Policy Simulator V1 API - Class Google::Cloud::PolicySimulator::V1::ExplainedPolicy (v0.3.2)

Reference documentation and code samples for the Policy Simulator V1 API class Google::Cloud::PolicySimulator::V1::ExplainedPolicy.

Details about how a specific IAM Policy contributed to the access check.

Inherits

  • Object

Extended By

  • Google::Protobuf::MessageExts::ClassMethods

Includes

  • Google::Protobuf::MessageExts

Methods

#access

def access() -> ::Google::Cloud::PolicySimulator::V1::AccessState
Returns
  • (::Google::Cloud::PolicySimulator::V1::AccessState) — Indicates whether this policy provides the specified permission to the specified principal for the specified resource.

    This field does not indicate whether the principal actually has the permission for the resource. There might be another policy that overrides this policy. To determine whether the principal actually has the permission, use the access field in the [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].

#access=

def access=(value) -> ::Google::Cloud::PolicySimulator::V1::AccessState
Parameter
  • value (::Google::Cloud::PolicySimulator::V1::AccessState) — Indicates whether this policy provides the specified permission to the specified principal for the specified resource.

    This field does not indicate whether the principal actually has the permission for the resource. There might be another policy that overrides this policy. To determine whether the principal actually has the permission, use the access field in the [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].

Returns
  • (::Google::Cloud::PolicySimulator::V1::AccessState) — Indicates whether this policy provides the specified permission to the specified principal for the specified resource.

    This field does not indicate whether the principal actually has the permission for the resource. There might be another policy that overrides this policy. To determine whether the principal actually has the permission, use the access field in the [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].

#binding_explanations

def binding_explanations() -> ::Array<::Google::Cloud::PolicySimulator::V1::BindingExplanation>
Returns

#binding_explanations=

def binding_explanations=(value) -> ::Array<::Google::Cloud::PolicySimulator::V1::BindingExplanation>
Parameter
Returns

#full_resource_name

def full_resource_name() -> ::String
Returns
  • (::String) — The full resource name that identifies the resource. For example, //compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance.

    If the user who created the Replay does not have access to the policy, this field is omitted.

    For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names.

#full_resource_name=

def full_resource_name=(value) -> ::String
Parameter
  • value (::String) — The full resource name that identifies the resource. For example, //compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance.

    If the user who created the Replay does not have access to the policy, this field is omitted.

    For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names.

Returns
  • (::String) — The full resource name that identifies the resource. For example, //compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance.

    If the user who created the Replay does not have access to the policy, this field is omitted.

    For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names.

#policy

def policy() -> ::Google::Iam::V1::Policy
Returns
  • (::Google::Iam::V1::Policy) — The IAM policy attached to the resource.

    If the user who created the Replay does not have access to the policy, this field is empty.

#policy=

def policy=(value) -> ::Google::Iam::V1::Policy
Parameter
  • value (::Google::Iam::V1::Policy) — The IAM policy attached to the resource.

    If the user who created the Replay does not have access to the policy, this field is empty.

Returns
  • (::Google::Iam::V1::Policy) — The IAM policy attached to the resource.

    If the user who created the Replay does not have access to the policy, this field is empty.

#relevance

def relevance() -> ::Google::Cloud::PolicySimulator::V1::HeuristicRelevance
Returns

#relevance=

def relevance=(value) -> ::Google::Cloud::PolicySimulator::V1::HeuristicRelevance
Parameter
Returns