Reference documentation and code samples for the Google Cloud Policy Troubleshooter Iam V3 Client class ExplainedDenyPolicy.
Details about how a specific IAM deny policy Policy contributed to the access check.
Generated from protobuf message google.cloud.policytroubleshooter.iam.v3.ExplainedDenyPolicy
Namespace
Google \ Cloud \ PolicyTroubleshooter \ Iam \ V3Methods
__construct
Constructor.
| Parameters | |
|---|---|
| Name | Description |
data |
array
Optional. Data for populating the Message object. |
↳ deny_access_state |
int
Required. Indicates whether this policy denies the specified permission to the specified principal for the specified resource. This field does not indicate whether the principal actually has the permission for the resource. There might be another policy that overrides this policy. To determine whether the principal actually has the permission, use the |
↳ policy |
Google\Cloud\Iam\V2\Policy
The IAM deny policy attached to the resource. If the sender of the request does not have access to the policy, this field is omitted. |
↳ rule_explanations |
array<Google\Cloud\PolicyTroubleshooter\Iam\V3\DenyRuleExplanation>
Details about how each rule in the policy affects the principal's inability to use the permission for the resource. The order of the deny rule matches the order of the rules in the deny policy. If the sender of the request does not have access to the policy, this field is omitted. |
↳ relevance |
int
The relevance of this policy to the overall access state in the TroubleshootIamPolicyResponse. If the sender of the request does not have access to the policy, this field is omitted. |
getDenyAccessState
Required. Indicates whether this policy denies the specified permission to the specified principal for the specified resource.
This field does not indicate whether the principal actually has the
permission for the resource. There might be another policy that overrides
this policy. To determine whether the principal actually has the
permission, use the overall_access_state field in the
TroubleshootIamPolicyResponse.
| Returns | |
|---|---|
| Type | Description |
int |
|
setDenyAccessState
Required. Indicates whether this policy denies the specified permission to the specified principal for the specified resource.
This field does not indicate whether the principal actually has the
permission for the resource. There might be another policy that overrides
this policy. To determine whether the principal actually has the
permission, use the overall_access_state field in the
TroubleshootIamPolicyResponse.
| Parameter | |
|---|---|
| Name | Description |
var |
int
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getPolicy
The IAM deny policy attached to the resource.
If the sender of the request does not have access to the policy, this field is omitted.
| Returns | |
|---|---|
| Type | Description |
Google\Cloud\Iam\V2\Policy|null |
|
hasPolicy
clearPolicy
setPolicy
The IAM deny policy attached to the resource.
If the sender of the request does not have access to the policy, this field is omitted.
| Parameter | |
|---|---|
| Name | Description |
var |
Google\Cloud\Iam\V2\Policy
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getRuleExplanations
Details about how each rule in the policy affects the principal's inability to use the permission for the resource. The order of the deny rule matches the order of the rules in the deny policy.
If the sender of the request does not have access to the policy, this field is omitted.
| Returns | |
|---|---|
| Type | Description |
Google\Protobuf\Internal\RepeatedField |
|
setRuleExplanations
Details about how each rule in the policy affects the principal's inability to use the permission for the resource. The order of the deny rule matches the order of the rules in the deny policy.
If the sender of the request does not have access to the policy, this field is omitted.
| Parameter | |
|---|---|
| Name | Description |
var |
array<Google\Cloud\PolicyTroubleshooter\Iam\V3\DenyRuleExplanation>
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getRelevance
The relevance of this policy to the overall access state in the TroubleshootIamPolicyResponse.
If the sender of the request does not have access to the policy, this field is omitted.
| Returns | |
|---|---|
| Type | Description |
int |
|
setRelevance
The relevance of this policy to the overall access state in the TroubleshootIamPolicyResponse.
If the sender of the request does not have access to the policy, this field is omitted.
| Parameter | |
|---|---|
| Name | Description |
var |
int
|
| Returns | |
|---|---|
| Type | Description |
$this |
|