public static final class ExportIamPolicyAnalysisRequest.Options extends GeneratedMessageV3 implements ExportIamPolicyAnalysisRequest.OptionsOrBuilder
Contains request options.
Protobuf type google.cloud.asset.v1p4beta1.ExportIamPolicyAnalysisRequest.Options
Static Fields
ANALYZE_SERVICE_ACCOUNT_IMPERSONATION_FIELD_NUMBER
public static final int ANALYZE_SERVICE_ACCOUNT_IMPERSONATION_FIELD_NUMBER
Field Value
EXPAND_GROUPS_FIELD_NUMBER
public static final int EXPAND_GROUPS_FIELD_NUMBER
Field Value
EXPAND_RESOURCES_FIELD_NUMBER
public static final int EXPAND_RESOURCES_FIELD_NUMBER
Field Value
EXPAND_ROLES_FIELD_NUMBER
public static final int EXPAND_ROLES_FIELD_NUMBER
Field Value
OUTPUT_GROUP_EDGES_FIELD_NUMBER
public static final int OUTPUT_GROUP_EDGES_FIELD_NUMBER
Field Value
OUTPUT_RESOURCE_EDGES_FIELD_NUMBER
public static final int OUTPUT_RESOURCE_EDGES_FIELD_NUMBER
Field Value
Static Methods
getDefaultInstance()
public static ExportIamPolicyAnalysisRequest.Options getDefaultInstance()
Returns
getDescriptor()
public static final Descriptors.Descriptor getDescriptor()
Returns
newBuilder()
public static ExportIamPolicyAnalysisRequest.Options.Builder newBuilder()
Returns
newBuilder(ExportIamPolicyAnalysisRequest.Options prototype)
public static ExportIamPolicyAnalysisRequest.Options.Builder newBuilder(ExportIamPolicyAnalysisRequest.Options prototype)
Parameter
Returns
public static ExportIamPolicyAnalysisRequest.Options parseDelimitedFrom(InputStream input)
Parameter
Returns
Exceptions
public static ExportIamPolicyAnalysisRequest.Options parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
Returns
Exceptions
parseFrom(byte[] data)
public static ExportIamPolicyAnalysisRequest.Options parseFrom(byte[] data)
Parameter
Name |
Description |
data |
byte[]
|
Returns
Exceptions
parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
public static ExportIamPolicyAnalysisRequest.Options parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
Parameters
Returns
Exceptions
parseFrom(ByteString data)
public static ExportIamPolicyAnalysisRequest.Options parseFrom(ByteString data)
Parameter
Returns
Exceptions
parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
public static ExportIamPolicyAnalysisRequest.Options parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
Parameters
Returns
Exceptions
public static ExportIamPolicyAnalysisRequest.Options parseFrom(CodedInputStream input)
Parameter
Returns
Exceptions
public static ExportIamPolicyAnalysisRequest.Options parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
Returns
Exceptions
public static ExportIamPolicyAnalysisRequest.Options parseFrom(InputStream input)
Parameter
Returns
Exceptions
public static ExportIamPolicyAnalysisRequest.Options parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
Returns
Exceptions
parseFrom(ByteBuffer data)
public static ExportIamPolicyAnalysisRequest.Options parseFrom(ByteBuffer data)
Parameter
Returns
Exceptions
parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
public static ExportIamPolicyAnalysisRequest.Options parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
Parameters
Returns
Exceptions
parser()
public static Parser<ExportIamPolicyAnalysisRequest.Options> parser()
Returns
Methods
equals(Object obj)
public boolean equals(Object obj)
Parameter
Returns
Overrides
getAnalyzeServiceAccountImpersonation()
public boolean getAnalyzeServiceAccountImpersonation()
Optional. If true, the response will include access analysis from identities to
resources via service account impersonation. This is a very expensive
operation, because many derived queries will be executed.
For example, if the request analyzes for which resources user A has
permission P, and there's an IAM policy states user A has
iam.serviceAccounts.getAccessToken permission to a service account SA,
and there's another IAM policy states service account SA has permission P
to a GCP folder F, then user A potentially has access to the GCP folder
F. And those advanced analysis results will be included in
AnalyzeIamPolicyResponse.service_account_impersonation_analysis.
Another example, if the request analyzes for who has
permission P to a GCP folder F, and there's an IAM policy states user A
has iam.serviceAccounts.actAs permission to a service account SA, and
there's another IAM policy states service account SA has permission P to
the GCP folder F, then user A potentially has access to the GCP folder
F. And those advanced analysis results will be included in
AnalyzeIamPolicyResponse.service_account_impersonation_analysis.
Default is false.
bool analyze_service_account_impersonation = 6 [(.google.api.field_behavior) = OPTIONAL];
Returns
Type |
Description |
boolean |
The analyzeServiceAccountImpersonation.
|
getDefaultInstanceForType()
public ExportIamPolicyAnalysisRequest.Options getDefaultInstanceForType()
Returns
getExpandGroups()
public boolean getExpandGroups()
Optional. If true, the identities section of the result will expand any
Google groups appearing in an IAM policy binding.
If [identity_selector][] is specified, the identity in the result will
be determined by the selector, and this flag will have no effect.
Default is false.
bool expand_groups = 1 [(.google.api.field_behavior) = OPTIONAL];
Returns
Type |
Description |
boolean |
The expandGroups.
|
getExpandResources()
public boolean getExpandResources()
Optional. If true, the resource section of the result will expand any
resource attached to an IAM policy to include resources lower in the
resource hierarchy.
For example, if the request analyzes for which resources user A has
permission P, and the results include an IAM policy with P on a GCP
folder, the results will also include resources in that folder with
permission P.
If [resource_selector][] is specified, the resource section of the result
will be determined by the selector, and this flag will have no effect.
Default is false.
bool expand_resources = 3 [(.google.api.field_behavior) = OPTIONAL];
Returns
Type |
Description |
boolean |
The expandResources.
|
getExpandRoles()
public boolean getExpandRoles()
Optional. If true, the access section of result will expand any roles
appearing in IAM policy bindings to include their permissions.
If [access_selector][] is specified, the access section of the result
will be determined by the selector, and this flag will have no effect.
Default is false.
bool expand_roles = 2 [(.google.api.field_behavior) = OPTIONAL];
Returns
Type |
Description |
boolean |
The expandRoles.
|
getOutputGroupEdges()
public boolean getOutputGroupEdges()
Optional. If true, the result will output group identity edges, starting
from the binding's group members, to any expanded identities.
Default is false.
bool output_group_edges = 5 [(.google.api.field_behavior) = OPTIONAL];
Returns
Type |
Description |
boolean |
The outputGroupEdges.
|
getOutputResourceEdges()
public boolean getOutputResourceEdges()
Optional. If true, the result will output resource edges, starting
from the policy attached resource, to any expanded resources.
Default is false.
bool output_resource_edges = 4 [(.google.api.field_behavior) = OPTIONAL];
Returns
Type |
Description |
boolean |
The outputResourceEdges.
|
getParserForType()
public Parser<ExportIamPolicyAnalysisRequest.Options> getParserForType()
Returns
Overrides
getSerializedSize()
public int getSerializedSize()
Returns
Overrides
getUnknownFields()
public final UnknownFieldSet getUnknownFields()
Returns
Overrides
hashCode()
Returns
Overrides
internalGetFieldAccessorTable()
protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns
Overrides
isInitialized()
public final boolean isInitialized()
Returns
Overrides
newBuilderForType()
public ExportIamPolicyAnalysisRequest.Options.Builder newBuilderForType()
Returns
newBuilderForType(GeneratedMessageV3.BuilderParent parent)
protected ExportIamPolicyAnalysisRequest.Options.Builder newBuilderForType(GeneratedMessageV3.BuilderParent parent)
Parameter
Returns
Overrides
newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
protected Object newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
Parameter
Returns
Overrides
toBuilder()
public ExportIamPolicyAnalysisRequest.Options.Builder toBuilder()
Returns
writeTo(CodedOutputStream output)
public void writeTo(CodedOutputStream output)
Parameter
Overrides
Exceptions