Package cloud.google.com/go/policysimulator/apiv1/policysimulatorpb (v0.4.1)

Constants

OrgPolicyViolationsPreviewService_ListOrgPolicyViolationsPreviews_FullMethodName, OrgPolicyViolationsPreviewService_GetOrgPolicyViolationsPreview_FullMethodName, OrgPolicyViolationsPreviewService_CreateOrgPolicyViolationsPreview_FullMethodName, OrgPolicyViolationsPreviewService_ListOrgPolicyViolations_FullMethodName

const (
	OrgPolicyViolationsPreviewService_ListOrgPolicyViolationsPreviews_FullMethodName  = "/google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService/ListOrgPolicyViolationsPreviews"
	OrgPolicyViolationsPreviewService_GetOrgPolicyViolationsPreview_FullMethodName    = "/google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService/GetOrgPolicyViolationsPreview"
	OrgPolicyViolationsPreviewService_CreateOrgPolicyViolationsPreview_FullMethodName = "/google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService/CreateOrgPolicyViolationsPreview"
	OrgPolicyViolationsPreviewService_ListOrgPolicyViolations_FullMethodName          = "/google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService/ListOrgPolicyViolations"
)

Simulator_GetReplay_FullMethodName, Simulator_CreateReplay_FullMethodName, Simulator_ListReplayResults_FullMethodName

const (
	Simulator_GetReplay_FullMethodName         = "/google.cloud.policysimulator.v1.Simulator/GetReplay"
	Simulator_CreateReplay_FullMethodName      = "/google.cloud.policysimulator.v1.Simulator/CreateReplay"
	Simulator_ListReplayResults_FullMethodName = "/google.cloud.policysimulator.v1.Simulator/ListReplayResults"
)

Variables

AccessState_name, AccessState_value

var (
	AccessState_name = map[int32]string{
		0: "ACCESS_STATE_UNSPECIFIED",
		1: "GRANTED",
		2: "NOT_GRANTED",
		3: "UNKNOWN_CONDITIONAL",
		4: "UNKNOWN_INFO_DENIED",
	}
	AccessState_value = map[string]int32{
		"ACCESS_STATE_UNSPECIFIED": 0,
		"GRANTED":                  1,
		"NOT_GRANTED":              2,
		"UNKNOWN_CONDITIONAL":      3,
		"UNKNOWN_INFO_DENIED":      4,
	}
)

Enum value maps for AccessState.

HeuristicRelevance_name, HeuristicRelevance_value

var (
	HeuristicRelevance_name = map[int32]string{
		0: "HEURISTIC_RELEVANCE_UNSPECIFIED",
		1: "NORMAL",
		2: "HIGH",
	}
	HeuristicRelevance_value = map[string]int32{
		"HEURISTIC_RELEVANCE_UNSPECIFIED": 0,
		"NORMAL":                          1,
		"HIGH":                            2,
	}
)

Enum value maps for HeuristicRelevance.

BindingExplanation_RolePermission_name, BindingExplanation_RolePermission_value

var (
	BindingExplanation_RolePermission_name = map[int32]string{
		0: "ROLE_PERMISSION_UNSPECIFIED",
		1: "ROLE_PERMISSION_INCLUDED",
		2: "ROLE_PERMISSION_NOT_INCLUDED",
		3: "ROLE_PERMISSION_UNKNOWN_INFO_DENIED",
	}
	BindingExplanation_RolePermission_value = map[string]int32{
		"ROLE_PERMISSION_UNSPECIFIED":         0,
		"ROLE_PERMISSION_INCLUDED":            1,
		"ROLE_PERMISSION_NOT_INCLUDED":        2,
		"ROLE_PERMISSION_UNKNOWN_INFO_DENIED": 3,
	}
)

Enum value maps for BindingExplanation_RolePermission.

BindingExplanation_Membership_name, BindingExplanation_Membership_value

var (
	BindingExplanation_Membership_name = map[int32]string{
		0: "MEMBERSHIP_UNSPECIFIED",
		1: "MEMBERSHIP_INCLUDED",
		2: "MEMBERSHIP_NOT_INCLUDED",
		3: "MEMBERSHIP_UNKNOWN_INFO_DENIED",
		4: "MEMBERSHIP_UNKNOWN_UNSUPPORTED",
	}
	BindingExplanation_Membership_value = map[string]int32{
		"MEMBERSHIP_UNSPECIFIED":         0,
		"MEMBERSHIP_INCLUDED":            1,
		"MEMBERSHIP_NOT_INCLUDED":        2,
		"MEMBERSHIP_UNKNOWN_INFO_DENIED": 3,
		"MEMBERSHIP_UNKNOWN_UNSUPPORTED": 4,
	}
)

Enum value maps for BindingExplanation_Membership.

PreviewState_name, PreviewState_value

var (
	PreviewState_name = map[int32]string{
		0: "PREVIEW_STATE_UNSPECIFIED",
		1: "PREVIEW_PENDING",
		2: "PREVIEW_RUNNING",
		3: "PREVIEW_SUCCEEDED",
		4: "PREVIEW_FAILED",
	}
	PreviewState_value = map[string]int32{
		"PREVIEW_STATE_UNSPECIFIED": 0,
		"PREVIEW_PENDING":           1,
		"PREVIEW_RUNNING":           2,
		"PREVIEW_SUCCEEDED":         3,
		"PREVIEW_FAILED":            4,
	}
)

Enum value maps for PreviewState.

Replay_State_name, Replay_State_value

var (
	Replay_State_name = map[int32]string{
		0: "STATE_UNSPECIFIED",
		1: "PENDING",
		2: "RUNNING",
		3: "SUCCEEDED",
		4: "FAILED",
	}
	Replay_State_value = map[string]int32{
		"STATE_UNSPECIFIED": 0,
		"PENDING":           1,
		"RUNNING":           2,
		"SUCCEEDED":         3,
		"FAILED":            4,
	}
)

Enum value maps for Replay_State.

ReplayConfig_LogSource_name, ReplayConfig_LogSource_value

var (
	ReplayConfig_LogSource_name = map[int32]string{
		0: "LOG_SOURCE_UNSPECIFIED",
		1: "RECENT_ACCESSES",
	}
	ReplayConfig_LogSource_value = map[string]int32{
		"LOG_SOURCE_UNSPECIFIED": 0,
		"RECENT_ACCESSES":        1,
	}
)

Enum value maps for ReplayConfig_LogSource.

AccessStateDiff_AccessChangeType_name, AccessStateDiff_AccessChangeType_value

var (
	AccessStateDiff_AccessChangeType_name = map[int32]string{
		0: "ACCESS_CHANGE_TYPE_UNSPECIFIED",
		1: "NO_CHANGE",
		2: "UNKNOWN_CHANGE",
		3: "ACCESS_REVOKED",
		4: "ACCESS_GAINED",
		5: "ACCESS_MAYBE_REVOKED",
		6: "ACCESS_MAYBE_GAINED",
	}
	AccessStateDiff_AccessChangeType_value = map[string]int32{
		"ACCESS_CHANGE_TYPE_UNSPECIFIED": 0,
		"NO_CHANGE":                      1,
		"UNKNOWN_CHANGE":                 2,
		"ACCESS_REVOKED":                 3,
		"ACCESS_GAINED":                  4,
		"ACCESS_MAYBE_REVOKED":           5,
		"ACCESS_MAYBE_GAINED":            6,
	}
)

Enum value maps for AccessStateDiff_AccessChangeType.

File_google_cloud_policysimulator_v1_explanations_proto

var File_google_cloud_policysimulator_v1_explanations_proto protoreflect.FileDescriptor

File_google_cloud_policysimulator_v1_orgpolicy_proto

var File_google_cloud_policysimulator_v1_orgpolicy_proto protoreflect.FileDescriptor

File_google_cloud_policysimulator_v1_simulator_proto

var File_google_cloud_policysimulator_v1_simulator_proto protoreflect.FileDescriptor

OrgPolicyViolationsPreviewService_ServiceDesc

var OrgPolicyViolationsPreviewService_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService",
	HandlerType: (*OrgPolicyViolationsPreviewServiceServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "ListOrgPolicyViolationsPreviews",
			Handler:    _OrgPolicyViolationsPreviewService_ListOrgPolicyViolationsPreviews_Handler,
		},
		{
			MethodName: "GetOrgPolicyViolationsPreview",
			Handler:    _OrgPolicyViolationsPreviewService_GetOrgPolicyViolationsPreview_Handler,
		},
		{
			MethodName: "CreateOrgPolicyViolationsPreview",
			Handler:    _OrgPolicyViolationsPreviewService_CreateOrgPolicyViolationsPreview_Handler,
		},
		{
			MethodName: "ListOrgPolicyViolations",
			Handler:    _OrgPolicyViolationsPreviewService_ListOrgPolicyViolations_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "google/cloud/policysimulator/v1/orgpolicy.proto",
}

OrgPolicyViolationsPreviewService_ServiceDesc is the grpc.ServiceDesc for OrgPolicyViolationsPreviewService service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

Simulator_ServiceDesc

var Simulator_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "google.cloud.policysimulator.v1.Simulator",
	HandlerType: (*SimulatorServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "GetReplay",
			Handler:    _Simulator_GetReplay_Handler,
		},
		{
			MethodName: "CreateReplay",
			Handler:    _Simulator_CreateReplay_Handler,
		},
		{
			MethodName: "ListReplayResults",
			Handler:    _Simulator_ListReplayResults_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "google/cloud/policysimulator/v1/simulator.proto",
}

Simulator_ServiceDesc is the grpc.ServiceDesc for Simulator service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

Functions

func RegisterOrgPolicyViolationsPreviewServiceServer

func RegisterOrgPolicyViolationsPreviewServiceServer(s grpc.ServiceRegistrar, srv OrgPolicyViolationsPreviewServiceServer)

func RegisterSimulatorServer

func RegisterSimulatorServer(s grpc.ServiceRegistrar, srv SimulatorServer)

AccessState

type AccessState int32

Whether a principal has a permission for a resource.

AccessState_ACCESS_STATE_UNSPECIFIED, AccessState_GRANTED, AccessState_NOT_GRANTED, AccessState_UNKNOWN_CONDITIONAL, AccessState_UNKNOWN_INFO_DENIED

const (
	// Default value. This value is unused.
	AccessState_ACCESS_STATE_UNSPECIFIED AccessState = 0
	// The principal has the permission.
	AccessState_GRANTED AccessState = 1
	// The principal does not have the permission.
	AccessState_NOT_GRANTED AccessState = 2
	// The principal has the permission only if a condition expression evaluates
	// to `true`.
	AccessState_UNKNOWN_CONDITIONAL AccessState = 3
	// The user who created the
	// [Replay][google.cloud.policysimulator.v1.Replay] does not have
	// access to all of the policies that Policy Simulator needs to evaluate.
	AccessState_UNKNOWN_INFO_DENIED AccessState = 4
)

func (AccessState) Descriptor

func (AccessState) Enum

func (x AccessState) Enum() *AccessState

func (AccessState) EnumDescriptor

func (AccessState) EnumDescriptor() ([]byte, []int)

Deprecated: Use AccessState.Descriptor instead.

func (AccessState) Number

func (x AccessState) Number() protoreflect.EnumNumber

func (AccessState) String

func (x AccessState) String() string

func (AccessState) Type

AccessStateDiff

type AccessStateDiff struct {

	// The results of evaluating the access tuple under the current (baseline)
	// policies.
	//
	// If the [AccessState][google.cloud.policysimulator.v1.AccessState] couldn't
	// be fully evaluated, this field explains why.
	Baseline *ExplainedAccess `protobuf:"bytes,1,opt,name=baseline,proto3" json:"baseline,omitempty"`
	// The results of evaluating the access tuple under the proposed (simulated)
	// policies.
	//
	// If the AccessState couldn't be fully evaluated, this field explains why.
	Simulated *ExplainedAccess `protobuf:"bytes,2,opt,name=simulated,proto3" json:"simulated,omitempty"`
	// How the principal's access, specified in the AccessState field, changed
	// between the current (baseline) policies and proposed (simulated) policies.
	AccessChange AccessStateDiff_AccessChangeType `protobuf:"varint,3,opt,name=access_change,json=accessChange,proto3,enum=google.cloud.policysimulator.v1.AccessStateDiff_AccessChangeType" json:"access_change,omitempty"`
	// contains filtered or unexported fields
}

A summary and comparison of the principal's access under the current (baseline) policies and the proposed (simulated) policies for a single access tuple.

func (*AccessStateDiff) Descriptor

func (*AccessStateDiff) Descriptor() ([]byte, []int)

Deprecated: Use AccessStateDiff.ProtoReflect.Descriptor instead.

func (*AccessStateDiff) GetAccessChange

func (*AccessStateDiff) GetBaseline

func (x *AccessStateDiff) GetBaseline() *ExplainedAccess

func (*AccessStateDiff) GetSimulated

func (x *AccessStateDiff) GetSimulated() *ExplainedAccess

func (*AccessStateDiff) ProtoMessage

func (*AccessStateDiff) ProtoMessage()

func (*AccessStateDiff) ProtoReflect

func (x *AccessStateDiff) ProtoReflect() protoreflect.Message

func (*AccessStateDiff) Reset

func (x *AccessStateDiff) Reset()

func (*AccessStateDiff) String

func (x *AccessStateDiff) String() string

AccessStateDiff_AccessChangeType

type AccessStateDiff_AccessChangeType int32

How the principal's access, specified in the AccessState field, changed between the current (baseline) policies and proposed (simulated) policies.

AccessStateDiff_ACCESS_CHANGE_TYPE_UNSPECIFIED, AccessStateDiff_NO_CHANGE, AccessStateDiff_UNKNOWN_CHANGE, AccessStateDiff_ACCESS_REVOKED, AccessStateDiff_ACCESS_GAINED, AccessStateDiff_ACCESS_MAYBE_REVOKED, AccessStateDiff_ACCESS_MAYBE_GAINED

const (
	// Default value. This value is unused.
	AccessStateDiff_ACCESS_CHANGE_TYPE_UNSPECIFIED AccessStateDiff_AccessChangeType = 0
	// The principal's access did not change.
	// This includes the case where both baseline and simulated are UNKNOWN,
	// but the unknown information is equivalent.
	AccessStateDiff_NO_CHANGE AccessStateDiff_AccessChangeType = 1
	// The principal's access under both the current policies and the proposed
	// policies is `UNKNOWN`, but the unknown information differs between them.
	AccessStateDiff_UNKNOWN_CHANGE AccessStateDiff_AccessChangeType = 2
	// The principal had access under the current policies (`GRANTED`), but will
	// no longer have access after the proposed changes (`NOT_GRANTED`).
	AccessStateDiff_ACCESS_REVOKED AccessStateDiff_AccessChangeType = 3
	// The principal did not have access under the current policies
	// (`NOT_GRANTED`), but will have access after the proposed changes
	// (`GRANTED`).
	AccessStateDiff_ACCESS_GAINED AccessStateDiff_AccessChangeType = 4
	// This result can occur for the following reasons:
	//
	//   - The principal had access under the current policies (`GRANTED`), but
	//     their access after the proposed changes is `UNKNOWN`.
	//
	// * The principal's access under the current policies is `UNKNOWN`, but
	// they
	//
	//	will not have access after the proposed changes (`NOT_GRANTED`).
	AccessStateDiff_ACCESS_MAYBE_REVOKED AccessStateDiff_AccessChangeType = 5
	// This result can occur for the following reasons:
	//
	//   - The principal did not have access under the current policies
	//     (`NOT_GRANTED`), but their access after the proposed changes is
	//     `UNKNOWN`.
	//
	// * The principal's access under the current policies is `UNKNOWN`, but
	// they will have access after the proposed changes (`GRANTED`).
	AccessStateDiff_ACCESS_MAYBE_GAINED AccessStateDiff_AccessChangeType = 6
)

func (AccessStateDiff_AccessChangeType) Descriptor

func (AccessStateDiff_AccessChangeType) Enum

func (AccessStateDiff_AccessChangeType) EnumDescriptor

func (AccessStateDiff_AccessChangeType) EnumDescriptor() ([]byte, []int)

Deprecated: Use AccessStateDiff_AccessChangeType.Descriptor instead.

func (AccessStateDiff_AccessChangeType) Number

func (AccessStateDiff_AccessChangeType) String

func (AccessStateDiff_AccessChangeType) Type

AccessTuple

type AccessTuple struct {

	// Required. The principal whose access you want to check, in the form of
	// the email address that represents that principal. For example,
	// `alice@example.com` or
	// `my-service-account@my-project.iam.gserviceaccount.com`.
	//
	// The principal must be a Google Account or a service account. Other types of
	// principals are not supported.
	Principal string `protobuf:"bytes,1,opt,name=principal,proto3" json:"principal,omitempty"`
	// Required. The full resource name that identifies the resource. For example,
	// `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
	//
	// For examples of full resource names for Google Cloud services, see
	// https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
	FullResourceName string `protobuf:"bytes,2,opt,name=full_resource_name,json=fullResourceName,proto3" json:"full_resource_name,omitempty"`
	// Required. The IAM permission to check for the specified principal and
	// resource.
	//
	// For a complete list of IAM permissions, see
	// https://cloud.google.com/iam/help/permissions/reference.
	//
	// For a complete list of predefined IAM roles and the permissions in each
	// role, see https://cloud.google.com/iam/help/roles/reference.
	Permission string `protobuf:"bytes,3,opt,name=permission,proto3" json:"permission,omitempty"`
	// contains filtered or unexported fields
}

Information about the principal, resource, and permission to check.

func (*AccessTuple) Descriptor

func (*AccessTuple) Descriptor() ([]byte, []int)

Deprecated: Use AccessTuple.ProtoReflect.Descriptor instead.

func (*AccessTuple) GetFullResourceName

func (x *AccessTuple) GetFullResourceName() string

func (*AccessTuple) GetPermission

func (x *AccessTuple) GetPermission() string

func (*AccessTuple) GetPrincipal

func (x *AccessTuple) GetPrincipal() string

func (*AccessTuple) ProtoMessage

func (*AccessTuple) ProtoMessage()

func (*AccessTuple) ProtoReflect

func (x *AccessTuple) ProtoReflect() protoreflect.Message

func (*AccessTuple) Reset

func (x *AccessTuple) Reset()

func (*AccessTuple) String

func (x *AccessTuple) String() string

BindingExplanation

type BindingExplanation struct {

	// Required. Indicates whether _this binding_ provides the specified
	// permission to the specified principal for the specified resource.
	//
	// This field does _not_ indicate whether the principal actually has the
	// permission for the resource. There might be another binding that overrides
	// this binding. To determine whether the principal actually has the
	// permission, use the `access` field in the
	// [TroubleshootIamPolicyResponse][google.cloud.policytroubleshooter.v3.TroubleshootIamPolicyResponse].
	Access AccessState `protobuf:"varint,1,opt,name=access,proto3,enum=google.cloud.policysimulator.v1.AccessState" json:"access,omitempty"`
	// The role that this binding grants. For example,
	// `roles/compute.serviceAgent`.
	//
	// For a complete list of predefined IAM roles, as well as the permissions in
	// each role, see https://cloud.google.com/iam/help/roles/reference.
	Role string `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"`
	// Indicates whether the role granted by this binding contains the specified
	// permission.
	RolePermission BindingExplanation_RolePermission `protobuf:"varint,3,opt,name=role_permission,json=rolePermission,proto3,enum=google.cloud.policysimulator.v1.BindingExplanation_RolePermission" json:"role_permission,omitempty"`
	// The relevance of the permission's existence, or nonexistence, in the role
	// to the overall determination for the entire policy.
	RolePermissionRelevance HeuristicRelevance `protobuf:"varint,4,opt,name=role_permission_relevance,json=rolePermissionRelevance,proto3,enum=google.cloud.policysimulator.v1.HeuristicRelevance" json:"role_permission_relevance,omitempty"`
	// Indicates whether each principal in the binding includes the principal
	// specified in the request, either directly or indirectly. Each key
	// identifies a principal in the binding, and each value indicates whether the
	// principal in the binding includes the principal in the request.
	//
	// For example, suppose that a binding includes the following principals:
	//
	// * `user:alice@example.com`
	// * `group:product-eng@example.com`
	//
	// The principal in the replayed access tuple is `user:bob@example.com`. This
	// user is a principal of the group `group:product-eng@example.com`.
	//
	// For the first principal in the binding, the key is
	// `user:alice@example.com`, and the `membership` field in the value is set to
	// `MEMBERSHIP_NOT_INCLUDED`.
	//
	// For the second principal in the binding, the key is
	// `group:product-eng@example.com`, and the `membership` field in the value is
	// set to `MEMBERSHIP_INCLUDED`.
	Memberships map[string]*BindingExplanation_AnnotatedMembership `protobuf:"bytes,5,rep,name=memberships,proto3" json:"memberships,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
	// The relevance of this binding to the overall determination for the entire
	// policy.
	Relevance HeuristicRelevance `protobuf:"varint,6,opt,name=relevance,proto3,enum=google.cloud.policysimulator.v1.HeuristicRelevance" json:"relevance,omitempty"`
	// A condition expression that prevents this binding from granting access
	// unless the expression evaluates to `true`.
	//
	// To learn about IAM Conditions, see
	// https://cloud.google.com/iam/docs/conditions-overview.
	Condition *expr.Expr `protobuf:"bytes,7,opt,name=condition,proto3" json:"condition,omitempty"`
	// contains filtered or unexported fields
}

Details about how a binding in a policy affects a principal's ability to use a permission.

func (*BindingExplanation) Descriptor

func (*BindingExplanation) Descriptor() ([]byte, []int)

Deprecated: Use BindingExplanation.ProtoReflect.Descriptor instead.

func (*BindingExplanation) GetAccess

func (x *BindingExplanation) GetAccess() AccessState

func (*BindingExplanation) GetCondition

func (x *BindingExplanation) GetCondition() *expr.Expr

func (*BindingExplanation) GetMemberships

func (*BindingExplanation) GetRelevance

func (x *BindingExplanation) GetRelevance() HeuristicRelevance

func (*BindingExplanation) GetRole

func (x *BindingExplanation) GetRole() string

func (*BindingExplanation) GetRolePermission

func (*BindingExplanation) GetRolePermissionRelevance

func (x *BindingExplanation) GetRolePermissionRelevance() HeuristicRelevance

func (*BindingExplanation) ProtoMessage

func (*BindingExplanation) ProtoMessage()

func (*BindingExplanation) ProtoReflect

func (x *BindingExplanation) ProtoReflect() protoreflect.Message

func (*BindingExplanation) Reset

func (x *BindingExplanation) Reset()

func (*BindingExplanation) String

func (x *BindingExplanation) String() string

BindingExplanation_AnnotatedMembership

type BindingExplanation_AnnotatedMembership struct {

	// Indicates whether the binding includes the principal.
	Membership BindingExplanation_Membership `protobuf:"varint,1,opt,name=membership,proto3,enum=google.cloud.policysimulator.v1.BindingExplanation_Membership" json:"membership,omitempty"`
	// The relevance of the principal's status to the overall determination for
	// the binding.
	Relevance HeuristicRelevance `protobuf:"varint,2,opt,name=relevance,proto3,enum=google.cloud.policysimulator.v1.HeuristicRelevance" json:"relevance,omitempty"`
	// contains filtered or unexported fields
}

Details about whether the binding includes the principal.

func (*BindingExplanation_AnnotatedMembership) Descriptor

func (*BindingExplanation_AnnotatedMembership) Descriptor() ([]byte, []int)

Deprecated: Use BindingExplanation_AnnotatedMembership.ProtoReflect.Descriptor instead.

func (*BindingExplanation_AnnotatedMembership) GetMembership

func (*BindingExplanation_AnnotatedMembership) GetRelevance

func (*BindingExplanation_AnnotatedMembership) ProtoMessage

func (*BindingExplanation_AnnotatedMembership) ProtoReflect

func (*BindingExplanation_AnnotatedMembership) Reset

func (*BindingExplanation_AnnotatedMembership) String

BindingExplanation_Membership

type BindingExplanation_Membership int32

Whether the binding includes the principal.

BindingExplanation_MEMBERSHIP_UNSPECIFIED, BindingExplanation_MEMBERSHIP_INCLUDED, BindingExplanation_MEMBERSHIP_NOT_INCLUDED, BindingExplanation_MEMBERSHIP_UNKNOWN_INFO_DENIED, BindingExplanation_MEMBERSHIP_UNKNOWN_UNSUPPORTED

const (
	// Default value. This value is unused.
	BindingExplanation_MEMBERSHIP_UNSPECIFIED BindingExplanation_Membership = 0
	// The binding includes the principal. The principal can be included
	// directly or indirectly. For example:
	//
	//   - A principal is included directly if that principal is listed in the
	//     binding.
	//   - A principal is included indirectly if that principal is in a Google
	//     group or Google Workspace domain that is listed in the binding.
	BindingExplanation_MEMBERSHIP_INCLUDED BindingExplanation_Membership = 1
	// The binding does not include the principal.
	BindingExplanation_MEMBERSHIP_NOT_INCLUDED BindingExplanation_Membership = 2
	// The user who created the
	// [Replay][google.cloud.policysimulator.v1.Replay] is not
	// allowed to access the binding.
	BindingExplanation_MEMBERSHIP_UNKNOWN_INFO_DENIED BindingExplanation_Membership = 3
	// The principal is an unsupported type. Only Google Accounts and service
	// accounts are supported.
	BindingExplanation_MEMBERSHIP_UNKNOWN_UNSUPPORTED BindingExplanation_Membership = 4
)

func (BindingExplanation_Membership) Descriptor

func (BindingExplanation_Membership) Enum

func (BindingExplanation_Membership) EnumDescriptor

func (BindingExplanation_Membership) EnumDescriptor() ([]byte, []int)

Deprecated: Use BindingExplanation_Membership.Descriptor instead.

func (BindingExplanation_Membership) Number

func (BindingExplanation_Membership) String

func (BindingExplanation_Membership) Type

BindingExplanation_RolePermission

type BindingExplanation_RolePermission int32

Whether a role includes a specific permission.

BindingExplanation_ROLE_PERMISSION_UNSPECIFIED, BindingExplanation_ROLE_PERMISSION_INCLUDED, BindingExplanation_ROLE_PERMISSION_NOT_INCLUDED, BindingExplanation_ROLE_PERMISSION_UNKNOWN_INFO_DENIED

const (
	// Default value. This value is unused.
	BindingExplanation_ROLE_PERMISSION_UNSPECIFIED BindingExplanation_RolePermission = 0
	// The permission is included in the role.
	BindingExplanation_ROLE_PERMISSION_INCLUDED BindingExplanation_RolePermission = 1
	// The permission is not included in the role.
	BindingExplanation_ROLE_PERMISSION_NOT_INCLUDED BindingExplanation_RolePermission = 2
	// The user who created the
	// [Replay][google.cloud.policysimulator.v1.Replay] is not
	// allowed to access the binding.
	BindingExplanation_ROLE_PERMISSION_UNKNOWN_INFO_DENIED BindingExplanation_RolePermission = 3
)

func (BindingExplanation_RolePermission) Descriptor

func (BindingExplanation_RolePermission) Enum

func (BindingExplanation_RolePermission) EnumDescriptor

func (BindingExplanation_RolePermission) EnumDescriptor() ([]byte, []int)

Deprecated: Use BindingExplanation_RolePermission.Descriptor instead.

func (BindingExplanation_RolePermission) Number

func (BindingExplanation_RolePermission) String

func (BindingExplanation_RolePermission) Type

CreateOrgPolicyViolationsPreviewOperationMetadata

type CreateOrgPolicyViolationsPreviewOperationMetadata struct {

	// Time when the request was received.
	RequestTime *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=request_time,json=requestTime,proto3" json:"request_time,omitempty"`
	// Time when the request started processing, i.e., when the state was set to
	// RUNNING.
	StartTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=start_time,json=startTime,proto3" json:"start_time,omitempty"`
	// Output only. The current state of the operation.
	State PreviewState `protobuf:"varint,3,opt,name=state,proto3,enum=google.cloud.policysimulator.v1.PreviewState" json:"state,omitempty"`
	// Total number of resources that need scanning.
	// Should equal resource_scanned + resources_pending
	ResourcesFound int32 `protobuf:"varint,4,opt,name=resources_found,json=resourcesFound,proto3" json:"resources_found,omitempty"`
	// Number of resources already scanned.
	ResourcesScanned int32 `protobuf:"varint,5,opt,name=resources_scanned,json=resourcesScanned,proto3" json:"resources_scanned,omitempty"`
	// Number of resources still to scan.
	ResourcesPending int32 `protobuf:"varint,6,opt,name=resources_pending,json=resourcesPending,proto3" json:"resources_pending,omitempty"`
	// contains filtered or unexported fields
}

CreateOrgPolicyViolationsPreviewOperationMetadata is metadata about an OrgPolicyViolationsPreview generations operation.

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) Descriptor

Deprecated: Use CreateOrgPolicyViolationsPreviewOperationMetadata.ProtoReflect.Descriptor instead.

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetRequestTime

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetResourcesFound

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetResourcesPending

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetResourcesScanned

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetStartTime

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetState

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) ProtoMessage

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) ProtoReflect

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) Reset

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) String

CreateOrgPolicyViolationsPreviewRequest

type CreateOrgPolicyViolationsPreviewRequest struct {

	// Required. The organization under which this
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// will be created.
	//
	// Example: `organizations/my-example-org/locations/global`
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. The
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// to generate.
	OrgPolicyViolationsPreview *OrgPolicyViolationsPreview `protobuf:"bytes,2,opt,name=org_policy_violations_preview,json=orgPolicyViolationsPreview,proto3" json:"org_policy_violations_preview,omitempty"`
	// Optional. An optional user-specified ID for the
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
	// If not provided, a random ID will be generated.
	OrgPolicyViolationsPreviewId string `protobuf:"bytes,3,opt,name=org_policy_violations_preview_id,json=orgPolicyViolationsPreviewId,proto3" json:"org_policy_violations_preview_id,omitempty"`
	// contains filtered or unexported fields
}

CreateOrgPolicyViolationsPreviewRequest is the request message for [OrgPolicyViolationsPreviewService.CreateOrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.CreateOrgPolicyViolationsPreview].

func (*CreateOrgPolicyViolationsPreviewRequest) Descriptor

func (*CreateOrgPolicyViolationsPreviewRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateOrgPolicyViolationsPreviewRequest.ProtoReflect.Descriptor instead.

func (*CreateOrgPolicyViolationsPreviewRequest) GetOrgPolicyViolationsPreview

func (x *CreateOrgPolicyViolationsPreviewRequest) GetOrgPolicyViolationsPreview() *OrgPolicyViolationsPreview

func (*CreateOrgPolicyViolationsPreviewRequest) GetOrgPolicyViolationsPreviewId

func (x *CreateOrgPolicyViolationsPreviewRequest) GetOrgPolicyViolationsPreviewId() string

func (*CreateOrgPolicyViolationsPreviewRequest) GetParent

func (*CreateOrgPolicyViolationsPreviewRequest) ProtoMessage

func (*CreateOrgPolicyViolationsPreviewRequest) ProtoReflect

func (*CreateOrgPolicyViolationsPreviewRequest) Reset

func (*CreateOrgPolicyViolationsPreviewRequest) String

CreateReplayRequest

type CreateReplayRequest struct {

	// Required. The parent resource where this
	// [Replay][google.cloud.policysimulator.v1.Replay] will be created. This
	// resource must be a project, folder, or organization with a location.
	//
	// Example: `projects/my-example-project/locations/global`
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. The [Replay][google.cloud.policysimulator.v1.Replay] to create.
	// Set `Replay.ReplayConfig` to configure the replay.
	Replay *Replay `protobuf:"bytes,2,opt,name=replay,proto3" json:"replay,omitempty"`
	// contains filtered or unexported fields
}

Request message for [Simulator.CreateReplay][google.cloud.policysimulator.v1.Simulator.CreateReplay].

func (*CreateReplayRequest) Descriptor

func (*CreateReplayRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateReplayRequest.ProtoReflect.Descriptor instead.

func (*CreateReplayRequest) GetParent

func (x *CreateReplayRequest) GetParent() string

func (*CreateReplayRequest) GetReplay

func (x *CreateReplayRequest) GetReplay() *Replay

func (*CreateReplayRequest) ProtoMessage

func (*CreateReplayRequest) ProtoMessage()

func (*CreateReplayRequest) ProtoReflect

func (x *CreateReplayRequest) ProtoReflect() protoreflect.Message

func (*CreateReplayRequest) Reset

func (x *CreateReplayRequest) Reset()

func (*CreateReplayRequest) String

func (x *CreateReplayRequest) String() string

ExplainedAccess

type ExplainedAccess struct {

	// Whether the principal in the access tuple has permission to access the
	// resource in the access tuple under the given policies.
	AccessState AccessState `protobuf:"varint,1,opt,name=access_state,json=accessState,proto3,enum=google.cloud.policysimulator.v1.AccessState" json:"access_state,omitempty"`
	// If the [AccessState][google.cloud.policysimulator.v1.AccessState] is
	// `UNKNOWN`, this field contains the policies that led to that result.
	//
	// If the `AccessState` is `GRANTED` or `NOT_GRANTED`, this field is
	// omitted.
	Policies []*ExplainedPolicy `protobuf:"bytes,2,rep,name=policies,proto3" json:"policies,omitempty"`
	// If the [AccessState][google.cloud.policysimulator.v1.AccessState] is
	// `UNKNOWN`, this field contains a list of errors explaining why the result
	// is `UNKNOWN`.
	//
	// If the `AccessState` is `GRANTED` or `NOT_GRANTED`, this field is
	// omitted.
	Errors []*status.Status `protobuf:"bytes,3,rep,name=errors,proto3" json:"errors,omitempty"`
	// contains filtered or unexported fields
}

Details about how a set of policies, listed in [ExplainedPolicy][google.cloud.policysimulator.v1.ExplainedPolicy], resulted in a certain [AccessState][google.cloud.policysimulator.v1.AccessState] when replaying an access tuple.

func (*ExplainedAccess) Descriptor

func (*ExplainedAccess) Descriptor() ([]byte, []int)

Deprecated: Use ExplainedAccess.ProtoReflect.Descriptor instead.

func (*ExplainedAccess) GetAccessState

func (x *ExplainedAccess) GetAccessState() AccessState

func (*ExplainedAccess) GetErrors

func (x *ExplainedAccess) GetErrors() []*status.Status

func (*ExplainedAccess) GetPolicies

func (x *ExplainedAccess) GetPolicies() []*ExplainedPolicy

func (*ExplainedAccess) ProtoMessage

func (*ExplainedAccess) ProtoMessage()

func (*ExplainedAccess) ProtoReflect

func (x *ExplainedAccess) ProtoReflect() protoreflect.Message

func (*ExplainedAccess) Reset

func (x *ExplainedAccess) Reset()

func (*ExplainedAccess) String

func (x *ExplainedAccess) String() string

ExplainedPolicy

type ExplainedPolicy struct {

	// Indicates whether _this policy_ provides the specified permission to the
	// specified principal for the specified resource.
	//
	// This field does _not_ indicate whether the principal actually has the
	// permission for the resource. There might be another policy that overrides
	// this policy. To determine whether the principal actually has the
	// permission, use the `access` field in the
	// [TroubleshootIamPolicyResponse][google.cloud.policytroubleshooter.v3.TroubleshootIamPolicyResponse].
	Access AccessState `protobuf:"varint,1,opt,name=access,proto3,enum=google.cloud.policysimulator.v1.AccessState" json:"access,omitempty"`
	// The full resource name that identifies the resource. For example,
	// `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
	//
	// If the user who created the
	// [Replay][google.cloud.policysimulator.v1.Replay] does not have
	// access to the policy, this field is omitted.
	//
	// For examples of full resource names for Google Cloud services, see
	// https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
	FullResourceName string `protobuf:"bytes,2,opt,name=full_resource_name,json=fullResourceName,proto3" json:"full_resource_name,omitempty"`
	// The IAM policy attached to the resource.
	//
	// If the user who created the
	// [Replay][google.cloud.policysimulator.v1.Replay] does not have
	// access to the policy, this field is empty.
	Policy *iampb.Policy `protobuf:"bytes,3,opt,name=policy,proto3" json:"policy,omitempty"`
	// Details about how each binding in the policy affects the principal's
	// ability, or inability, to use the permission for the resource.
	//
	// If the user who created the
	// [Replay][google.cloud.policysimulator.v1.Replay] does not have
	// access to the policy, this field is omitted.
	BindingExplanations []*BindingExplanation `protobuf:"bytes,4,rep,name=binding_explanations,json=bindingExplanations,proto3" json:"binding_explanations,omitempty"`
	// The relevance of this policy to the overall determination in the
	// [TroubleshootIamPolicyResponse][google.cloud.policytroubleshooter.v3.TroubleshootIamPolicyResponse].
	//
	// If the user who created the
	// [Replay][google.cloud.policysimulator.v1.Replay] does not have
	// access to the policy, this field is omitted.
	Relevance HeuristicRelevance `protobuf:"varint,5,opt,name=relevance,proto3,enum=google.cloud.policysimulator.v1.HeuristicRelevance" json:"relevance,omitempty"`
	// contains filtered or unexported fields
}

Details about how a specific IAM [Policy][google.iam.v1.Policy] contributed to the access check.

func (*ExplainedPolicy) Descriptor

func (*ExplainedPolicy) Descriptor() ([]byte, []int)

Deprecated: Use ExplainedPolicy.ProtoReflect.Descriptor instead.

func (*ExplainedPolicy) GetAccess

func (x *ExplainedPolicy) GetAccess() AccessState

func (*ExplainedPolicy) GetBindingExplanations

func (x *ExplainedPolicy) GetBindingExplanations() []*BindingExplanation

func (*ExplainedPolicy) GetFullResourceName

func (x *ExplainedPolicy) GetFullResourceName() string

func (*ExplainedPolicy) GetPolicy

func (x *ExplainedPolicy) GetPolicy() *iampb.Policy

func (*ExplainedPolicy) GetRelevance

func (x *ExplainedPolicy) GetRelevance() HeuristicRelevance

func (*ExplainedPolicy) ProtoMessage

func (*ExplainedPolicy) ProtoMessage()

func (*ExplainedPolicy) ProtoReflect

func (x *ExplainedPolicy) ProtoReflect() protoreflect.Message

func (*ExplainedPolicy) Reset

func (x *ExplainedPolicy) Reset()

func (*ExplainedPolicy) String

func (x *ExplainedPolicy) String() string

GetOrgPolicyViolationsPreviewRequest

type GetOrgPolicyViolationsPreviewRequest struct {

	// Required. The name of the OrgPolicyViolationsPreview to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

GetOrgPolicyViolationsPreviewRequest is the request message for [OrgPolicyViolationsPreviewService.GetOrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.GetOrgPolicyViolationsPreview].

func (*GetOrgPolicyViolationsPreviewRequest) Descriptor

func (*GetOrgPolicyViolationsPreviewRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetOrgPolicyViolationsPreviewRequest.ProtoReflect.Descriptor instead.

func (*GetOrgPolicyViolationsPreviewRequest) GetName

func (*GetOrgPolicyViolationsPreviewRequest) ProtoMessage

func (*GetOrgPolicyViolationsPreviewRequest) ProtoMessage()

func (*GetOrgPolicyViolationsPreviewRequest) ProtoReflect

func (*GetOrgPolicyViolationsPreviewRequest) Reset

func (*GetOrgPolicyViolationsPreviewRequest) String

GetReplayRequest

type GetReplayRequest struct {

	// Required. The name of the [Replay][google.cloud.policysimulator.v1.Replay]
	// to retrieve, in the following format:
	//
	// `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}`,
	// where `{resource-id}` is the ID of the project, folder, or organization
	// that owns the `Replay`.
	//
	// Example:
	// `projects/my-example-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36`
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

Request message for [Simulator.GetReplay][google.cloud.policysimulator.v1.Simulator.GetReplay].

func (*GetReplayRequest) Descriptor

func (*GetReplayRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetReplayRequest.ProtoReflect.Descriptor instead.

func (*GetReplayRequest) GetName

func (x *GetReplayRequest) GetName() string

func (*GetReplayRequest) ProtoMessage

func (*GetReplayRequest) ProtoMessage()

func (*GetReplayRequest) ProtoReflect

func (x *GetReplayRequest) ProtoReflect() protoreflect.Message

func (*GetReplayRequest) Reset

func (x *GetReplayRequest) Reset()

func (*GetReplayRequest) String

func (x *GetReplayRequest) String() string

HeuristicRelevance

type HeuristicRelevance int32

The extent to which a single data point, such as the existence of a binding or whether a binding includes a specific principal, contributes to an overall determination.

HeuristicRelevance_HEURISTIC_RELEVANCE_UNSPECIFIED, HeuristicRelevance_NORMAL, HeuristicRelevance_HIGH

const (
	// Default value. This value is unused.
	HeuristicRelevance_HEURISTIC_RELEVANCE_UNSPECIFIED HeuristicRelevance = 0
	// The data point has a limited effect on the result. Changing the data point
	// is unlikely to affect the overall determination.
	HeuristicRelevance_NORMAL HeuristicRelevance = 1
	// The data point has a strong effect on the result. Changing the data point
	// is likely to affect the overall determination.
	HeuristicRelevance_HIGH HeuristicRelevance = 2
)

func (HeuristicRelevance) Descriptor

func (HeuristicRelevance) Enum

func (HeuristicRelevance) EnumDescriptor

func (HeuristicRelevance) EnumDescriptor() ([]byte, []int)

Deprecated: Use HeuristicRelevance.Descriptor instead.

func (HeuristicRelevance) Number

func (HeuristicRelevance) String

func (x HeuristicRelevance) String() string

func (HeuristicRelevance) Type

ListOrgPolicyViolationsPreviewsRequest

type ListOrgPolicyViolationsPreviewsRequest struct {

	// Required. The parent the violations are scoped to.
	// Format:
	// `organizations/{organization}/locations/{location}`
	//
	// Example: `organizations/my-example-org/locations/global`
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. The maximum number of items to return. The service may return
	// fewer than this value. If unspecified, at most 5 items will be returned.
	// The maximum value is 10; values above 10 will be coerced to 10.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. A page token, received from a previous call. Provide this to
	// retrieve the subsequent page.
	//
	// When paginating, all other parameters must match the call that provided the
	// page token.
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// contains filtered or unexported fields
}

ListOrgPolicyViolationsPreviewsRequest is the request message for [OrgPolicyViolationsPreviewService.ListOrgPolicyViolationsPreviews][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.ListOrgPolicyViolationsPreviews].

func (*ListOrgPolicyViolationsPreviewsRequest) Descriptor

func (*ListOrgPolicyViolationsPreviewsRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListOrgPolicyViolationsPreviewsRequest.ProtoReflect.Descriptor instead.

func (*ListOrgPolicyViolationsPreviewsRequest) GetPageSize

func (*ListOrgPolicyViolationsPreviewsRequest) GetPageToken

func (*ListOrgPolicyViolationsPreviewsRequest) GetParent

func (*ListOrgPolicyViolationsPreviewsRequest) ProtoMessage

func (*ListOrgPolicyViolationsPreviewsRequest) ProtoReflect

func (*ListOrgPolicyViolationsPreviewsRequest) Reset

func (*ListOrgPolicyViolationsPreviewsRequest) String

ListOrgPolicyViolationsPreviewsResponse

type ListOrgPolicyViolationsPreviewsResponse struct {

	// The list of OrgPolicyViolationsPreview
	OrgPolicyViolationsPreviews []*OrgPolicyViolationsPreview `protobuf:"bytes,1,rep,name=org_policy_violations_previews,json=orgPolicyViolationsPreviews,proto3" json:"org_policy_violations_previews,omitempty"`
	// A token that you can use to retrieve the next page of results.
	// If this field is omitted, there are no subsequent pages.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// contains filtered or unexported fields
}

ListOrgPolicyViolationsPreviewsResponse is the response message for [OrgPolicyViolationsPreviewService.ListOrgPolicyViolationsPreviews][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.ListOrgPolicyViolationsPreviews].

func (*ListOrgPolicyViolationsPreviewsResponse) Descriptor

func (*ListOrgPolicyViolationsPreviewsResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListOrgPolicyViolationsPreviewsResponse.ProtoReflect.Descriptor instead.

func (*ListOrgPolicyViolationsPreviewsResponse) GetNextPageToken

func (x *ListOrgPolicyViolationsPreviewsResponse) GetNextPageToken() string

func (*ListOrgPolicyViolationsPreviewsResponse) GetOrgPolicyViolationsPreviews

func (x *ListOrgPolicyViolationsPreviewsResponse) GetOrgPolicyViolationsPreviews() []*OrgPolicyViolationsPreview

func (*ListOrgPolicyViolationsPreviewsResponse) ProtoMessage

func (*ListOrgPolicyViolationsPreviewsResponse) ProtoReflect

func (*ListOrgPolicyViolationsPreviewsResponse) Reset

func (*ListOrgPolicyViolationsPreviewsResponse) String

ListOrgPolicyViolationsRequest

type ListOrgPolicyViolationsRequest struct {

	// Required. The OrgPolicyViolationsPreview to get OrgPolicyViolations from.
	// Format:
	// organizations/{organization}/locations/{location}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreview}
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. The maximum number of items to return. The service may return
	// fewer than this value. If unspecified, at most 1000 items will be returned.
	// The maximum value is 1000; values above 1000 will be coerced to 1000.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. A page token, received from a previous call. Provide this to
	// retrieve the subsequent page.
	//
	// When paginating, all other parameters must match the call that provided the
	// page token.
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// contains filtered or unexported fields
}

ListOrgPolicyViolationsRequest is the request message for [OrgPolicyViolationsPreviewService.ListOrgPolicyViolations][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.ListOrgPolicyViolations].

func (*ListOrgPolicyViolationsRequest) Descriptor

func (*ListOrgPolicyViolationsRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListOrgPolicyViolationsRequest.ProtoReflect.Descriptor instead.

func (*ListOrgPolicyViolationsRequest) GetPageSize

func (x *ListOrgPolicyViolationsRequest) GetPageSize() int32

func (*ListOrgPolicyViolationsRequest) GetPageToken

func (x *ListOrgPolicyViolationsRequest) GetPageToken() string

func (*ListOrgPolicyViolationsRequest) GetParent

func (x *ListOrgPolicyViolationsRequest) GetParent() string

func (*ListOrgPolicyViolationsRequest) ProtoMessage

func (*ListOrgPolicyViolationsRequest) ProtoMessage()

func (*ListOrgPolicyViolationsRequest) ProtoReflect

func (*ListOrgPolicyViolationsRequest) Reset

func (x *ListOrgPolicyViolationsRequest) Reset()

func (*ListOrgPolicyViolationsRequest) String

ListOrgPolicyViolationsResponse

type ListOrgPolicyViolationsResponse struct {

	// The list of OrgPolicyViolations
	OrgPolicyViolations []*OrgPolicyViolation `protobuf:"bytes,1,rep,name=org_policy_violations,json=orgPolicyViolations,proto3" json:"org_policy_violations,omitempty"`
	// A token that you can use to retrieve the next page of results.
	// If this field is omitted, there are no subsequent pages.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// contains filtered or unexported fields
}

ListOrgPolicyViolationsResponse is the response message for [OrgPolicyViolationsPreviewService.ListOrgPolicyViolations][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.ListOrgPolicyViolations]

func (*ListOrgPolicyViolationsResponse) Descriptor

func (*ListOrgPolicyViolationsResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListOrgPolicyViolationsResponse.ProtoReflect.Descriptor instead.

func (*ListOrgPolicyViolationsResponse) GetNextPageToken

func (x *ListOrgPolicyViolationsResponse) GetNextPageToken() string

func (*ListOrgPolicyViolationsResponse) GetOrgPolicyViolations

func (x *ListOrgPolicyViolationsResponse) GetOrgPolicyViolations() []*OrgPolicyViolation

func (*ListOrgPolicyViolationsResponse) ProtoMessage

func (*ListOrgPolicyViolationsResponse) ProtoMessage()

func (*ListOrgPolicyViolationsResponse) ProtoReflect

func (*ListOrgPolicyViolationsResponse) Reset

func (*ListOrgPolicyViolationsResponse) String

ListReplayResultsRequest

type ListReplayResultsRequest struct {

	// Required. The [Replay][google.cloud.policysimulator.v1.Replay] whose
	// results are listed, in the following format:
	//
	// `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}`
	//
	// Example:
	// `projects/my-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36`
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// The maximum number of
	// [ReplayResult][google.cloud.policysimulator.v1.ReplayResult] objects to
	// return. Defaults to 5000.
	//
	// The maximum value is 5000; values above 5000 are rounded down to 5000.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// A page token, received from a previous
	// [Simulator.ListReplayResults][google.cloud.policysimulator.v1.Simulator.ListReplayResults]
	// call. Provide this token to retrieve the next page of results.
	//
	// When paginating, all other parameters provided to
	// [Simulator.ListReplayResults[] must match the call that provided the page
	// token.
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// contains filtered or unexported fields
}

Request message for [Simulator.ListReplayResults][google.cloud.policysimulator.v1.Simulator.ListReplayResults].

func (*ListReplayResultsRequest) Descriptor

func (*ListReplayResultsRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListReplayResultsRequest.ProtoReflect.Descriptor instead.

func (*ListReplayResultsRequest) GetPageSize

func (x *ListReplayResultsRequest) GetPageSize() int32

func (*ListReplayResultsRequest) GetPageToken

func (x *ListReplayResultsRequest) GetPageToken() string

func (*ListReplayResultsRequest) GetParent

func (x *ListReplayResultsRequest) GetParent() string

func (*ListReplayResultsRequest) ProtoMessage

func (*ListReplayResultsRequest) ProtoMessage()

func (*ListReplayResultsRequest) ProtoReflect

func (x *ListReplayResultsRequest) ProtoReflect() protoreflect.Message

func (*ListReplayResultsRequest) Reset

func (x *ListReplayResultsRequest) Reset()

func (*ListReplayResultsRequest) String

func (x *ListReplayResultsRequest) String() string

ListReplayResultsResponse

type ListReplayResultsResponse struct {

	// The results of running a [Replay][google.cloud.policysimulator.v1.Replay].
	ReplayResults []*ReplayResult `protobuf:"bytes,1,rep,name=replay_results,json=replayResults,proto3" json:"replay_results,omitempty"`
	// A token that you can use to retrieve the next page of
	// [ReplayResult][google.cloud.policysimulator.v1.ReplayResult] objects. If
	// this field is omitted, there are no subsequent pages.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// contains filtered or unexported fields
}

Response message for [Simulator.ListReplayResults][google.cloud.policysimulator.v1.Simulator.ListReplayResults].

func (*ListReplayResultsResponse) Descriptor

func (*ListReplayResultsResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListReplayResultsResponse.ProtoReflect.Descriptor instead.

func (*ListReplayResultsResponse) GetNextPageToken

func (x *ListReplayResultsResponse) GetNextPageToken() string

func (*ListReplayResultsResponse) GetReplayResults

func (x *ListReplayResultsResponse) GetReplayResults() []*ReplayResult

func (*ListReplayResultsResponse) ProtoMessage

func (*ListReplayResultsResponse) ProtoMessage()

func (*ListReplayResultsResponse) ProtoReflect

func (*ListReplayResultsResponse) Reset

func (x *ListReplayResultsResponse) Reset()

func (*ListReplayResultsResponse) String

func (x *ListReplayResultsResponse) String() string

OrgPolicyOverlay

type OrgPolicyOverlay struct {

	// Optional. The OrgPolicy changes to preview violations for.
	//
	// Any existing OrgPolicies with the same name will be overridden
	// in the simulation. That is, violations will be determined as if all
	// policies in the overlay were created or updated.
	Policies []*OrgPolicyOverlay_PolicyOverlay `protobuf:"bytes,1,rep,name=policies,proto3" json:"policies,omitempty"`
	// Optional. The OrgPolicy CustomConstraint changes to preview violations for.
	//
	// Any existing CustomConstraints with the same name will be overridden
	// in the simulation. That is, violations will be determined as if all
	// custom constraints in the overlay were instantiated.
	//
	// Only a single custom_constraint is supported in the overlay at a time.
	// For evaluating multiple constraints, multiple
	// `GenerateOrgPolicyViolationsPreview` requests are made, where each request
	// evaluates a single constraint.
	CustomConstraints []*OrgPolicyOverlay_CustomConstraintOverlay `protobuf:"bytes,2,rep,name=custom_constraints,json=customConstraints,proto3" json:"custom_constraints,omitempty"`
	// contains filtered or unexported fields
}

The proposed changes to OrgPolicy.

func (*OrgPolicyOverlay) Descriptor

func (*OrgPolicyOverlay) Descriptor() ([]byte, []int)

Deprecated: Use OrgPolicyOverlay.ProtoReflect.Descriptor instead.

func (*OrgPolicyOverlay) GetCustomConstraints

func (x *OrgPolicyOverlay) GetCustomConstraints() []*OrgPolicyOverlay_CustomConstraintOverlay

func (*OrgPolicyOverlay) GetPolicies

func (*OrgPolicyOverlay) ProtoMessage

func (*OrgPolicyOverlay) ProtoMessage()

func (*OrgPolicyOverlay) ProtoReflect

func (x *OrgPolicyOverlay) ProtoReflect() protoreflect.Message

func (*OrgPolicyOverlay) Reset

func (x *OrgPolicyOverlay) Reset()

func (*OrgPolicyOverlay) String

func (x *OrgPolicyOverlay) String() string

OrgPolicyOverlay_CustomConstraintOverlay

type OrgPolicyOverlay_CustomConstraintOverlay struct {

	// Optional. Resource the constraint is attached to.
	// Example: "organization/987654"
	CustomConstraintParent string `protobuf:"bytes,1,opt,name=custom_constraint_parent,json=customConstraintParent,proto3" json:"custom_constraint_parent,omitempty"`
	// Optional. The new or updated custom constraint.
	CustomConstraint *orgpolicypb.CustomConstraint `protobuf:"bytes,2,opt,name=custom_constraint,json=customConstraint,proto3" json:"custom_constraint,omitempty"`
	// contains filtered or unexported fields
}

A change to an OrgPolicy custom constraint.

func (*OrgPolicyOverlay_CustomConstraintOverlay) Descriptor

func (*OrgPolicyOverlay_CustomConstraintOverlay) Descriptor() ([]byte, []int)

Deprecated: Use OrgPolicyOverlay_CustomConstraintOverlay.ProtoReflect.Descriptor instead.

func (*OrgPolicyOverlay_CustomConstraintOverlay) GetCustomConstraint

func (*OrgPolicyOverlay_CustomConstraintOverlay) GetCustomConstraintParent

func (x *OrgPolicyOverlay_CustomConstraintOverlay) GetCustomConstraintParent() string

func (*OrgPolicyOverlay_CustomConstraintOverlay) ProtoMessage

func (*OrgPolicyOverlay_CustomConstraintOverlay) ProtoReflect

func (*OrgPolicyOverlay_CustomConstraintOverlay) Reset

func (*OrgPolicyOverlay_CustomConstraintOverlay) String

OrgPolicyOverlay_PolicyOverlay

type OrgPolicyOverlay_PolicyOverlay struct {

	// Optional. The parent of the policy we are attaching to.
	// Example: "projects/123456"
	PolicyParent string `protobuf:"bytes,1,opt,name=policy_parent,json=policyParent,proto3" json:"policy_parent,omitempty"`
	// Optional. The new or updated OrgPolicy.
	Policy *orgpolicypb.Policy `protobuf:"bytes,2,opt,name=policy,proto3" json:"policy,omitempty"`
	// contains filtered or unexported fields
}

A change to an OrgPolicy.

func (*OrgPolicyOverlay_PolicyOverlay) Descriptor

func (*OrgPolicyOverlay_PolicyOverlay) Descriptor() ([]byte, []int)

Deprecated: Use OrgPolicyOverlay_PolicyOverlay.ProtoReflect.Descriptor instead.

func (*OrgPolicyOverlay_PolicyOverlay) GetPolicy

func (*OrgPolicyOverlay_PolicyOverlay) GetPolicyParent

func (x *OrgPolicyOverlay_PolicyOverlay) GetPolicyParent() string

func (*OrgPolicyOverlay_PolicyOverlay) ProtoMessage

func (*OrgPolicyOverlay_PolicyOverlay) ProtoMessage()

func (*OrgPolicyOverlay_PolicyOverlay) ProtoReflect

func (*OrgPolicyOverlay_PolicyOverlay) Reset

func (x *OrgPolicyOverlay_PolicyOverlay) Reset()

func (*OrgPolicyOverlay_PolicyOverlay) String

OrgPolicyViolation

type OrgPolicyViolation struct {

	// The name of the `OrgPolicyViolation`. Example:
	// organizations/my-example-org/locations/global/orgPolicyViolationsPreviews/506a5f7f/orgPolicyViolations/38ce`
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// The resource violating the constraint.
	Resource *ResourceContext `protobuf:"bytes,2,opt,name=resource,proto3" json:"resource,omitempty"`
	// The custom constraint being violated.
	CustomConstraint *orgpolicypb.CustomConstraint `protobuf:"bytes,3,opt,name=custom_constraint,json=customConstraint,proto3" json:"custom_constraint,omitempty"`
	// Any error encountered during the evaluation.
	Error *status.Status `protobuf:"bytes,4,opt,name=error,proto3" json:"error,omitempty"`
	// contains filtered or unexported fields
}

OrgPolicyViolation is a resource representing a single resource violating a single OrgPolicy constraint.

func (*OrgPolicyViolation) Descriptor

func (*OrgPolicyViolation) Descriptor() ([]byte, []int)

Deprecated: Use OrgPolicyViolation.ProtoReflect.Descriptor instead.

func (*OrgPolicyViolation) GetCustomConstraint

func (x *OrgPolicyViolation) GetCustomConstraint() *orgpolicypb.CustomConstraint

func (*OrgPolicyViolation) GetError

func (x *OrgPolicyViolation) GetError() *status.Status

func (*OrgPolicyViolation) GetName

func (x *OrgPolicyViolation) GetName() string

func (*OrgPolicyViolation) GetResource

func (x *OrgPolicyViolation) GetResource() *ResourceContext

func (*OrgPolicyViolation) ProtoMessage

func (*OrgPolicyViolation) ProtoMessage()

func (*OrgPolicyViolation) ProtoReflect

func (x *OrgPolicyViolation) ProtoReflect() protoreflect.Message

func (*OrgPolicyViolation) Reset

func (x *OrgPolicyViolation) Reset()

func (*OrgPolicyViolation) String

func (x *OrgPolicyViolation) String() string

OrgPolicyViolationsPreview

type OrgPolicyViolationsPreview struct {

	// Output only. The resource name of the `OrgPolicyViolationsPreview`. It has
	// the following format:
	//
	// `organizations/{organization}/locations/{location}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreview}`
	//
	// Example:
	// `organizations/my-example-org/locations/global/orgPolicyViolationsPreviews/506a5f7f`
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Output only. The state of the `OrgPolicyViolationsPreview`.
	State PreviewState `protobuf:"varint,2,opt,name=state,proto3,enum=google.cloud.policysimulator.v1.PreviewState" json:"state,omitempty"`
	// Required. The proposed changes we are previewing violations for.
	Overlay *OrgPolicyOverlay `protobuf:"bytes,3,opt,name=overlay,proto3" json:"overlay,omitempty"`
	// Output only. The number of [OrgPolicyViolations][] in this
	// `OrgPolicyViolationsPreview`. This count may differ from
	// `resource_summary.noncompliant_count` because each
	// [OrgPolicyViolation][google.cloud.policysimulator.v1.OrgPolicyViolation] is
	// specific to a resource **and** constraint. If there are multiple
	// constraints being evaluated (i.e. multiple policies in the overlay), a
	// single resource may violate multiple constraints.
	ViolationsCount int32 `protobuf:"varint,4,opt,name=violations_count,json=violationsCount,proto3" json:"violations_count,omitempty"`
	// Output only. A summary of the state of all resources scanned for compliance
	// with the changed OrgPolicy.
	ResourceCounts *OrgPolicyViolationsPreview_ResourceCounts `protobuf:"bytes,5,opt,name=resource_counts,json=resourceCounts,proto3" json:"resource_counts,omitempty"`
	// Output only. The names of the constraints against which all
	// `OrgPolicyViolations` were evaluated.
	//
	// If `OrgPolicyOverlay` only contains `PolicyOverlay` then it contains
	// the name of the configured custom constraint, applicable to the specified
	// policies. Otherwise it contains the name of the constraint specified in
	// `CustomConstraintOverlay`.
	//
	// Format:
	// `organizations/{organization_id}/customConstraints/{custom_constraint_id}`
	//
	// Example: `organizations/123/customConstraints/custom.createOnlyE2TypeVms`
	CustomConstraints []string `protobuf:"bytes,6,rep,name=custom_constraints,json=customConstraints,proto3" json:"custom_constraints,omitempty"`
	// Output only. Time when this `OrgPolicyViolationsPreview` was created.
	CreateTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
	// contains filtered or unexported fields
}

OrgPolicyViolationsPreview is a resource providing a preview of the violations that will exist if an OrgPolicy change is made.

The list of violations are modeled as child resources and retrieved via a [ListOrgPolicyViolations][] API call. There are potentially more [OrgPolicyViolations][] than could fit in an embedded field. Thus, the use of a child resource instead of a field.

func (*OrgPolicyViolationsPreview) Descriptor

func (*OrgPolicyViolationsPreview) Descriptor() ([]byte, []int)

Deprecated: Use OrgPolicyViolationsPreview.ProtoReflect.Descriptor instead.

func (*OrgPolicyViolationsPreview) GetCreateTime

func (x *OrgPolicyViolationsPreview) GetCreateTime() *timestamppb.Timestamp

func (*OrgPolicyViolationsPreview) GetCustomConstraints

func (x *OrgPolicyViolationsPreview) GetCustomConstraints() []string

func (*OrgPolicyViolationsPreview) GetName

func (x *OrgPolicyViolationsPreview) GetName() string

func (*OrgPolicyViolationsPreview) GetOverlay

func (*OrgPolicyViolationsPreview) GetResourceCounts

func (*OrgPolicyViolationsPreview) GetState

func (*OrgPolicyViolationsPreview) GetViolationsCount

func (x *OrgPolicyViolationsPreview) GetViolationsCount() int32

func (*OrgPolicyViolationsPreview) ProtoMessage

func (*OrgPolicyViolationsPreview) ProtoMessage()

func (*OrgPolicyViolationsPreview) ProtoReflect

func (*OrgPolicyViolationsPreview) Reset

func (x *OrgPolicyViolationsPreview) Reset()

func (*OrgPolicyViolationsPreview) String

func (x *OrgPolicyViolationsPreview) String() string

OrgPolicyViolationsPreviewServiceClient

type OrgPolicyViolationsPreviewServiceClient interface {
	// ListOrgPolicyViolationsPreviews lists each
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// in an organization. Each
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// is available for at least 7 days.
	ListOrgPolicyViolationsPreviews(ctx context.Context, in *ListOrgPolicyViolationsPreviewsRequest, opts ...grpc.CallOption) (*ListOrgPolicyViolationsPreviewsResponse, error)
	// GetOrgPolicyViolationsPreview gets the specified
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
	// Each
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// is available for at least 7 days.
	GetOrgPolicyViolationsPreview(ctx context.Context, in *GetOrgPolicyViolationsPreviewRequest, opts ...grpc.CallOption) (*OrgPolicyViolationsPreview, error)
	// CreateOrgPolicyViolationsPreview creates an
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// for the proposed changes in the provided
	// [OrgPolicyViolationsPreview.OrgPolicyOverlay][]. The changes to OrgPolicy
	// are specified by this `OrgPolicyOverlay`. The resources to scan are
	// inferred from these specified changes.
	CreateOrgPolicyViolationsPreview(ctx context.Context, in *CreateOrgPolicyViolationsPreviewRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// ListOrgPolicyViolations lists the [OrgPolicyViolations][] that are present
	// in an
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
	ListOrgPolicyViolations(ctx context.Context, in *ListOrgPolicyViolationsRequest, opts ...grpc.CallOption) (*ListOrgPolicyViolationsResponse, error)
}

OrgPolicyViolationsPreviewServiceClient is the client API for OrgPolicyViolationsPreviewService service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewOrgPolicyViolationsPreviewServiceClient

func NewOrgPolicyViolationsPreviewServiceClient(cc grpc.ClientConnInterface) OrgPolicyViolationsPreviewServiceClient

OrgPolicyViolationsPreviewServiceServer

type OrgPolicyViolationsPreviewServiceServer interface {
	// ListOrgPolicyViolationsPreviews lists each
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// in an organization. Each
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// is available for at least 7 days.
	ListOrgPolicyViolationsPreviews(context.Context, *ListOrgPolicyViolationsPreviewsRequest) (*ListOrgPolicyViolationsPreviewsResponse, error)
	// GetOrgPolicyViolationsPreview gets the specified
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
	// Each
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// is available for at least 7 days.
	GetOrgPolicyViolationsPreview(context.Context, *GetOrgPolicyViolationsPreviewRequest) (*OrgPolicyViolationsPreview, error)
	// CreateOrgPolicyViolationsPreview creates an
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// for the proposed changes in the provided
	// [OrgPolicyViolationsPreview.OrgPolicyOverlay][]. The changes to OrgPolicy
	// are specified by this `OrgPolicyOverlay`. The resources to scan are
	// inferred from these specified changes.
	CreateOrgPolicyViolationsPreview(context.Context, *CreateOrgPolicyViolationsPreviewRequest) (*longrunningpb.Operation, error)
	// ListOrgPolicyViolations lists the [OrgPolicyViolations][] that are present
	// in an
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
	ListOrgPolicyViolations(context.Context, *ListOrgPolicyViolationsRequest) (*ListOrgPolicyViolationsResponse, error)
}

OrgPolicyViolationsPreviewServiceServer is the server API for OrgPolicyViolationsPreviewService service. All implementations should embed UnimplementedOrgPolicyViolationsPreviewServiceServer for forward compatibility

OrgPolicyViolationsPreview_ResourceCounts

type OrgPolicyViolationsPreview_ResourceCounts struct {

	// Output only. Number of resources checked for compliance.
	//
	// Must equal:  unenforced + noncompliant + compliant + error
	Scanned int32 `protobuf:"varint,1,opt,name=scanned,proto3" json:"scanned,omitempty"`
	// Output only. Number of scanned resources with at least one violation.
	Noncompliant int32 `protobuf:"varint,2,opt,name=noncompliant,proto3" json:"noncompliant,omitempty"`
	// Output only. Number of scanned resources with zero violations.
	Compliant int32 `protobuf:"varint,3,opt,name=compliant,proto3" json:"compliant,omitempty"`
	// Output only. Number of resources where the constraint was not enforced,
	// i.e. the Policy set `enforced: false` for that resource.
	Unenforced int32 `protobuf:"varint,4,opt,name=unenforced,proto3" json:"unenforced,omitempty"`
	// Output only. Number of resources that returned an error when scanned.
	Errors int32 `protobuf:"varint,5,opt,name=errors,proto3" json:"errors,omitempty"`
	// contains filtered or unexported fields
}

A summary of the state of all resources scanned for compliance with the changed OrgPolicy.

func (*OrgPolicyViolationsPreview_ResourceCounts) Descriptor

func (*OrgPolicyViolationsPreview_ResourceCounts) Descriptor() ([]byte, []int)

Deprecated: Use OrgPolicyViolationsPreview_ResourceCounts.ProtoReflect.Descriptor instead.

func (*OrgPolicyViolationsPreview_ResourceCounts) GetCompliant

func (*OrgPolicyViolationsPreview_ResourceCounts) GetErrors

func (*OrgPolicyViolationsPreview_ResourceCounts) GetNoncompliant

func (x *OrgPolicyViolationsPreview_ResourceCounts) GetNoncompliant() int32

func (*OrgPolicyViolationsPreview_ResourceCounts) GetScanned

func (*OrgPolicyViolationsPreview_ResourceCounts) GetUnenforced

func (*OrgPolicyViolationsPreview_ResourceCounts) ProtoMessage

func (*OrgPolicyViolationsPreview_ResourceCounts) ProtoReflect

func (*OrgPolicyViolationsPreview_ResourceCounts) Reset

func (*OrgPolicyViolationsPreview_ResourceCounts) String

PreviewState

type PreviewState int32

The current state of an [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].

PreviewState_PREVIEW_STATE_UNSPECIFIED, PreviewState_PREVIEW_PENDING, PreviewState_PREVIEW_RUNNING, PreviewState_PREVIEW_SUCCEEDED, PreviewState_PREVIEW_FAILED

const (
	// The state is unspecified.
	PreviewState_PREVIEW_STATE_UNSPECIFIED PreviewState = 0
	// The
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// has not been created yet.
	PreviewState_PREVIEW_PENDING PreviewState = 1
	// The
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// is currently being created.
	PreviewState_PREVIEW_RUNNING PreviewState = 2
	// The
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// creation finished successfully.
	PreviewState_PREVIEW_SUCCEEDED PreviewState = 3
	// The
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// creation failed with an error.
	PreviewState_PREVIEW_FAILED PreviewState = 4
)

func (PreviewState) Descriptor

func (PreviewState) Enum

func (x PreviewState) Enum() *PreviewState

func (PreviewState) EnumDescriptor

func (PreviewState) EnumDescriptor() ([]byte, []int)

Deprecated: Use PreviewState.Descriptor instead.

func (PreviewState) Number

func (PreviewState) String

func (x PreviewState) String() string

func (PreviewState) Type

Replay

type Replay struct {

	// Output only. The resource name of the `Replay`, which has the following
	// format:
	//
	// `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}`,
	// where `{resource-id}` is the ID of the project, folder, or organization
	// that owns the Replay.
	//
	// Example:
	// `projects/my-example-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36`
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Output only. The current state of the `Replay`.
	State Replay_State `protobuf:"varint,2,opt,name=state,proto3,enum=google.cloud.policysimulator.v1.Replay_State" json:"state,omitempty"`
	// Required. The configuration used for the `Replay`.
	Config *ReplayConfig `protobuf:"bytes,3,opt,name=config,proto3" json:"config,omitempty"`
	// Output only. Summary statistics about the replayed log entries.
	ResultsSummary *Replay_ResultsSummary `protobuf:"bytes,5,opt,name=results_summary,json=resultsSummary,proto3" json:"results_summary,omitempty"`
	// contains filtered or unexported fields
}

A resource describing a Replay, or simulation.

func (*Replay) Descriptor

func (*Replay) Descriptor() ([]byte, []int)

Deprecated: Use Replay.ProtoReflect.Descriptor instead.

func (*Replay) GetConfig

func (x *Replay) GetConfig() *ReplayConfig

func (*Replay) GetName

func (x *Replay) GetName() string

func (*Replay) GetResultsSummary

func (x *Replay) GetResultsSummary() *Replay_ResultsSummary

func (*Replay) GetState

func (x *Replay) GetState() Replay_State

func (*Replay) ProtoMessage

func (*Replay) ProtoMessage()

func (*Replay) ProtoReflect

func (x *Replay) ProtoReflect() protoreflect.Message

func (*Replay) Reset

func (x *Replay) Reset()

func (*Replay) String

func (x *Replay) String() string

ReplayConfig

type ReplayConfig struct {

	// A mapping of the resources that you want to simulate policies for and the
	// policies that you want to simulate.
	//
	// Keys are the full resource names for the resources. For example,
	// `//cloudresourcemanager.googleapis.com/projects/my-project`.
	// For examples of full resource names for Google Cloud services, see
	// https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
	//
	// Values are [Policy][google.iam.v1.Policy] objects representing the policies
	// that you want to simulate.
	//
	// Replays automatically take into account any IAM policies inherited through
	// the resource hierarchy, and any policies set on descendant resources. You
	// do not need to include these policies in the policy overlay.
	PolicyOverlay map[string]*iampb.Policy `protobuf:"bytes,1,rep,name=policy_overlay,json=policyOverlay,proto3" json:"policy_overlay,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
	// The logs to use as input for the
	// [Replay][google.cloud.policysimulator.v1.Replay].
	LogSource ReplayConfig_LogSource `protobuf:"varint,2,opt,name=log_source,json=logSource,proto3,enum=google.cloud.policysimulator.v1.ReplayConfig_LogSource" json:"log_source,omitempty"`
	// contains filtered or unexported fields
}

The configuration used for a [Replay][google.cloud.policysimulator.v1.Replay].

func (*ReplayConfig) Descriptor

func (*ReplayConfig) Descriptor() ([]byte, []int)

Deprecated: Use ReplayConfig.ProtoReflect.Descriptor instead.

func (*ReplayConfig) GetLogSource

func (x *ReplayConfig) GetLogSource() ReplayConfig_LogSource

func (*ReplayConfig) GetPolicyOverlay

func (x *ReplayConfig) GetPolicyOverlay() map[string]*iampb.Policy

func (*ReplayConfig) ProtoMessage

func (*ReplayConfig) ProtoMessage()

func (*ReplayConfig) ProtoReflect

func (x *ReplayConfig) ProtoReflect() protoreflect.Message

func (*ReplayConfig) Reset

func (x *ReplayConfig) Reset()

func (*ReplayConfig) String

func (x *ReplayConfig) String() string

ReplayConfig_LogSource

type ReplayConfig_LogSource int32

The source of the logs to use for a [Replay][google.cloud.policysimulator.v1.Replay].

ReplayConfig_LOG_SOURCE_UNSPECIFIED, ReplayConfig_RECENT_ACCESSES

const (
	// An unspecified log source.
	// If the log source is unspecified, the
	// [Replay][google.cloud.policysimulator.v1.Replay] defaults to using
	// `RECENT_ACCESSES`.
	ReplayConfig_LOG_SOURCE_UNSPECIFIED ReplayConfig_LogSource = 0
	// All access logs from the last 90 days. These logs may not include logs
	// from the most recent 7 days.
	ReplayConfig_RECENT_ACCESSES ReplayConfig_LogSource = 1
)

func (ReplayConfig_LogSource) Descriptor

func (ReplayConfig_LogSource) Enum

func (ReplayConfig_LogSource) EnumDescriptor

func (ReplayConfig_LogSource) EnumDescriptor() ([]byte, []int)

Deprecated: Use ReplayConfig_LogSource.Descriptor instead.

func (ReplayConfig_LogSource) Number

func (ReplayConfig_LogSource) String

func (x ReplayConfig_LogSource) String() string

func (ReplayConfig_LogSource) Type

ReplayDiff

type ReplayDiff struct {

	// A summary and comparison of the principal's access under the current
	// (baseline) policies and the proposed (simulated) policies for a single
	// access tuple.
	//
	// The evaluation of the principal's access is reported in the
	// [AccessState][google.cloud.policysimulator.v1.AccessState] field.
	AccessDiff *AccessStateDiff `protobuf:"bytes,2,opt,name=access_diff,json=accessDiff,proto3" json:"access_diff,omitempty"`
	// contains filtered or unexported fields
}

The difference between the results of evaluating an access tuple under the current (baseline) policies and under the proposed (simulated) policies. This difference explains how a principal's access could change if the proposed policies were applied.

func (*ReplayDiff) Descriptor

func (*ReplayDiff) Descriptor() ([]byte, []int)

Deprecated: Use ReplayDiff.ProtoReflect.Descriptor instead.

func (*ReplayDiff) GetAccessDiff

func (x *ReplayDiff) GetAccessDiff() *AccessStateDiff

func (*ReplayDiff) ProtoMessage

func (*ReplayDiff) ProtoMessage()

func (*ReplayDiff) ProtoReflect

func (x *ReplayDiff) ProtoReflect() protoreflect.Message

func (*ReplayDiff) Reset

func (x *ReplayDiff) Reset()

func (*ReplayDiff) String

func (x *ReplayDiff) String() string

ReplayOperationMetadata

type ReplayOperationMetadata struct {

	// Time when the request was received.
	StartTime *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=start_time,json=startTime,proto3" json:"start_time,omitempty"`
	// contains filtered or unexported fields
}

Metadata about a Replay operation.

func (*ReplayOperationMetadata) Descriptor

func (*ReplayOperationMetadata) Descriptor() ([]byte, []int)

Deprecated: Use ReplayOperationMetadata.ProtoReflect.Descriptor instead.

func (*ReplayOperationMetadata) GetStartTime

func (x *ReplayOperationMetadata) GetStartTime() *timestamppb.Timestamp

func (*ReplayOperationMetadata) ProtoMessage

func (*ReplayOperationMetadata) ProtoMessage()

func (*ReplayOperationMetadata) ProtoReflect

func (x *ReplayOperationMetadata) ProtoReflect() protoreflect.Message

func (*ReplayOperationMetadata) Reset

func (x *ReplayOperationMetadata) Reset()

func (*ReplayOperationMetadata) String

func (x *ReplayOperationMetadata) String() string

ReplayResult

type ReplayResult struct {

	// The result of replaying the access tuple.
	//
	// Types that are assignable to Result:
	//
	//	*ReplayResult_Diff
	//	*ReplayResult_Error
	Result isReplayResult_Result `protobuf_oneof:"result"`
	// The resource name of the `ReplayResult`, in the following format:
	//
	// `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}/results/{replay-result-id}`,
	// where `{resource-id}` is the ID of the project, folder, or organization
	// that owns the [Replay][google.cloud.policysimulator.v1.Replay].
	//
	// Example:
	// `projects/my-example-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36/results/1234`
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// The [Replay][google.cloud.policysimulator.v1.Replay] that the access tuple
	// was included in.
	Parent string `protobuf:"bytes,2,opt,name=parent,proto3" json:"parent,omitempty"`
	// The access tuple that was replayed. This field includes information about
	// the principal, resource, and permission that were involved in the access
	// attempt.
	AccessTuple *AccessTuple `protobuf:"bytes,3,opt,name=access_tuple,json=accessTuple,proto3" json:"access_tuple,omitempty"`
	// The latest date this access tuple was seen in the logs.
	LastSeenDate *date.Date `protobuf:"bytes,4,opt,name=last_seen_date,json=lastSeenDate,proto3" json:"last_seen_date,omitempty"`
	// contains filtered or unexported fields
}

The result of replaying a single access tuple against a simulated state.

func (*ReplayResult) Descriptor

func (*ReplayResult) Descriptor() ([]byte, []int)

Deprecated: Use ReplayResult.ProtoReflect.Descriptor instead.

func (*ReplayResult) GetAccessTuple

func (x *ReplayResult) GetAccessTuple() *AccessTuple

func (*ReplayResult) GetDiff

func (x *ReplayResult) GetDiff() *ReplayDiff

func (*ReplayResult) GetError

func (x *ReplayResult) GetError() *status.Status

func (*ReplayResult) GetLastSeenDate

func (x *ReplayResult) GetLastSeenDate() *date.Date

func (*ReplayResult) GetName

func (x *ReplayResult) GetName() string

func (*ReplayResult) GetParent

func (x *ReplayResult) GetParent() string

func (*ReplayResult) GetResult

func (m *ReplayResult) GetResult() isReplayResult_Result

func (*ReplayResult) ProtoMessage

func (*ReplayResult) ProtoMessage()

func (*ReplayResult) ProtoReflect

func (x *ReplayResult) ProtoReflect() protoreflect.Message

func (*ReplayResult) Reset

func (x *ReplayResult) Reset()

func (*ReplayResult) String

func (x *ReplayResult) String() string

ReplayResult_Diff

type ReplayResult_Diff struct {
	// The difference between the principal's access under the current
	// (baseline) policies and the principal's access under the proposed
	// (simulated) policies.
	//
	// This field is only included for access tuples that were successfully
	// replayed and had different results under the current policies and the
	// proposed policies.
	Diff *ReplayDiff `protobuf:"bytes,5,opt,name=diff,proto3,oneof"`
}

ReplayResult_Error

type ReplayResult_Error struct {
	// The error that caused the access tuple replay to fail.
	//
	// This field is only included for access tuples that were not replayed
	// successfully.
	Error *status.Status `protobuf:"bytes,6,opt,name=error,proto3,oneof"`
}

Replay_ResultsSummary

type Replay_ResultsSummary struct {

	// The total number of log entries replayed.
	LogCount int32 `protobuf:"varint,1,opt,name=log_count,json=logCount,proto3" json:"log_count,omitempty"`
	// The number of replayed log entries with no difference between
	// baseline and simulated policies.
	UnchangedCount int32 `protobuf:"varint,2,opt,name=unchanged_count,json=unchangedCount,proto3" json:"unchanged_count,omitempty"`
	// The number of replayed log entries with a difference between baseline and
	// simulated policies.
	DifferenceCount int32 `protobuf:"varint,3,opt,name=difference_count,json=differenceCount,proto3" json:"difference_count,omitempty"`
	// The number of log entries that could not be replayed.
	ErrorCount int32 `protobuf:"varint,4,opt,name=error_count,json=errorCount,proto3" json:"error_count,omitempty"`
	// The date of the oldest log entry replayed.
	OldestDate *date.Date `protobuf:"bytes,5,opt,name=oldest_date,json=oldestDate,proto3" json:"oldest_date,omitempty"`
	// The date of the newest log entry replayed.
	NewestDate *date.Date `protobuf:"bytes,6,opt,name=newest_date,json=newestDate,proto3" json:"newest_date,omitempty"`
	// contains filtered or unexported fields
}

Summary statistics about the replayed log entries.

func (*Replay_ResultsSummary) Descriptor

func (*Replay_ResultsSummary) Descriptor() ([]byte, []int)

Deprecated: Use Replay_ResultsSummary.ProtoReflect.Descriptor instead.

func (*Replay_ResultsSummary) GetDifferenceCount

func (x *Replay_ResultsSummary) GetDifferenceCount() int32

func (*Replay_ResultsSummary) GetErrorCount

func (x *Replay_ResultsSummary) GetErrorCount() int32

func (*Replay_ResultsSummary) GetLogCount

func (x *Replay_ResultsSummary) GetLogCount() int32

func (*Replay_ResultsSummary) GetNewestDate

func (x *Replay_ResultsSummary) GetNewestDate() *date.Date

func (*Replay_ResultsSummary) GetOldestDate

func (x *Replay_ResultsSummary) GetOldestDate() *date.Date

func (*Replay_ResultsSummary) GetUnchangedCount

func (x *Replay_ResultsSummary) GetUnchangedCount() int32

func (*Replay_ResultsSummary) ProtoMessage

func (*Replay_ResultsSummary) ProtoMessage()

func (*Replay_ResultsSummary) ProtoReflect

func (x *Replay_ResultsSummary) ProtoReflect() protoreflect.Message

func (*Replay_ResultsSummary) Reset

func (x *Replay_ResultsSummary) Reset()

func (*Replay_ResultsSummary) String

func (x *Replay_ResultsSummary) String() string

Replay_State

type Replay_State int32

The current state of the [Replay][google.cloud.policysimulator.v1.Replay].

Replay_STATE_UNSPECIFIED, Replay_PENDING, Replay_RUNNING, Replay_SUCCEEDED, Replay_FAILED

const (
	// Default value. This value is unused.
	Replay_STATE_UNSPECIFIED Replay_State = 0
	// The `Replay` has not started yet.
	Replay_PENDING Replay_State = 1
	// The `Replay` is currently running.
	Replay_RUNNING Replay_State = 2
	// The `Replay` has successfully completed.
	Replay_SUCCEEDED Replay_State = 3
	// The `Replay` has finished with an error.
	Replay_FAILED Replay_State = 4
)

func (Replay_State) Descriptor

func (Replay_State) Enum

func (x Replay_State) Enum() *Replay_State

func (Replay_State) EnumDescriptor

func (Replay_State) EnumDescriptor() ([]byte, []int)

Deprecated: Use Replay_State.Descriptor instead.

func (Replay_State) Number

func (Replay_State) String

func (x Replay_State) String() string

func (Replay_State) Type

ResourceContext

type ResourceContext struct {

	// The full name of the resource. Example:
	// `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`
	//
	// See [Resource
	// names](https://cloud.google.com/apis/design/resource_names#full_resource_name)
	// for more information.
	Resource string `protobuf:"bytes,1,opt,name=resource,proto3" json:"resource,omitempty"`
	// The asset type of the resource as defined by CAIS.
	//
	// Example: `compute.googleapis.com/Firewall`
	//
	// See [Supported asset
	// types](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
	// for more information.
	AssetType string `protobuf:"bytes,2,opt,name=asset_type,json=assetType,proto3" json:"asset_type,omitempty"`
	// The ancestry path of the resource in Google Cloud [resource
	// hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy),
	// represented as a list of relative resource names. An ancestry path starts
	// with the closest ancestor in the hierarchy and ends at root. If the
	// resource is a project, folder, or organization, the ancestry path starts
	// from the resource itself.
	//
	// Example: `["projects/123456789", "folders/5432", "organizations/1234"]`
	Ancestors []string `protobuf:"bytes,3,rep,name=ancestors,proto3" json:"ancestors,omitempty"`
	// contains filtered or unexported fields
}

ResourceContext provides the context we know about a resource. It is similar in concept to google.cloud.asset.v1.Resource, but focuses on the information specifically used by Simulator.

func (*ResourceContext) Descriptor

func (*ResourceContext) Descriptor() ([]byte, []int)

Deprecated: Use ResourceContext.ProtoReflect.Descriptor instead.

func (*ResourceContext) GetAncestors

func (x *ResourceContext) GetAncestors() []string

func (*ResourceContext) GetAssetType

func (x *ResourceContext) GetAssetType() string

func (*ResourceContext) GetResource

func (x *ResourceContext) GetResource() string

func (*ResourceContext) ProtoMessage

func (*ResourceContext) ProtoMessage()

func (*ResourceContext) ProtoReflect

func (x *ResourceContext) ProtoReflect() protoreflect.Message

func (*ResourceContext) Reset

func (x *ResourceContext) Reset()

func (*ResourceContext) String

func (x *ResourceContext) String() string

SimulatorClient

type SimulatorClient interface {
	// Gets the specified [Replay][google.cloud.policysimulator.v1.Replay]. Each
	// `Replay` is available for at least 7 days.
	GetReplay(ctx context.Context, in *GetReplayRequest, opts ...grpc.CallOption) (*Replay, error)
	// Creates and starts a [Replay][google.cloud.policysimulator.v1.Replay] using
	// the given [ReplayConfig][google.cloud.policysimulator.v1.ReplayConfig].
	CreateReplay(ctx context.Context, in *CreateReplayRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// Lists the results of running a
	// [Replay][google.cloud.policysimulator.v1.Replay].
	ListReplayResults(ctx context.Context, in *ListReplayResultsRequest, opts ...grpc.CallOption) (*ListReplayResultsResponse, error)
}

SimulatorClient is the client API for Simulator service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewSimulatorClient

func NewSimulatorClient(cc grpc.ClientConnInterface) SimulatorClient

SimulatorServer

type SimulatorServer interface {
	// Gets the specified [Replay][google.cloud.policysimulator.v1.Replay]. Each
	// `Replay` is available for at least 7 days.
	GetReplay(context.Context, *GetReplayRequest) (*Replay, error)
	// Creates and starts a [Replay][google.cloud.policysimulator.v1.Replay] using
	// the given [ReplayConfig][google.cloud.policysimulator.v1.ReplayConfig].
	CreateReplay(context.Context, *CreateReplayRequest) (*longrunningpb.Operation, error)
	// Lists the results of running a
	// [Replay][google.cloud.policysimulator.v1.Replay].
	ListReplayResults(context.Context, *ListReplayResultsRequest) (*ListReplayResultsResponse, error)
}

SimulatorServer is the server API for Simulator service. All implementations should embed UnimplementedSimulatorServer for forward compatibility

UnimplementedOrgPolicyViolationsPreviewServiceServer

type UnimplementedOrgPolicyViolationsPreviewServiceServer struct {
}

UnimplementedOrgPolicyViolationsPreviewServiceServer should be embedded to have forward compatible implementations.

func (UnimplementedOrgPolicyViolationsPreviewServiceServer) CreateOrgPolicyViolationsPreview

func (UnimplementedOrgPolicyViolationsPreviewServiceServer) GetOrgPolicyViolationsPreview

func (UnimplementedOrgPolicyViolationsPreviewServiceServer) ListOrgPolicyViolations

func (UnimplementedOrgPolicyViolationsPreviewServiceServer) ListOrgPolicyViolationsPreviews

UnimplementedSimulatorServer

type UnimplementedSimulatorServer struct {
}

UnimplementedSimulatorServer should be embedded to have forward compatible implementations.

func (UnimplementedSimulatorServer) CreateReplay

func (UnimplementedSimulatorServer) GetReplay

func (UnimplementedSimulatorServer) ListReplayResults

UnsafeOrgPolicyViolationsPreviewServiceServer

type UnsafeOrgPolicyViolationsPreviewServiceServer interface {
	// contains filtered or unexported methods
}

UnsafeOrgPolicyViolationsPreviewServiceServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to OrgPolicyViolationsPreviewServiceServer will result in compilation errors.

UnsafeSimulatorServer

type UnsafeSimulatorServer interface {
	// contains filtered or unexported methods
}

UnsafeSimulatorServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to SimulatorServer will result in compilation errors.