Class: Google::Cloud::PolicyTroubleshooter::Iam::V3::DenyPolicyExplanation

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/cloud/policytroubleshooter/iam/v3/troubleshooter.rb

Overview

Details about how the relevant IAM deny policies affect the final access state.

Instance Attribute Summary collapse

Instance Attribute Details

#deny_access_state::Google::Cloud::PolicyTroubleshooter::Iam::V3::DenyAccessState

Returns Indicates whether the principal is denied the specified permission for the specified resource, based on evaluating all applicable IAM deny policies.

Returns:



441
442
443
444
 
# File 'proto_docs/google/cloud/policytroubleshooter/iam/v3/troubleshooter.rb', line 441

class DenyPolicyExplanation
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#explained_resources::Array<::Google::Cloud::PolicyTroubleshooter::Iam::V3::ExplainedDenyResource>

Returns List of resources with IAM deny policies that were evaluated to check the principal's denied permissions, with annotations to indicate how each policy contributed to the final result.

The list of resources includes the policy for the resource itself, as well as policies that are inherited from higher levels of the resource hierarchy, including the organization, the folder, and the project. The order of the resources starts from the resource and climbs up the resource hierarchy.

To learn more about the resource hierarchy, see https://cloud.google.com/iam/help/resource-hierarchy.

Returns:

  • (::Array<::Google::Cloud::PolicyTroubleshooter::Iam::V3::ExplainedDenyResource>)

    List of resources with IAM deny policies that were evaluated to check the principal's denied permissions, with annotations to indicate how each policy contributed to the final result.

    The list of resources includes the policy for the resource itself, as well as policies that are inherited from higher levels of the resource hierarchy, including the organization, the folder, and the project. The order of the resources starts from the resource and climbs up the resource hierarchy.

    To learn more about the resource hierarchy, see https://cloud.google.com/iam/help/resource-hierarchy.



441
442
443
444
 
# File 'proto_docs/google/cloud/policytroubleshooter/iam/v3/troubleshooter.rb', line 441

class DenyPolicyExplanation
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#permission_deniable::Boolean

Returns Indicates whether the permission to troubleshoot is supported in deny policies.

Returns:

  • (::Boolean)

    Indicates whether the permission to troubleshoot is supported in deny policies.



441
442
443
444
 
# File 'proto_docs/google/cloud/policytroubleshooter/iam/v3/troubleshooter.rb', line 441

class DenyPolicyExplanation
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#relevance::Google::Cloud::PolicyTroubleshooter::Iam::V3::HeuristicRelevance

Returns The relevance of the deny policy result to the overall access state.

Returns:



441
442
443
444
 
# File 'proto_docs/google/cloud/policytroubleshooter/iam/v3/troubleshooter.rb', line 441

class DenyPolicyExplanation
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end