Class: Google::Cloud::PolicyTroubleshooter::Iam::V3::ConditionContext

Inherits:

Object

• Object
• Google::Cloud::PolicyTroubleshooter::Iam::V3::ConditionContext

Extended by:

Protobuf::MessageExts::ClassMethods

Includes:

Protobuf::MessageExts

Defined in:

proto_docs/google/cloud/policytroubleshooter/iam/v3/troubleshooter.rb

Overview

Additional context for troubleshooting conditional role bindings and deny rules.

Defined Under Namespace

Classes: EffectiveTag, Peer, Request, Resource

Instance Attribute Summary

• #destination ⇒ ::Google::Cloud::PolicyTroubleshooter::Iam::V3::ConditionContext::Peer

  The destination of a network activity, such as accepting a TCP connection.

• #effective_tags ⇒ ::Array<::Google::Cloud::PolicyTroubleshooter::Iam::V3::ConditionContext::EffectiveTag> readonly

  Output only.

• #request ⇒ ::Google::Cloud::PolicyTroubleshooter::Iam::V3::ConditionContext::Request

  Represents a network request, such as an HTTP request.

• #resource ⇒ ::Google::Cloud::PolicyTroubleshooter::Iam::V3::ConditionContext::Resource

  Represents a target resource that is involved with a network activity.

Instance Attribute Details

#destination ⇒ ::Google::Cloud::PolicyTroubleshooter::Iam::V3::ConditionContext::Peer

Returns The destination of a network activity, such as accepting a TCP connection. In a multi-hop network activity, the destination represents the receiver of the last hop.

Returns:

• (::Google::Cloud::PolicyTroubleshooter::Iam::V3::ConditionContext::Peer) —

  The destination of a network activity, such as accepting a TCP connection. In a multi-hop network activity, the destination represents the receiver of the last hop.

# File 'proto_docs/google/cloud/policytroubleshooter/iam/v3/troubleshooter.rb', line 143

class ConditionContext
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Core attributes for a resource. A resource is an
  # addressable (named) entity provided by the destination service. For
  # example, a Compute Engine instance.
  # @!attribute [rw] service
  #   @return [::String]
  #     The name of the service that this resource belongs to, such as
  #     `compute.googleapis.com`. The service name might not match the DNS
  #     hostname that actually serves the request.
  #
  #     For a full list of resource service values, see
  #     https://cloud.google.com/iam/help/conditions/resource-services
  # @!attribute [rw] name
  #   @return [::String]
  #     The stable identifier (name) of a resource on the `service`. A resource
  #     can be logically identified as `//{resource.service}/{resource.name}`.
  #     Unlike the resource URI, the resource name doesn't contain any protocol
  #     and version information.
  #
  #     For a list of full resource name formats, see
  #     https://cloud.google.com/iam/help/troubleshooter/full-resource-names
  # @!attribute [rw] type
  #   @return [::String]
  #     The type of the resource, in the format `{service}/{kind}`.
  #
  #     For a full list of resource type values, see
  #     https://cloud.google.com/iam/help/conditions/resource-types
  class Resource
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # This message defines attributes for a node that handles a network request.
  # The node can be either a service or an application that sends, forwards,
  # or receives the request. Service peers should fill in
  # `principal` and `labels` as appropriate.
  # @!attribute [rw] ip
  #   @return [::String]
  #     The IPv4 or IPv6 address of the peer.
  # @!attribute [rw] port
  #   @return [::Integer]
  #     The network port of the peer.
  class Peer
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # This message defines attributes for an HTTP request. If the actual
  # request is not an HTTP request, the runtime system should try to map
  # the actual request to an equivalent HTTP request.
  # @!attribute [rw] receive_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Optional. The timestamp when the destination service receives the first
  #     byte of the request.
  class Request
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A tag that applies to a resource during policy evaluation. Tags can be
  # either directly bound to a resource or inherited from its ancestor.
  # `EffectiveTag` contains the `name` and `namespaced_name` of the tag value
  # and tag key, with additional fields of `inherited` to indicate the
  # inheritance status of the effective tag.
  # @!attribute [r] tag_value
  #   @return [::String]
  #     Output only. Resource name for TagValue in the format `tagValues/456`.
  # @!attribute [r] namespaced_tag_value
  #   @return [::String]
  #     Output only. The namespaced name of the TagValue. Can be in the form
  #     `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or
  #     `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or
  #     `{project_number}/{tag_key_short_name}/{tag_value_short_name}`.
  # @!attribute [r] tag_key
  #   @return [::String]
  #     Output only. The name of the TagKey, in the format `tagKeys/{id}`, such
  #     as `tagKeys/123`.
  # @!attribute [r] namespaced_tag_key
  #   @return [::String]
  #     Output only. The namespaced name of the TagKey. Can be in the form
  #     `{organization_id}/{tag_key_short_name}` or
  #     `{project_id}/{tag_key_short_name}` or
  #     `{project_number}/{tag_key_short_name}`.
  # @!attribute [rw] tag_key_parent_name
  #   @return [::String]
  #     The parent name of the tag key.
  #     Must be in the format `organizations/{organization_id}` or
  #     `projects/{project_number}`
  # @!attribute [r] inherited
  #   @return [::Boolean]
  #     Output only. Indicates the inheritance status of a tag value
  #     attached to the given resource. If the tag value is inherited from one of
  #     the resource's ancestors, inherited will be true. If false, then the tag
  #     value is directly attached to the resource, inherited will be false.
  class EffectiveTag
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#effective_tags ⇒ ::Array<::Google::Cloud::PolicyTroubleshooter::Iam::V3::ConditionContext::EffectiveTag> (readonly)

Returns Output only. The effective tags on the resource. The effective tags are fetched during troubleshooting.

Returns:

• (::Array<::Google::Cloud::PolicyTroubleshooter::Iam::V3::ConditionContext::EffectiveTag>) —

  Output only. The effective tags on the resource. The effective tags are fetched during troubleshooting.

# File 'proto_docs/google/cloud/policytroubleshooter/iam/v3/troubleshooter.rb', line 143

class ConditionContext
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Core attributes for a resource. A resource is an
  # addressable (named) entity provided by the destination service. For
  # example, a Compute Engine instance.
  # @!attribute [rw] service
  #   @return [::String]
  #     The name of the service that this resource belongs to, such as
  #     `compute.googleapis.com`. The service name might not match the DNS
  #     hostname that actually serves the request.
  #
  #     For a full list of resource service values, see
  #     https://cloud.google.com/iam/help/conditions/resource-services
  # @!attribute [rw] name
  #   @return [::String]
  #     The stable identifier (name) of a resource on the `service`. A resource
  #     can be logically identified as `//{resource.service}/{resource.name}`.
  #     Unlike the resource URI, the resource name doesn't contain any protocol
  #     and version information.
  #
  #     For a list of full resource name formats, see
  #     https://cloud.google.com/iam/help/troubleshooter/full-resource-names
  # @!attribute [rw] type
  #   @return [::String]
  #     The type of the resource, in the format `{service}/{kind}`.
  #
  #     For a full list of resource type values, see
  #     https://cloud.google.com/iam/help/conditions/resource-types
  class Resource
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # This message defines attributes for a node that handles a network request.
  # The node can be either a service or an application that sends, forwards,
  # or receives the request. Service peers should fill in
  # `principal` and `labels` as appropriate.
  # @!attribute [rw] ip
  #   @return [::String]
  #     The IPv4 or IPv6 address of the peer.
  # @!attribute [rw] port
  #   @return [::Integer]
  #     The network port of the peer.
  class Peer
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # This message defines attributes for an HTTP request. If the actual
  # request is not an HTTP request, the runtime system should try to map
  # the actual request to an equivalent HTTP request.
  # @!attribute [rw] receive_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Optional. The timestamp when the destination service receives the first
  #     byte of the request.
  class Request
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A tag that applies to a resource during policy evaluation. Tags can be
  # either directly bound to a resource or inherited from its ancestor.
  # `EffectiveTag` contains the `name` and `namespaced_name` of the tag value
  # and tag key, with additional fields of `inherited` to indicate the
  # inheritance status of the effective tag.
  # @!attribute [r] tag_value
  #   @return [::String]
  #     Output only. Resource name for TagValue in the format `tagValues/456`.
  # @!attribute [r] namespaced_tag_value
  #   @return [::String]
  #     Output only. The namespaced name of the TagValue. Can be in the form
  #     `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or
  #     `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or
  #     `{project_number}/{tag_key_short_name}/{tag_value_short_name}`.
  # @!attribute [r] tag_key
  #   @return [::String]
  #     Output only. The name of the TagKey, in the format `tagKeys/{id}`, such
  #     as `tagKeys/123`.
  # @!attribute [r] namespaced_tag_key
  #   @return [::String]
  #     Output only. The namespaced name of the TagKey. Can be in the form
  #     `{organization_id}/{tag_key_short_name}` or
  #     `{project_id}/{tag_key_short_name}` or
  #     `{project_number}/{tag_key_short_name}`.
  # @!attribute [rw] tag_key_parent_name
  #   @return [::String]
  #     The parent name of the tag key.
  #     Must be in the format `organizations/{organization_id}` or
  #     `projects/{project_number}`
  # @!attribute [r] inherited
  #   @return [::Boolean]
  #     Output only. Indicates the inheritance status of a tag value
  #     attached to the given resource. If the tag value is inherited from one of
  #     the resource's ancestors, inherited will be true. If false, then the tag
  #     value is directly attached to the resource, inherited will be false.
  class EffectiveTag
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#request ⇒ ::Google::Cloud::PolicyTroubleshooter::Iam::V3::ConditionContext::Request

Returns Represents a network request, such as an HTTP request.

Returns:

• (::Google::Cloud::PolicyTroubleshooter::Iam::V3::ConditionContext::Request) —

  Represents a network request, such as an HTTP request.

# File 'proto_docs/google/cloud/policytroubleshooter/iam/v3/troubleshooter.rb', line 143

class ConditionContext
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Core attributes for a resource. A resource is an
  # addressable (named) entity provided by the destination service. For
  # example, a Compute Engine instance.
  # @!attribute [rw] service
  #   @return [::String]
  #     The name of the service that this resource belongs to, such as
  #     `compute.googleapis.com`. The service name might not match the DNS
  #     hostname that actually serves the request.
  #
  #     For a full list of resource service values, see
  #     https://cloud.google.com/iam/help/conditions/resource-services
  # @!attribute [rw] name
  #   @return [::String]
  #     The stable identifier (name) of a resource on the `service`. A resource
  #     can be logically identified as `//{resource.service}/{resource.name}`.
  #     Unlike the resource URI, the resource name doesn't contain any protocol
  #     and version information.
  #
  #     For a list of full resource name formats, see
  #     https://cloud.google.com/iam/help/troubleshooter/full-resource-names
  # @!attribute [rw] type
  #   @return [::String]
  #     The type of the resource, in the format `{service}/{kind}`.
  #
  #     For a full list of resource type values, see
  #     https://cloud.google.com/iam/help/conditions/resource-types
  class Resource
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # This message defines attributes for a node that handles a network request.
  # The node can be either a service or an application that sends, forwards,
  # or receives the request. Service peers should fill in
  # `principal` and `labels` as appropriate.
  # @!attribute [rw] ip
  #   @return [::String]
  #     The IPv4 or IPv6 address of the peer.
  # @!attribute [rw] port
  #   @return [::Integer]
  #     The network port of the peer.
  class Peer
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # This message defines attributes for an HTTP request. If the actual
  # request is not an HTTP request, the runtime system should try to map
  # the actual request to an equivalent HTTP request.
  # @!attribute [rw] receive_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Optional. The timestamp when the destination service receives the first
  #     byte of the request.
  class Request
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A tag that applies to a resource during policy evaluation. Tags can be
  # either directly bound to a resource or inherited from its ancestor.
  # `EffectiveTag` contains the `name` and `namespaced_name` of the tag value
  # and tag key, with additional fields of `inherited` to indicate the
  # inheritance status of the effective tag.
  # @!attribute [r] tag_value
  #   @return [::String]
  #     Output only. Resource name for TagValue in the format `tagValues/456`.
  # @!attribute [r] namespaced_tag_value
  #   @return [::String]
  #     Output only. The namespaced name of the TagValue. Can be in the form
  #     `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or
  #     `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or
  #     `{project_number}/{tag_key_short_name}/{tag_value_short_name}`.
  # @!attribute [r] tag_key
  #   @return [::String]
  #     Output only. The name of the TagKey, in the format `tagKeys/{id}`, such
  #     as `tagKeys/123`.
  # @!attribute [r] namespaced_tag_key
  #   @return [::String]
  #     Output only. The namespaced name of the TagKey. Can be in the form
  #     `{organization_id}/{tag_key_short_name}` or
  #     `{project_id}/{tag_key_short_name}` or
  #     `{project_number}/{tag_key_short_name}`.
  # @!attribute [rw] tag_key_parent_name
  #   @return [::String]
  #     The parent name of the tag key.
  #     Must be in the format `organizations/{organization_id}` or
  #     `projects/{project_number}`
  # @!attribute [r] inherited
  #   @return [::Boolean]
  #     Output only. Indicates the inheritance status of a tag value
  #     attached to the given resource. If the tag value is inherited from one of
  #     the resource's ancestors, inherited will be true. If false, then the tag
  #     value is directly attached to the resource, inherited will be false.
  class EffectiveTag
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#resource ⇒ ::Google::Cloud::PolicyTroubleshooter::Iam::V3::ConditionContext::Resource

Returns Represents a target resource that is involved with a network activity. If multiple resources are involved with an activity, this must be the primary one.

Returns:

• (::Google::Cloud::PolicyTroubleshooter::Iam::V3::ConditionContext::Resource) —

  Represents a target resource that is involved with a network activity. If multiple resources are involved with an activity, this must be the primary one.

# File 'proto_docs/google/cloud/policytroubleshooter/iam/v3/troubleshooter.rb', line 143

class ConditionContext
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Core attributes for a resource. A resource is an
  # addressable (named) entity provided by the destination service. For
  # example, a Compute Engine instance.
  # @!attribute [rw] service
  #   @return [::String]
  #     The name of the service that this resource belongs to, such as
  #     `compute.googleapis.com`. The service name might not match the DNS
  #     hostname that actually serves the request.
  #
  #     For a full list of resource service values, see
  #     https://cloud.google.com/iam/help/conditions/resource-services
  # @!attribute [rw] name
  #   @return [::String]
  #     The stable identifier (name) of a resource on the `service`. A resource
  #     can be logically identified as `//{resource.service}/{resource.name}`.
  #     Unlike the resource URI, the resource name doesn't contain any protocol
  #     and version information.
  #
  #     For a list of full resource name formats, see
  #     https://cloud.google.com/iam/help/troubleshooter/full-resource-names
  # @!attribute [rw] type
  #   @return [::String]
  #     The type of the resource, in the format `{service}/{kind}`.
  #
  #     For a full list of resource type values, see
  #     https://cloud.google.com/iam/help/conditions/resource-types
  class Resource
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # This message defines attributes for a node that handles a network request.
  # The node can be either a service or an application that sends, forwards,
  # or receives the request. Service peers should fill in
  # `principal` and `labels` as appropriate.
  # @!attribute [rw] ip
  #   @return [::String]
  #     The IPv4 or IPv6 address of the peer.
  # @!attribute [rw] port
  #   @return [::Integer]
  #     The network port of the peer.
  class Peer
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # This message defines attributes for an HTTP request. If the actual
  # request is not an HTTP request, the runtime system should try to map
  # the actual request to an equivalent HTTP request.
  # @!attribute [rw] receive_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Optional. The timestamp when the destination service receives the first
  #     byte of the request.
  class Request
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A tag that applies to a resource during policy evaluation. Tags can be
  # either directly bound to a resource or inherited from its ancestor.
  # `EffectiveTag` contains the `name` and `namespaced_name` of the tag value
  # and tag key, with additional fields of `inherited` to indicate the
  # inheritance status of the effective tag.
  # @!attribute [r] tag_value
  #   @return [::String]
  #     Output only. Resource name for TagValue in the format `tagValues/456`.
  # @!attribute [r] namespaced_tag_value
  #   @return [::String]
  #     Output only. The namespaced name of the TagValue. Can be in the form
  #     `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or
  #     `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or
  #     `{project_number}/{tag_key_short_name}/{tag_value_short_name}`.
  # @!attribute [r] tag_key
  #   @return [::String]
  #     Output only. The name of the TagKey, in the format `tagKeys/{id}`, such
  #     as `tagKeys/123`.
  # @!attribute [r] namespaced_tag_key
  #   @return [::String]
  #     Output only. The namespaced name of the TagKey. Can be in the form
  #     `{organization_id}/{tag_key_short_name}` or
  #     `{project_id}/{tag_key_short_name}` or
  #     `{project_number}/{tag_key_short_name}`.
  # @!attribute [rw] tag_key_parent_name
  #   @return [::String]
  #     The parent name of the tag key.
  #     Must be in the format `organizations/{organization_id}` or
  #     `projects/{project_number}`
  # @!attribute [r] inherited
  #   @return [::Boolean]
  #     Output only. Indicates the inheritance status of a tag value
  #     attached to the given resource. If the tag value is inherited from one of
  #     the resource's ancestors, inherited will be true. If false, then the tag
  #     value is directly attached to the resource, inherited will be false.
  class EffectiveTag
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end