Policy Troubleshooter v3 API - Class AccessTuple (1.2.0)

public sealed class AccessTuple : IMessage<AccessTuple>, IEquatable<AccessTuple>, IDeepCloneable<AccessTuple>, IBufferMessage, IMessage

Reference documentation and code samples for the Policy Troubleshooter v3 API class AccessTuple.

Information about the principal, resource, and permission to check.

Inheritance

object > AccessTuple

Namespace

Google.Cloud.PolicyTroubleshooter.Iam.V3

Assembly

Google.Cloud.PolicyTroubleshooter.Iam.V3.dll

Constructors

AccessTuple()

public AccessTuple()

AccessTuple(AccessTuple)

public AccessTuple(AccessTuple other)
Parameter
Name Description
other AccessTuple

Properties

ConditionContext

public ConditionContext ConditionContext { get; set; }

Optional. Additional context for the request, such as the request time or IP address. This context allows Policy Troubleshooter to troubleshoot conditional role bindings and deny rules.

Property Value
Type Description
ConditionContext

FullResourceName

public string FullResourceName { get; set; }

Required. The full resource name that identifies the resource. For example, //compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance.

For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names.

Property Value
Type Description
string

Permission

public string Permission { get; set; }

Required. The IAM permission to check for, either in the v1 permission format or the v2 permission format.

For a complete list of IAM permissions in the v1 format, see https://cloud.google.com/iam/help/permissions/reference.

For a list of IAM permissions in the v2 format, see https://cloud.google.com/iam/help/deny/supported-permissions.

For a complete list of predefined IAM roles and the permissions in each role, see https://cloud.google.com/iam/help/roles/reference.

Property Value
Type Description
string

PermissionFqdn

public string PermissionFqdn { get; set; }

Output only. The permission that Policy Troubleshooter checked for, in the v2 format.

Property Value
Type Description
string

Principal

public string Principal { get; set; }

Required. The email address of the principal whose access you want to check. For example, alice@example.com or my-service-account@my-project.iam.gserviceaccount.com.

The principal must be a Google Account or a service account. Other types of principals are not supported.

Property Value
Type Description
string