Class: Google::Cloud::PolicySimulator::V1::ExplainedPolicy
- Inherits:
-
Object
- Object
- Google::Cloud::PolicySimulator::V1::ExplainedPolicy
- Extended by:
- Protobuf::MessageExts::ClassMethods
- Includes:
- Protobuf::MessageExts
- Defined in:
- proto_docs/google/cloud/policysimulator/v1/explanations.rb
Overview
Details about how a specific IAM Policy contributed to the access check.
Instance Attribute Summary collapse
-
#access ⇒ ::Google::Cloud::PolicySimulator::V1::AccessState
Indicates whether this policy provides the specified permission to the specified principal for the specified resource.
-
#binding_explanations ⇒ ::Array<::Google::Cloud::PolicySimulator::V1::BindingExplanation>
Details about how each binding in the policy affects the principal's ability, or inability, to use the permission for the resource.
-
#full_resource_name ⇒ ::String
The full resource name that identifies the resource.
-
#policy ⇒ ::Google::Iam::V1::Policy
The IAM policy attached to the resource.
-
#relevance ⇒ ::Google::Cloud::PolicySimulator::V1::HeuristicRelevance
The relevance of this policy to the overall determination in the [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
Instance Attribute Details
#access ⇒ ::Google::Cloud::PolicySimulator::V1::AccessState
Returns Indicates whether this policy provides the specified permission to the specified principal for the specified resource.
This field does not indicate whether the principal actually has the
permission for the resource. There might be another policy that overrides
this policy. To determine whether the principal actually has the
permission, use the access
field in the
[TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
102 103 104 105 |
# File 'proto_docs/google/cloud/policysimulator/v1/explanations.rb', line 102 class ExplainedPolicy include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |
#binding_explanations ⇒ ::Array<::Google::Cloud::PolicySimulator::V1::BindingExplanation>
Returns Details about how each binding in the policy affects the principal's ability, or inability, to use the permission for the resource.
If the user who created the Replay does not have access to the policy, this field is omitted.
102 103 104 105 |
# File 'proto_docs/google/cloud/policysimulator/v1/explanations.rb', line 102 class ExplainedPolicy include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |
#full_resource_name ⇒ ::String
Returns The full resource name that identifies the resource. For example,
//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance
.
If the user who created the Replay does not have access to the policy, this field is omitted.
For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
102 103 104 105 |
# File 'proto_docs/google/cloud/policysimulator/v1/explanations.rb', line 102 class ExplainedPolicy include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |
#policy ⇒ ::Google::Iam::V1::Policy
Returns The IAM policy attached to the resource.
If the user who created the Replay does not have access to the policy, this field is empty.
102 103 104 105 |
# File 'proto_docs/google/cloud/policysimulator/v1/explanations.rb', line 102 class ExplainedPolicy include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |
#relevance ⇒ ::Google::Cloud::PolicySimulator::V1::HeuristicRelevance
Returns The relevance of this policy to the overall determination in the [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
If the user who created the Replay does not have access to the policy, this field is omitted.
102 103 104 105 |
# File 'proto_docs/google/cloud/policysimulator/v1/explanations.rb', line 102 class ExplainedPolicy include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |