public sealed class AllowPolicyExplanation : IMessage<AllowPolicyExplanation>, IEquatable<AllowPolicyExplanation>, IDeepCloneable<AllowPolicyExplanation>, IBufferMessage, IMessage
Reference documentation and code samples for the Policy Troubleshooter v3 API class AllowPolicyExplanation.
Details about how the relevant IAM allow policies affect the final access state.
Implements
IMessageAllowPolicyExplanation, IEquatableAllowPolicyExplanation, IDeepCloneableAllowPolicyExplanation, IBufferMessage, IMessageNamespace
Google.Cloud.PolicyTroubleshooter.Iam.V3Assembly
Google.Cloud.PolicyTroubleshooter.Iam.V3.dll
Constructors
AllowPolicyExplanation()
public AllowPolicyExplanation()
AllowPolicyExplanation(AllowPolicyExplanation)
public AllowPolicyExplanation(AllowPolicyExplanation other)
Parameter | |
---|---|
Name | Description |
other |
AllowPolicyExplanation |
Properties
AllowAccessState
public AllowAccessState AllowAccessState { get; set; }
Indicates whether the principal has the specified permission for the specified resource, based on evaluating all applicable IAM allow policies.
Property Value | |
---|---|
Type | Description |
AllowAccessState |
ExplainedPolicies
public RepeatedField<ExplainedAllowPolicy> ExplainedPolicies { get; }
List of IAM allow policies that were evaluated to check the principal's permissions, with annotations to indicate how each policy contributed to the final result.
The list of policies includes the policy for the resource itself, as well as allow policies that are inherited from higher levels of the resource hierarchy, including the organization, the folder, and the project.
To learn more about the resource hierarchy, see https://cloud.google.com/iam/help/resource-hierarchy.
Property Value | |
---|---|
Type | Description |
RepeatedFieldExplainedAllowPolicy |
Relevance
public HeuristicRelevance Relevance { get; set; }
The relevance of the allow policy type to the overall access state.
Property Value | |
---|---|
Type | Description |
HeuristicRelevance |