Policy Simulator v1 API - Namespace Google.Cloud.PolicySimulator.V1 (1.0.0-beta02)

Classes

AccessStateDiff

A summary and comparison of the principal's access under the current (baseline) policies and the proposed (simulated) policies for a single access tuple.

AccessStateDiff.Types

Container for nested types declared in the AccessStateDiff message type.

AccessTuple

Information about the principal, resource, and permission to check.

BindingExplanation

Details about how a binding in a policy affects a principal's ability to use a permission.

BindingExplanation.Types

Container for nested types declared in the BindingExplanation message type.

BindingExplanation.Types.AnnotatedMembership

Details about whether the binding includes the principal.

CreateReplayRequest

Request message for [Simulator.CreateReplay][google.cloud.policysimulator.v1.Simulator.CreateReplay].

ExplainedAccess

Details about how a set of policies, listed in [ExplainedPolicy][google.cloud.policysimulator.v1.ExplainedPolicy], resulted in a certain [AccessState][google.cloud.policysimulator.v1.AccessState] when replaying an access tuple.

ExplainedPolicy

Details about how a specific IAM [Policy][google.iam.v1.Policy] contributed to the access check.

GetReplayRequest

Request message for [Simulator.GetReplay][google.cloud.policysimulator.v1.Simulator.GetReplay].

ListReplayResultsRequest

Request message for [Simulator.ListReplayResults][google.cloud.policysimulator.v1.Simulator.ListReplayResults].

ListReplayResultsResponse

Response message for [Simulator.ListReplayResults][google.cloud.policysimulator.v1.Simulator.ListReplayResults].

Replay

A resource describing a Replay, or simulation.

Replay.Types

Container for nested types declared in the Replay message type.

Replay.Types.ResultsSummary

Summary statistics about the replayed log entries.

ReplayConfig

The configuration used for a [Replay][google.cloud.policysimulator.v1.Replay].

ReplayConfig.Types

Container for nested types declared in the ReplayConfig message type.

ReplayDiff

The difference between the results of evaluating an access tuple under the current (baseline) policies and under the proposed (simulated) policies. This difference explains how a principal's access could change if the proposed policies were applied.

ReplayName

Resource name for the Replay resource.

ReplayOperationMetadata

Metadata about a Replay operation.

ReplayResult

The result of replaying a single access tuple against a simulated state.

ReplayResultName

Resource name for the ReplayResult resource.

Simulator

Policy Simulator API service.

Policy Simulator is a collection of endpoints for creating, running, and viewing a [Replay][google.cloud.policysimulator.v1.Replay]. A [Replay][google.cloud.policysimulator.v1.Replay] is a type of simulation that lets you see how your principals' access to resources might change if you changed your IAM policy.

During a [Replay][google.cloud.policysimulator.v1.Replay], Policy Simulator re-evaluates, or replays, past access attempts under both the current policy and your proposed policy, and compares those results to determine how your principals' access might change under the proposed policy.

Simulator.SimulatorBase

Base class for server-side implementations of Simulator

Simulator.SimulatorClient

Client for Simulator

SimulatorClient

Simulator client wrapper, for convenient use.

SimulatorClientBuilder

Builder class for SimulatorClient to provide simple configuration of credentials, endpoint etc.

SimulatorClientImpl

Simulator client wrapper implementation, for convenient use.

SimulatorSettings

Settings for SimulatorClient instances.

Enums

AccessState

Whether a principal has a permission for a resource.

AccessStateDiff.Types.AccessChangeType

How the principal's access, specified in the AccessState field, changed between the current (baseline) policies and proposed (simulated) policies.

BindingExplanation.Types.Membership

Whether the binding includes the principal.

BindingExplanation.Types.RolePermission

Whether a role includes a specific permission.

HeuristicRelevance

The extent to which a single data point, such as the existence of a binding or whether a binding includes a specific principal, contributes to an overall determination.

Replay.Types.State

The current state of the [Replay][google.cloud.policysimulator.v1.Replay].

ReplayConfig.Types.LogSource

The source of the logs to use for a [Replay][google.cloud.policysimulator.v1.Replay].

ReplayName.ResourceNameType

The possible contents of ReplayName.

ReplayResult.ResultOneofCase

Enum of possible cases for the "result" oneof.

ReplayResultName.ResourceNameType

The possible contents of ReplayResultName.