Variables
AccessState_name, AccessState_value
var (
AccessState_name = map[int32]string{
0: "ACCESS_STATE_UNSPECIFIED",
1: "GRANTED",
2: "NOT_GRANTED",
3: "UNKNOWN_CONDITIONAL",
4: "UNKNOWN_INFO_DENIED",
}
AccessState_value = map[string]int32{
"ACCESS_STATE_UNSPECIFIED": 0,
"GRANTED": 1,
"NOT_GRANTED": 2,
"UNKNOWN_CONDITIONAL": 3,
"UNKNOWN_INFO_DENIED": 4,
}
)Enum value maps for AccessState.
HeuristicRelevance_name, HeuristicRelevance_value
var (
HeuristicRelevance_name = map[int32]string{
0: "HEURISTIC_RELEVANCE_UNSPECIFIED",
1: "NORMAL",
2: "HIGH",
}
HeuristicRelevance_value = map[string]int32{
"HEURISTIC_RELEVANCE_UNSPECIFIED": 0,
"NORMAL": 1,
"HIGH": 2,
}
)Enum value maps for HeuristicRelevance.
BindingExplanation_RolePermission_name, BindingExplanation_RolePermission_value
var (
BindingExplanation_RolePermission_name = map[int32]string{
0: "ROLE_PERMISSION_UNSPECIFIED",
1: "ROLE_PERMISSION_INCLUDED",
2: "ROLE_PERMISSION_NOT_INCLUDED",
3: "ROLE_PERMISSION_UNKNOWN_INFO_DENIED",
}
BindingExplanation_RolePermission_value = map[string]int32{
"ROLE_PERMISSION_UNSPECIFIED": 0,
"ROLE_PERMISSION_INCLUDED": 1,
"ROLE_PERMISSION_NOT_INCLUDED": 2,
"ROLE_PERMISSION_UNKNOWN_INFO_DENIED": 3,
}
)Enum value maps for BindingExplanation_RolePermission.
BindingExplanation_Membership_name, BindingExplanation_Membership_value
var (
BindingExplanation_Membership_name = map[int32]string{
0: "MEMBERSHIP_UNSPECIFIED",
1: "MEMBERSHIP_INCLUDED",
2: "MEMBERSHIP_NOT_INCLUDED",
3: "MEMBERSHIP_UNKNOWN_INFO_DENIED",
4: "MEMBERSHIP_UNKNOWN_UNSUPPORTED",
}
BindingExplanation_Membership_value = map[string]int32{
"MEMBERSHIP_UNSPECIFIED": 0,
"MEMBERSHIP_INCLUDED": 1,
"MEMBERSHIP_NOT_INCLUDED": 2,
"MEMBERSHIP_UNKNOWN_INFO_DENIED": 3,
"MEMBERSHIP_UNKNOWN_UNSUPPORTED": 4,
}
)Enum value maps for BindingExplanation_Membership.
PreviewState_name, PreviewState_value
var (
PreviewState_name = map[int32]string{
0: "PREVIEW_STATE_UNSPECIFIED",
1: "PREVIEW_PENDING",
2: "PREVIEW_RUNNING",
3: "PREVIEW_SUCCEEDED",
4: "PREVIEW_FAILED",
}
PreviewState_value = map[string]int32{
"PREVIEW_STATE_UNSPECIFIED": 0,
"PREVIEW_PENDING": 1,
"PREVIEW_RUNNING": 2,
"PREVIEW_SUCCEEDED": 3,
"PREVIEW_FAILED": 4,
}
)Enum value maps for PreviewState.
Replay_State_name, Replay_State_value
var (
Replay_State_name = map[int32]string{
0: "STATE_UNSPECIFIED",
1: "PENDING",
2: "RUNNING",
3: "SUCCEEDED",
4: "FAILED",
}
Replay_State_value = map[string]int32{
"STATE_UNSPECIFIED": 0,
"PENDING": 1,
"RUNNING": 2,
"SUCCEEDED": 3,
"FAILED": 4,
}
)Enum value maps for Replay_State.
ReplayConfig_LogSource_name, ReplayConfig_LogSource_value
var (
ReplayConfig_LogSource_name = map[int32]string{
0: "LOG_SOURCE_UNSPECIFIED",
1: "RECENT_ACCESSES",
}
ReplayConfig_LogSource_value = map[string]int32{
"LOG_SOURCE_UNSPECIFIED": 0,
"RECENT_ACCESSES": 1,
}
)Enum value maps for ReplayConfig_LogSource.
AccessStateDiff_AccessChangeType_name, AccessStateDiff_AccessChangeType_value
var (
AccessStateDiff_AccessChangeType_name = map[int32]string{
0: "ACCESS_CHANGE_TYPE_UNSPECIFIED",
1: "NO_CHANGE",
2: "UNKNOWN_CHANGE",
3: "ACCESS_REVOKED",
4: "ACCESS_GAINED",
5: "ACCESS_MAYBE_REVOKED",
6: "ACCESS_MAYBE_GAINED",
}
AccessStateDiff_AccessChangeType_value = map[string]int32{
"ACCESS_CHANGE_TYPE_UNSPECIFIED": 0,
"NO_CHANGE": 1,
"UNKNOWN_CHANGE": 2,
"ACCESS_REVOKED": 3,
"ACCESS_GAINED": 4,
"ACCESS_MAYBE_REVOKED": 5,
"ACCESS_MAYBE_GAINED": 6,
}
)Enum value maps for AccessStateDiff_AccessChangeType.
File_google_cloud_policysimulator_v1_explanations_proto
var File_google_cloud_policysimulator_v1_explanations_proto protoreflect.FileDescriptorFile_google_cloud_policysimulator_v1_orgpolicy_proto
var File_google_cloud_policysimulator_v1_orgpolicy_proto protoreflect.FileDescriptorFile_google_cloud_policysimulator_v1_simulator_proto
var File_google_cloud_policysimulator_v1_simulator_proto protoreflect.FileDescriptorFunctions
func RegisterOrgPolicyViolationsPreviewServiceServer
func RegisterOrgPolicyViolationsPreviewServiceServer(s *grpc.Server, srv OrgPolicyViolationsPreviewServiceServer)func RegisterSimulatorServer
func RegisterSimulatorServer(s *grpc.Server, srv SimulatorServer)AccessState
type AccessState int32Whether a principal has a permission for a resource.
AccessState_ACCESS_STATE_UNSPECIFIED, AccessState_GRANTED, AccessState_NOT_GRANTED, AccessState_UNKNOWN_CONDITIONAL, AccessState_UNKNOWN_INFO_DENIED
const (
// Default value. This value is unused.
AccessState_ACCESS_STATE_UNSPECIFIED AccessState = 0
// The principal has the permission.
AccessState_GRANTED AccessState = 1
// The principal does not have the permission.
AccessState_NOT_GRANTED AccessState = 2
// The principal has the permission only if a condition expression evaluates
// to `true`.
AccessState_UNKNOWN_CONDITIONAL AccessState = 3
// The user who created the
// [Replay][google.cloud.policysimulator.v1.Replay] does not have
// access to all of the policies that Policy Simulator needs to evaluate.
AccessState_UNKNOWN_INFO_DENIED AccessState = 4
)func (AccessState) Descriptor
func (AccessState) Descriptor() protoreflect.EnumDescriptorfunc (AccessState) Enum
func (x AccessState) Enum() *AccessStatefunc (AccessState) EnumDescriptor
func (AccessState) EnumDescriptor() ([]byte, []int)Deprecated: Use AccessState.Descriptor instead.
func (AccessState) Number
func (x AccessState) Number() protoreflect.EnumNumberfunc (AccessState) String
func (x AccessState) String() stringfunc (AccessState) Type
func (AccessState) Type() protoreflect.EnumTypeAccessStateDiff
type AccessStateDiff struct {
// The results of evaluating the access tuple under the current (baseline)
// policies.
//
// If the [AccessState][google.cloud.policysimulator.v1.AccessState] couldn't
// be fully evaluated, this field explains why.
Baseline *ExplainedAccess `protobuf:"bytes,1,opt,name=baseline,proto3" json:"baseline,omitempty"`
// The results of evaluating the access tuple under the proposed (simulated)
// policies.
//
// If the AccessState couldn't be fully evaluated, this field explains why.
Simulated *ExplainedAccess `protobuf:"bytes,2,opt,name=simulated,proto3" json:"simulated,omitempty"`
// How the principal's access, specified in the AccessState field, changed
// between the current (baseline) policies and proposed (simulated) policies.
AccessChange AccessStateDiff_AccessChangeType `protobuf:"varint,3,opt,name=access_change,json=accessChange,proto3,enum=google.cloud.policysimulator.v1.AccessStateDiff_AccessChangeType" json:"access_change,omitempty"`
// contains filtered or unexported fields
}A summary and comparison of the principal's access under the current (baseline) policies and the proposed (simulated) policies for a single access tuple.
func (*AccessStateDiff) Descriptor
func (*AccessStateDiff) Descriptor() ([]byte, []int)Deprecated: Use AccessStateDiff.ProtoReflect.Descriptor instead.
func (*AccessStateDiff) GetAccessChange
func (x *AccessStateDiff) GetAccessChange() AccessStateDiff_AccessChangeTypefunc (*AccessStateDiff) GetBaseline
func (x *AccessStateDiff) GetBaseline() *ExplainedAccessfunc (*AccessStateDiff) GetSimulated
func (x *AccessStateDiff) GetSimulated() *ExplainedAccessfunc (*AccessStateDiff) ProtoMessage
func (*AccessStateDiff) ProtoMessage()func (*AccessStateDiff) ProtoReflect
func (x *AccessStateDiff) ProtoReflect() protoreflect.Messagefunc (*AccessStateDiff) Reset
func (x *AccessStateDiff) Reset()func (*AccessStateDiff) String
func (x *AccessStateDiff) String() stringAccessStateDiff_AccessChangeType
type AccessStateDiff_AccessChangeType int32How the principal's access, specified in the AccessState field, changed between the current (baseline) policies and proposed (simulated) policies.
AccessStateDiff_ACCESS_CHANGE_TYPE_UNSPECIFIED, AccessStateDiff_NO_CHANGE, AccessStateDiff_UNKNOWN_CHANGE, AccessStateDiff_ACCESS_REVOKED, AccessStateDiff_ACCESS_GAINED, AccessStateDiff_ACCESS_MAYBE_REVOKED, AccessStateDiff_ACCESS_MAYBE_GAINED
const (
// Default value. This value is unused.
AccessStateDiff_ACCESS_CHANGE_TYPE_UNSPECIFIED AccessStateDiff_AccessChangeType = 0
// The principal's access did not change.
// This includes the case where both baseline and simulated are UNKNOWN,
// but the unknown information is equivalent.
AccessStateDiff_NO_CHANGE AccessStateDiff_AccessChangeType = 1
// The principal's access under both the current policies and the proposed
// policies is `UNKNOWN`, but the unknown information differs between them.
AccessStateDiff_UNKNOWN_CHANGE AccessStateDiff_AccessChangeType = 2
// The principal had access under the current policies (`GRANTED`), but will
// no longer have access after the proposed changes (`NOT_GRANTED`).
AccessStateDiff_ACCESS_REVOKED AccessStateDiff_AccessChangeType = 3
// The principal did not have access under the current policies
// (`NOT_GRANTED`), but will have access after the proposed changes
// (`GRANTED`).
AccessStateDiff_ACCESS_GAINED AccessStateDiff_AccessChangeType = 4
// This result can occur for the following reasons:
//
// - The principal had access under the current policies (`GRANTED`), but
// their access after the proposed changes is `UNKNOWN`.
//
// * The principal's access under the current policies is `UNKNOWN`, but
// they
//
// will not have access after the proposed changes (`NOT_GRANTED`).
AccessStateDiff_ACCESS_MAYBE_REVOKED AccessStateDiff_AccessChangeType = 5
// This result can occur for the following reasons:
//
// - The principal did not have access under the current policies
// (`NOT_GRANTED`), but their access after the proposed changes is
// `UNKNOWN`.
//
// * The principal's access under the current policies is `UNKNOWN`, but
// they will have access after the proposed changes (`GRANTED`).
AccessStateDiff_ACCESS_MAYBE_GAINED AccessStateDiff_AccessChangeType = 6
)func (AccessStateDiff_AccessChangeType) Descriptor
func (AccessStateDiff_AccessChangeType) Descriptor() protoreflect.EnumDescriptorfunc (AccessStateDiff_AccessChangeType) Enum
func (x AccessStateDiff_AccessChangeType) Enum() *AccessStateDiff_AccessChangeTypefunc (AccessStateDiff_AccessChangeType) EnumDescriptor
func (AccessStateDiff_AccessChangeType) EnumDescriptor() ([]byte, []int)Deprecated: Use AccessStateDiff_AccessChangeType.Descriptor instead.
func (AccessStateDiff_AccessChangeType) Number
func (x AccessStateDiff_AccessChangeType) Number() protoreflect.EnumNumberfunc (AccessStateDiff_AccessChangeType) String
func (x AccessStateDiff_AccessChangeType) String() stringfunc (AccessStateDiff_AccessChangeType) Type
func (AccessStateDiff_AccessChangeType) Type() protoreflect.EnumTypeAccessTuple
type AccessTuple struct {
// Required. The principal whose access you want to check, in the form of
// the email address that represents that principal. For example,
// `alice@example.com` or
// `my-service-account@my-project.iam.gserviceaccount.com`.
//
// The principal must be a Google Account or a service account. Other types of
// principals are not supported.
Principal string `protobuf:"bytes,1,opt,name=principal,proto3" json:"principal,omitempty"`
// Required. The full resource name that identifies the resource. For example,
// `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
//
// For examples of full resource names for Google Cloud services, see
// https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
FullResourceName string `protobuf:"bytes,2,opt,name=full_resource_name,json=fullResourceName,proto3" json:"full_resource_name,omitempty"`
// Required. The IAM permission to check for the specified principal and
// resource.
//
// For a complete list of IAM permissions, see
// https://cloud.google.com/iam/help/permissions/reference.
//
// For a complete list of predefined IAM roles and the permissions in each
// role, see https://cloud.google.com/iam/help/roles/reference.
Permission string `protobuf:"bytes,3,opt,name=permission,proto3" json:"permission,omitempty"`
// contains filtered or unexported fields
}Information about the principal, resource, and permission to check.
func (*AccessTuple) Descriptor
func (*AccessTuple) Descriptor() ([]byte, []int)Deprecated: Use AccessTuple.ProtoReflect.Descriptor instead.
func (*AccessTuple) GetFullResourceName
func (x *AccessTuple) GetFullResourceName() stringfunc (*AccessTuple) GetPermission
func (x *AccessTuple) GetPermission() stringfunc (*AccessTuple) GetPrincipal
func (x *AccessTuple) GetPrincipal() stringfunc (*AccessTuple) ProtoMessage
func (*AccessTuple) ProtoMessage()func (*AccessTuple) ProtoReflect
func (x *AccessTuple) ProtoReflect() protoreflect.Messagefunc (*AccessTuple) Reset
func (x *AccessTuple) Reset()func (*AccessTuple) String
func (x *AccessTuple) String() stringBindingExplanation
type BindingExplanation struct {
// Required. Indicates whether _this binding_ provides the specified
// permission to the specified principal for the specified resource.
//
// This field does _not_ indicate whether the principal actually has the
// permission for the resource. There might be another binding that overrides
// this binding. To determine whether the principal actually has the
// permission, use the `access` field in the
// [TroubleshootIamPolicyResponse][google.cloud.policytroubleshooter.v3.TroubleshootIamPolicyResponse].
Access AccessState `protobuf:"varint,1,opt,name=access,proto3,enum=google.cloud.policysimulator.v1.AccessState" json:"access,omitempty"`
// The role that this binding grants. For example,
// `roles/compute.serviceAgent`.
//
// For a complete list of predefined IAM roles, as well as the permissions in
// each role, see https://cloud.google.com/iam/help/roles/reference.
Role string `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"`
// Indicates whether the role granted by this binding contains the specified
// permission.
RolePermission BindingExplanation_RolePermission `protobuf:"varint,3,opt,name=role_permission,json=rolePermission,proto3,enum=google.cloud.policysimulator.v1.BindingExplanation_RolePermission" json:"role_permission,omitempty"`
// The relevance of the permission's existence, or nonexistence, in the role
// to the overall determination for the entire policy.
RolePermissionRelevance HeuristicRelevance `protobuf:"varint,4,opt,name=role_permission_relevance,json=rolePermissionRelevance,proto3,enum=google.cloud.policysimulator.v1.HeuristicRelevance" json:"role_permission_relevance,omitempty"`
// Indicates whether each principal in the binding includes the principal
// specified in the request, either directly or indirectly. Each key
// identifies a principal in the binding, and each value indicates whether the
// principal in the binding includes the principal in the request.
//
// For example, suppose that a binding includes the following principals:
//
// * `user:alice@example.com`
// * `group:product-eng@example.com`
//
// The principal in the replayed access tuple is `user:bob@example.com`. This
// user is a principal of the group `group:product-eng@example.com`.
//
// For the first principal in the binding, the key is
// `user:alice@example.com`, and the `membership` field in the value is set to
// `MEMBERSHIP_NOT_INCLUDED`.
//
// For the second principal in the binding, the key is
// `group:product-eng@example.com`, and the `membership` field in the value is
// set to `MEMBERSHIP_INCLUDED`.
Memberships map[string]*BindingExplanation_AnnotatedMembership `protobuf:"bytes,5,rep,name=memberships,proto3" json:"memberships,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
// The relevance of this binding to the overall determination for the entire
// policy.
Relevance HeuristicRelevance `protobuf:"varint,6,opt,name=relevance,proto3,enum=google.cloud.policysimulator.v1.HeuristicRelevance" json:"relevance,omitempty"`
// A condition expression that prevents this binding from granting access
// unless the expression evaluates to `true`.
//
// To learn about IAM Conditions, see
// https://cloud.google.com/iam/docs/conditions-overview.
Condition *expr.Expr `protobuf:"bytes,7,opt,name=condition,proto3" json:"condition,omitempty"`
// contains filtered or unexported fields
}Details about how a binding in a policy affects a principal's ability to use a permission.
func (*BindingExplanation) Descriptor
func (*BindingExplanation) Descriptor() ([]byte, []int)Deprecated: Use BindingExplanation.ProtoReflect.Descriptor instead.
func (*BindingExplanation) GetAccess
func (x *BindingExplanation) GetAccess() AccessStatefunc (*BindingExplanation) GetCondition
func (x *BindingExplanation) GetCondition() *expr.Exprfunc (*BindingExplanation) GetMemberships
func (x *BindingExplanation) GetMemberships() map[string]*BindingExplanation_AnnotatedMembershipfunc (*BindingExplanation) GetRelevance
func (x *BindingExplanation) GetRelevance() HeuristicRelevancefunc (*BindingExplanation) GetRole
func (x *BindingExplanation) GetRole() stringfunc (*BindingExplanation) GetRolePermission
func (x *BindingExplanation) GetRolePermission() BindingExplanation_RolePermissionfunc (*BindingExplanation) GetRolePermissionRelevance
func (x *BindingExplanation) GetRolePermissionRelevance() HeuristicRelevancefunc (*BindingExplanation) ProtoMessage
func (*BindingExplanation) ProtoMessage()func (*BindingExplanation) ProtoReflect
func (x *BindingExplanation) ProtoReflect() protoreflect.Messagefunc (*BindingExplanation) Reset
func (x *BindingExplanation) Reset()func (*BindingExplanation) String
func (x *BindingExplanation) String() stringBindingExplanation_AnnotatedMembership
type BindingExplanation_AnnotatedMembership struct {
// Indicates whether the binding includes the principal.
Membership BindingExplanation_Membership `protobuf:"varint,1,opt,name=membership,proto3,enum=google.cloud.policysimulator.v1.BindingExplanation_Membership" json:"membership,omitempty"`
// The relevance of the principal's status to the overall determination for
// the binding.
Relevance HeuristicRelevance `protobuf:"varint,2,opt,name=relevance,proto3,enum=google.cloud.policysimulator.v1.HeuristicRelevance" json:"relevance,omitempty"`
// contains filtered or unexported fields
}Details about whether the binding includes the principal.
func (*BindingExplanation_AnnotatedMembership) Descriptor
func (*BindingExplanation_AnnotatedMembership) Descriptor() ([]byte, []int)Deprecated: Use BindingExplanation_AnnotatedMembership.ProtoReflect.Descriptor instead.
func (*BindingExplanation_AnnotatedMembership) GetMembership
func (x *BindingExplanation_AnnotatedMembership) GetMembership() BindingExplanation_Membershipfunc (*BindingExplanation_AnnotatedMembership) GetRelevance
func (x *BindingExplanation_AnnotatedMembership) GetRelevance() HeuristicRelevancefunc (*BindingExplanation_AnnotatedMembership) ProtoMessage
func (*BindingExplanation_AnnotatedMembership) ProtoMessage()func (*BindingExplanation_AnnotatedMembership) ProtoReflect
func (x *BindingExplanation_AnnotatedMembership) ProtoReflect() protoreflect.Messagefunc (*BindingExplanation_AnnotatedMembership) Reset
func (x *BindingExplanation_AnnotatedMembership) Reset()func (*BindingExplanation_AnnotatedMembership) String
func (x *BindingExplanation_AnnotatedMembership) String() stringBindingExplanation_Membership
type BindingExplanation_Membership int32Whether the binding includes the principal.
BindingExplanation_MEMBERSHIP_UNSPECIFIED, BindingExplanation_MEMBERSHIP_INCLUDED, BindingExplanation_MEMBERSHIP_NOT_INCLUDED, BindingExplanation_MEMBERSHIP_UNKNOWN_INFO_DENIED, BindingExplanation_MEMBERSHIP_UNKNOWN_UNSUPPORTED
const (
// Default value. This value is unused.
BindingExplanation_MEMBERSHIP_UNSPECIFIED BindingExplanation_Membership = 0
// The binding includes the principal. The principal can be included
// directly or indirectly. For example:
//
// - A principal is included directly if that principal is listed in the
// binding.
// - A principal is included indirectly if that principal is in a Google
// group or Google Workspace domain that is listed in the binding.
BindingExplanation_MEMBERSHIP_INCLUDED BindingExplanation_Membership = 1
// The binding does not include the principal.
BindingExplanation_MEMBERSHIP_NOT_INCLUDED BindingExplanation_Membership = 2
// The user who created the
// [Replay][google.cloud.policysimulator.v1.Replay] is not
// allowed to access the binding.
BindingExplanation_MEMBERSHIP_UNKNOWN_INFO_DENIED BindingExplanation_Membership = 3
// The principal is an unsupported type. Only Google Accounts and service
// accounts are supported.
BindingExplanation_MEMBERSHIP_UNKNOWN_UNSUPPORTED BindingExplanation_Membership = 4
)func (BindingExplanation_Membership) Descriptor
func (BindingExplanation_Membership) Descriptor() protoreflect.EnumDescriptorfunc (BindingExplanation_Membership) Enum
func (x BindingExplanation_Membership) Enum() *BindingExplanation_Membershipfunc (BindingExplanation_Membership) EnumDescriptor
func (BindingExplanation_Membership) EnumDescriptor() ([]byte, []int)Deprecated: Use BindingExplanation_Membership.Descriptor instead.
func (BindingExplanation_Membership) Number
func (x BindingExplanation_Membership) Number() protoreflect.EnumNumberfunc (BindingExplanation_Membership) String
func (x BindingExplanation_Membership) String() stringfunc (BindingExplanation_Membership) Type
func (BindingExplanation_Membership) Type() protoreflect.EnumTypeBindingExplanation_RolePermission
type BindingExplanation_RolePermission int32Whether a role includes a specific permission.
BindingExplanation_ROLE_PERMISSION_UNSPECIFIED, BindingExplanation_ROLE_PERMISSION_INCLUDED, BindingExplanation_ROLE_PERMISSION_NOT_INCLUDED, BindingExplanation_ROLE_PERMISSION_UNKNOWN_INFO_DENIED
const (
// Default value. This value is unused.
BindingExplanation_ROLE_PERMISSION_UNSPECIFIED BindingExplanation_RolePermission = 0
// The permission is included in the role.
BindingExplanation_ROLE_PERMISSION_INCLUDED BindingExplanation_RolePermission = 1
// The permission is not included in the role.
BindingExplanation_ROLE_PERMISSION_NOT_INCLUDED BindingExplanation_RolePermission = 2
// The user who created the
// [Replay][google.cloud.policysimulator.v1.Replay] is not
// allowed to access the binding.
BindingExplanation_ROLE_PERMISSION_UNKNOWN_INFO_DENIED BindingExplanation_RolePermission = 3
)func (BindingExplanation_RolePermission) Descriptor
func (BindingExplanation_RolePermission) Descriptor() protoreflect.EnumDescriptorfunc (BindingExplanation_RolePermission) Enum
func (x BindingExplanation_RolePermission) Enum() *BindingExplanation_RolePermissionfunc (BindingExplanation_RolePermission) EnumDescriptor
func (BindingExplanation_RolePermission) EnumDescriptor() ([]byte, []int)Deprecated: Use BindingExplanation_RolePermission.Descriptor instead.
func (BindingExplanation_RolePermission) Number
func (x BindingExplanation_RolePermission) Number() protoreflect.EnumNumberfunc (BindingExplanation_RolePermission) String
func (x BindingExplanation_RolePermission) String() stringfunc (BindingExplanation_RolePermission) Type
func (BindingExplanation_RolePermission) Type() protoreflect.EnumTypeCreateOrgPolicyViolationsPreviewOperationMetadata
type CreateOrgPolicyViolationsPreviewOperationMetadata struct {
// Time when the request was received.
RequestTime *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=request_time,json=requestTime,proto3" json:"request_time,omitempty"`
// Time when the request started processing, i.e., when the state was set to
// RUNNING.
StartTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=start_time,json=startTime,proto3" json:"start_time,omitempty"`
// Output only. The current state of the operation.
State PreviewState `protobuf:"varint,3,opt,name=state,proto3,enum=google.cloud.policysimulator.v1.PreviewState" json:"state,omitempty"`
// Total number of resources that need scanning.
// Should equal resource_scanned + resources_pending
ResourcesFound int32 `protobuf:"varint,4,opt,name=resources_found,json=resourcesFound,proto3" json:"resources_found,omitempty"`
// Number of resources already scanned.
ResourcesScanned int32 `protobuf:"varint,5,opt,name=resources_scanned,json=resourcesScanned,proto3" json:"resources_scanned,omitempty"`
// Number of resources still to scan.
ResourcesPending int32 `protobuf:"varint,6,opt,name=resources_pending,json=resourcesPending,proto3" json:"resources_pending,omitempty"`
// contains filtered or unexported fields
}CreateOrgPolicyViolationsPreviewOperationMetadata is metadata about an OrgPolicyViolationsPreview generations operation.
func (*CreateOrgPolicyViolationsPreviewOperationMetadata) Descriptor
func (*CreateOrgPolicyViolationsPreviewOperationMetadata) Descriptor() ([]byte, []int)Deprecated: Use CreateOrgPolicyViolationsPreviewOperationMetadata.ProtoReflect.Descriptor instead.
func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetRequestTime
func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) GetRequestTime() *timestamppb.Timestampfunc (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetResourcesFound
func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) GetResourcesFound() int32func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetResourcesPending
func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) GetResourcesPending() int32func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetResourcesScanned
func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) GetResourcesScanned() int32func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetStartTime
func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) GetStartTime() *timestamppb.Timestampfunc (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetState
func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) GetState() PreviewStatefunc (*CreateOrgPolicyViolationsPreviewOperationMetadata) ProtoMessage
func (*CreateOrgPolicyViolationsPreviewOperationMetadata) ProtoMessage()func (*CreateOrgPolicyViolationsPreviewOperationMetadata) ProtoReflect
func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) ProtoReflect() protoreflect.Messagefunc (*CreateOrgPolicyViolationsPreviewOperationMetadata) Reset
func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) Reset()func (*CreateOrgPolicyViolationsPreviewOperationMetadata) String
func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) String() stringCreateOrgPolicyViolationsPreviewRequest
type CreateOrgPolicyViolationsPreviewRequest struct {
// Required. The organization under which this
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
// will be created.
//
// Example: `organizations/my-example-org/locations/global`
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Required. The
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
// to generate.
OrgPolicyViolationsPreview *OrgPolicyViolationsPreview `protobuf:"bytes,2,opt,name=org_policy_violations_preview,json=orgPolicyViolationsPreview,proto3" json:"org_policy_violations_preview,omitempty"`
// Optional. An optional user-specified ID for the
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
// If not provided, a random ID will be generated.
OrgPolicyViolationsPreviewId string `protobuf:"bytes,3,opt,name=org_policy_violations_preview_id,json=orgPolicyViolationsPreviewId,proto3" json:"org_policy_violations_preview_id,omitempty"`
// contains filtered or unexported fields
}CreateOrgPolicyViolationsPreviewRequest is the request message for [OrgPolicyViolationsPreviewService.CreateOrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.CreateOrgPolicyViolationsPreview].
func (*CreateOrgPolicyViolationsPreviewRequest) Descriptor
func (*CreateOrgPolicyViolationsPreviewRequest) Descriptor() ([]byte, []int)Deprecated: Use CreateOrgPolicyViolationsPreviewRequest.ProtoReflect.Descriptor instead.
func (*CreateOrgPolicyViolationsPreviewRequest) GetOrgPolicyViolationsPreview
func (x *CreateOrgPolicyViolationsPreviewRequest) GetOrgPolicyViolationsPreview() *OrgPolicyViolationsPreviewfunc (*CreateOrgPolicyViolationsPreviewRequest) GetOrgPolicyViolationsPreviewId
func (x *CreateOrgPolicyViolationsPreviewRequest) GetOrgPolicyViolationsPreviewId() stringfunc (*CreateOrgPolicyViolationsPreviewRequest) GetParent
func (x *CreateOrgPolicyViolationsPreviewRequest) GetParent() stringfunc (*CreateOrgPolicyViolationsPreviewRequest) ProtoMessage
func (*CreateOrgPolicyViolationsPreviewRequest) ProtoMessage()func (*CreateOrgPolicyViolationsPreviewRequest) ProtoReflect
func (x *CreateOrgPolicyViolationsPreviewRequest) ProtoReflect() protoreflect.Messagefunc (*CreateOrgPolicyViolationsPreviewRequest) Reset
func (x *CreateOrgPolicyViolationsPreviewRequest) Reset()func (*CreateOrgPolicyViolationsPreviewRequest) String
func (x *CreateOrgPolicyViolationsPreviewRequest) String() stringCreateReplayRequest
type CreateReplayRequest struct {
// Required. The parent resource where this
// [Replay][google.cloud.policysimulator.v1.Replay] will be created. This
// resource must be a project, folder, or organization with a location.
//
// Example: `projects/my-example-project/locations/global`
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Required. The [Replay][google.cloud.policysimulator.v1.Replay] to create.
// Set `Replay.ReplayConfig` to configure the replay.
Replay *Replay `protobuf:"bytes,2,opt,name=replay,proto3" json:"replay,omitempty"`
// contains filtered or unexported fields
}Request message for [Simulator.CreateReplay][google.cloud.policysimulator.v1.Simulator.CreateReplay].
func (*CreateReplayRequest) Descriptor
func (*CreateReplayRequest) Descriptor() ([]byte, []int)Deprecated: Use CreateReplayRequest.ProtoReflect.Descriptor instead.
func (*CreateReplayRequest) GetParent
func (x *CreateReplayRequest) GetParent() stringfunc (*CreateReplayRequest) GetReplay
func (x *CreateReplayRequest) GetReplay() *Replayfunc (*CreateReplayRequest) ProtoMessage
func (*CreateReplayRequest) ProtoMessage()func (*CreateReplayRequest) ProtoReflect
func (x *CreateReplayRequest) ProtoReflect() protoreflect.Messagefunc (*CreateReplayRequest) Reset
func (x *CreateReplayRequest) Reset()func (*CreateReplayRequest) String
func (x *CreateReplayRequest) String() stringExplainedAccess
type ExplainedAccess struct {
// Whether the principal in the access tuple has permission to access the
// resource in the access tuple under the given policies.
AccessState AccessState `protobuf:"varint,1,opt,name=access_state,json=accessState,proto3,enum=google.cloud.policysimulator.v1.AccessState" json:"access_state,omitempty"`
// If the [AccessState][google.cloud.policysimulator.v1.AccessState] is
// `UNKNOWN`, this field contains the policies that led to that result.
//
// If the `AccessState` is `GRANTED` or `NOT_GRANTED`, this field is
// omitted.
Policies []*ExplainedPolicy `protobuf:"bytes,2,rep,name=policies,proto3" json:"policies,omitempty"`
// If the [AccessState][google.cloud.policysimulator.v1.AccessState] is
// `UNKNOWN`, this field contains a list of errors explaining why the result
// is `UNKNOWN`.
//
// If the `AccessState` is `GRANTED` or `NOT_GRANTED`, this field is
// omitted.
Errors []*status.Status `protobuf:"bytes,3,rep,name=errors,proto3" json:"errors,omitempty"`
// contains filtered or unexported fields
}Details about how a set of policies, listed in [ExplainedPolicy][google.cloud.policysimulator.v1.ExplainedPolicy], resulted in a certain [AccessState][google.cloud.policysimulator.v1.AccessState] when replaying an access tuple.
func (*ExplainedAccess) Descriptor
func (*ExplainedAccess) Descriptor() ([]byte, []int)Deprecated: Use ExplainedAccess.ProtoReflect.Descriptor instead.
func (*ExplainedAccess) GetAccessState
func (x *ExplainedAccess) GetAccessState() AccessStatefunc (*ExplainedAccess) GetErrors
func (x *ExplainedAccess) GetErrors() []*status.Statusfunc (*ExplainedAccess) GetPolicies
func (x *ExplainedAccess) GetPolicies() []*ExplainedPolicyfunc (*ExplainedAccess) ProtoMessage
func (*ExplainedAccess) ProtoMessage()func (*ExplainedAccess) ProtoReflect
func (x *ExplainedAccess) ProtoReflect() protoreflect.Messagefunc (*ExplainedAccess) Reset
func (x *ExplainedAccess) Reset()func (*ExplainedAccess) String
func (x *ExplainedAccess) String() stringExplainedPolicy
type ExplainedPolicy struct {
// Indicates whether _this policy_ provides the specified permission to the
// specified principal for the specified resource.
//
// This field does _not_ indicate whether the principal actually has the
// permission for the resource. There might be another policy that overrides
// this policy. To determine whether the principal actually has the
// permission, use the `access` field in the
// [TroubleshootIamPolicyResponse][google.cloud.policytroubleshooter.v3.TroubleshootIamPolicyResponse].
Access AccessState `protobuf:"varint,1,opt,name=access,proto3,enum=google.cloud.policysimulator.v1.AccessState" json:"access,omitempty"`
// The full resource name that identifies the resource. For example,
// `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
//
// If the user who created the
// [Replay][google.cloud.policysimulator.v1.Replay] does not have
// access to the policy, this field is omitted.
//
// For examples of full resource names for Google Cloud services, see
// https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
FullResourceName string `protobuf:"bytes,2,opt,name=full_resource_name,json=fullResourceName,proto3" json:"full_resource_name,omitempty"`
// The IAM policy attached to the resource.
//
// If the user who created the
// [Replay][google.cloud.policysimulator.v1.Replay] does not have
// access to the policy, this field is empty.
Policy *iampb.Policy `protobuf:"bytes,3,opt,name=policy,proto3" json:"policy,omitempty"`
// Details about how each binding in the policy affects the principal's
// ability, or inability, to use the permission for the resource.
//
// If the user who created the
// [Replay][google.cloud.policysimulator.v1.Replay] does not have
// access to the policy, this field is omitted.
BindingExplanations []*BindingExplanation `protobuf:"bytes,4,rep,name=binding_explanations,json=bindingExplanations,proto3" json:"binding_explanations,omitempty"`
// The relevance of this policy to the overall determination in the
// [TroubleshootIamPolicyResponse][google.cloud.policytroubleshooter.v3.TroubleshootIamPolicyResponse].
//
// If the user who created the
// [Replay][google.cloud.policysimulator.v1.Replay] does not have
// access to the policy, this field is omitted.
Relevance HeuristicRelevance `protobuf:"varint,5,opt,name=relevance,proto3,enum=google.cloud.policysimulator.v1.HeuristicRelevance" json:"relevance,omitempty"`
// contains filtered or unexported fields
}Details about how a specific IAM [Policy][google.iam.v1.Policy] contributed to the access check.
func (*ExplainedPolicy) Descriptor
func (*ExplainedPolicy) Descriptor() ([]byte, []int)Deprecated: Use ExplainedPolicy.ProtoReflect.Descriptor instead.
func (*ExplainedPolicy) GetAccess
func (x *ExplainedPolicy) GetAccess() AccessStatefunc (*ExplainedPolicy) GetBindingExplanations
func (x *ExplainedPolicy) GetBindingExplanations() []*BindingExplanationfunc (*ExplainedPolicy) GetFullResourceName
func (x *ExplainedPolicy) GetFullResourceName() stringfunc (*ExplainedPolicy) GetPolicy
func (x *ExplainedPolicy) GetPolicy() *iampb.Policyfunc (*ExplainedPolicy) GetRelevance
func (x *ExplainedPolicy) GetRelevance() HeuristicRelevancefunc (*ExplainedPolicy) ProtoMessage
func (*ExplainedPolicy) ProtoMessage()func (*ExplainedPolicy) ProtoReflect
func (x *ExplainedPolicy) ProtoReflect() protoreflect.Messagefunc (*ExplainedPolicy) Reset
func (x *ExplainedPolicy) Reset()func (*ExplainedPolicy) String
func (x *ExplainedPolicy) String() stringGetOrgPolicyViolationsPreviewRequest
type GetOrgPolicyViolationsPreviewRequest struct {
// Required. The name of the OrgPolicyViolationsPreview to get.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// contains filtered or unexported fields
}GetOrgPolicyViolationsPreviewRequest is the request message for [OrgPolicyViolationsPreviewService.GetOrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.GetOrgPolicyViolationsPreview].
func (*GetOrgPolicyViolationsPreviewRequest) Descriptor
func (*GetOrgPolicyViolationsPreviewRequest) Descriptor() ([]byte, []int)Deprecated: Use GetOrgPolicyViolationsPreviewRequest.ProtoReflect.Descriptor instead.
func (*GetOrgPolicyViolationsPreviewRequest) GetName
func (x *GetOrgPolicyViolationsPreviewRequest) GetName() stringfunc (*GetOrgPolicyViolationsPreviewRequest) ProtoMessage
func (*GetOrgPolicyViolationsPreviewRequest) ProtoMessage()func (*GetOrgPolicyViolationsPreviewRequest) ProtoReflect
func (x *GetOrgPolicyViolationsPreviewRequest) ProtoReflect() protoreflect.Messagefunc (*GetOrgPolicyViolationsPreviewRequest) Reset
func (x *GetOrgPolicyViolationsPreviewRequest) Reset()func (*GetOrgPolicyViolationsPreviewRequest) String
func (x *GetOrgPolicyViolationsPreviewRequest) String() stringGetReplayRequest
type GetReplayRequest struct {
// Required. The name of the [Replay][google.cloud.policysimulator.v1.Replay]
// to retrieve, in the following format:
//
// `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}`,
// where `{resource-id}` is the ID of the project, folder, or organization
// that owns the `Replay`.
//
// Example:
// `projects/my-example-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36`
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// contains filtered or unexported fields
}Request message for [Simulator.GetReplay][google.cloud.policysimulator.v1.Simulator.GetReplay].
func (*GetReplayRequest) Descriptor
func (*GetReplayRequest) Descriptor() ([]byte, []int)Deprecated: Use GetReplayRequest.ProtoReflect.Descriptor instead.
func (*GetReplayRequest) GetName
func (x *GetReplayRequest) GetName() stringfunc (*GetReplayRequest) ProtoMessage
func (*GetReplayRequest) ProtoMessage()func (*GetReplayRequest) ProtoReflect
func (x *GetReplayRequest) ProtoReflect() protoreflect.Messagefunc (*GetReplayRequest) Reset
func (x *GetReplayRequest) Reset()func (*GetReplayRequest) String
func (x *GetReplayRequest) String() stringHeuristicRelevance
type HeuristicRelevance int32The extent to which a single data point, such as the existence of a binding or whether a binding includes a specific principal, contributes to an overall determination.
HeuristicRelevance_HEURISTIC_RELEVANCE_UNSPECIFIED, HeuristicRelevance_NORMAL, HeuristicRelevance_HIGH
const (
// Default value. This value is unused.
HeuristicRelevance_HEURISTIC_RELEVANCE_UNSPECIFIED HeuristicRelevance = 0
// The data point has a limited effect on the result. Changing the data point
// is unlikely to affect the overall determination.
HeuristicRelevance_NORMAL HeuristicRelevance = 1
// The data point has a strong effect on the result. Changing the data point
// is likely to affect the overall determination.
HeuristicRelevance_HIGH HeuristicRelevance = 2
)func (HeuristicRelevance) Descriptor
func (HeuristicRelevance) Descriptor() protoreflect.EnumDescriptorfunc (HeuristicRelevance) Enum
func (x HeuristicRelevance) Enum() *HeuristicRelevancefunc (HeuristicRelevance) EnumDescriptor
func (HeuristicRelevance) EnumDescriptor() ([]byte, []int)Deprecated: Use HeuristicRelevance.Descriptor instead.
func (HeuristicRelevance) Number
func (x HeuristicRelevance) Number() protoreflect.EnumNumberfunc (HeuristicRelevance) String
func (x HeuristicRelevance) String() stringfunc (HeuristicRelevance) Type
func (HeuristicRelevance) Type() protoreflect.EnumTypeListOrgPolicyViolationsPreviewsRequest
type ListOrgPolicyViolationsPreviewsRequest struct {
// Required. The parent the violations are scoped to.
// Format:
// `organizations/{organization}/locations/{location}`
//
// Example: `organizations/my-example-org/locations/global`
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Optional. The maximum number of items to return. The service may return
// fewer than this value. If unspecified, at most 5 items will be returned.
// The maximum value is 10; values above 10 will be coerced to 10.
PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
// Optional. A page token, received from a previous call. Provide this to
// retrieve the subsequent page.
//
// When paginating, all other parameters must match the call that provided the
// page token.
PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
// contains filtered or unexported fields
}ListOrgPolicyViolationsPreviewsRequest is the request message for [OrgPolicyViolationsPreviewService.ListOrgPolicyViolationsPreviews][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.ListOrgPolicyViolationsPreviews].
func (*ListOrgPolicyViolationsPreviewsRequest) Descriptor
func (*ListOrgPolicyViolationsPreviewsRequest) Descriptor() ([]byte, []int)Deprecated: Use ListOrgPolicyViolationsPreviewsRequest.ProtoReflect.Descriptor instead.
func (*ListOrgPolicyViolationsPreviewsRequest) GetPageSize
func (x *ListOrgPolicyViolationsPreviewsRequest) GetPageSize() int32func (*ListOrgPolicyViolationsPreviewsRequest) GetPageToken
func (x *ListOrgPolicyViolationsPreviewsRequest) GetPageToken() stringfunc (*ListOrgPolicyViolationsPreviewsRequest) GetParent
func (x *ListOrgPolicyViolationsPreviewsRequest) GetParent() stringfunc (*ListOrgPolicyViolationsPreviewsRequest) ProtoMessage
func (*ListOrgPolicyViolationsPreviewsRequest) ProtoMessage()func (*ListOrgPolicyViolationsPreviewsRequest) ProtoReflect
func (x *ListOrgPolicyViolationsPreviewsRequest) ProtoReflect() protoreflect.Messagefunc (*ListOrgPolicyViolationsPreviewsRequest) Reset
func (x *ListOrgPolicyViolationsPreviewsRequest) Reset()func (*ListOrgPolicyViolationsPreviewsRequest) String
func (x *ListOrgPolicyViolationsPreviewsRequest) String() stringListOrgPolicyViolationsPreviewsResponse
type ListOrgPolicyViolationsPreviewsResponse struct {
// The list of OrgPolicyViolationsPreview
OrgPolicyViolationsPreviews []*OrgPolicyViolationsPreview `protobuf:"bytes,1,rep,name=org_policy_violations_previews,json=orgPolicyViolationsPreviews,proto3" json:"org_policy_violations_previews,omitempty"`
// A token that you can use to retrieve the next page of results.
// If this field is omitted, there are no subsequent pages.
NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
// contains filtered or unexported fields
}ListOrgPolicyViolationsPreviewsResponse is the response message for [OrgPolicyViolationsPreviewService.ListOrgPolicyViolationsPreviews][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.ListOrgPolicyViolationsPreviews].
func (*ListOrgPolicyViolationsPreviewsResponse) Descriptor
func (*ListOrgPolicyViolationsPreviewsResponse) Descriptor() ([]byte, []int)Deprecated: Use ListOrgPolicyViolationsPreviewsResponse.ProtoReflect.Descriptor instead.
func (*ListOrgPolicyViolationsPreviewsResponse) GetNextPageToken
func (x *ListOrgPolicyViolationsPreviewsResponse) GetNextPageToken() stringfunc (*ListOrgPolicyViolationsPreviewsResponse) GetOrgPolicyViolationsPreviews
func (x *ListOrgPolicyViolationsPreviewsResponse) GetOrgPolicyViolationsPreviews() []*OrgPolicyViolationsPreviewfunc (*ListOrgPolicyViolationsPreviewsResponse) ProtoMessage
func (*ListOrgPolicyViolationsPreviewsResponse) ProtoMessage()func (*ListOrgPolicyViolationsPreviewsResponse) ProtoReflect
func (x *ListOrgPolicyViolationsPreviewsResponse) ProtoReflect() protoreflect.Messagefunc (*ListOrgPolicyViolationsPreviewsResponse) Reset
func (x *ListOrgPolicyViolationsPreviewsResponse) Reset()func (*ListOrgPolicyViolationsPreviewsResponse) String
func (x *ListOrgPolicyViolationsPreviewsResponse) String() stringListOrgPolicyViolationsRequest
type ListOrgPolicyViolationsRequest struct {
// Required. The OrgPolicyViolationsPreview to get OrgPolicyViolations from.
// Format:
// organizations/{organization}/locations/{location}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreview}
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Optional. The maximum number of items to return. The service may return
// fewer than this value. If unspecified, at most 1000 items will be returned.
// The maximum value is 1000; values above 1000 will be coerced to 1000.
PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
// Optional. A page token, received from a previous call. Provide this to
// retrieve the subsequent page.
//
// When paginating, all other parameters must match the call that provided the
// page token.
PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
// contains filtered or unexported fields
}ListOrgPolicyViolationsRequest is the request message for [OrgPolicyViolationsPreviewService.ListOrgPolicyViolations][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.ListOrgPolicyViolations].
func (*ListOrgPolicyViolationsRequest) Descriptor
func (*ListOrgPolicyViolationsRequest) Descriptor() ([]byte, []int)Deprecated: Use ListOrgPolicyViolationsRequest.ProtoReflect.Descriptor instead.
func (*ListOrgPolicyViolationsRequest) GetPageSize
func (x *ListOrgPolicyViolationsRequest) GetPageSize() int32func (*ListOrgPolicyViolationsRequest) GetPageToken
func (x *ListOrgPolicyViolationsRequest) GetPageToken() stringfunc (*ListOrgPolicyViolationsRequest) GetParent
func (x *ListOrgPolicyViolationsRequest) GetParent() stringfunc (*ListOrgPolicyViolationsRequest) ProtoMessage
func (*ListOrgPolicyViolationsRequest) ProtoMessage()func (*ListOrgPolicyViolationsRequest) ProtoReflect
func (x *ListOrgPolicyViolationsRequest) ProtoReflect() protoreflect.Messagefunc (*ListOrgPolicyViolationsRequest) Reset
func (x *ListOrgPolicyViolationsRequest) Reset()func (*ListOrgPolicyViolationsRequest) String
func (x *ListOrgPolicyViolationsRequest) String() stringListOrgPolicyViolationsResponse
type ListOrgPolicyViolationsResponse struct {
// The list of OrgPolicyViolations
OrgPolicyViolations []*OrgPolicyViolation `protobuf:"bytes,1,rep,name=org_policy_violations,json=orgPolicyViolations,proto3" json:"org_policy_violations,omitempty"`
// A token that you can use to retrieve the next page of results.
// If this field is omitted, there are no subsequent pages.
NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
// contains filtered or unexported fields
}ListOrgPolicyViolationsResponse is the response message for [OrgPolicyViolationsPreviewService.ListOrgPolicyViolations][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.ListOrgPolicyViolations]
func (*ListOrgPolicyViolationsResponse) Descriptor
func (*ListOrgPolicyViolationsResponse) Descriptor() ([]byte, []int)Deprecated: Use ListOrgPolicyViolationsResponse.ProtoReflect.Descriptor instead.
func (*ListOrgPolicyViolationsResponse) GetNextPageToken
func (x *ListOrgPolicyViolationsResponse) GetNextPageToken() stringfunc (*ListOrgPolicyViolationsResponse) GetOrgPolicyViolations
func (x *ListOrgPolicyViolationsResponse) GetOrgPolicyViolations() []*OrgPolicyViolationfunc (*ListOrgPolicyViolationsResponse) ProtoMessage
func (*ListOrgPolicyViolationsResponse) ProtoMessage()func (*ListOrgPolicyViolationsResponse) ProtoReflect
func (x *ListOrgPolicyViolationsResponse) ProtoReflect() protoreflect.Messagefunc (*ListOrgPolicyViolationsResponse) Reset
func (x *ListOrgPolicyViolationsResponse) Reset()func (*ListOrgPolicyViolationsResponse) String
func (x *ListOrgPolicyViolationsResponse) String() stringListReplayResultsRequest
type ListReplayResultsRequest struct {
// Required. The [Replay][google.cloud.policysimulator.v1.Replay] whose
// results are listed, in the following format:
//
// `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}`
//
// Example:
// `projects/my-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36`
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// The maximum number of
// [ReplayResult][google.cloud.policysimulator.v1.ReplayResult] objects to
// return. Defaults to 5000.
//
// The maximum value is 5000; values above 5000 are rounded down to 5000.
PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
// A page token, received from a previous
// [Simulator.ListReplayResults][google.cloud.policysimulator.v1.Simulator.ListReplayResults]
// call. Provide this token to retrieve the next page of results.
//
// When paginating, all other parameters provided to
// [Simulator.ListReplayResults[] must match the call that provided the page
// token.
PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
// contains filtered or unexported fields
}Request message for [Simulator.ListReplayResults][google.cloud.policysimulator.v1.Simulator.ListReplayResults].
func (*ListReplayResultsRequest) Descriptor
func (*ListReplayResultsRequest) Descriptor() ([]byte, []int)Deprecated: Use ListReplayResultsRequest.ProtoReflect.Descriptor instead.
func (*ListReplayResultsRequest) GetPageSize
func (x *ListReplayResultsRequest) GetPageSize() int32func (*ListReplayResultsRequest) GetPageToken
func (x *ListReplayResultsRequest) GetPageToken() stringfunc (*ListReplayResultsRequest) GetParent
func (x *ListReplayResultsRequest) GetParent() stringfunc (*ListReplayResultsRequest) ProtoMessage
func (*ListReplayResultsRequest) ProtoMessage()func (*ListReplayResultsRequest) ProtoReflect
func (x *ListReplayResultsRequest) ProtoReflect() protoreflect.Messagefunc (*ListReplayResultsRequest) Reset
func (x *ListReplayResultsRequest) Reset()func (*ListReplayResultsRequest) String
func (x *ListReplayResultsRequest) String() stringListReplayResultsResponse
type ListReplayResultsResponse struct {
// The results of running a [Replay][google.cloud.policysimulator.v1.Replay].
ReplayResults []*ReplayResult `protobuf:"bytes,1,rep,name=replay_results,json=replayResults,proto3" json:"replay_results,omitempty"`
// A token that you can use to retrieve the next page of
// [ReplayResult][google.cloud.policysimulator.v1.ReplayResult] objects. If
// this field is omitted, there are no subsequent pages.
NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
// contains filtered or unexported fields
}Response message for [Simulator.ListReplayResults][google.cloud.policysimulator.v1.Simulator.ListReplayResults].
func (*ListReplayResultsResponse) Descriptor
func (*ListReplayResultsResponse) Descriptor() ([]byte, []int)Deprecated: Use ListReplayResultsResponse.ProtoReflect.Descriptor instead.
func (*ListReplayResultsResponse) GetNextPageToken
func (x *ListReplayResultsResponse) GetNextPageToken() stringfunc (*ListReplayResultsResponse) GetReplayResults
func (x *ListReplayResultsResponse) GetReplayResults() []*ReplayResultfunc (*ListReplayResultsResponse) ProtoMessage
func (*ListReplayResultsResponse) ProtoMessage()func (*ListReplayResultsResponse) ProtoReflect
func (x *ListReplayResultsResponse) ProtoReflect() protoreflect.Messagefunc (*ListReplayResultsResponse) Reset
func (x *ListReplayResultsResponse) Reset()func (*ListReplayResultsResponse) String
func (x *ListReplayResultsResponse) String() stringOrgPolicyOverlay
type OrgPolicyOverlay struct {
// Optional. The OrgPolicy changes to preview violations for.
//
// Any existing OrgPolicies with the same name will be overridden
// in the simulation. That is, violations will be determined as if all
// policies in the overlay were created or updated.
Policies []*OrgPolicyOverlay_PolicyOverlay `protobuf:"bytes,1,rep,name=policies,proto3" json:"policies,omitempty"`
// Optional. The OrgPolicy CustomConstraint changes to preview violations for.
//
// Any existing CustomConstraints with the same name will be overridden
// in the simulation. That is, violations will be determined as if all
// custom constraints in the overlay were instantiated.
//
// Only a single custom_constraint is supported in the overlay at a time.
// For evaluating multiple constraints, multiple
// `GenerateOrgPolicyViolationsPreview` requests are made, where each request
// evaluates a single constraint.
CustomConstraints []*OrgPolicyOverlay_CustomConstraintOverlay `protobuf:"bytes,2,rep,name=custom_constraints,json=customConstraints,proto3" json:"custom_constraints,omitempty"`
// contains filtered or unexported fields
}The proposed changes to OrgPolicy.
func (*OrgPolicyOverlay) Descriptor
func (*OrgPolicyOverlay) Descriptor() ([]byte, []int)Deprecated: Use OrgPolicyOverlay.ProtoReflect.Descriptor instead.
func (*OrgPolicyOverlay) GetCustomConstraints
func (x *OrgPolicyOverlay) GetCustomConstraints() []*OrgPolicyOverlay_CustomConstraintOverlayfunc (*OrgPolicyOverlay) GetPolicies
func (x *OrgPolicyOverlay) GetPolicies() []*OrgPolicyOverlay_PolicyOverlayfunc (*OrgPolicyOverlay) ProtoMessage
func (*OrgPolicyOverlay) ProtoMessage()func (*OrgPolicyOverlay) ProtoReflect
func (x *OrgPolicyOverlay) ProtoReflect() protoreflect.Messagefunc (*OrgPolicyOverlay) Reset
func (x *OrgPolicyOverlay) Reset()func (*OrgPolicyOverlay) String
func (x *OrgPolicyOverlay) String() stringOrgPolicyOverlay_CustomConstraintOverlay
type OrgPolicyOverlay_CustomConstraintOverlay struct {
// Optional. Resource the constraint is attached to.
// Example: "organization/987654"
CustomConstraintParent string `protobuf:"bytes,1,opt,name=custom_constraint_parent,json=customConstraintParent,proto3" json:"custom_constraint_parent,omitempty"`
// Optional. The new or updated custom constraint.
CustomConstraint *orgpolicypb.CustomConstraint `protobuf:"bytes,2,opt,name=custom_constraint,json=customConstraint,proto3" json:"custom_constraint,omitempty"`
// contains filtered or unexported fields
}A change to an OrgPolicy custom constraint.
func (*OrgPolicyOverlay_CustomConstraintOverlay) Descriptor
func (*OrgPolicyOverlay_CustomConstraintOverlay) Descriptor() ([]byte, []int)Deprecated: Use OrgPolicyOverlay_CustomConstraintOverlay.ProtoReflect.Descriptor instead.
func (*OrgPolicyOverlay_CustomConstraintOverlay) GetCustomConstraint
func (x *OrgPolicyOverlay_CustomConstraintOverlay) GetCustomConstraint() *orgpolicypb.CustomConstraintfunc (*OrgPolicyOverlay_CustomConstraintOverlay) GetCustomConstraintParent
func (x *OrgPolicyOverlay_CustomConstraintOverlay) GetCustomConstraintParent() stringfunc (*OrgPolicyOverlay_CustomConstraintOverlay) ProtoMessage
func (*OrgPolicyOverlay_CustomConstraintOverlay) ProtoMessage()func (*OrgPolicyOverlay_CustomConstraintOverlay) ProtoReflect
func (x *OrgPolicyOverlay_CustomConstraintOverlay) ProtoReflect() protoreflect.Messagefunc (*OrgPolicyOverlay_CustomConstraintOverlay) Reset
func (x *OrgPolicyOverlay_CustomConstraintOverlay) Reset()func (*OrgPolicyOverlay_CustomConstraintOverlay) String
func (x *OrgPolicyOverlay_CustomConstraintOverlay) String() stringOrgPolicyOverlay_PolicyOverlay
type OrgPolicyOverlay_PolicyOverlay struct {
// Optional. The parent of the policy we are attaching to.
// Example: "projects/123456"
PolicyParent string `protobuf:"bytes,1,opt,name=policy_parent,json=policyParent,proto3" json:"policy_parent,omitempty"`
// Optional. The new or updated OrgPolicy.
Policy *orgpolicypb.Policy `protobuf:"bytes,2,opt,name=policy,proto3" json:"policy,omitempty"`
// contains filtered or unexported fields
}A change to an OrgPolicy.
func (*OrgPolicyOverlay_PolicyOverlay) Descriptor
func (*OrgPolicyOverlay_PolicyOverlay) Descriptor() ([]byte, []int)Deprecated: Use OrgPolicyOverlay_PolicyOverlay.ProtoReflect.Descriptor instead.
func (*OrgPolicyOverlay_PolicyOverlay) GetPolicy
func (x *OrgPolicyOverlay_PolicyOverlay) GetPolicy() *orgpolicypb.Policyfunc (*OrgPolicyOverlay_PolicyOverlay) GetPolicyParent
func (x *OrgPolicyOverlay_PolicyOverlay) GetPolicyParent() stringfunc (*OrgPolicyOverlay_PolicyOverlay) ProtoMessage
func (*OrgPolicyOverlay_PolicyOverlay) ProtoMessage()func (*OrgPolicyOverlay_PolicyOverlay) ProtoReflect
func (x *OrgPolicyOverlay_PolicyOverlay) ProtoReflect() protoreflect.Messagefunc (*OrgPolicyOverlay_PolicyOverlay) Reset
func (x *OrgPolicyOverlay_PolicyOverlay) Reset()func (*OrgPolicyOverlay_PolicyOverlay) String
func (x *OrgPolicyOverlay_PolicyOverlay) String() stringOrgPolicyViolation
type OrgPolicyViolation struct {
// The name of the `OrgPolicyViolation`. Example:
// organizations/my-example-org/locations/global/orgPolicyViolationsPreviews/506a5f7f/orgPolicyViolations/38ce`
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// The resource violating the constraint.
Resource *ResourceContext `protobuf:"bytes,2,opt,name=resource,proto3" json:"resource,omitempty"`
// The custom constraint being violated.
CustomConstraint *orgpolicypb.CustomConstraint `protobuf:"bytes,3,opt,name=custom_constraint,json=customConstraint,proto3" json:"custom_constraint,omitempty"`
// Any error encountered during the evaluation.
Error *status.Status `protobuf:"bytes,4,opt,name=error,proto3" json:"error,omitempty"`
// contains filtered or unexported fields
}OrgPolicyViolation is a resource representing a single resource violating a single OrgPolicy constraint.
func (*OrgPolicyViolation) Descriptor
func (*OrgPolicyViolation) Descriptor() ([]byte, []int)Deprecated: Use OrgPolicyViolation.ProtoReflect.Descriptor instead.
func (*OrgPolicyViolation) GetCustomConstraint
func (x *OrgPolicyViolation) GetCustomConstraint() *orgpolicypb.CustomConstraintfunc (*OrgPolicyViolation) GetError
func (x *OrgPolicyViolation) GetError() *status.Statusfunc (*OrgPolicyViolation) GetName
func (x *OrgPolicyViolation) GetName() stringfunc (*OrgPolicyViolation) GetResource
func (x *OrgPolicyViolation) GetResource() *ResourceContextfunc (*OrgPolicyViolation) ProtoMessage
func (*OrgPolicyViolation) ProtoMessage()func (*OrgPolicyViolation) ProtoReflect
func (x *OrgPolicyViolation) ProtoReflect() protoreflect.Messagefunc (*OrgPolicyViolation) Reset
func (x *OrgPolicyViolation) Reset()func (*OrgPolicyViolation) String
func (x *OrgPolicyViolation) String() stringOrgPolicyViolationsPreview
type OrgPolicyViolationsPreview struct {
// Output only. The resource name of the `OrgPolicyViolationsPreview`. It has
// the following format:
//
// `organizations/{organization}/locations/{location}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreview}`
//
// Example:
// `organizations/my-example-org/locations/global/orgPolicyViolationsPreviews/506a5f7f`
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Output only. The state of the `OrgPolicyViolationsPreview`.
State PreviewState `protobuf:"varint,2,opt,name=state,proto3,enum=google.cloud.policysimulator.v1.PreviewState" json:"state,omitempty"`
// Required. The proposed changes we are previewing violations for.
Overlay *OrgPolicyOverlay `protobuf:"bytes,3,opt,name=overlay,proto3" json:"overlay,omitempty"`
// Output only. The number of [OrgPolicyViolations][] in this
// `OrgPolicyViolationsPreview`. This count may differ from
// `resource_summary.noncompliant_count` because each
// [OrgPolicyViolation][google.cloud.policysimulator.v1.OrgPolicyViolation] is
// specific to a resource **and** constraint. If there are multiple
// constraints being evaluated (i.e. multiple policies in the overlay), a
// single resource may violate multiple constraints.
ViolationsCount int32 `protobuf:"varint,4,opt,name=violations_count,json=violationsCount,proto3" json:"violations_count,omitempty"`
// Output only. A summary of the state of all resources scanned for compliance
// with the changed OrgPolicy.
ResourceCounts *OrgPolicyViolationsPreview_ResourceCounts `protobuf:"bytes,5,opt,name=resource_counts,json=resourceCounts,proto3" json:"resource_counts,omitempty"`
// Output only. The names of the constraints against which all
// `OrgPolicyViolations` were evaluated.
//
// If `OrgPolicyOverlay` only contains `PolicyOverlay` then it contains
// the name of the configured custom constraint, applicable to the specified
// policies. Otherwise it contains the name of the constraint specified in
// `CustomConstraintOverlay`.
//
// Format:
// `organizations/{organization_id}/customConstraints/{custom_constraint_id}`
//
// Example: `organizations/123/customConstraints/custom.createOnlyE2TypeVms`
CustomConstraints []string `protobuf:"bytes,6,rep,name=custom_constraints,json=customConstraints,proto3" json:"custom_constraints,omitempty"`
// Output only. Time when this `OrgPolicyViolationsPreview` was created.
CreateTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
// contains filtered or unexported fields
}OrgPolicyViolationsPreview is a resource providing a preview of the violations that will exist if an OrgPolicy change is made.
The list of violations are modeled as child resources and retrieved via a [ListOrgPolicyViolations][] API call. There are potentially more [OrgPolicyViolations][] than could fit in an embedded field. Thus, the use of a child resource instead of a field.
func (*OrgPolicyViolationsPreview) Descriptor
func (*OrgPolicyViolationsPreview) Descriptor() ([]byte, []int)Deprecated: Use OrgPolicyViolationsPreview.ProtoReflect.Descriptor instead.
func (*OrgPolicyViolationsPreview) GetCreateTime
func (x *OrgPolicyViolationsPreview) GetCreateTime() *timestamppb.Timestampfunc (*OrgPolicyViolationsPreview) GetCustomConstraints
func (x *OrgPolicyViolationsPreview) GetCustomConstraints() []stringfunc (*OrgPolicyViolationsPreview) GetName
func (x *OrgPolicyViolationsPreview) GetName() stringfunc (*OrgPolicyViolationsPreview) GetOverlay
func (x *OrgPolicyViolationsPreview) GetOverlay() *OrgPolicyOverlayfunc (*OrgPolicyViolationsPreview) GetResourceCounts
func (x *OrgPolicyViolationsPreview) GetResourceCounts() *OrgPolicyViolationsPreview_ResourceCountsfunc (*OrgPolicyViolationsPreview) GetState
func (x *OrgPolicyViolationsPreview) GetState() PreviewStatefunc (*OrgPolicyViolationsPreview) GetViolationsCount
func (x *OrgPolicyViolationsPreview) GetViolationsCount() int32func (*OrgPolicyViolationsPreview) ProtoMessage
func (*OrgPolicyViolationsPreview) ProtoMessage()func (*OrgPolicyViolationsPreview) ProtoReflect
func (x *OrgPolicyViolationsPreview) ProtoReflect() protoreflect.Messagefunc (*OrgPolicyViolationsPreview) Reset
func (x *OrgPolicyViolationsPreview) Reset()func (*OrgPolicyViolationsPreview) String
func (x *OrgPolicyViolationsPreview) String() stringOrgPolicyViolationsPreviewServiceClient
type OrgPolicyViolationsPreviewServiceClient interface {
// ListOrgPolicyViolationsPreviews lists each
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
// in an organization. Each
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
// is available for at least 7 days.
ListOrgPolicyViolationsPreviews(ctx context.Context, in *ListOrgPolicyViolationsPreviewsRequest, opts ...grpc.CallOption) (*ListOrgPolicyViolationsPreviewsResponse, error)
// GetOrgPolicyViolationsPreview gets the specified
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
// Each
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
// is available for at least 7 days.
GetOrgPolicyViolationsPreview(ctx context.Context, in *GetOrgPolicyViolationsPreviewRequest, opts ...grpc.CallOption) (*OrgPolicyViolationsPreview, error)
// CreateOrgPolicyViolationsPreview creates an
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
// for the proposed changes in the provided
// [OrgPolicyViolationsPreview.OrgPolicyOverlay][]. The changes to OrgPolicy
// are specified by this `OrgPolicyOverlay`. The resources to scan are
// inferred from these specified changes.
CreateOrgPolicyViolationsPreview(ctx context.Context, in *CreateOrgPolicyViolationsPreviewRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
// ListOrgPolicyViolations lists the [OrgPolicyViolations][] that are present
// in an
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
ListOrgPolicyViolations(ctx context.Context, in *ListOrgPolicyViolationsRequest, opts ...grpc.CallOption) (*ListOrgPolicyViolationsResponse, error)
}OrgPolicyViolationsPreviewServiceClient is the client API for OrgPolicyViolationsPreviewService service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
func NewOrgPolicyViolationsPreviewServiceClient
func NewOrgPolicyViolationsPreviewServiceClient(cc grpc.ClientConnInterface) OrgPolicyViolationsPreviewServiceClientOrgPolicyViolationsPreviewServiceServer
type OrgPolicyViolationsPreviewServiceServer interface {
// ListOrgPolicyViolationsPreviews lists each
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
// in an organization. Each
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
// is available for at least 7 days.
ListOrgPolicyViolationsPreviews(context.Context, *ListOrgPolicyViolationsPreviewsRequest) (*ListOrgPolicyViolationsPreviewsResponse, error)
// GetOrgPolicyViolationsPreview gets the specified
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
// Each
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
// is available for at least 7 days.
GetOrgPolicyViolationsPreview(context.Context, *GetOrgPolicyViolationsPreviewRequest) (*OrgPolicyViolationsPreview, error)
// CreateOrgPolicyViolationsPreview creates an
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
// for the proposed changes in the provided
// [OrgPolicyViolationsPreview.OrgPolicyOverlay][]. The changes to OrgPolicy
// are specified by this `OrgPolicyOverlay`. The resources to scan are
// inferred from these specified changes.
CreateOrgPolicyViolationsPreview(context.Context, *CreateOrgPolicyViolationsPreviewRequest) (*longrunningpb.Operation, error)
// ListOrgPolicyViolations lists the [OrgPolicyViolations][] that are present
// in an
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
ListOrgPolicyViolations(context.Context, *ListOrgPolicyViolationsRequest) (*ListOrgPolicyViolationsResponse, error)
}OrgPolicyViolationsPreviewServiceServer is the server API for OrgPolicyViolationsPreviewService service.
OrgPolicyViolationsPreview_ResourceCounts
type OrgPolicyViolationsPreview_ResourceCounts struct {
// Output only. Number of resources checked for compliance.
//
// Must equal: unenforced + noncompliant + compliant + error
Scanned int32 `protobuf:"varint,1,opt,name=scanned,proto3" json:"scanned,omitempty"`
// Output only. Number of scanned resources with at least one violation.
Noncompliant int32 `protobuf:"varint,2,opt,name=noncompliant,proto3" json:"noncompliant,omitempty"`
// Output only. Number of scanned resources with zero violations.
Compliant int32 `protobuf:"varint,3,opt,name=compliant,proto3" json:"compliant,omitempty"`
// Output only. Number of resources where the constraint was not enforced,
// i.e. the Policy set `enforced: false` for that resource.
Unenforced int32 `protobuf:"varint,4,opt,name=unenforced,proto3" json:"unenforced,omitempty"`
// Output only. Number of resources that returned an error when scanned.
Errors int32 `protobuf:"varint,5,opt,name=errors,proto3" json:"errors,omitempty"`
// contains filtered or unexported fields
}A summary of the state of all resources scanned for compliance with the changed OrgPolicy.
func (*OrgPolicyViolationsPreview_ResourceCounts) Descriptor
func (*OrgPolicyViolationsPreview_ResourceCounts) Descriptor() ([]byte, []int)Deprecated: Use OrgPolicyViolationsPreview_ResourceCounts.ProtoReflect.Descriptor instead.
func (*OrgPolicyViolationsPreview_ResourceCounts) GetCompliant
func (x *OrgPolicyViolationsPreview_ResourceCounts) GetCompliant() int32func (*OrgPolicyViolationsPreview_ResourceCounts) GetErrors
func (x *OrgPolicyViolationsPreview_ResourceCounts) GetErrors() int32func (*OrgPolicyViolationsPreview_ResourceCounts) GetNoncompliant
func (x *OrgPolicyViolationsPreview_ResourceCounts) GetNoncompliant() int32func (*OrgPolicyViolationsPreview_ResourceCounts) GetScanned
func (x *OrgPolicyViolationsPreview_ResourceCounts) GetScanned() int32func (*OrgPolicyViolationsPreview_ResourceCounts) GetUnenforced
func (x *OrgPolicyViolationsPreview_ResourceCounts) GetUnenforced() int32func (*OrgPolicyViolationsPreview_ResourceCounts) ProtoMessage
func (*OrgPolicyViolationsPreview_ResourceCounts) ProtoMessage()func (*OrgPolicyViolationsPreview_ResourceCounts) ProtoReflect
func (x *OrgPolicyViolationsPreview_ResourceCounts) ProtoReflect() protoreflect.Messagefunc (*OrgPolicyViolationsPreview_ResourceCounts) Reset
func (x *OrgPolicyViolationsPreview_ResourceCounts) Reset()func (*OrgPolicyViolationsPreview_ResourceCounts) String
func (x *OrgPolicyViolationsPreview_ResourceCounts) String() stringPreviewState
type PreviewState int32The current state of an [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
PreviewState_PREVIEW_STATE_UNSPECIFIED, PreviewState_PREVIEW_PENDING, PreviewState_PREVIEW_RUNNING, PreviewState_PREVIEW_SUCCEEDED, PreviewState_PREVIEW_FAILED
const (
// The state is unspecified.
PreviewState_PREVIEW_STATE_UNSPECIFIED PreviewState = 0
// The
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
// has not been created yet.
PreviewState_PREVIEW_PENDING PreviewState = 1
// The
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
// is currently being created.
PreviewState_PREVIEW_RUNNING PreviewState = 2
// The
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
// creation finished successfully.
PreviewState_PREVIEW_SUCCEEDED PreviewState = 3
// The
// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
// creation failed with an error.
PreviewState_PREVIEW_FAILED PreviewState = 4
)func (PreviewState) Descriptor
func (PreviewState) Descriptor() protoreflect.EnumDescriptorfunc (PreviewState) Enum
func (x PreviewState) Enum() *PreviewStatefunc (PreviewState) EnumDescriptor
func (PreviewState) EnumDescriptor() ([]byte, []int)Deprecated: Use PreviewState.Descriptor instead.
func (PreviewState) Number
func (x PreviewState) Number() protoreflect.EnumNumberfunc (PreviewState) String
func (x PreviewState) String() stringfunc (PreviewState) Type
func (PreviewState) Type() protoreflect.EnumTypeReplay
type Replay struct {
// Output only. The resource name of the `Replay`, which has the following
// format:
//
// `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}`,
// where `{resource-id}` is the ID of the project, folder, or organization
// that owns the Replay.
//
// Example:
// `projects/my-example-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36`
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Output only. The current state of the `Replay`.
State Replay_State `protobuf:"varint,2,opt,name=state,proto3,enum=google.cloud.policysimulator.v1.Replay_State" json:"state,omitempty"`
// Required. The configuration used for the `Replay`.
Config *ReplayConfig `protobuf:"bytes,3,opt,name=config,proto3" json:"config,omitempty"`
// Output only. Summary statistics about the replayed log entries.
ResultsSummary *Replay_ResultsSummary `protobuf:"bytes,5,opt,name=results_summary,json=resultsSummary,proto3" json:"results_summary,omitempty"`
// contains filtered or unexported fields
}A resource describing a Replay, or simulation.
func (*Replay) Descriptor
Deprecated: Use Replay.ProtoReflect.Descriptor instead.
func (*Replay) GetConfig
func (x *Replay) GetConfig() *ReplayConfigfunc (*Replay) GetName
func (*Replay) GetResultsSummary
func (x *Replay) GetResultsSummary() *Replay_ResultsSummaryfunc (*Replay) GetState
func (x *Replay) GetState() Replay_Statefunc (*Replay) ProtoMessage
func (*Replay) ProtoMessage()func (*Replay) ProtoReflect
func (x *Replay) ProtoReflect() protoreflect.Messagefunc (*Replay) Reset
func (x *Replay) Reset()func (*Replay) String
ReplayConfig
type ReplayConfig struct {
// A mapping of the resources that you want to simulate policies for and the
// policies that you want to simulate.
//
// Keys are the full resource names for the resources. For example,
// `//cloudresourcemanager.googleapis.com/projects/my-project`.
// For examples of full resource names for Google Cloud services, see
// https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
//
// Values are [Policy][google.iam.v1.Policy] objects representing the policies
// that you want to simulate.
//
// Replays automatically take into account any IAM policies inherited through
// the resource hierarchy, and any policies set on descendant resources. You
// do not need to include these policies in the policy overlay.
PolicyOverlay map[string]*iampb.Policy `protobuf:"bytes,1,rep,name=policy_overlay,json=policyOverlay,proto3" json:"policy_overlay,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
// The logs to use as input for the
// [Replay][google.cloud.policysimulator.v1.Replay].
LogSource ReplayConfig_LogSource `protobuf:"varint,2,opt,name=log_source,json=logSource,proto3,enum=google.cloud.policysimulator.v1.ReplayConfig_LogSource" json:"log_source,omitempty"`
// contains filtered or unexported fields
}The configuration used for a [Replay][google.cloud.policysimulator.v1.Replay].
func (*ReplayConfig) Descriptor
func (*ReplayConfig) Descriptor() ([]byte, []int)Deprecated: Use ReplayConfig.ProtoReflect.Descriptor instead.
func (*ReplayConfig) GetLogSource
func (x *ReplayConfig) GetLogSource() ReplayConfig_LogSourcefunc (*ReplayConfig) GetPolicyOverlay
func (x *ReplayConfig) GetPolicyOverlay() map[string]*iampb.Policyfunc (*ReplayConfig) ProtoMessage
func (*ReplayConfig) ProtoMessage()func (*ReplayConfig) ProtoReflect
func (x *ReplayConfig) ProtoReflect() protoreflect.Messagefunc (*ReplayConfig) Reset
func (x *ReplayConfig) Reset()func (*ReplayConfig) String
func (x *ReplayConfig) String() stringReplayConfig_LogSource
type ReplayConfig_LogSource int32The source of the logs to use for a [Replay][google.cloud.policysimulator.v1.Replay].
ReplayConfig_LOG_SOURCE_UNSPECIFIED, ReplayConfig_RECENT_ACCESSES
const (
// An unspecified log source.
// If the log source is unspecified, the
// [Replay][google.cloud.policysimulator.v1.Replay] defaults to using
// `RECENT_ACCESSES`.
ReplayConfig_LOG_SOURCE_UNSPECIFIED ReplayConfig_LogSource = 0
// All access logs from the last 90 days. These logs may not include logs
// from the most recent 7 days.
ReplayConfig_RECENT_ACCESSES ReplayConfig_LogSource = 1
)func (ReplayConfig_LogSource) Descriptor
func (ReplayConfig_LogSource) Descriptor() protoreflect.EnumDescriptorfunc (ReplayConfig_LogSource) Enum
func (x ReplayConfig_LogSource) Enum() *ReplayConfig_LogSourcefunc (ReplayConfig_LogSource) EnumDescriptor
func (ReplayConfig_LogSource) EnumDescriptor() ([]byte, []int)Deprecated: Use ReplayConfig_LogSource.Descriptor instead.
func (ReplayConfig_LogSource) Number
func (x ReplayConfig_LogSource) Number() protoreflect.EnumNumberfunc (ReplayConfig_LogSource) String
func (x ReplayConfig_LogSource) String() stringfunc (ReplayConfig_LogSource) Type
func (ReplayConfig_LogSource) Type() protoreflect.EnumTypeReplayDiff
type ReplayDiff struct {
// A summary and comparison of the principal's access under the current
// (baseline) policies and the proposed (simulated) policies for a single
// access tuple.
//
// The evaluation of the principal's access is reported in the
// [AccessState][google.cloud.policysimulator.v1.AccessState] field.
AccessDiff *AccessStateDiff `protobuf:"bytes,2,opt,name=access_diff,json=accessDiff,proto3" json:"access_diff,omitempty"`
// contains filtered or unexported fields
}The difference between the results of evaluating an access tuple under the current (baseline) policies and under the proposed (simulated) policies. This difference explains how a principal's access could change if the proposed policies were applied.
func (*ReplayDiff) Descriptor
func (*ReplayDiff) Descriptor() ([]byte, []int)Deprecated: Use ReplayDiff.ProtoReflect.Descriptor instead.
func (*ReplayDiff) GetAccessDiff
func (x *ReplayDiff) GetAccessDiff() *AccessStateDifffunc (*ReplayDiff) ProtoMessage
func (*ReplayDiff) ProtoMessage()func (*ReplayDiff) ProtoReflect
func (x *ReplayDiff) ProtoReflect() protoreflect.Messagefunc (*ReplayDiff) Reset
func (x *ReplayDiff) Reset()func (*ReplayDiff) String
func (x *ReplayDiff) String() stringReplayOperationMetadata
type ReplayOperationMetadata struct {
// Time when the request was received.
StartTime *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=start_time,json=startTime,proto3" json:"start_time,omitempty"`
// contains filtered or unexported fields
}Metadata about a Replay operation.
func (*ReplayOperationMetadata) Descriptor
func (*ReplayOperationMetadata) Descriptor() ([]byte, []int)Deprecated: Use ReplayOperationMetadata.ProtoReflect.Descriptor instead.
func (*ReplayOperationMetadata) GetStartTime
func (x *ReplayOperationMetadata) GetStartTime() *timestamppb.Timestampfunc (*ReplayOperationMetadata) ProtoMessage
func (*ReplayOperationMetadata) ProtoMessage()func (*ReplayOperationMetadata) ProtoReflect
func (x *ReplayOperationMetadata) ProtoReflect() protoreflect.Messagefunc (*ReplayOperationMetadata) Reset
func (x *ReplayOperationMetadata) Reset()func (*ReplayOperationMetadata) String
func (x *ReplayOperationMetadata) String() stringReplayResult
type ReplayResult struct {
// The result of replaying the access tuple.
//
// Types that are assignable to Result:
//
// *ReplayResult_Diff
// *ReplayResult_Error
Result isReplayResult_Result `protobuf_oneof:"result"`
// The resource name of the `ReplayResult`, in the following format:
//
// `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}/results/{replay-result-id}`,
// where `{resource-id}` is the ID of the project, folder, or organization
// that owns the [Replay][google.cloud.policysimulator.v1.Replay].
//
// Example:
// `projects/my-example-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36/results/1234`
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// The [Replay][google.cloud.policysimulator.v1.Replay] that the access tuple
// was included in.
Parent string `protobuf:"bytes,2,opt,name=parent,proto3" json:"parent,omitempty"`
// The access tuple that was replayed. This field includes information about
// the principal, resource, and permission that were involved in the access
// attempt.
AccessTuple *AccessTuple `protobuf:"bytes,3,opt,name=access_tuple,json=accessTuple,proto3" json:"access_tuple,omitempty"`
// The latest date this access tuple was seen in the logs.
LastSeenDate *date.Date `protobuf:"bytes,4,opt,name=last_seen_date,json=lastSeenDate,proto3" json:"last_seen_date,omitempty"`
// contains filtered or unexported fields
}The result of replaying a single access tuple against a simulated state.
func (*ReplayResult) Descriptor
func (*ReplayResult) Descriptor() ([]byte, []int)Deprecated: Use ReplayResult.ProtoReflect.Descriptor instead.
func (*ReplayResult) GetAccessTuple
func (x *ReplayResult) GetAccessTuple() *AccessTuplefunc (*ReplayResult) GetDiff
func (x *ReplayResult) GetDiff() *ReplayDifffunc (*ReplayResult) GetError
func (x *ReplayResult) GetError() *status.Statusfunc (*ReplayResult) GetLastSeenDate
func (x *ReplayResult) GetLastSeenDate() *date.Datefunc (*ReplayResult) GetName
func (x *ReplayResult) GetName() stringfunc (*ReplayResult) GetParent
func (x *ReplayResult) GetParent() stringfunc (*ReplayResult) GetResult
func (m *ReplayResult) GetResult() isReplayResult_Resultfunc (*ReplayResult) ProtoMessage
func (*ReplayResult) ProtoMessage()func (*ReplayResult) ProtoReflect
func (x *ReplayResult) ProtoReflect() protoreflect.Messagefunc (*ReplayResult) Reset
func (x *ReplayResult) Reset()func (*ReplayResult) String
func (x *ReplayResult) String() stringReplayResult_Diff
type ReplayResult_Diff struct {
// The difference between the principal's access under the current
// (baseline) policies and the principal's access under the proposed
// (simulated) policies.
//
// This field is only included for access tuples that were successfully
// replayed and had different results under the current policies and the
// proposed policies.
Diff *ReplayDiff `protobuf:"bytes,5,opt,name=diff,proto3,oneof"`
}ReplayResult_Error
type ReplayResult_Error struct {
// The error that caused the access tuple replay to fail.
//
// This field is only included for access tuples that were not replayed
// successfully.
Error *status.Status `protobuf:"bytes,6,opt,name=error,proto3,oneof"`
}Replay_ResultsSummary
type Replay_ResultsSummary struct {
// The total number of log entries replayed.
LogCount int32 `protobuf:"varint,1,opt,name=log_count,json=logCount,proto3" json:"log_count,omitempty"`
// The number of replayed log entries with no difference between
// baseline and simulated policies.
UnchangedCount int32 `protobuf:"varint,2,opt,name=unchanged_count,json=unchangedCount,proto3" json:"unchanged_count,omitempty"`
// The number of replayed log entries with a difference between baseline and
// simulated policies.
DifferenceCount int32 `protobuf:"varint,3,opt,name=difference_count,json=differenceCount,proto3" json:"difference_count,omitempty"`
// The number of log entries that could not be replayed.
ErrorCount int32 `protobuf:"varint,4,opt,name=error_count,json=errorCount,proto3" json:"error_count,omitempty"`
// The date of the oldest log entry replayed.
OldestDate *date.Date `protobuf:"bytes,5,opt,name=oldest_date,json=oldestDate,proto3" json:"oldest_date,omitempty"`
// The date of the newest log entry replayed.
NewestDate *date.Date `protobuf:"bytes,6,opt,name=newest_date,json=newestDate,proto3" json:"newest_date,omitempty"`
// contains filtered or unexported fields
}Summary statistics about the replayed log entries.
func (*Replay_ResultsSummary) Descriptor
func (*Replay_ResultsSummary) Descriptor() ([]byte, []int)Deprecated: Use Replay_ResultsSummary.ProtoReflect.Descriptor instead.
func (*Replay_ResultsSummary) GetDifferenceCount
func (x *Replay_ResultsSummary) GetDifferenceCount() int32func (*Replay_ResultsSummary) GetErrorCount
func (x *Replay_ResultsSummary) GetErrorCount() int32func (*Replay_ResultsSummary) GetLogCount
func (x *Replay_ResultsSummary) GetLogCount() int32func (*Replay_ResultsSummary) GetNewestDate
func (x *Replay_ResultsSummary) GetNewestDate() *date.Datefunc (*Replay_ResultsSummary) GetOldestDate
func (x *Replay_ResultsSummary) GetOldestDate() *date.Datefunc (*Replay_ResultsSummary) GetUnchangedCount
func (x *Replay_ResultsSummary) GetUnchangedCount() int32func (*Replay_ResultsSummary) ProtoMessage
func (*Replay_ResultsSummary) ProtoMessage()func (*Replay_ResultsSummary) ProtoReflect
func (x *Replay_ResultsSummary) ProtoReflect() protoreflect.Messagefunc (*Replay_ResultsSummary) Reset
func (x *Replay_ResultsSummary) Reset()func (*Replay_ResultsSummary) String
func (x *Replay_ResultsSummary) String() stringReplay_State
type Replay_State int32The current state of the [Replay][google.cloud.policysimulator.v1.Replay].
Replay_STATE_UNSPECIFIED, Replay_PENDING, Replay_RUNNING, Replay_SUCCEEDED, Replay_FAILED
const (
// Default value. This value is unused.
Replay_STATE_UNSPECIFIED Replay_State = 0
// The `Replay` has not started yet.
Replay_PENDING Replay_State = 1
// The `Replay` is currently running.
Replay_RUNNING Replay_State = 2
// The `Replay` has successfully completed.
Replay_SUCCEEDED Replay_State = 3
// The `Replay` has finished with an error.
Replay_FAILED Replay_State = 4
)func (Replay_State) Descriptor
func (Replay_State) Descriptor() protoreflect.EnumDescriptorfunc (Replay_State) Enum
func (x Replay_State) Enum() *Replay_Statefunc (Replay_State) EnumDescriptor
func (Replay_State) EnumDescriptor() ([]byte, []int)Deprecated: Use Replay_State.Descriptor instead.
func (Replay_State) Number
func (x Replay_State) Number() protoreflect.EnumNumberfunc (Replay_State) String
func (x Replay_State) String() stringfunc (Replay_State) Type
func (Replay_State) Type() protoreflect.EnumTypeResourceContext
type ResourceContext struct {
// The full name of the resource. Example:
// `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`
//
// See [Resource
// names](https://cloud.google.com/apis/design/resource_names#full_resource_name)
// for more information.
Resource string `protobuf:"bytes,1,opt,name=resource,proto3" json:"resource,omitempty"`
// The asset type of the resource as defined by CAIS.
//
// Example: `compute.googleapis.com/Firewall`
//
// See [Supported asset
// types](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
// for more information.
AssetType string `protobuf:"bytes,2,opt,name=asset_type,json=assetType,proto3" json:"asset_type,omitempty"`
// The ancestry path of the resource in Google Cloud [resource
// hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy),
// represented as a list of relative resource names. An ancestry path starts
// with the closest ancestor in the hierarchy and ends at root. If the
// resource is a project, folder, or organization, the ancestry path starts
// from the resource itself.
//
// Example: `["projects/123456789", "folders/5432", "organizations/1234"]`
Ancestors []string `protobuf:"bytes,3,rep,name=ancestors,proto3" json:"ancestors,omitempty"`
// contains filtered or unexported fields
}ResourceContext provides the context we know about a resource. It is similar in concept to google.cloud.asset.v1.Resource, but focuses on the information specifically used by Simulator.
func (*ResourceContext) Descriptor
func (*ResourceContext) Descriptor() ([]byte, []int)Deprecated: Use ResourceContext.ProtoReflect.Descriptor instead.
func (*ResourceContext) GetAncestors
func (x *ResourceContext) GetAncestors() []stringfunc (*ResourceContext) GetAssetType
func (x *ResourceContext) GetAssetType() stringfunc (*ResourceContext) GetResource
func (x *ResourceContext) GetResource() stringfunc (*ResourceContext) ProtoMessage
func (*ResourceContext) ProtoMessage()func (*ResourceContext) ProtoReflect
func (x *ResourceContext) ProtoReflect() protoreflect.Messagefunc (*ResourceContext) Reset
func (x *ResourceContext) Reset()func (*ResourceContext) String
func (x *ResourceContext) String() stringSimulatorClient
type SimulatorClient interface {
// Gets the specified [Replay][google.cloud.policysimulator.v1.Replay]. Each
// `Replay` is available for at least 7 days.
GetReplay(ctx context.Context, in *GetReplayRequest, opts ...grpc.CallOption) (*Replay, error)
// Creates and starts a [Replay][google.cloud.policysimulator.v1.Replay] using
// the given [ReplayConfig][google.cloud.policysimulator.v1.ReplayConfig].
CreateReplay(ctx context.Context, in *CreateReplayRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
// Lists the results of running a
// [Replay][google.cloud.policysimulator.v1.Replay].
ListReplayResults(ctx context.Context, in *ListReplayResultsRequest, opts ...grpc.CallOption) (*ListReplayResultsResponse, error)
}SimulatorClient is the client API for Simulator service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
func NewSimulatorClient
func NewSimulatorClient(cc grpc.ClientConnInterface) SimulatorClientSimulatorServer
type SimulatorServer interface {
// Gets the specified [Replay][google.cloud.policysimulator.v1.Replay]. Each
// `Replay` is available for at least 7 days.
GetReplay(context.Context, *GetReplayRequest) (*Replay, error)
// Creates and starts a [Replay][google.cloud.policysimulator.v1.Replay] using
// the given [ReplayConfig][google.cloud.policysimulator.v1.ReplayConfig].
CreateReplay(context.Context, *CreateReplayRequest) (*longrunningpb.Operation, error)
// Lists the results of running a
// [Replay][google.cloud.policysimulator.v1.Replay].
ListReplayResults(context.Context, *ListReplayResultsRequest) (*ListReplayResultsResponse, error)
}SimulatorServer is the server API for Simulator service.
UnimplementedOrgPolicyViolationsPreviewServiceServer
type UnimplementedOrgPolicyViolationsPreviewServiceServer struct {
}UnimplementedOrgPolicyViolationsPreviewServiceServer can be embedded to have forward compatible implementations.
func (*UnimplementedOrgPolicyViolationsPreviewServiceServer) CreateOrgPolicyViolationsPreview
func (*UnimplementedOrgPolicyViolationsPreviewServiceServer) CreateOrgPolicyViolationsPreview(context.Context, *CreateOrgPolicyViolationsPreviewRequest) (*longrunningpb.Operation, error)func (*UnimplementedOrgPolicyViolationsPreviewServiceServer) GetOrgPolicyViolationsPreview
func (*UnimplementedOrgPolicyViolationsPreviewServiceServer) GetOrgPolicyViolationsPreview(context.Context, *GetOrgPolicyViolationsPreviewRequest) (*OrgPolicyViolationsPreview, error)func (*UnimplementedOrgPolicyViolationsPreviewServiceServer) ListOrgPolicyViolations
func (*UnimplementedOrgPolicyViolationsPreviewServiceServer) ListOrgPolicyViolations(context.Context, *ListOrgPolicyViolationsRequest) (*ListOrgPolicyViolationsResponse, error)func (*UnimplementedOrgPolicyViolationsPreviewServiceServer) ListOrgPolicyViolationsPreviews
func (*UnimplementedOrgPolicyViolationsPreviewServiceServer) ListOrgPolicyViolationsPreviews(context.Context, *ListOrgPolicyViolationsPreviewsRequest) (*ListOrgPolicyViolationsPreviewsResponse, error)UnimplementedSimulatorServer
type UnimplementedSimulatorServer struct {
}UnimplementedSimulatorServer can be embedded to have forward compatible implementations.
func (*UnimplementedSimulatorServer) CreateReplay
func (*UnimplementedSimulatorServer) CreateReplay(context.Context, *CreateReplayRequest) (*longrunningpb.Operation, error)func (*UnimplementedSimulatorServer) GetReplay
func (*UnimplementedSimulatorServer) GetReplay(context.Context, *GetReplayRequest) (*Replay, error)func (*UnimplementedSimulatorServer) ListReplayResults
func (*UnimplementedSimulatorServer) ListReplayResults(context.Context, *ListReplayResultsRequest) (*ListReplayResultsResponse, error)