You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: website/docs/d/iam_policy.html.markdown
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -61,6 +61,12 @@ from another resource is the only way to apply an IAM policy to a resource.
61
61
62
62
The following arguments are supported:
63
63
64
+
*`audit_config` (Optional) - A nested configuration block that defines logging additional configuration for your project.
65
+
*`service` (Required) Defines a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
66
+
*`audit_log_configs` (Required) A nested block that defines the operations you'd like to log.
67
+
*`log_type` (Required) Defines the logging level. `DATA_READ`, `DATA_WRITE` and `ADMIN_READ` capture different types of events. See [the audit configuration documentation](https://cloud.google.com/resource-manager/reference/rest/Shared.Types/AuditConfig) for more details.
68
+
*`exempted_members` (Optional) Specifies the identities that are exempt from these types of logging operations. Follows the same format of the `members` array for `binding`.
69
+
64
70
*`binding` (Required) - A nested configuration block (described below)
65
71
defining a binding to be included in the policy document. Multiple
66
72
`binding` arguments are supported.
@@ -81,12 +87,6 @@ each accept the following arguments:
81
87
***group:{emailid}**: An email address that represents a Google group. For example, [email protected].
82
88
***domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
83
89
84
-
*`audit_config` (Optional) - A nested configuration block that defines logging additional configuration for your project.
85
-
*`service` (Required) Defines a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
86
-
*`audit_log_configs` (Required) A nested block that defines the operations you'd like to log.
87
-
*`log_type` (Required) Defines the logging level. `DATA_READ`, `DATA_WRITE` and `ADMIN_READ` capture different types of events. See [the audit configuration documentation](https://cloud.google.com/resource-manager/reference/rest/Shared.Types/AuditConfig) for more details.
88
-
*`exempted_members` (Optional) Specifies the identities that are exempt from these types of logging operations. Follows the same format of the `members` array for `binding`.
89
-
90
90
*`condition` - (Optional) An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. Structure is documented below.
0 commit comments