, mergeDelimitedFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, newUninitializedMessageException, toString

Methods inherited from class com.google.protobuf.AbstractMessageLite.Builder

addAll, addAll, mergeFrom, newUninitializedMessageException

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface com.google.protobuf.MessageOrBuilder

findInitializationErrors, getAllFields, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

Methods inherited from interface com.google.protobuf.MessageLite.Builder

mergeFrom

Method Detail

getDescriptor

public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

internalGetFieldAccessorTable

protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()

Specified by:

internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

clear

public Policy.Builder clear()

Specified by:

clear in interface com.google.protobuf.Message.Builder

Specified by:

clear in interface com.google.protobuf.MessageLite.Builder

Overrides:

clear in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

getDescriptorForType

public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()

Specified by:

getDescriptorForType in interface com.google.protobuf.Message.Builder

Specified by:

getDescriptorForType in interface com.google.protobuf.MessageOrBuilder

Overrides:

getDescriptorForType in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

getDefaultInstanceForType

public Policy getDefaultInstanceForType()

Specified by:

getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder

Specified by:

getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder

build

public Policy build()

Specified by:

build in interface com.google.protobuf.Message.Builder

Specified by:

build in interface com.google.protobuf.MessageLite.Builder

buildPartial

public Policy buildPartial()

Specified by:

buildPartial in interface com.google.protobuf.Message.Builder

Specified by:

buildPartial in interface com.google.protobuf.MessageLite.Builder

clone

public Policy.Builder clone()

Specified by:

clone in interface com.google.protobuf.Message.Builder

Specified by:

clone in interface com.google.protobuf.MessageLite.Builder

Overrides:

clone in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

setField

public Policy.Builder setField(com.google.protobuf.Descriptors.FieldDescriptor field,
                               Object value)

Specified by:

setField in interface com.google.protobuf.Message.Builder

Overrides:

setField in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

clearField

public Policy.Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field)

Specified by:

clearField in interface com.google.protobuf.Message.Builder

Overrides:

clearField in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

clearOneof

public Policy.Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)

Specified by:

clearOneof in interface com.google.protobuf.Message.Builder

Overrides:

clearOneof in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

setRepeatedField

public Policy.Builder setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field,
                                       int index,
                                       Object value)

Specified by:

setRepeatedField in interface com.google.protobuf.Message.Builder

Overrides:

setRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

addRepeatedField

public Policy.Builder addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field,
                                       Object value)

Specified by:

addRepeatedField in interface com.google.protobuf.Message.Builder

Overrides:

addRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

mergeFrom

public Policy.Builder mergeFrom(com.google.protobuf.Message other)

Specified by:

mergeFrom in interface com.google.protobuf.Message.Builder

Overrides:

mergeFrom in class com.google.protobuf.AbstractMessage.Builder<Policy.Builder>

mergeFrom

public Policy.Builder mergeFrom(Policy other)

isInitialized

public final boolean isInitialized()

Specified by:

isInitialized in interface com.google.protobuf.MessageLiteOrBuilder

Overrides:

isInitialized in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

mergeFrom

public Policy.Builder mergeFrom(com.google.protobuf.CodedInputStream input,
                                com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                         throws IOException

Specified by:

mergeFrom in interface com.google.protobuf.Message.Builder

Specified by:

mergeFrom in interface com.google.protobuf.MessageLite.Builder

Overrides:

mergeFrom in class com.google.protobuf.AbstractMessage.Builder<Policy.Builder>

Throws:

IOException

getVersion

public int getVersion()

 Specifies the format of the policy.
 Valid values are 0, 1, and 3. Requests specifying an invalid value will be
 rejected.
 Operations affecting conditional bindings must specify version 3. This can
 be either setting a conditional policy, modifying a conditional binding,
 or removing a binding (conditional or unconditional) from the stored
 conditional policy.
 Operations on non-conditional policies may specify any valid value or
 leave the field unset.
 If no etag is provided in the call to `setIamPolicy`, version compliance
 checks against the stored policy is skipped.
 

int32 version = 1;

Specified by:

getVersion in interface PolicyOrBuilder

Returns:

The version.

setVersion

public Policy.Builder setVersion(int value)

 Specifies the format of the policy.
 Valid values are 0, 1, and 3. Requests specifying an invalid value will be
 rejected.
 Operations affecting conditional bindings must specify version 3. This can
 be either setting a conditional policy, modifying a conditional binding,
 or removing a binding (conditional or unconditional) from the stored
 conditional policy.
 Operations on non-conditional policies may specify any valid value or
 leave the field unset.
 If no etag is provided in the call to `setIamPolicy`, version compliance
 checks against the stored policy is skipped.
 

int32 version = 1;

Parameters:

value - The version to set.

Returns:

This builder for chaining.

clearVersion

public Policy.Builder clearVersion()

 Specifies the format of the policy.
 Valid values are 0, 1, and 3. Requests specifying an invalid value will be
 rejected.
 Operations affecting conditional bindings must specify version 3. This can
 be either setting a conditional policy, modifying a conditional binding,
 or removing a binding (conditional or unconditional) from the stored
 conditional policy.
 Operations on non-conditional policies may specify any valid value or
 leave the field unset.
 If no etag is provided in the call to `setIamPolicy`, version compliance
 checks against the stored policy is skipped.
 

int32 version = 1;

Returns:

This builder for chaining.

getBindingsList

public List<Binding> getBindingsList()

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

Specified by:

getBindingsList in interface PolicyOrBuilder

getBindingsCount

public int getBindingsCount()

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

Specified by:

getBindingsCount in interface PolicyOrBuilder

getBindings

public Binding getBindings(int index)

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

Specified by:

getBindings in interface PolicyOrBuilder

setBindings

public Policy.Builder setBindings(int index,
                                  Binding value)

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

setBindings

public Policy.Builder setBindings(int index,
                                  Binding.Builder builderForValue)

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

addBindings

public Policy.Builder addBindings(Binding value)

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

addBindings

public Policy.Builder addBindings(int index,
                                  Binding value)

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

addBindings

public Policy.Builder addBindings(Binding.Builder builderForValue)

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

addBindings

public Policy.Builder addBindings(int index,
                                  Binding.Builder builderForValue)

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

addAllBindings

public Policy.Builder addAllBindings(Iterable<? extends Binding> values)

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

clearBindings

public Policy.Builder clearBindings()

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

removeBindings

public Policy.Builder removeBindings(int index)

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

getBindingsBuilder

public Binding.Builder getBindingsBuilder(int index)

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

getBindingsOrBuilder

public BindingOrBuilder getBindingsOrBuilder(int index)

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

Specified by:

getBindingsOrBuilder in interface PolicyOrBuilder

getBindingsOrBuilderList

public List<? extends BindingOrBuilder> getBindingsOrBuilderList()

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

Specified by:

getBindingsOrBuilderList in interface PolicyOrBuilder

addBindingsBuilder

public Binding.Builder addBindingsBuilder()

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

addBindingsBuilder

public Binding.Builder addBindingsBuilder(int index)

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

getBindingsBuilderList

public List<Binding.Builder> getBindingsBuilderList()

 Associates a list of `members` to a `role`. Optionally may specify a
 `condition` that determines when binding is in effect.
 `bindings` with no members will result in an error.
 

repeated .google.iam.v1.Binding bindings = 4;

getEtag

public com.google.protobuf.ByteString getEtag()

 `etag` is used for optimistic concurrency control as a way to help
 prevent simultaneous updates of a policy from overwriting each other.
 It is strongly suggested that systems make use of the `etag` in the
 read-modify-write cycle to perform policy updates in order to avoid race
 conditions: An `etag` is returned in the response to `getIamPolicy`, and
 systems are expected to put that etag in the request to `setIamPolicy` to
 ensure that their change will be applied to the same version of the policy.
 If no `etag` is provided in the call to `setIamPolicy`, then the existing
 policy is overwritten. Due to blind-set semantics of an etag-less policy,
 'setIamPolicy' will not fail even if the incoming policy version does not
 meet the requirements for modifying the stored policy.
 

bytes etag = 3;

Specified by:

getEtag in interface PolicyOrBuilder

Returns:

The etag.

setEtag

public Policy.Builder setEtag(com.google.protobuf.ByteString value)

 `etag` is used for optimistic concurrency control as a way to help
 prevent simultaneous updates of a policy from overwriting each other.
 It is strongly suggested that systems make use of the `etag` in the
 read-modify-write cycle to perform policy updates in order to avoid race
 conditions: An `etag` is returned in the response to `getIamPolicy`, and
 systems are expected to put that etag in the request to `setIamPolicy` to
 ensure that their change will be applied to the same version of the policy.
 If no `etag` is provided in the call to `setIamPolicy`, then the existing
 policy is overwritten. Due to blind-set semantics of an etag-less policy,
 'setIamPolicy' will not fail even if the incoming policy version does not
 meet the requirements for modifying the stored policy.
 

bytes etag = 3;

Parameters:

value - The etag to set.

Returns:

This builder for chaining.

clearEtag

public Policy.Builder clearEtag()

 `etag` is used for optimistic concurrency control as a way to help
 prevent simultaneous updates of a policy from overwriting each other.
 It is strongly suggested that systems make use of the `etag` in the
 read-modify-write cycle to perform policy updates in order to avoid race
 conditions: An `etag` is returned in the response to `getIamPolicy`, and
 systems are expected to put that etag in the request to `setIamPolicy` to
 ensure that their change will be applied to the same version of the policy.
 If no `etag` is provided in the call to `setIamPolicy`, then the existing
 policy is overwritten. Due to blind-set semantics of an etag-less policy,
 'setIamPolicy' will not fail even if the incoming policy version does not
 meet the requirements for modifying the stored policy.
 

bytes etag = 3;

Returns:

This builder for chaining.

setUnknownFields

public final Policy.Builder setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)

Specified by:

setUnknownFields in interface com.google.protobuf.Message.Builder

Overrides:

setUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

mergeUnknownFields

public final Policy.Builder mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)

Specified by:

mergeUnknownFields in interface com.google.protobuf.Message.Builder

Overrides:

mergeUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>