Class: Google::Cloud::Bigtable::Policy

Inherits:
Object
  • Object
show all
Defined in:
lib/google/cloud/bigtable/policy.rb

Overview

Policy

Represents a Cloud IAM Policy for Bigtable resources.

A common pattern for updating a resource's metadata, such as its policy, is to read the current data from the service, update the data locally, and then write the modified data back to the resource. This pattern may result in a conflict if two or more processes attempt the sequence simultaneously. IAM solves this problem with the #etag property, which is used to verify whether the policy has changed since the last request. When you make a request with an etag value, Cloud IAM compares the etag value in the request with the existing etag value associated with the policy. It writes the policy only if the etag values match.

Examples:

require "google/cloud/bigtable"

bigtable = Google::Cloud::Bigtable.new
instance = bigtable.instance "my-instance"

policy = instance.policy
policy.remove("roles/owner", "user:[email protected]")
policy.add("roles/owner", "user:[email protected]")
policy.roles["roles/viewer"] = ["allUsers"]

See Also:

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(etag, roles = nil) ⇒ Policy

Creates a Policy instance.

Parameters:

  • etag (String)
  • roles (Array<String>) (defaults to: nil)


62
63
64
65
# File 'lib/google/cloud/bigtable/policy.rb', line 62

def initialize etag, roles = nil
  @etag = etag
  @roles = roles
end

Instance Attribute Details

#etagString

Used to check if the policy has changed since the last request. The policy will be written only if the etag values match.

Returns:

  • (String)

    the current value of etag



56
57
58
# File 'lib/google/cloud/bigtable/policy.rb', line 56

def etag
  @etag
end

#rolesHash{String => Array<String>}

The bindings that associate roles with an array of members. See Understanding Roles for a listing of primitive and curated roles.

Returns:

  • (Hash{String => Array<String>})

    the current value of roles



56
57
58
# File 'lib/google/cloud/bigtable/policy.rb', line 56

def roles
  @roles
end

Instance Method Details

#add(role_name, member) ⇒ Object

Convenience method for adding a member to a binding on this policy. See Understanding Roles for a list of primitive and curated roles. See Binding for a list of values and patterns for members.

Examples:

require "google/cloud/bigtable"

bigtable = Google::Cloud::Bigtable.new
instance = bigtable.instance "my-instance"

policy = instance.policy
policy.add("roles/owner", "user:[email protected]")

Parameters:

  • role_name (String)

    A Cloud IAM role, such as "roles/bigtable.admin".

  • member (String)

    A Cloud IAM identity, such as "user:[email protected]".



89
90
91
# File 'lib/google/cloud/bigtable/policy.rb', line 89

def add role_name, member
  role(role_name) << member
end

#remove(role_name, member) ⇒ Object

Convenience method for removing a member from a binding on this policy. See Understanding Roles for a list of primitive and curated roles.See Binding for a list of values and patterns for members.

Examples:

require "google/cloud/bigtable"

bigtable = Google::Cloud::Bigtable.new
instance = bigtable.instance "my-instance"

policy = instance.policy
policy.remove("roles/owner", "user:[email protected]")

Parameters:

  • role_name (String)

    A Cloud IAM role, such as "roles/Bigtable.admin".

  • member (String)

    A Cloud IAM identity, such as "user:[email protected]".



115
116
117
# File 'lib/google/cloud/bigtable/policy.rb', line 115

def remove role_name, member
  role(role_name).delete member
end

#role(role_name) ⇒ Array<String>

Convenience method returning the array of members bound to a role in this policy. Returns an empty array if no value is present for the role in #roles. See Understanding Roles for a list of primitive and curated roles. See Binding for a list of values and patterns for members.

Examples:

require "google/cloud/bigtable"

bigtable = Google::Cloud::Bigtable.new
instance = bigtable.instance "my-instance"

policy = instance.policy
policy.role("roles/viewer") << "user:[email protected]"

Returns:

  • (Array<String>)

    The members strings, or an empty array.



139
140
141
# File 'lib/google/cloud/bigtable/policy.rb', line 139

def role role_name
  roles[role_name] ||= []
end