Class AccessStateDiff (0.1.5)

A summary and comparison of the principal's access under the current (baseline) policies and the proposed (simulated) policies for a single access tuple.

How the principal's access, specified in the AccessState field, changed between the current (baseline) policies and proposed (simulated) policies.

Values: ACCESS_CHANGE_TYPE_UNSPECIFIED (0): Default value. This value is unused. NO_CHANGE (1): The principal's access did not change. This includes the case where both baseline and simulated are UNKNOWN, but the unknown information is equivalent. UNKNOWN_CHANGE (2): The principal's access under both the current policies and the proposed policies is UNKNOWN, but the unknown information differs between them. ACCESS_REVOKED (3): The principal had access under the current policies (GRANTED), but will no longer have access after the proposed changes (NOT_GRANTED). ACCESS_GAINED (4): The principal did not have access under the current policies (NOT_GRANTED), but will have access after the proposed changes (GRANTED). ACCESS_MAYBE_REVOKED (5): This result can occur for the following reasons:

    -  The principal had access under the current policies
       (`GRANTED`), but their access after the proposed
       changes is `UNKNOWN`.

    -  The principal's access under the current policies is
       `UNKNOWN`, but they will not have access after the
       proposed changes (`NOT_GRANTED`).
ACCESS_MAYBE_GAINED (6):
    This result can occur for the following reasons:

    -  The principal did not have access under the current
       policies (`NOT_GRANTED`), but their access after the
       proposed changes is `UNKNOWN`.

    -  The principal's access under the current policies is
       `UNKNOWN`, but they will have access after the proposed
       changes (`GRANTED`).