Package-level declarations
Types
Builder for GetInboundSamlConfigPlainArgs.
Builder for GetOauthIdpConfigPlainArgs.
Builder for GetTenantIamPolicyPlainArgs.
Builder for GetTenantPlainArgs.
Defines a policy of allowing every region by default and adding disallowed regions to a disallow list.
Defines a policy of only allowing regions by explicitly adding them to an allowlist.
Additional config for SignInWithApple.
Options related to how clients making requests on behalf of a tenant should be configured.
Configuration related to restricting a user's ability to affect their account.
Additional config for Apple for code flow.
Custom strength options to enforce on user passwords.
Configuration for settings related to email privacy and public visibility. Settings in this config protect against email enumeration, but may make some trade-offs in user-friendliness.
The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.
The SAML IdP (Identity Provider) configuration when the project acts as the relying party.
Settings that the tenants will inherit from project level.
Configuration related to monitoring project activity.
Options related to MultiFactor Authentication for the project.
The response type to request for in the OAuth authorization flow. You can set either id_token
or code
to true, but not both. Setting both types to be simultaneously true ({code: true, id_token: true}
) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow.
The configuration for the password policy on the project.
The strength attributes for the password policy on the project.
ProviderConfig describes the supported MFA providers along with their configurations.
The reCAPTCHA Enterprise integration config.
The config for a reCAPTCHA managed rule. Models a single interval start_score, end_score. The start_score is implicit. It is either the closest smaller end_score (if one is available) or 0. Intervals in aggregate span 0, 1 without overlapping.
Configuration for logging requests made to this project to Stackdriver Logging
Configures the regions where users are allowed to send verification SMS for the project or tenant. This is based on the calling code of the destination phone number.
The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.
TotpMFAProviderConfig represents the TOTP based MFA provider.
Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both allServices
and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": "user:jose@example.com" }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": "user:aliya@example.com" } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com
from DATA_READ logging, and aliya@example.com
from DATA_WRITE logging.
Builder for GoogleIamV1AuditConfigArgs.
Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": "user:jose@example.com" }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
Builder for GoogleIamV1AuditLogConfigArgs.
Associates members
, or principals, with a role
.
Builder for GoogleIamV1BindingArgs.
Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
Builder for GoogleTypeExprArgs.