Google Cloud PHP shared dependency, providing functionality useful to all components. Client - Class PolicyBuilder (1.59.0)

Reference documentation and code samples for the Google Cloud PHP shared dependency, providing functionality useful to all components. Client class PolicyBuilder.

Helper class for creating valid IAM policies

Example:

 use Google\Cloud\Core\Iam\PolicyBuilder;

$builder = new PolicyBuilder();
$builder->addBinding('roles/admin', [ 'user:admin@domain.com' ]);
$result = $builder->result();

Namespace

Google \ Cloud \ Core \ Iam

Methods

__construct

See also:

Example: ``` $policy = [ 'etag' => 'AgIc==', 'version' => 3, 'bindings' => [ [ 'role' => 'roles/admin', 'members' => [ 'user:admin@domain.com', 'user2:admin@domain.com' ], 'condition' => [ 'title' => 'match-prefix', 'description' => 'Applies to objects matching a prefix', 'expression' => 'resource.name.startsWith("projects/_/buckets/bucket-name/objects/prefix-a-")' ] ] ], ];

$builder = new PolicyBuilder($policy); ```

Parameter
Name
Description
policy
array

A policy array

setBindings

Override all stored bindings on the policy.

Example:

 $builder->setBindings([
    [
        'role' => 'roles/admin',
        'members' => [
            'user:admin@domain.com'
        ],
        'condition' => [
            'expression' =>
                'request.time < timestamp("2020-07-01T00:00:00.000Z")'
        ]
    ]
]);
Parameter
Name
Description
bindings
array

[optional] An array of bindings

Returns
Type
Description
Google\Cloud\Core\Iam\PolicyBuilder

addBinding

Add a new binding to the policy.

This method will fail with an InvalidOpereationException if it is called on a Policy with a version greater than 1 as that indicates a more complicated policy than this method is prepared to handle. Changes to such policies must be made manually by the setBindings() method.

Example:

 $builder->addBinding('roles/admin', [ 'user:admin@domain.com' ]);
Parameters
Name
Description
role
string

A valid role for the service

members
array

An array of members to assign to the binding

Returns
Type
Description
Google\Cloud\Core\Iam\PolicyBuilder

removeBinding

Remove a binding from the policy.

This method will fail with a BadMethodCallException if it is called on a Policy with a version greater than 1 as that indicates a more complicated policy than this method is prepared to handle. Changes to such policies must be made manually by the setBindings() method.

Example:

 $builder->setBindings([
    [
        'role' => 'roles/admin',
        'members' => [
            'user:admin@domain.com',
            'user2:admin@domain.com'
        ]
    ]
]);
$builder->removeBinding('roles/admin', [ 'user:admin@domain.com' ]);
Parameters
Name
Description
role
string

A valid role for the service

members
array

An array of members to remove from the role

Returns
Type
Description
Google\Cloud\Core\Iam\PolicyBuilder

setEtag

Update the etag on the policy.

Example:

 $builder->setEtag($oldPolicy['etag']);
Parameter
Name
Description
etag
string

used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that updates to existing policies make use of the etag to avoid race conditions.

Returns
Type
Description
Google\Cloud\Core\Iam\PolicyBuilder

setVersion

Update the version of the policy.

Example:

 $builder->setVersion(1);
Parameter
Name
Description
version
int

Version of the Policy. Defaults to 0 .

Returns
Type
Description
Google\Cloud\Core\Iam\PolicyBuilder

result

Create a policy array with data in the correct format.

Example:

 $policy = $builder->result();
Returns
Type
Description
array
An array of policy data