1 /* 2 * Copyright 2020 Google LLC 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * https://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 // Generated by the protocol buffer compiler. DO NOT EDIT! 17 // source: google/iam/v1/policy.proto 18 19 package com.google.iam.v1; 20 21 public interface BindingOrBuilder 22 extends 23 // @@protoc_insertion_point(interface_extends:google.iam.v1.Binding) 24 com.google.protobuf.MessageOrBuilder { 25 26 /** 27 * 28 * 29 * <pre> 30 * Role that is assigned to the list of `members`, or principals. 31 * For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 32 * </pre> 33 * 34 * <code>string role = 1;</code> 35 * 36 * @return The role. 37 */ getRole()38 java.lang.String getRole(); 39 /** 40 * 41 * 42 * <pre> 43 * Role that is assigned to the list of `members`, or principals. 44 * For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 45 * </pre> 46 * 47 * <code>string role = 1;</code> 48 * 49 * @return The bytes for role. 50 */ getRoleBytes()51 com.google.protobuf.ByteString getRoleBytes(); 52 53 /** 54 * 55 * 56 * <pre> 57 * Specifies the principals requesting access for a Cloud Platform resource. 58 * `members` can have the following values: 59 * * `allUsers`: A special identifier that represents anyone who is 60 * on the internet; with or without a Google account. 61 * * `allAuthenticatedUsers`: A special identifier that represents anyone 62 * who is authenticated with a Google account or a service account. 63 * * `user:{emailid}`: An email address that represents a specific Google 64 * account. For example, `alice@example.com` . 65 * * `serviceAccount:{emailid}`: An email address that represents a service 66 * account. For example, `my-other-app@appspot.gserviceaccount.com`. 67 * * `group:{emailid}`: An email address that represents a Google group. 68 * For example, `admins@example.com`. 69 * * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique 70 * identifier) representing a user that has been recently deleted. For 71 * example, `alice@example.com?uid=123456789012345678901`. If the user is 72 * recovered, this value reverts to `user:{emailid}` and the recovered user 73 * retains the role in the binding. 74 * * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus 75 * unique identifier) representing a service account that has been recently 76 * deleted. For example, 77 * `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. 78 * If the service account is undeleted, this value reverts to 79 * `serviceAccount:{emailid}` and the undeleted service account retains the 80 * role in the binding. 81 * * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique 82 * identifier) representing a Google group that has been recently 83 * deleted. For example, `admins@example.com?uid=123456789012345678901`. If 84 * the group is recovered, this value reverts to `group:{emailid}` and the 85 * recovered group retains the role in the binding. 86 * * `domain:{domain}`: The G Suite domain (primary) that represents all the 87 * users of that domain. For example, `google.com` or `example.com`. 88 * </pre> 89 * 90 * <code>repeated string members = 2;</code> 91 * 92 * @return A list containing the members. 93 */ getMembersList()94 java.util.List<java.lang.String> getMembersList(); 95 /** 96 * 97 * 98 * <pre> 99 * Specifies the principals requesting access for a Cloud Platform resource. 100 * `members` can have the following values: 101 * * `allUsers`: A special identifier that represents anyone who is 102 * on the internet; with or without a Google account. 103 * * `allAuthenticatedUsers`: A special identifier that represents anyone 104 * who is authenticated with a Google account or a service account. 105 * * `user:{emailid}`: An email address that represents a specific Google 106 * account. For example, `alice@example.com` . 107 * * `serviceAccount:{emailid}`: An email address that represents a service 108 * account. For example, `my-other-app@appspot.gserviceaccount.com`. 109 * * `group:{emailid}`: An email address that represents a Google group. 110 * For example, `admins@example.com`. 111 * * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique 112 * identifier) representing a user that has been recently deleted. For 113 * example, `alice@example.com?uid=123456789012345678901`. If the user is 114 * recovered, this value reverts to `user:{emailid}` and the recovered user 115 * retains the role in the binding. 116 * * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus 117 * unique identifier) representing a service account that has been recently 118 * deleted. For example, 119 * `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. 120 * If the service account is undeleted, this value reverts to 121 * `serviceAccount:{emailid}` and the undeleted service account retains the 122 * role in the binding. 123 * * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique 124 * identifier) representing a Google group that has been recently 125 * deleted. For example, `admins@example.com?uid=123456789012345678901`. If 126 * the group is recovered, this value reverts to `group:{emailid}` and the 127 * recovered group retains the role in the binding. 128 * * `domain:{domain}`: The G Suite domain (primary) that represents all the 129 * users of that domain. For example, `google.com` or `example.com`. 130 * </pre> 131 * 132 * <code>repeated string members = 2;</code> 133 * 134 * @return The count of members. 135 */ getMembersCount()136 int getMembersCount(); 137 /** 138 * 139 * 140 * <pre> 141 * Specifies the principals requesting access for a Cloud Platform resource. 142 * `members` can have the following values: 143 * * `allUsers`: A special identifier that represents anyone who is 144 * on the internet; with or without a Google account. 145 * * `allAuthenticatedUsers`: A special identifier that represents anyone 146 * who is authenticated with a Google account or a service account. 147 * * `user:{emailid}`: An email address that represents a specific Google 148 * account. For example, `alice@example.com` . 149 * * `serviceAccount:{emailid}`: An email address that represents a service 150 * account. For example, `my-other-app@appspot.gserviceaccount.com`. 151 * * `group:{emailid}`: An email address that represents a Google group. 152 * For example, `admins@example.com`. 153 * * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique 154 * identifier) representing a user that has been recently deleted. For 155 * example, `alice@example.com?uid=123456789012345678901`. If the user is 156 * recovered, this value reverts to `user:{emailid}` and the recovered user 157 * retains the role in the binding. 158 * * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus 159 * unique identifier) representing a service account that has been recently 160 * deleted. For example, 161 * `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. 162 * If the service account is undeleted, this value reverts to 163 * `serviceAccount:{emailid}` and the undeleted service account retains the 164 * role in the binding. 165 * * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique 166 * identifier) representing a Google group that has been recently 167 * deleted. For example, `admins@example.com?uid=123456789012345678901`. If 168 * the group is recovered, this value reverts to `group:{emailid}` and the 169 * recovered group retains the role in the binding. 170 * * `domain:{domain}`: The G Suite domain (primary) that represents all the 171 * users of that domain. For example, `google.com` or `example.com`. 172 * </pre> 173 * 174 * <code>repeated string members = 2;</code> 175 * 176 * @param index The index of the element to return. 177 * @return The members at the given index. 178 */ getMembers(int index)179 java.lang.String getMembers(int index); 180 /** 181 * 182 * 183 * <pre> 184 * Specifies the principals requesting access for a Cloud Platform resource. 185 * `members` can have the following values: 186 * * `allUsers`: A special identifier that represents anyone who is 187 * on the internet; with or without a Google account. 188 * * `allAuthenticatedUsers`: A special identifier that represents anyone 189 * who is authenticated with a Google account or a service account. 190 * * `user:{emailid}`: An email address that represents a specific Google 191 * account. For example, `alice@example.com` . 192 * * `serviceAccount:{emailid}`: An email address that represents a service 193 * account. For example, `my-other-app@appspot.gserviceaccount.com`. 194 * * `group:{emailid}`: An email address that represents a Google group. 195 * For example, `admins@example.com`. 196 * * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique 197 * identifier) representing a user that has been recently deleted. For 198 * example, `alice@example.com?uid=123456789012345678901`. If the user is 199 * recovered, this value reverts to `user:{emailid}` and the recovered user 200 * retains the role in the binding. 201 * * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus 202 * unique identifier) representing a service account that has been recently 203 * deleted. For example, 204 * `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. 205 * If the service account is undeleted, this value reverts to 206 * `serviceAccount:{emailid}` and the undeleted service account retains the 207 * role in the binding. 208 * * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique 209 * identifier) representing a Google group that has been recently 210 * deleted. For example, `admins@example.com?uid=123456789012345678901`. If 211 * the group is recovered, this value reverts to `group:{emailid}` and the 212 * recovered group retains the role in the binding. 213 * * `domain:{domain}`: The G Suite domain (primary) that represents all the 214 * users of that domain. For example, `google.com` or `example.com`. 215 * </pre> 216 * 217 * <code>repeated string members = 2;</code> 218 * 219 * @param index The index of the value to return. 220 * @return The bytes of the members at the given index. 221 */ getMembersBytes(int index)222 com.google.protobuf.ByteString getMembersBytes(int index); 223 224 /** 225 * 226 * 227 * <pre> 228 * The condition that is associated with this binding. 229 * If the condition evaluates to `true`, then this binding applies to the 230 * current request. 231 * If the condition evaluates to `false`, then this binding does not apply to 232 * the current request. However, a different role binding might grant the same 233 * role to one or more of the principals in this binding. 234 * To learn which resources support conditions in their IAM policies, see the 235 * [IAM 236 * documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 237 * </pre> 238 * 239 * <code>.google.type.Expr condition = 3;</code> 240 * 241 * @return Whether the condition field is set. 242 */ hasCondition()243 boolean hasCondition(); 244 /** 245 * 246 * 247 * <pre> 248 * The condition that is associated with this binding. 249 * If the condition evaluates to `true`, then this binding applies to the 250 * current request. 251 * If the condition evaluates to `false`, then this binding does not apply to 252 * the current request. However, a different role binding might grant the same 253 * role to one or more of the principals in this binding. 254 * To learn which resources support conditions in their IAM policies, see the 255 * [IAM 256 * documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 257 * </pre> 258 * 259 * <code>.google.type.Expr condition = 3;</code> 260 * 261 * @return The condition. 262 */ getCondition()263 com.google.type.Expr getCondition(); 264 /** 265 * 266 * 267 * <pre> 268 * The condition that is associated with this binding. 269 * If the condition evaluates to `true`, then this binding applies to the 270 * current request. 271 * If the condition evaluates to `false`, then this binding does not apply to 272 * the current request. However, a different role binding might grant the same 273 * role to one or more of the principals in this binding. 274 * To learn which resources support conditions in their IAM policies, see the 275 * [IAM 276 * documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 277 * </pre> 278 * 279 * <code>.google.type.Expr condition = 3;</code> 280 */ getConditionOrBuilder()281 com.google.type.ExprOrBuilder getConditionOrBuilder(); 282 } 283