Class: Google::Cloud::PolicyTroubleshooter::Iam::V3::ExplainedDenyResource

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/cloud/policytroubleshooter/iam/v3/troubleshooter.rb

Overview

Details about how a specific resource contributed to the deny policy evaluation.

Instance Attribute Summary collapse

Instance Attribute Details

#deny_access_state::Google::Cloud::PolicyTroubleshooter::Iam::V3::DenyAccessState

Returns Required. Indicates whether any policies attached to this resource deny the specific permission to the specified principal for the specified resource.

This field does not indicate whether the principal actually has the permission for the resource. There might be another policy that overrides this policy. To determine whether the principal actually has the permission, use the overall_access_state field in the TroubleshootIamPolicyResponse.

Returns:

  • (::Google::Cloud::PolicyTroubleshooter::Iam::V3::DenyAccessState)

    Required. Indicates whether any policies attached to this resource deny the specific permission to the specified principal for the specified resource.

    This field does not indicate whether the principal actually has the permission for the resource. There might be another policy that overrides this policy. To determine whether the principal actually has the permission, use the overall_access_state field in the TroubleshootIamPolicyResponse.



481
482
483
484
 
# File 'proto_docs/google/cloud/policytroubleshooter/iam/v3/troubleshooter.rb', line 481

class ExplainedDenyResource
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#explained_policies::Array<::Google::Cloud::PolicyTroubleshooter::Iam::V3::ExplainedDenyPolicy>

Returns List of IAM deny policies that were evaluated to check the principal's denied permissions, with annotations to indicate how each policy contributed to the final result.

Returns:



481
482
483
484
 
# File 'proto_docs/google/cloud/policytroubleshooter/iam/v3/troubleshooter.rb', line 481

class ExplainedDenyResource
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#full_resource_name::String

Returns The full resource name that identifies the resource. For example, //compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance.

If the sender of the request does not have access to the policy, this field is omitted.

For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names.

Returns:

  • (::String)

    The full resource name that identifies the resource. For example, //compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance.

    If the sender of the request does not have access to the policy, this field is omitted.

    For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names.



481
482
483
484
 
# File 'proto_docs/google/cloud/policytroubleshooter/iam/v3/troubleshooter.rb', line 481

class ExplainedDenyResource
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#relevance::Google::Cloud::PolicyTroubleshooter::Iam::V3::HeuristicRelevance

Returns The relevance of this policy to the overall access state in the TroubleshootIamPolicyResponse.

If the sender of the request does not have access to the policy, this field is omitted.

Returns:



481
482
483
484
 
# File 'proto_docs/google/cloud/policytroubleshooter/iam/v3/troubleshooter.rb', line 481

class ExplainedDenyResource
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end