Class: Google::Cloud::PolicySimulator::V1::AccessStateDiff

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/cloud/policysimulator/v1/simulator.rb

Overview

A summary and comparison of the principal's access under the current (baseline) policies and the proposed (simulated) policies for a single access tuple.

Defined Under Namespace

Modules: AccessChangeType

Instance Attribute Summary collapse

Instance Attribute Details

#access_change::Google::Cloud::PolicySimulator::V1::AccessStateDiff::AccessChangeType

Returns How the principal's access, specified in the AccessState field, changed between the current (baseline) policies and proposed (simulated) policies.

Returns:



316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
 
# File 'proto_docs/google/cloud/policysimulator/v1/simulator.rb', line 316

class AccessStateDiff
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # How the principal's access, specified in the AccessState field, changed
  # between the current (baseline) policies and proposed (simulated) policies.
  module AccessChangeType
    # Default value. This value is unused.
    ACCESS_CHANGE_TYPE_UNSPECIFIED = 0

    # The principal's access did not change.
    # This includes the case where both baseline and simulated are UNKNOWN,
    # but the unknown information is equivalent.
    NO_CHANGE = 1

    # The principal's access under both the current policies and the proposed
    # policies is `UNKNOWN`, but the unknown information differs between them.
    UNKNOWN_CHANGE = 2

    # The principal had access under the current policies (`GRANTED`), but will
    # no longer have access after the proposed changes (`NOT_GRANTED`).
    ACCESS_REVOKED = 3

    # The principal did not have access under the current policies
    # (`NOT_GRANTED`), but will have access after the proposed changes
    # (`GRANTED`).
    ACCESS_GAINED = 4

    # This result can occur for the following reasons:
    #
    # * The principal had access under the current policies (`GRANTED`), but
    #   their access after the proposed changes is `UNKNOWN`.
    #
    # * The principal's access under the current policies is `UNKNOWN`, but
    # they
    #   will not have access after the proposed changes (`NOT_GRANTED`).
    ACCESS_MAYBE_REVOKED = 5

    # This result can occur for the following reasons:
    #
    # * The principal did not have access under the current policies
    #   (`NOT_GRANTED`), but their access after the proposed changes is
    #   `UNKNOWN`.
    #
    # * The principal's access under the current policies is `UNKNOWN`, but
    # they will have access after the proposed changes (`GRANTED`).
    ACCESS_MAYBE_GAINED = 6
  end
end

#baseline::Google::Cloud::PolicySimulator::V1::ExplainedAccess

Returns The results of evaluating the access tuple under the current (baseline) policies.

If the AccessState couldn't be fully evaluated, this field explains why.

Returns:



316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
 
# File 'proto_docs/google/cloud/policysimulator/v1/simulator.rb', line 316

class AccessStateDiff
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # How the principal's access, specified in the AccessState field, changed
  # between the current (baseline) policies and proposed (simulated) policies.
  module AccessChangeType
    # Default value. This value is unused.
    ACCESS_CHANGE_TYPE_UNSPECIFIED = 0

    # The principal's access did not change.
    # This includes the case where both baseline and simulated are UNKNOWN,
    # but the unknown information is equivalent.
    NO_CHANGE = 1

    # The principal's access under both the current policies and the proposed
    # policies is `UNKNOWN`, but the unknown information differs between them.
    UNKNOWN_CHANGE = 2

    # The principal had access under the current policies (`GRANTED`), but will
    # no longer have access after the proposed changes (`NOT_GRANTED`).
    ACCESS_REVOKED = 3

    # The principal did not have access under the current policies
    # (`NOT_GRANTED`), but will have access after the proposed changes
    # (`GRANTED`).
    ACCESS_GAINED = 4

    # This result can occur for the following reasons:
    #
    # * The principal had access under the current policies (`GRANTED`), but
    #   their access after the proposed changes is `UNKNOWN`.
    #
    # * The principal's access under the current policies is `UNKNOWN`, but
    # they
    #   will not have access after the proposed changes (`NOT_GRANTED`).
    ACCESS_MAYBE_REVOKED = 5

    # This result can occur for the following reasons:
    #
    # * The principal did not have access under the current policies
    #   (`NOT_GRANTED`), but their access after the proposed changes is
    #   `UNKNOWN`.
    #
    # * The principal's access under the current policies is `UNKNOWN`, but
    # they will have access after the proposed changes (`GRANTED`).
    ACCESS_MAYBE_GAINED = 6
  end
end

#simulated::Google::Cloud::PolicySimulator::V1::ExplainedAccess

Returns The results of evaluating the access tuple under the proposed (simulated) policies.

If the AccessState couldn't be fully evaluated, this field explains why.

Returns:



316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
 
# File 'proto_docs/google/cloud/policysimulator/v1/simulator.rb', line 316

class AccessStateDiff
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # How the principal's access, specified in the AccessState field, changed
  # between the current (baseline) policies and proposed (simulated) policies.
  module AccessChangeType
    # Default value. This value is unused.
    ACCESS_CHANGE_TYPE_UNSPECIFIED = 0

    # The principal's access did not change.
    # This includes the case where both baseline and simulated are UNKNOWN,
    # but the unknown information is equivalent.
    NO_CHANGE = 1

    # The principal's access under both the current policies and the proposed
    # policies is `UNKNOWN`, but the unknown information differs between them.
    UNKNOWN_CHANGE = 2

    # The principal had access under the current policies (`GRANTED`), but will
    # no longer have access after the proposed changes (`NOT_GRANTED`).
    ACCESS_REVOKED = 3

    # The principal did not have access under the current policies
    # (`NOT_GRANTED`), but will have access after the proposed changes
    # (`GRANTED`).
    ACCESS_GAINED = 4

    # This result can occur for the following reasons:
    #
    # * The principal had access under the current policies (`GRANTED`), but
    #   their access after the proposed changes is `UNKNOWN`.
    #
    # * The principal's access under the current policies is `UNKNOWN`, but
    # they
    #   will not have access after the proposed changes (`NOT_GRANTED`).
    ACCESS_MAYBE_REVOKED = 5

    # This result can occur for the following reasons:
    #
    # * The principal did not have access under the current policies
    #   (`NOT_GRANTED`), but their access after the proposed changes is
    #   `UNKNOWN`.
    #
    # * The principal's access under the current policies is `UNKNOWN`, but
    # they will have access after the proposed changes (`GRANTED`).
    ACCESS_MAYBE_GAINED = 6
  end
end