- 1.53.0 (latest)
- 1.52.0
- 1.51.0
- 1.50.0
- 1.48.0
- 1.47.0
- 1.46.0
- 1.45.0
- 1.44.0
- 1.43.0
- 1.42.0
- 1.41.0
- 1.40.0
- 1.39.0
- 1.38.0
- 1.36.0
- 1.35.0
- 1.34.0
- 1.33.0
- 1.32.0
- 1.31.0
- 1.30.0
- 1.29.0
- 1.28.0
- 1.27.0
- 1.26.0
- 1.23.0
- 1.22.0
- 1.21.0
- 1.20.0
- 1.19.0
- 1.18.0
- 1.17.0
- 1.16.0
- 1.15.0
- 1.14.0
- 1.13.0
- 1.12.0
- 1.11.0
- 1.10.0
- 1.8.0
- 1.7.0
- 1.6.0
- 1.5.0
- 1.4.0
- 1.3.0
- 1.2.6
- 1.1.0
- 1.0.4
- 0.4.4
public static final class AllowBindingExplanation.Builder extends GeneratedMessageV3.Builder<AllowBindingExplanation.Builder> implements AllowBindingExplanationOrBuilder
Details about how a role binding in an allow policy affects a principal's ability to use a permission.
Protobuf type google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation
Inheritance
Object > AbstractMessageLite.Builder<MessageType,BuilderType> > AbstractMessage.Builder<BuilderType> > GeneratedMessageV3.Builder > AllowBindingExplanation.BuilderImplements
AllowBindingExplanationOrBuilderStatic Methods
getDescriptor()
public static final Descriptors.Descriptor getDescriptor()
Returns | |
---|---|
Type | Description |
Descriptor |
Methods
addRepeatedField(Descriptors.FieldDescriptor field, Object value)
public AllowBindingExplanation.Builder addRepeatedField(Descriptors.FieldDescriptor field, Object value)
Parameters | |
---|---|
Name | Description |
field | FieldDescriptor |
value | Object |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
build()
public AllowBindingExplanation build()
Returns | |
---|---|
Type | Description |
AllowBindingExplanation |
buildPartial()
public AllowBindingExplanation buildPartial()
Returns | |
---|---|
Type | Description |
AllowBindingExplanation |
clear()
public AllowBindingExplanation.Builder clear()
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
clearAllowAccessState()
public AllowBindingExplanation.Builder clearAllowAccessState()
Required. Indicates whether this role binding gives the specified permission to the specified principal on the specified resource.
This field does not indicate whether the principal actually has the
permission on the resource. There might be another role binding that
overrides this role binding. To determine whether the principal actually
has the permission, use the overall_access_state
field in the
TroubleshootIamPolicyResponse.
.google.cloud.policytroubleshooter.iam.v3.AllowAccessState allow_access_state = 1 [(.google.api.field_behavior) = REQUIRED];
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder | This builder for chaining. |
clearCombinedMembership()
public AllowBindingExplanation.Builder clearCombinedMembership()
The combined result of all memberships. Indicates if the principal is included in any role binding, either directly or indirectly.
.google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership combined_membership = 5;
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
clearCondition()
public AllowBindingExplanation.Builder clearCondition()
A condition expression that specifies when the role binding grants access.
To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.
.google.type.Expr condition = 8;
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
clearConditionExplanation()
public AllowBindingExplanation.Builder clearConditionExplanation()
Condition evaluation state for this role binding.
.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 9;
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
clearField(Descriptors.FieldDescriptor field)
public AllowBindingExplanation.Builder clearField(Descriptors.FieldDescriptor field)
Parameter | |
---|---|
Name | Description |
field | FieldDescriptor |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
clearMemberships()
public AllowBindingExplanation.Builder clearMemberships()
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
clearOneof(Descriptors.OneofDescriptor oneof)
public AllowBindingExplanation.Builder clearOneof(Descriptors.OneofDescriptor oneof)
Parameter | |
---|---|
Name | Description |
oneof | OneofDescriptor |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
clearRelevance()
public AllowBindingExplanation.Builder clearRelevance()
The relevance of this role binding to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance relevance = 7;
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder | This builder for chaining. |
clearRole()
public AllowBindingExplanation.Builder clearRole()
The role that this role binding grants. For example,
roles/compute.admin
.
For a complete list of predefined IAM roles, as well as the permissions in each role, see https://cloud.google.com/iam/help/roles/reference.
string role = 2;
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder | This builder for chaining. |
clearRolePermission()
public AllowBindingExplanation.Builder clearRolePermission()
Indicates whether the role granted by this role binding contains the specified permission.
.google.cloud.policytroubleshooter.iam.v3.RolePermissionInclusionState role_permission = 3;
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder | This builder for chaining. |
clearRolePermissionRelevance()
public AllowBindingExplanation.Builder clearRolePermissionRelevance()
The relevance of the permission's existence, or nonexistence, in the role to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance role_permission_relevance = 4;
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder | This builder for chaining. |
clone()
public AllowBindingExplanation.Builder clone()
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
containsMemberships(String key)
public boolean containsMemberships(String key)
Indicates whether each role binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the role binding, and each value indicates whether the principal in the role binding includes the principal in the request.
For example, suppose that a role binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
You want to troubleshoot access for
user:bob@example.com
. This user is a member of the groupgroup:product-eng@example.com
.For the first principal in the role binding, the key is
user:alice@example.com
, and themembership
field in the value is set toNOT_INCLUDED
.For the second principal in the role binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toINCLUDED
.
map<string, .google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership> memberships = 6;
Parameter | |
---|---|
Name | Description |
key | String |
Returns | |
---|---|
Type | Description |
boolean |
getAllowAccessState()
public AllowAccessState getAllowAccessState()
Required. Indicates whether this role binding gives the specified permission to the specified principal on the specified resource.
This field does not indicate whether the principal actually has the
permission on the resource. There might be another role binding that
overrides this role binding. To determine whether the principal actually
has the permission, use the overall_access_state
field in the
TroubleshootIamPolicyResponse.
.google.cloud.policytroubleshooter.iam.v3.AllowAccessState allow_access_state = 1 [(.google.api.field_behavior) = REQUIRED];
Returns | |
---|---|
Type | Description |
AllowAccessState | The allowAccessState. |
getAllowAccessStateValue()
public int getAllowAccessStateValue()
Required. Indicates whether this role binding gives the specified permission to the specified principal on the specified resource.
This field does not indicate whether the principal actually has the
permission on the resource. There might be another role binding that
overrides this role binding. To determine whether the principal actually
has the permission, use the overall_access_state
field in the
TroubleshootIamPolicyResponse.
.google.cloud.policytroubleshooter.iam.v3.AllowAccessState allow_access_state = 1 [(.google.api.field_behavior) = REQUIRED];
Returns | |
---|---|
Type | Description |
int | The enum numeric value on the wire for allowAccessState. |
getCombinedMembership()
public AllowBindingExplanation.AnnotatedAllowMembership getCombinedMembership()
The combined result of all memberships. Indicates if the principal is included in any role binding, either directly or indirectly.
.google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership combined_membership = 5;
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.AnnotatedAllowMembership | The combinedMembership. |
getCombinedMembershipBuilder()
public AllowBindingExplanation.AnnotatedAllowMembership.Builder getCombinedMembershipBuilder()
The combined result of all memberships. Indicates if the principal is included in any role binding, either directly or indirectly.
.google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership combined_membership = 5;
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.AnnotatedAllowMembership.Builder |
getCombinedMembershipOrBuilder()
public AllowBindingExplanation.AnnotatedAllowMembershipOrBuilder getCombinedMembershipOrBuilder()
The combined result of all memberships. Indicates if the principal is included in any role binding, either directly or indirectly.
.google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership combined_membership = 5;
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.AnnotatedAllowMembershipOrBuilder |
getCondition()
public Expr getCondition()
A condition expression that specifies when the role binding grants access.
To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.
.google.type.Expr condition = 8;
Returns | |
---|---|
Type | Description |
com.google.type.Expr | The condition. |
getConditionBuilder()
public Expr.Builder getConditionBuilder()
A condition expression that specifies when the role binding grants access.
To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.
.google.type.Expr condition = 8;
Returns | |
---|---|
Type | Description |
com.google.type.Expr.Builder |
getConditionExplanation()
public ConditionExplanation getConditionExplanation()
Condition evaluation state for this role binding.
.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 9;
Returns | |
---|---|
Type | Description |
ConditionExplanation | The conditionExplanation. |
getConditionExplanationBuilder()
public ConditionExplanation.Builder getConditionExplanationBuilder()
Condition evaluation state for this role binding.
.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 9;
Returns | |
---|---|
Type | Description |
ConditionExplanation.Builder |
getConditionExplanationOrBuilder()
public ConditionExplanationOrBuilder getConditionExplanationOrBuilder()
Condition evaluation state for this role binding.
.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 9;
Returns | |
---|---|
Type | Description |
ConditionExplanationOrBuilder |
getConditionOrBuilder()
public ExprOrBuilder getConditionOrBuilder()
A condition expression that specifies when the role binding grants access.
To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.
.google.type.Expr condition = 8;
Returns | |
---|---|
Type | Description |
com.google.type.ExprOrBuilder |
getDefaultInstanceForType()
public AllowBindingExplanation getDefaultInstanceForType()
Returns | |
---|---|
Type | Description |
AllowBindingExplanation |
getDescriptorForType()
public Descriptors.Descriptor getDescriptorForType()
Returns | |
---|---|
Type | Description |
Descriptor |
getMemberships() (deprecated)
public Map<String,AllowBindingExplanation.AnnotatedAllowMembership> getMemberships()
Use #getMembershipsMap() instead.
Returns | |
---|---|
Type | Description |
Map<String,AnnotatedAllowMembership> |
getMembershipsCount()
public int getMembershipsCount()
Indicates whether each role binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the role binding, and each value indicates whether the principal in the role binding includes the principal in the request.
For example, suppose that a role binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
You want to troubleshoot access for
user:bob@example.com
. This user is a member of the groupgroup:product-eng@example.com
.For the first principal in the role binding, the key is
user:alice@example.com
, and themembership
field in the value is set toNOT_INCLUDED
.For the second principal in the role binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toINCLUDED
.
map<string, .google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership> memberships = 6;
Returns | |
---|---|
Type | Description |
int |
getMembershipsMap()
public Map<String,AllowBindingExplanation.AnnotatedAllowMembership> getMembershipsMap()
Indicates whether each role binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the role binding, and each value indicates whether the principal in the role binding includes the principal in the request.
For example, suppose that a role binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
You want to troubleshoot access for
user:bob@example.com
. This user is a member of the groupgroup:product-eng@example.com
.For the first principal in the role binding, the key is
user:alice@example.com
, and themembership
field in the value is set toNOT_INCLUDED
.For the second principal in the role binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toINCLUDED
.
map<string, .google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership> memberships = 6;
Returns | |
---|---|
Type | Description |
Map<String,AnnotatedAllowMembership> |
getMembershipsOrDefault(String key, AllowBindingExplanation.AnnotatedAllowMembership defaultValue)
public AllowBindingExplanation.AnnotatedAllowMembership getMembershipsOrDefault(String key, AllowBindingExplanation.AnnotatedAllowMembership defaultValue)
Indicates whether each role binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the role binding, and each value indicates whether the principal in the role binding includes the principal in the request.
For example, suppose that a role binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
You want to troubleshoot access for
user:bob@example.com
. This user is a member of the groupgroup:product-eng@example.com
.For the first principal in the role binding, the key is
user:alice@example.com
, and themembership
field in the value is set toNOT_INCLUDED
.For the second principal in the role binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toINCLUDED
.
map<string, .google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership> memberships = 6;
Parameters | |
---|---|
Name | Description |
key | String |
defaultValue | AllowBindingExplanation.AnnotatedAllowMembership |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.AnnotatedAllowMembership |
getMembershipsOrThrow(String key)
public AllowBindingExplanation.AnnotatedAllowMembership getMembershipsOrThrow(String key)
Indicates whether each role binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the role binding, and each value indicates whether the principal in the role binding includes the principal in the request.
For example, suppose that a role binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
You want to troubleshoot access for
user:bob@example.com
. This user is a member of the groupgroup:product-eng@example.com
.For the first principal in the role binding, the key is
user:alice@example.com
, and themembership
field in the value is set toNOT_INCLUDED
.For the second principal in the role binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toINCLUDED
.
map<string, .google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership> memberships = 6;
Parameter | |
---|---|
Name | Description |
key | String |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.AnnotatedAllowMembership |
getMutableMemberships() (deprecated)
public Map<String,AllowBindingExplanation.AnnotatedAllowMembership> getMutableMemberships()
Use alternate mutation accessors instead.
Returns | |
---|---|
Type | Description |
Map<String,AnnotatedAllowMembership> |
getRelevance()
public HeuristicRelevance getRelevance()
The relevance of this role binding to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance relevance = 7;
Returns | |
---|---|
Type | Description |
HeuristicRelevance | The relevance. |
getRelevanceValue()
public int getRelevanceValue()
The relevance of this role binding to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance relevance = 7;
Returns | |
---|---|
Type | Description |
int | The enum numeric value on the wire for relevance. |
getRole()
public String getRole()
The role that this role binding grants. For example,
roles/compute.admin
.
For a complete list of predefined IAM roles, as well as the permissions in each role, see https://cloud.google.com/iam/help/roles/reference.
string role = 2;
Returns | |
---|---|
Type | Description |
String | The role. |
getRoleBytes()
public ByteString getRoleBytes()
The role that this role binding grants. For example,
roles/compute.admin
.
For a complete list of predefined IAM roles, as well as the permissions in each role, see https://cloud.google.com/iam/help/roles/reference.
string role = 2;
Returns | |
---|---|
Type | Description |
ByteString | The bytes for role. |
getRolePermission()
public RolePermissionInclusionState getRolePermission()
Indicates whether the role granted by this role binding contains the specified permission.
.google.cloud.policytroubleshooter.iam.v3.RolePermissionInclusionState role_permission = 3;
Returns | |
---|---|
Type | Description |
RolePermissionInclusionState | The rolePermission. |
getRolePermissionRelevance()
public HeuristicRelevance getRolePermissionRelevance()
The relevance of the permission's existence, or nonexistence, in the role to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance role_permission_relevance = 4;
Returns | |
---|---|
Type | Description |
HeuristicRelevance | The rolePermissionRelevance. |
getRolePermissionRelevanceValue()
public int getRolePermissionRelevanceValue()
The relevance of the permission's existence, or nonexistence, in the role to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance role_permission_relevance = 4;
Returns | |
---|---|
Type | Description |
int | The enum numeric value on the wire for rolePermissionRelevance. |
getRolePermissionValue()
public int getRolePermissionValue()
Indicates whether the role granted by this role binding contains the specified permission.
.google.cloud.policytroubleshooter.iam.v3.RolePermissionInclusionState role_permission = 3;
Returns | |
---|---|
Type | Description |
int | The enum numeric value on the wire for rolePermission. |
hasCombinedMembership()
public boolean hasCombinedMembership()
The combined result of all memberships. Indicates if the principal is included in any role binding, either directly or indirectly.
.google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership combined_membership = 5;
Returns | |
---|---|
Type | Description |
boolean | Whether the combinedMembership field is set. |
hasCondition()
public boolean hasCondition()
A condition expression that specifies when the role binding grants access.
To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.
.google.type.Expr condition = 8;
Returns | |
---|---|
Type | Description |
boolean | Whether the condition field is set. |
hasConditionExplanation()
public boolean hasConditionExplanation()
Condition evaluation state for this role binding.
.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 9;
Returns | |
---|---|
Type | Description |
boolean | Whether the conditionExplanation field is set. |
internalGetFieldAccessorTable()
protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns | |
---|---|
Type | Description |
FieldAccessorTable |
internalGetMapFieldReflection(int number)
protected MapFieldReflectionAccessor internalGetMapFieldReflection(int number)
Parameter | |
---|---|
Name | Description |
number | int |
Returns | |
---|---|
Type | Description |
com.google.protobuf.MapFieldReflectionAccessor |
internalGetMutableMapFieldReflection(int number)
protected MapFieldReflectionAccessor internalGetMutableMapFieldReflection(int number)
Parameter | |
---|---|
Name | Description |
number | int |
Returns | |
---|---|
Type | Description |
com.google.protobuf.MapFieldReflectionAccessor |
isInitialized()
public final boolean isInitialized()
Returns | |
---|---|
Type | Description |
boolean |
mergeCombinedMembership(AllowBindingExplanation.AnnotatedAllowMembership value)
public AllowBindingExplanation.Builder mergeCombinedMembership(AllowBindingExplanation.AnnotatedAllowMembership value)
The combined result of all memberships. Indicates if the principal is included in any role binding, either directly or indirectly.
.google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership combined_membership = 5;
Parameter | |
---|---|
Name | Description |
value | AllowBindingExplanation.AnnotatedAllowMembership |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
mergeCondition(Expr value)
public AllowBindingExplanation.Builder mergeCondition(Expr value)
A condition expression that specifies when the role binding grants access.
To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.
.google.type.Expr condition = 8;
Parameter | |
---|---|
Name | Description |
value | com.google.type.Expr |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
mergeConditionExplanation(ConditionExplanation value)
public AllowBindingExplanation.Builder mergeConditionExplanation(ConditionExplanation value)
Condition evaluation state for this role binding.
.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 9;
Parameter | |
---|---|
Name | Description |
value | ConditionExplanation |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
mergeFrom(AllowBindingExplanation other)
public AllowBindingExplanation.Builder mergeFrom(AllowBindingExplanation other)
Parameter | |
---|---|
Name | Description |
other | AllowBindingExplanation |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
public AllowBindingExplanation.Builder mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters | |
---|---|
Name | Description |
input | CodedInputStream |
extensionRegistry | ExtensionRegistryLite |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
Exceptions | |
---|---|
Type | Description |
IOException |
mergeFrom(Message other)
public AllowBindingExplanation.Builder mergeFrom(Message other)
Parameter | |
---|---|
Name | Description |
other | Message |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
mergeUnknownFields(UnknownFieldSet unknownFields)
public final AllowBindingExplanation.Builder mergeUnknownFields(UnknownFieldSet unknownFields)
Parameter | |
---|---|
Name | Description |
unknownFields | UnknownFieldSet |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
putAllMemberships(Map<String,AllowBindingExplanation.AnnotatedAllowMembership> values)
public AllowBindingExplanation.Builder putAllMemberships(Map<String,AllowBindingExplanation.AnnotatedAllowMembership> values)
Indicates whether each role binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the role binding, and each value indicates whether the principal in the role binding includes the principal in the request.
For example, suppose that a role binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
You want to troubleshoot access for
user:bob@example.com
. This user is a member of the groupgroup:product-eng@example.com
.For the first principal in the role binding, the key is
user:alice@example.com
, and themembership
field in the value is set toNOT_INCLUDED
.For the second principal in the role binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toINCLUDED
.
map<string, .google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership> memberships = 6;
Parameter | |
---|---|
Name | Description |
values | Map<String,AnnotatedAllowMembership> |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
putMemberships(String key, AllowBindingExplanation.AnnotatedAllowMembership value)
public AllowBindingExplanation.Builder putMemberships(String key, AllowBindingExplanation.AnnotatedAllowMembership value)
Indicates whether each role binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the role binding, and each value indicates whether the principal in the role binding includes the principal in the request.
For example, suppose that a role binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
You want to troubleshoot access for
user:bob@example.com
. This user is a member of the groupgroup:product-eng@example.com
.For the first principal in the role binding, the key is
user:alice@example.com
, and themembership
field in the value is set toNOT_INCLUDED
.For the second principal in the role binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toINCLUDED
.
map<string, .google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership> memberships = 6;
Parameters | |
---|---|
Name | Description |
key | String |
value | AllowBindingExplanation.AnnotatedAllowMembership |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
putMembershipsBuilderIfAbsent(String key)
public AllowBindingExplanation.AnnotatedAllowMembership.Builder putMembershipsBuilderIfAbsent(String key)
Indicates whether each role binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the role binding, and each value indicates whether the principal in the role binding includes the principal in the request.
For example, suppose that a role binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
You want to troubleshoot access for
user:bob@example.com
. This user is a member of the groupgroup:product-eng@example.com
.For the first principal in the role binding, the key is
user:alice@example.com
, and themembership
field in the value is set toNOT_INCLUDED
.For the second principal in the role binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toINCLUDED
.
map<string, .google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership> memberships = 6;
Parameter | |
---|---|
Name | Description |
key | String |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.AnnotatedAllowMembership.Builder |
removeMemberships(String key)
public AllowBindingExplanation.Builder removeMemberships(String key)
Indicates whether each role binding includes the principal specified in the request, either directly or indirectly. Each key identifies a principal in the role binding, and each value indicates whether the principal in the role binding includes the principal in the request.
For example, suppose that a role binding includes the following principals:
user:alice@example.com
group:product-eng@example.com
You want to troubleshoot access for
user:bob@example.com
. This user is a member of the groupgroup:product-eng@example.com
.For the first principal in the role binding, the key is
user:alice@example.com
, and themembership
field in the value is set toNOT_INCLUDED
.For the second principal in the role binding, the key is
group:product-eng@example.com
, and themembership
field in the value is set toINCLUDED
.
map<string, .google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership> memberships = 6;
Parameter | |
---|---|
Name | Description |
key | String |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
setAllowAccessState(AllowAccessState value)
public AllowBindingExplanation.Builder setAllowAccessState(AllowAccessState value)
Required. Indicates whether this role binding gives the specified permission to the specified principal on the specified resource.
This field does not indicate whether the principal actually has the
permission on the resource. There might be another role binding that
overrides this role binding. To determine whether the principal actually
has the permission, use the overall_access_state
field in the
TroubleshootIamPolicyResponse.
.google.cloud.policytroubleshooter.iam.v3.AllowAccessState allow_access_state = 1 [(.google.api.field_behavior) = REQUIRED];
Parameter | |
---|---|
Name | Description |
value | AllowAccessState The allowAccessState to set. |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder | This builder for chaining. |
setAllowAccessStateValue(int value)
public AllowBindingExplanation.Builder setAllowAccessStateValue(int value)
Required. Indicates whether this role binding gives the specified permission to the specified principal on the specified resource.
This field does not indicate whether the principal actually has the
permission on the resource. There might be another role binding that
overrides this role binding. To determine whether the principal actually
has the permission, use the overall_access_state
field in the
TroubleshootIamPolicyResponse.
.google.cloud.policytroubleshooter.iam.v3.AllowAccessState allow_access_state = 1 [(.google.api.field_behavior) = REQUIRED];
Parameter | |
---|---|
Name | Description |
value | int The enum numeric value on the wire for allowAccessState to set. |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder | This builder for chaining. |
setCombinedMembership(AllowBindingExplanation.AnnotatedAllowMembership value)
public AllowBindingExplanation.Builder setCombinedMembership(AllowBindingExplanation.AnnotatedAllowMembership value)
The combined result of all memberships. Indicates if the principal is included in any role binding, either directly or indirectly.
.google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership combined_membership = 5;
Parameter | |
---|---|
Name | Description |
value | AllowBindingExplanation.AnnotatedAllowMembership |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
setCombinedMembership(AllowBindingExplanation.AnnotatedAllowMembership.Builder builderForValue)
public AllowBindingExplanation.Builder setCombinedMembership(AllowBindingExplanation.AnnotatedAllowMembership.Builder builderForValue)
The combined result of all memberships. Indicates if the principal is included in any role binding, either directly or indirectly.
.google.cloud.policytroubleshooter.iam.v3.AllowBindingExplanation.AnnotatedAllowMembership combined_membership = 5;
Parameter | |
---|---|
Name | Description |
builderForValue | AllowBindingExplanation.AnnotatedAllowMembership.Builder |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
setCondition(Expr value)
public AllowBindingExplanation.Builder setCondition(Expr value)
A condition expression that specifies when the role binding grants access.
To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.
.google.type.Expr condition = 8;
Parameter | |
---|---|
Name | Description |
value | com.google.type.Expr |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
setCondition(Expr.Builder builderForValue)
public AllowBindingExplanation.Builder setCondition(Expr.Builder builderForValue)
A condition expression that specifies when the role binding grants access.
To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.
.google.type.Expr condition = 8;
Parameter | |
---|---|
Name | Description |
builderForValue | com.google.type.Expr.Builder |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
setConditionExplanation(ConditionExplanation value)
public AllowBindingExplanation.Builder setConditionExplanation(ConditionExplanation value)
Condition evaluation state for this role binding.
.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 9;
Parameter | |
---|---|
Name | Description |
value | ConditionExplanation |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
setConditionExplanation(ConditionExplanation.Builder builderForValue)
public AllowBindingExplanation.Builder setConditionExplanation(ConditionExplanation.Builder builderForValue)
Condition evaluation state for this role binding.
.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 9;
Parameter | |
---|---|
Name | Description |
builderForValue | ConditionExplanation.Builder |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
setField(Descriptors.FieldDescriptor field, Object value)
public AllowBindingExplanation.Builder setField(Descriptors.FieldDescriptor field, Object value)
Parameters | |
---|---|
Name | Description |
field | FieldDescriptor |
value | Object |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
setRelevance(HeuristicRelevance value)
public AllowBindingExplanation.Builder setRelevance(HeuristicRelevance value)
The relevance of this role binding to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance relevance = 7;
Parameter | |
---|---|
Name | Description |
value | HeuristicRelevance The relevance to set. |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder | This builder for chaining. |
setRelevanceValue(int value)
public AllowBindingExplanation.Builder setRelevanceValue(int value)
The relevance of this role binding to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance relevance = 7;
Parameter | |
---|---|
Name | Description |
value | int The enum numeric value on the wire for relevance to set. |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder | This builder for chaining. |
setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)
public AllowBindingExplanation.Builder setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)
Parameters | |
---|---|
Name | Description |
field | FieldDescriptor |
index | int |
value | Object |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |
setRole(String value)
public AllowBindingExplanation.Builder setRole(String value)
The role that this role binding grants. For example,
roles/compute.admin
.
For a complete list of predefined IAM roles, as well as the permissions in each role, see https://cloud.google.com/iam/help/roles/reference.
string role = 2;
Parameter | |
---|---|
Name | Description |
value | String The role to set. |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder | This builder for chaining. |
setRoleBytes(ByteString value)
public AllowBindingExplanation.Builder setRoleBytes(ByteString value)
The role that this role binding grants. For example,
roles/compute.admin
.
For a complete list of predefined IAM roles, as well as the permissions in each role, see https://cloud.google.com/iam/help/roles/reference.
string role = 2;
Parameter | |
---|---|
Name | Description |
value | ByteString The bytes for role to set. |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder | This builder for chaining. |
setRolePermission(RolePermissionInclusionState value)
public AllowBindingExplanation.Builder setRolePermission(RolePermissionInclusionState value)
Indicates whether the role granted by this role binding contains the specified permission.
.google.cloud.policytroubleshooter.iam.v3.RolePermissionInclusionState role_permission = 3;
Parameter | |
---|---|
Name | Description |
value | RolePermissionInclusionState The rolePermission to set. |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder | This builder for chaining. |
setRolePermissionRelevance(HeuristicRelevance value)
public AllowBindingExplanation.Builder setRolePermissionRelevance(HeuristicRelevance value)
The relevance of the permission's existence, or nonexistence, in the role to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance role_permission_relevance = 4;
Parameter | |
---|---|
Name | Description |
value | HeuristicRelevance The rolePermissionRelevance to set. |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder | This builder for chaining. |
setRolePermissionRelevanceValue(int value)
public AllowBindingExplanation.Builder setRolePermissionRelevanceValue(int value)
The relevance of the permission's existence, or nonexistence, in the role to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance role_permission_relevance = 4;
Parameter | |
---|---|
Name | Description |
value | int The enum numeric value on the wire for rolePermissionRelevance to set. |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder | This builder for chaining. |
setRolePermissionValue(int value)
public AllowBindingExplanation.Builder setRolePermissionValue(int value)
Indicates whether the role granted by this role binding contains the specified permission.
.google.cloud.policytroubleshooter.iam.v3.RolePermissionInclusionState role_permission = 3;
Parameter | |
---|---|
Name | Description |
value | int The enum numeric value on the wire for rolePermission to set. |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder | This builder for chaining. |
setUnknownFields(UnknownFieldSet unknownFields)
public final AllowBindingExplanation.Builder setUnknownFields(UnknownFieldSet unknownFields)
Parameter | |
---|---|
Name | Description |
unknownFields | UnknownFieldSet |
Returns | |
---|---|
Type | Description |
AllowBindingExplanation.Builder |