Reference documentation and code samples for the Google Cloud Policy Troubleshooter Iam V3 Client class AccessTuple.
Information about the principal, resource, and permission to check.
Generated from protobuf message google.cloud.policytroubleshooter.iam.v3.AccessTuple
Namespace
Google \ Cloud \ PolicyTroubleshooter \ Iam \ V3Methods
__construct
Constructor.
Parameters | |
---|---|
Name | Description |
data |
array
Optional. Data for populating the Message object. |
↳ principal |
string
Required. The email address of the principal whose access you want to check. For example, |
↳ full_resource_name |
string
Required. The full resource name that identifies the resource. For example, |
↳ permission |
string
Required. The IAM permission to check for, either in the |
↳ permission_fqdn |
string
Output only. The permission that Policy Troubleshooter checked for, in the |
↳ condition_context |
ConditionContext
Optional. Additional context for the request, such as the request time or IP address. This context allows Policy Troubleshooter to troubleshoot conditional role bindings and deny rules. |
getPrincipal
Required. The email address of the principal whose access you want to
check. For example, alice@example.com
or
my-service-account@my-project.iam.gserviceaccount.com
.
The principal must be a Google Account or a service account. Other types of principals are not supported.
Returns | |
---|---|
Type | Description |
string |
setPrincipal
Required. The email address of the principal whose access you want to
check. For example, alice@example.com
or
my-service-account@my-project.iam.gserviceaccount.com
.
The principal must be a Google Account or a service account. Other types of principals are not supported.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getFullResourceName
Required. The full resource name that identifies the resource. For example,
//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance
.
For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
Returns | |
---|---|
Type | Description |
string |
setFullResourceName
Required. The full resource name that identifies the resource. For example,
//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance
.
For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getPermission
Required. The IAM permission to check for, either in the v1
permission
format or the v2
permission format.
For a complete list of IAM permissions in the v1
format, see
https://cloud.google.com/iam/help/permissions/reference.
For a list of IAM permissions in the v2
format, see
https://cloud.google.com/iam/help/deny/supported-permissions.
For a complete list of predefined IAM roles and the permissions in each
role, see https://cloud.google.com/iam/help/roles/reference.
Returns | |
---|---|
Type | Description |
string |
setPermission
Required. The IAM permission to check for, either in the v1
permission
format or the v2
permission format.
For a complete list of IAM permissions in the v1
format, see
https://cloud.google.com/iam/help/permissions/reference.
For a list of IAM permissions in the v2
format, see
https://cloud.google.com/iam/help/deny/supported-permissions.
For a complete list of predefined IAM roles and the permissions in each
role, see https://cloud.google.com/iam/help/roles/reference.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getPermissionFqdn
Output only. The permission that Policy Troubleshooter checked for, in
the v2
format.
Returns | |
---|---|
Type | Description |
string |
setPermissionFqdn
Output only. The permission that Policy Troubleshooter checked for, in
the v2
format.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getConditionContext
Optional. Additional context for the request, such as the request time or IP address. This context allows Policy Troubleshooter to troubleshoot conditional role bindings and deny rules.
Returns | |
---|---|
Type | Description |
ConditionContext|null |
hasConditionContext
clearConditionContext
setConditionContext
Optional. Additional context for the request, such as the request time or IP address. This context allows Policy Troubleshooter to troubleshoot conditional role bindings and deny rules.
Parameter | |
---|---|
Name | Description |
var |
ConditionContext
|
Returns | |
---|---|
Type | Description |
$this |