- 1.54.0 (latest)
- 1.53.0
- 1.52.0
- 1.51.0
- 1.50.0
- 1.48.0
- 1.47.0
- 1.46.0
- 1.45.0
- 1.44.0
- 1.43.0
- 1.42.0
- 1.41.0
- 1.40.0
- 1.39.0
- 1.38.0
- 1.36.0
- 1.35.0
- 1.34.0
- 1.33.0
- 1.32.0
- 1.31.0
- 1.30.0
- 1.29.0
- 1.28.0
- 1.27.0
- 1.26.0
- 1.23.0
- 1.22.0
- 1.21.0
- 1.20.0
- 1.19.0
- 1.18.0
- 1.17.0
- 1.16.0
- 1.15.0
- 1.14.0
- 1.13.0
- 1.12.0
- 1.11.0
- 1.10.0
- 1.8.0
- 1.7.0
- 1.6.0
- 1.5.0
- 1.4.0
- 1.3.0
- 1.2.6
- 1.1.0
- 1.0.4
- 0.4.4
public interface AllowBindingExplanationOrBuilder extends MessageOrBuilder
Implements
MessageOrBuilderMethods
containsMemberships(String key)
public abstract boolean containsMemberships(String key)
Indicates whether each role binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the role binding, and each value indicates whether the principal in the role binding includes the principal in the request.
For example, suppose that a role binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
You want to troubleshoot access for
user:bob@example.com
. This user is a member of the groupgroup:product-eng@example.com
.For the first principal in the role binding, the key is
user:alice@example.com
, and themembership
field in the value is set toNOT_INCLUDED
.For the second principal in the role binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toINCLUDED
.
map<string, .google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership> memberships = 6;
Parameter | |
---|---|
Name | Description |
key | String |
Returns | |
---|---|
Type | Description |
boolean |
getAllowAccessState()
public abstract AllowAccessState getAllowAccessState()
Required. Indicates whether this role binding gives the specified permission to the specified principal on the specified resource.
This field does not indicate whether the principal actually has the
permission on the resource. There might be another role binding that
overrides this role binding. To determine whether the principal actually
has the permission, use the overall_access_state
field in the
TroubleshootIamPolicyResponse.
.google.cloud.policytroubleshooter.iam.v3.AllowAccessState allow_access_state = 1 [(.google.api.field_behavior) = REQUIRED];
Returns | |
---|---|
Type | Description |
AllowAccessState | The allowAccessState. |
getAllowAccessStateValue()
public abstract int getAllowAccessStateValue()
Required. Indicates whether this role binding gives the specified permission to the specified principal on the specified resource.
This field does not indicate whether the principal actually has the
permission on the resource. There might be another role binding that
overrides this role binding. To determine whether the principal actually
has the permission, use the overall_access_state
field in the
TroubleshootIamPolicyResponse.
.google.cloud.policytroubleshooter.iam.v3.AllowAccessState allow_access_state = 1 [(.google.api.field_behavior) = REQUIRED];
Returns | |
---|---|
Type | Description |
int | The enum numeric value on the wire for allowAccessState. |
getCombinedMembership()
public abstract AllowBindingExplanation.AnnotatedAllowMembership getCombinedMembership()
The combined result of all memberships. Indicates if the principal is included in any role binding, either directly or indirectly.
.google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership combined_membership = 5;
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.AnnotatedAllowMembership | The combinedMembership. |
getCombinedMembershipOrBuilder()
public abstract AllowBindingExplanation.AnnotatedAllowMembershipOrBuilder getCombinedMembershipOrBuilder()
The combined result of all memberships. Indicates if the principal is included in any role binding, either directly or indirectly.
.google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership combined_membership = 5;
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.AnnotatedAllowMembershipOrBuilder |
getCondition()
public abstract Expr getCondition()
A condition expression that specifies when the role binding grants access.
To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.
.google.type.Expr condition = 8;
Returns | |
---|---|
Type | Description |
com.google.type.Expr | The condition. |
getConditionExplanation()
public abstract ConditionExplanation getConditionExplanation()
Condition evaluation state for this role binding.
.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 9;
Returns | |
---|---|
Type | Description |
ConditionExplanation | The conditionExplanation. |
getConditionExplanationOrBuilder()
public abstract ConditionExplanationOrBuilder getConditionExplanationOrBuilder()
Condition evaluation state for this role binding.
.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 9;
Returns | |
---|---|
Type | Description |
ConditionExplanationOrBuilder |
getConditionOrBuilder()
public abstract ExprOrBuilder getConditionOrBuilder()
A condition expression that specifies when the role binding grants access.
To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.
.google.type.Expr condition = 8;
Returns | |
---|---|
Type | Description |
com.google.type.ExprOrBuilder |
getMemberships() (deprecated)
public abstract Map<String,AllowBindingExplanation.AnnotatedAllowMembership> getMemberships()
Use #getMembershipsMap() instead.
Returns | |
---|---|
Type | Description |
Map<String,AnnotatedAllowMembership> |
getMembershipsCount()
public abstract int getMembershipsCount()
Indicates whether each role binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the role binding, and each value indicates whether the principal in the role binding includes the principal in the request.
For example, suppose that a role binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
You want to troubleshoot access for
user:bob@example.com
. This user is a member of the groupgroup:product-eng@example.com
.For the first principal in the role binding, the key is
user:alice@example.com
, and themembership
field in the value is set toNOT_INCLUDED
.For the second principal in the role binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toINCLUDED
.
map<string, .google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership> memberships = 6;
Returns | |
---|---|
Type | Description |
int |
getMembershipsMap()
public abstract Map<String,AllowBindingExplanation.AnnotatedAllowMembership> getMembershipsMap()
Indicates whether each role binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the role binding, and each value indicates whether the principal in the role binding includes the principal in the request.
For example, suppose that a role binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
You want to troubleshoot access for
user:bob@example.com
. This user is a member of the groupgroup:product-eng@example.com
.For the first principal in the role binding, the key is
user:alice@example.com
, and themembership
field in the value is set toNOT_INCLUDED
.For the second principal in the role binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toINCLUDED
.
map<string, .google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership> memberships = 6;
Returns | |
---|---|
Type | Description |
Map<String,AnnotatedAllowMembership> |
getMembershipsOrDefault(String key, AllowBindingExplanation.AnnotatedAllowMembership defaultValue)
public abstract AllowBindingExplanation.AnnotatedAllowMembership getMembershipsOrDefault(String key, AllowBindingExplanation.AnnotatedAllowMembership defaultValue)
Indicates whether each role binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the role binding, and each value indicates whether the principal in the role binding includes the principal in the request.
For example, suppose that a role binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
You want to troubleshoot access for
user:bob@example.com
. This user is a member of the groupgroup:product-eng@example.com
.For the first principal in the role binding, the key is
user:alice@example.com
, and themembership
field in the value is set toNOT_INCLUDED
.For the second principal in the role binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toINCLUDED
.
map<string, .google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership> memberships = 6;
Parameters | |
---|---|
Name | Description |
key | String |
defaultValue | AllowBindingExplanation.AnnotatedAllowMembership |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.AnnotatedAllowMembership |
getMembershipsOrThrow(String key)
public abstract AllowBindingExplanation.AnnotatedAllowMembership getMembershipsOrThrow(String key)
Indicates whether each role binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the role binding, and each value indicates whether the principal in the role binding includes the principal in the request.
For example, suppose that a role binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
You want to troubleshoot access for
user:bob@example.com
. This user is a member of the groupgroup:product-eng@example.com
.For the first principal in the role binding, the key is
user:alice@example.com
, and themembership
field in the value is set toNOT_INCLUDED
.For the second principal in the role binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toINCLUDED
.
map<string, .google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership> memberships = 6;
Parameter | |
---|---|
Name | Description |
key | String |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.AnnotatedAllowMembership |
getRelevance()
public abstract HeuristicRelevance getRelevance()
The relevance of this role binding to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance relevance = 7;
Returns | |
---|---|
Type | Description |
HeuristicRelevance | The relevance. |
getRelevanceValue()
public abstract int getRelevanceValue()
The relevance of this role binding to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance relevance = 7;
Returns | |
---|---|
Type | Description |
int | The enum numeric value on the wire for relevance. |
getRole()
public abstract String getRole()
The role that this role binding grants. For example,
roles/compute.admin
.
For a complete list of predefined IAM roles, as well as the permissions in each role, see https://cloud.google.com/iam/help/roles/reference.
string role = 2;
Returns | |
---|---|
Type | Description |
String | The role. |
getRoleBytes()
public abstract ByteString getRoleBytes()
The role that this role binding grants. For example,
roles/compute.admin
.
For a complete list of predefined IAM roles, as well as the permissions in each role, see https://cloud.google.com/iam/help/roles/reference.
string role = 2;
Returns | |
---|---|
Type | Description |
ByteString | The bytes for role. |
getRolePermission()
public abstract RolePermissionInclusionState getRolePermission()
Indicates whether the role granted by this role binding contains the specified permission.
.google.cloud.policytroubleshooter.iam.v3.RolePermissionInclusionState role_permission = 3;
Returns | |
---|---|
Type | Description |
RolePermissionInclusionState | The rolePermission. |
getRolePermissionRelevance()
public abstract HeuristicRelevance getRolePermissionRelevance()
The relevance of the permission's existence, or nonexistence, in the role to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance role_permission_relevance = 4;
Returns | |
---|---|
Type | Description |
HeuristicRelevance | The rolePermissionRelevance. |
getRolePermissionRelevanceValue()
public abstract int getRolePermissionRelevanceValue()
The relevance of the permission's existence, or nonexistence, in the role to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance role_permission_relevance = 4;
Returns | |
---|---|
Type | Description |
int | The enum numeric value on the wire for rolePermissionRelevance. |
getRolePermissionValue()
public abstract int getRolePermissionValue()
Indicates whether the role granted by this role binding contains the specified permission.
.google.cloud.policytroubleshooter.iam.v3.RolePermissionInclusionState role_permission = 3;
Returns | |
---|---|
Type | Description |
int | The enum numeric value on the wire for rolePermission. |
hasCombinedMembership()
public abstract boolean hasCombinedMembership()
The combined result of all memberships. Indicates if the principal is included in any role binding, either directly or indirectly.
.google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership combined_membership = 5;
Returns | |
---|---|
Type | Description |
boolean | Whether the combinedMembership field is set. |
hasCondition()
public abstract boolean hasCondition()
A condition expression that specifies when the role binding grants access.
To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.
.google.type.Expr condition = 8;
Returns | |
---|---|
Type | Description |
boolean | Whether the condition field is set. |
hasConditionExplanation()
public abstract boolean hasConditionExplanation()
Condition evaluation state for this role binding.
.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 9;
Returns | |
---|---|
Type | Description |
boolean | Whether the conditionExplanation field is set. |