public interface BindingExplanationOrBuilder extends MessageOrBuilder
Implements
MessageOrBuilderMethods
containsMemberships(String key)
public abstract boolean containsMemberships(String key)
Indicates whether each principal in the binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the binding, and each value indicates whether the principal in the binding includes the principal in the request.
For example, suppose that a binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
The principal in the replayed access tuple is
user:bob@example.com
. This user is a principal of the groupgroup:product-eng@example.com
.For the first principal in the binding, the key is
user:alice@example.com
, and themembership
field in the value is set toMEMBERSHIP_NOT_INCLUDED
.For the second principal in the binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toMEMBERSHIP_INCLUDED
.
map<string, .google.cloud.policysimulator.v1.BindingExplanation.AnnotatedMembership> memberships = 5;
Parameter | |
---|---|
Name | Description |
key | String |
Returns | |
---|---|
Type | Description |
boolean |
getAccess()
public abstract AccessState getAccess()
Required. Indicates whether this binding provides the specified permission to the specified principal for the specified resource.
This field does not indicate whether the principal actually has the
permission for the resource. There might be another binding that overrides
this binding. To determine whether the principal actually has the
permission, use the access
field in the
TroubleshootIamPolicyResponse.
.google.cloud.policysimulator.v1.AccessState access = 1 [(.google.api.field_behavior) = REQUIRED];
Returns | |
---|---|
Type | Description |
AccessState | The access. |
getAccessValue()
public abstract int getAccessValue()
Required. Indicates whether this binding provides the specified permission to the specified principal for the specified resource.
This field does not indicate whether the principal actually has the
permission for the resource. There might be another binding that overrides
this binding. To determine whether the principal actually has the
permission, use the access
field in the
TroubleshootIamPolicyResponse.
.google.cloud.policysimulator.v1.AccessState access = 1 [(.google.api.field_behavior) = REQUIRED];
Returns | |
---|---|
Type | Description |
int | The enum numeric value on the wire for access. |
getCondition()
public abstract Expr getCondition()
A condition expression that prevents this binding from granting access
unless the expression evaluates to true
.
To learn about IAM Conditions, see https://cloud.google.com/iam/docs/conditions-overview.
.google.type.Expr condition = 7;
Returns | |
---|---|
Type | Description |
com.google.type.Expr | The condition. |
getConditionOrBuilder()
public abstract ExprOrBuilder getConditionOrBuilder()
A condition expression that prevents this binding from granting access
unless the expression evaluates to true
.
To learn about IAM Conditions, see https://cloud.google.com/iam/docs/conditions-overview.
.google.type.Expr condition = 7;
Returns | |
---|---|
Type | Description |
com.google.type.ExprOrBuilder |
getMemberships() (deprecated)
public abstract Map<String,BindingExplanation.AnnotatedMembership> getMemberships()
Use #getMembershipsMap() instead.
Returns | |
---|---|
Type | Description |
Map<String,AnnotatedMembership> |
getMembershipsCount()
public abstract int getMembershipsCount()
Indicates whether each principal in the binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the binding, and each value indicates whether the principal in the binding includes the principal in the request.
For example, suppose that a binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
The principal in the replayed access tuple is
user:bob@example.com
. This user is a principal of the groupgroup:product-eng@example.com
.For the first principal in the binding, the key is
user:alice@example.com
, and themembership
field in the value is set toMEMBERSHIP_NOT_INCLUDED
.For the second principal in the binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toMEMBERSHIP_INCLUDED
.
map<string, .google.cloud.policysimulator.v1.BindingExplanation.AnnotatedMembership> memberships = 5;
Returns | |
---|---|
Type | Description |
int |
getMembershipsMap()
public abstract Map<String,BindingExplanation.AnnotatedMembership> getMembershipsMap()
Indicates whether each principal in the binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the binding, and each value indicates whether the principal in the binding includes the principal in the request.
For example, suppose that a binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
The principal in the replayed access tuple is
user:bob@example.com
. This user is a principal of the groupgroup:product-eng@example.com
.For the first principal in the binding, the key is
user:alice@example.com
, and themembership
field in the value is set toMEMBERSHIP_NOT_INCLUDED
.For the second principal in the binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toMEMBERSHIP_INCLUDED
.
map<string, .google.cloud.policysimulator.v1.BindingExplanation.AnnotatedMembership> memberships = 5;
Returns | |
---|---|
Type | Description |
Map<String,AnnotatedMembership> |
getMembershipsOrDefault(String key, BindingExplanation.AnnotatedMembership defaultValue)
public abstract BindingExplanation.AnnotatedMembership getMembershipsOrDefault(String key, BindingExplanation.AnnotatedMembership defaultValue)
Indicates whether each principal in the binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the binding, and each value indicates whether the principal in the binding includes the principal in the request.
For example, suppose that a binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
The principal in the replayed access tuple is
user:bob@example.com
. This user is a principal of the groupgroup:product-eng@example.com
.For the first principal in the binding, the key is
user:alice@example.com
, and themembership
field in the value is set toMEMBERSHIP_NOT_INCLUDED
.For the second principal in the binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toMEMBERSHIP_INCLUDED
.
map<string, .google.cloud.policysimulator.v1.BindingExplanation.AnnotatedMembership> memberships = 5;
Parameters | |
---|---|
Name | Description |
key | String |
defaultValue | BindingExplanation.AnnotatedMembership |
Returns | |
---|---|
Type | Description |
BindingExplanation.AnnotatedMembership |
getMembershipsOrThrow(String key)
public abstract BindingExplanation.AnnotatedMembership getMembershipsOrThrow(String key)
Indicates whether each principal in the binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the binding, and each value indicates whether the principal in the binding includes the principal in the request.
For example, suppose that a binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
The principal in the replayed access tuple is
user:bob@example.com
. This user is a principal of the groupgroup:product-eng@example.com
.For the first principal in the binding, the key is
user:alice@example.com
, and themembership
field in the value is set toMEMBERSHIP_NOT_INCLUDED
.For the second principal in the binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toMEMBERSHIP_INCLUDED
.
map<string, .google.cloud.policysimulator.v1.BindingExplanation.AnnotatedMembership> memberships = 5;
Parameter | |
---|---|
Name | Description |
key | String |
Returns | |
---|---|
Type | Description |
BindingExplanation.AnnotatedMembership |
getRelevance()
public abstract HeuristicRelevance getRelevance()
The relevance of this binding to the overall determination for the entire policy.
.google.cloud.policysimulator.v1.HeuristicRelevance relevance = 6;
Returns | |
---|---|
Type | Description |
HeuristicRelevance | The relevance. |
getRelevanceValue()
public abstract int getRelevanceValue()
The relevance of this binding to the overall determination for the entire policy.
.google.cloud.policysimulator.v1.HeuristicRelevance relevance = 6;
Returns | |
---|---|
Type | Description |
int | The enum numeric value on the wire for relevance. |
getRole()
public abstract String getRole()
The role that this binding grants. For example,
roles/compute.serviceAgent
.
For a complete list of predefined IAM roles, as well as the permissions in each role, see https://cloud.google.com/iam/help/roles/reference.
string role = 2;
Returns | |
---|---|
Type | Description |
String | The role. |
getRoleBytes()
public abstract ByteString getRoleBytes()
The role that this binding grants. For example,
roles/compute.serviceAgent
.
For a complete list of predefined IAM roles, as well as the permissions in each role, see https://cloud.google.com/iam/help/roles/reference.
string role = 2;
Returns | |
---|---|
Type | Description |
ByteString | The bytes for role. |
getRolePermission()
public abstract BindingExplanation.RolePermission getRolePermission()
Indicates whether the role granted by this binding contains the specified permission.
.google.cloud.policysimulator.v1.BindingExplanation.RolePermission role_permission = 3;
Returns | |
---|---|
Type | Description |
BindingExplanation.RolePermission | The rolePermission. |
getRolePermissionRelevance()
public abstract HeuristicRelevance getRolePermissionRelevance()
The relevance of the permission's existence, or nonexistence, in the role to the overall determination for the entire policy.
.google.cloud.policysimulator.v1.HeuristicRelevance role_permission_relevance = 4;
Returns | |
---|---|
Type | Description |
HeuristicRelevance | The rolePermissionRelevance. |
getRolePermissionRelevanceValue()
public abstract int getRolePermissionRelevanceValue()
The relevance of the permission's existence, or nonexistence, in the role to the overall determination for the entire policy.
.google.cloud.policysimulator.v1.HeuristicRelevance role_permission_relevance = 4;
Returns | |
---|---|
Type | Description |
int | The enum numeric value on the wire for rolePermissionRelevance. |
getRolePermissionValue()
public abstract int getRolePermissionValue()
Indicates whether the role granted by this binding contains the specified permission.
.google.cloud.policysimulator.v1.BindingExplanation.RolePermission role_permission = 3;
Returns | |
---|---|
Type | Description |
int | The enum numeric value on the wire for rolePermission. |
hasCondition()
public abstract boolean hasCondition()
A condition expression that prevents this binding from granting access
unless the expression evaluates to true
.
To learn about IAM Conditions, see https://cloud.google.com/iam/docs/conditions-overview.
.google.type.Expr condition = 7;
Returns | |
---|---|
Type | Description |
boolean | Whether the condition field is set. |