Contains IAM resource information.
| JSON representation |
|---|
{ "policyType" : string , "policyName" : string , "policyRegion" : string , "resourceContainer" : string , "resource" : { object ( |
policyType
string
OPTIONAL: the resource's policy type. Valid values for policyType might be 'compute_instances', 'storage_buckets', 'resourcemanager_projects', etc.
policyName
string
OPTIONAL: the resource's policy name. Valid values for policyName might be '/myproject/myinstance', '/myproject/mybucket', '/myproject', etc.
policyRegion
string
OPTIONAL: the location of the policy.
resourceContainer
string
OPTIONAL: the resource container name. This can be in one of the following formats: - "projects/
resource
object (
Resource
)
OPTIONAL: The core attributes for a resource.
monitoredResource
object (
MonitoredResource
)
OPTIONAL: the cloud audit monitored resource.
permission
string
DO NOT USE, NOT IMPLEMENTED. OPTIONAL: the name of the IAM permission intended to be checked in the format: {service_name}/{plural}.{verb}.
- {service_name} references the service that owns the resource.
- {plural} references the
pluralfield of this resource. It must be lowerCamelCase.
Example: "library.googleapis.com/shelves.get"
Resource
This message defines core attributes for a resource. A resource is an addressable (named) entity provided by the destination service. For example, a file stored on a network storage service.
| JSON representation |
|---|
{ "service" : string , "name" : string , "type" : string , "labels" : { string : string , ... } , "uid" : string , "annotations" : { string : string , ... } , "displayName" : string , "createTime" : string , "updateTime" : string , "deleteTime" : string , "etag" : string , "location" : string } |
service
string
The name of the service that this resource belongs to, such as pubsub.googleapis.com
. The service may be different from the DNS hostname that actually serves the request.
name
string
The stable identifier (name) of a resource on the service
. A resource can be logically identified as "//{resource.service}/{resource.name}". The differences between a resource name and a URI are:
- Resource name is a logical identifier, independent of network protocol and API version. For example,
//pubsub.googleapis.com/projects/123/topics/news-feed. - URI often includes protocol and version information, so it can be used directly by applications. For example,
https://pubsub.googleapis.com/v1/projects/123/topics/news-feed.
See https://cloud.google.com/apis/design/resource_names for details.
type
string
The type of the resource. The syntax is platform-specific because different platforms define their resources differently.
For Google APIs, the type format must be "{service}/{kind}", such as "pubsub.googleapis.com/Topic".
labels
map (key: string, value: string)
The labels or tags on the resource, such as AWS resource tags and Kubernetes resource labels.
An object containing a list of "key": value
pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }
.
uid
string
The unique identifier of the resource. UID is unique in the time and space for this resource within the scope of the service. It is typically generated by the server on successful creation of a resource and must not be changed. UID is used to uniquely identify resources with resource name reuses. This should be a UUID4.
annotations
map (key: string, value: string)
Annotations is an unstructured key-value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
An object containing a list of "key": value
pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }
.
displayName
string
Mutable. The display name set by clients. Must be <= 63 characters.
createTime
string (
Timestamp
format)
Output only. The timestamp when the resource was created. This may be either the time creation was initiated or when it was completed.
A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z"
and "2014-10-02T15:01:23.045123456Z"
.
updateTime
string (
Timestamp
format)
Output only. The timestamp when the resource was last updated. Any change to the resource made by users must refresh this value. Changes to a resource made by the service should refresh this value.
A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z"
and "2014-10-02T15:01:23.045123456Z"
.
deleteTime
string (
Timestamp
format)
Output only. The timestamp when the resource was deleted. If the resource is not deleted, this must be empty.
A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z"
and "2014-10-02T15:01:23.045123456Z"
.
etag
string
Output only. An opaque value that uniquely identifies a version or generation of a resource. It can be used to confirm that the client and server agree on the ordering of a resource being written.
location
string
Immutable. The location of the resource. The location encoding is specific to the service provider, and new encoding may be introduced as the service evolves.
For Google Cloud products, the encoding is what is used by Google Cloud APIs, such as us-east1
, aws-us-east-1
, and azure-eastus2
. The semantics of location
is identical to the cloud.googleapis.com/location
label used by some Google Cloud APIs.
