Class DenyRuleExplanation.Builder (1.45.0)

public static final class DenyRuleExplanation.Builder extends GeneratedMessageV3.Builder<DenyRuleExplanation.Builder> implements DenyRuleExplanationOrBuilder

Details about how a deny rule in a deny policy affects a principal's ability to use a permission.

Protobuf type google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation

Static Methods

getDescriptor()

public static final Descriptors.Descriptor getDescriptor()
Returns
Type Description
Descriptor

Methods

addRepeatedField(Descriptors.FieldDescriptor field, Object value)

public DenyRuleExplanation.Builder addRepeatedField(Descriptors.FieldDescriptor field, Object value)
Parameters
Name Description
field FieldDescriptor
value Object
Returns
Type Description
DenyRuleExplanation.Builder
Overrides

build()

public DenyRuleExplanation build()
Returns
Type Description
DenyRuleExplanation

buildPartial()

public DenyRuleExplanation buildPartial()
Returns
Type Description
DenyRuleExplanation

clear()

public DenyRuleExplanation.Builder clear()
Returns
Type Description
DenyRuleExplanation.Builder
Overrides

clearCombinedDeniedPermission()

public DenyRuleExplanation.Builder clearCombinedDeniedPermission()

Indicates whether the permission in the request is listed as a denied permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_denied_permission = 2;

Returns
Type Description
DenyRuleExplanation.Builder

clearCombinedDeniedPrincipal()

public DenyRuleExplanation.Builder clearCombinedDeniedPrincipal()

Indicates whether the principal is listed as a denied principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_denied_principal = 6;

Returns
Type Description
DenyRuleExplanation.Builder

clearCombinedExceptionPermission()

public DenyRuleExplanation.Builder clearCombinedExceptionPermission()

Indicates whether the permission in the request is listed as an exception permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_exception_permission = 4;

Returns
Type Description
DenyRuleExplanation.Builder

clearCombinedExceptionPrincipal()

public DenyRuleExplanation.Builder clearCombinedExceptionPrincipal()

Indicates whether the principal is listed as an exception principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_exception_principal = 8;

Returns
Type Description
DenyRuleExplanation.Builder

clearCondition()

public DenyRuleExplanation.Builder clearCondition()

A condition expression that specifies when the deny rule denies the principal access.

To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.

.google.type.Expr condition = 11;

Returns
Type Description
DenyRuleExplanation.Builder

clearConditionExplanation()

public DenyRuleExplanation.Builder clearConditionExplanation()

Condition evaluation state for this role binding.

.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 12;

Returns
Type Description
DenyRuleExplanation.Builder

clearDeniedPermissions()

public DenyRuleExplanation.Builder clearDeniedPermissions()
Returns
Type Description
DenyRuleExplanation.Builder

clearDeniedPrincipals()

public DenyRuleExplanation.Builder clearDeniedPrincipals()
Returns
Type Description
DenyRuleExplanation.Builder

clearDenyAccessState()

public DenyRuleExplanation.Builder clearDenyAccessState()

Required. Indicates whether this rule denies the specified permission to the specified principal for the specified resource.

This field does not indicate whether the principal is actually denied on the permission for the resource. There might be another rule that overrides this rule. To determine whether the principal actually has the permission, use the overall_access_state field in the TroubleshootIamPolicyResponse.

.google.cloud.policytroubleshooter.iam.v3.DenyAccessState deny_access_state = 1 [(.google.api.field_behavior) = REQUIRED];

Returns
Type Description
DenyRuleExplanation.Builder

This builder for chaining.

clearExceptionPermissions()

public DenyRuleExplanation.Builder clearExceptionPermissions()
Returns
Type Description
DenyRuleExplanation.Builder

clearExceptionPrincipals()

public DenyRuleExplanation.Builder clearExceptionPrincipals()
Returns
Type Description
DenyRuleExplanation.Builder

clearField(Descriptors.FieldDescriptor field)

public DenyRuleExplanation.Builder clearField(Descriptors.FieldDescriptor field)
Parameter
Name Description
field FieldDescriptor
Returns
Type Description
DenyRuleExplanation.Builder
Overrides

clearOneof(Descriptors.OneofDescriptor oneof)

public DenyRuleExplanation.Builder clearOneof(Descriptors.OneofDescriptor oneof)
Parameter
Name Description
oneof OneofDescriptor
Returns
Type Description
DenyRuleExplanation.Builder
Overrides

clearRelevance()

public DenyRuleExplanation.Builder clearRelevance()

The relevance of this role binding to the overall determination for the entire policy.

.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance relevance = 10;

Returns
Type Description
DenyRuleExplanation.Builder

This builder for chaining.

clone()

public DenyRuleExplanation.Builder clone()
Returns
Type Description
DenyRuleExplanation.Builder
Overrides

containsDeniedPermissions(String key)

public boolean containsDeniedPermissions(String key)

Lists all denied permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a denied permission in the rule, and each value indicates whether the denied permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> denied_permissions = 3;

Parameter
Name Description
key String
Returns
Type Description
boolean

containsDeniedPrincipals(String key)

public boolean containsDeniedPrincipals(String key)

Lists all denied principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a denied principal in the rule, and each value indicates whether the denied principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> denied_principals = 7;

Parameter
Name Description
key String
Returns
Type Description
boolean

containsExceptionPermissions(String key)

public boolean containsExceptionPermissions(String key)

Lists all exception permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a exception permission in the rule, and each value indicates whether the exception permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> exception_permissions = 5;

Parameter
Name Description
key String
Returns
Type Description
boolean

containsExceptionPrincipals(String key)

public boolean containsExceptionPrincipals(String key)

Lists all exception principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a exception principal in the rule, and each value indicates whether the exception principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> exception_principals = 9;

Parameter
Name Description
key String
Returns
Type Description
boolean

getCombinedDeniedPermission()

public DenyRuleExplanation.AnnotatedPermissionMatching getCombinedDeniedPermission()

Indicates whether the permission in the request is listed as a denied permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_denied_permission = 2;

Returns
Type Description
DenyRuleExplanation.AnnotatedPermissionMatching

The combinedDeniedPermission.

getCombinedDeniedPermissionBuilder()

public DenyRuleExplanation.AnnotatedPermissionMatching.Builder getCombinedDeniedPermissionBuilder()

Indicates whether the permission in the request is listed as a denied permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_denied_permission = 2;

Returns
Type Description
DenyRuleExplanation.AnnotatedPermissionMatching.Builder

getCombinedDeniedPermissionOrBuilder()

public DenyRuleExplanation.AnnotatedPermissionMatchingOrBuilder getCombinedDeniedPermissionOrBuilder()

Indicates whether the permission in the request is listed as a denied permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_denied_permission = 2;

Returns
Type Description
DenyRuleExplanation.AnnotatedPermissionMatchingOrBuilder

getCombinedDeniedPrincipal()

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching getCombinedDeniedPrincipal()

Indicates whether the principal is listed as a denied principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_denied_principal = 6;

Returns
Type Description
DenyRuleExplanation.AnnotatedDenyPrincipalMatching

The combinedDeniedPrincipal.

getCombinedDeniedPrincipalBuilder()

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching.Builder getCombinedDeniedPrincipalBuilder()

Indicates whether the principal is listed as a denied principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_denied_principal = 6;

Returns
Type Description
DenyRuleExplanation.AnnotatedDenyPrincipalMatching.Builder

getCombinedDeniedPrincipalOrBuilder()

public DenyRuleExplanation.AnnotatedDenyPrincipalMatchingOrBuilder getCombinedDeniedPrincipalOrBuilder()

Indicates whether the principal is listed as a denied principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_denied_principal = 6;

Returns
Type Description
DenyRuleExplanation.AnnotatedDenyPrincipalMatchingOrBuilder

getCombinedExceptionPermission()

public DenyRuleExplanation.AnnotatedPermissionMatching getCombinedExceptionPermission()

Indicates whether the permission in the request is listed as an exception permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_exception_permission = 4;

Returns
Type Description
DenyRuleExplanation.AnnotatedPermissionMatching

The combinedExceptionPermission.

getCombinedExceptionPermissionBuilder()

public DenyRuleExplanation.AnnotatedPermissionMatching.Builder getCombinedExceptionPermissionBuilder()

Indicates whether the permission in the request is listed as an exception permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_exception_permission = 4;

Returns
Type Description
DenyRuleExplanation.AnnotatedPermissionMatching.Builder

getCombinedExceptionPermissionOrBuilder()

public DenyRuleExplanation.AnnotatedPermissionMatchingOrBuilder getCombinedExceptionPermissionOrBuilder()

Indicates whether the permission in the request is listed as an exception permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_exception_permission = 4;

Returns
Type Description
DenyRuleExplanation.AnnotatedPermissionMatchingOrBuilder

getCombinedExceptionPrincipal()

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching getCombinedExceptionPrincipal()

Indicates whether the principal is listed as an exception principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_exception_principal = 8;

Returns
Type Description
DenyRuleExplanation.AnnotatedDenyPrincipalMatching

The combinedExceptionPrincipal.

getCombinedExceptionPrincipalBuilder()

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching.Builder getCombinedExceptionPrincipalBuilder()

Indicates whether the principal is listed as an exception principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_exception_principal = 8;

Returns
Type Description
DenyRuleExplanation.AnnotatedDenyPrincipalMatching.Builder

getCombinedExceptionPrincipalOrBuilder()

public DenyRuleExplanation.AnnotatedDenyPrincipalMatchingOrBuilder getCombinedExceptionPrincipalOrBuilder()

Indicates whether the principal is listed as an exception principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_exception_principal = 8;

Returns
Type Description
DenyRuleExplanation.AnnotatedDenyPrincipalMatchingOrBuilder

getCondition()

public Expr getCondition()

A condition expression that specifies when the deny rule denies the principal access.

To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.

.google.type.Expr condition = 11;

Returns
Type Description
com.google.type.Expr

The condition.

getConditionBuilder()

public Expr.Builder getConditionBuilder()

A condition expression that specifies when the deny rule denies the principal access.

To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.

.google.type.Expr condition = 11;

Returns
Type Description
com.google.type.Expr.Builder

getConditionExplanation()

public ConditionExplanation getConditionExplanation()

Condition evaluation state for this role binding.

.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 12;

Returns
Type Description
ConditionExplanation

The conditionExplanation.

getConditionExplanationBuilder()

public ConditionExplanation.Builder getConditionExplanationBuilder()

Condition evaluation state for this role binding.

.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 12;

Returns
Type Description
ConditionExplanation.Builder

getConditionExplanationOrBuilder()

public ConditionExplanationOrBuilder getConditionExplanationOrBuilder()

Condition evaluation state for this role binding.

.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 12;

Returns
Type Description
ConditionExplanationOrBuilder

getConditionOrBuilder()

public ExprOrBuilder getConditionOrBuilder()

A condition expression that specifies when the deny rule denies the principal access.

To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.

.google.type.Expr condition = 11;

Returns
Type Description
com.google.type.ExprOrBuilder

getDefaultInstanceForType()

public DenyRuleExplanation getDefaultInstanceForType()
Returns
Type Description
DenyRuleExplanation

getDeniedPermissions() (deprecated)

public Map<String,DenyRuleExplanation.AnnotatedPermissionMatching> getDeniedPermissions()
Returns
Type Description
Map<String,AnnotatedPermissionMatching>

getDeniedPermissionsCount()

public int getDeniedPermissionsCount()

Lists all denied permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a denied permission in the rule, and each value indicates whether the denied permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> denied_permissions = 3;

Returns
Type Description
int

getDeniedPermissionsMap()

public Map<String,DenyRuleExplanation.AnnotatedPermissionMatching> getDeniedPermissionsMap()

Lists all denied permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a denied permission in the rule, and each value indicates whether the denied permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> denied_permissions = 3;

Returns
Type Description
Map<String,AnnotatedPermissionMatching>

getDeniedPermissionsOrDefault(String key, DenyRuleExplanation.AnnotatedPermissionMatching defaultValue)

public DenyRuleExplanation.AnnotatedPermissionMatching getDeniedPermissionsOrDefault(String key, DenyRuleExplanation.AnnotatedPermissionMatching defaultValue)

Lists all denied permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a denied permission in the rule, and each value indicates whether the denied permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> denied_permissions = 3;

Parameters
Name Description
key String
defaultValue DenyRuleExplanation.AnnotatedPermissionMatching
Returns
Type Description
DenyRuleExplanation.AnnotatedPermissionMatching

getDeniedPermissionsOrThrow(String key)

public DenyRuleExplanation.AnnotatedPermissionMatching getDeniedPermissionsOrThrow(String key)

Lists all denied permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a denied permission in the rule, and each value indicates whether the denied permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> denied_permissions = 3;

Parameter
Name Description
key String
Returns
Type Description
DenyRuleExplanation.AnnotatedPermissionMatching

getDeniedPrincipals() (deprecated)

public Map<String,DenyRuleExplanation.AnnotatedDenyPrincipalMatching> getDeniedPrincipals()
Returns
Type Description
Map<String,AnnotatedDenyPrincipalMatching>

getDeniedPrincipalsCount()

public int getDeniedPrincipalsCount()

Lists all denied principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a denied principal in the rule, and each value indicates whether the denied principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> denied_principals = 7;

Returns
Type Description
int

getDeniedPrincipalsMap()

public Map<String,DenyRuleExplanation.AnnotatedDenyPrincipalMatching> getDeniedPrincipalsMap()

Lists all denied principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a denied principal in the rule, and each value indicates whether the denied principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> denied_principals = 7;

Returns
Type Description
Map<String,AnnotatedDenyPrincipalMatching>

getDeniedPrincipalsOrDefault(String key, DenyRuleExplanation.AnnotatedDenyPrincipalMatching defaultValue)

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching getDeniedPrincipalsOrDefault(String key, DenyRuleExplanation.AnnotatedDenyPrincipalMatching defaultValue)

Lists all denied principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a denied principal in the rule, and each value indicates whether the denied principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> denied_principals = 7;

Parameters
Name Description
key String
defaultValue DenyRuleExplanation.AnnotatedDenyPrincipalMatching
Returns
Type Description
DenyRuleExplanation.AnnotatedDenyPrincipalMatching

getDeniedPrincipalsOrThrow(String key)

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching getDeniedPrincipalsOrThrow(String key)

Lists all denied principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a denied principal in the rule, and each value indicates whether the denied principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> denied_principals = 7;

Parameter
Name Description
key String
Returns
Type Description
DenyRuleExplanation.AnnotatedDenyPrincipalMatching

getDenyAccessState()

public DenyAccessState getDenyAccessState()

Required. Indicates whether this rule denies the specified permission to the specified principal for the specified resource.

This field does not indicate whether the principal is actually denied on the permission for the resource. There might be another rule that overrides this rule. To determine whether the principal actually has the permission, use the overall_access_state field in the TroubleshootIamPolicyResponse.

.google.cloud.policytroubleshooter.iam.v3.DenyAccessState deny_access_state = 1 [(.google.api.field_behavior) = REQUIRED];

Returns
Type Description
DenyAccessState

The denyAccessState.

getDenyAccessStateValue()

public int getDenyAccessStateValue()

Required. Indicates whether this rule denies the specified permission to the specified principal for the specified resource.

This field does not indicate whether the principal is actually denied on the permission for the resource. There might be another rule that overrides this rule. To determine whether the principal actually has the permission, use the overall_access_state field in the TroubleshootIamPolicyResponse.

.google.cloud.policytroubleshooter.iam.v3.DenyAccessState deny_access_state = 1 [(.google.api.field_behavior) = REQUIRED];

Returns
Type Description
int

The enum numeric value on the wire for denyAccessState.

getDescriptorForType()

public Descriptors.Descriptor getDescriptorForType()
Returns
Type Description
Descriptor
Overrides

getExceptionPermissions() (deprecated)

public Map<String,DenyRuleExplanation.AnnotatedPermissionMatching> getExceptionPermissions()
Returns
Type Description
Map<String,AnnotatedPermissionMatching>

getExceptionPermissionsCount()

public int getExceptionPermissionsCount()

Lists all exception permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a exception permission in the rule, and each value indicates whether the exception permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> exception_permissions = 5;

Returns
Type Description
int

getExceptionPermissionsMap()

public Map<String,DenyRuleExplanation.AnnotatedPermissionMatching> getExceptionPermissionsMap()

Lists all exception permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a exception permission in the rule, and each value indicates whether the exception permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> exception_permissions = 5;

Returns
Type Description
Map<String,AnnotatedPermissionMatching>

getExceptionPermissionsOrDefault(String key, DenyRuleExplanation.AnnotatedPermissionMatching defaultValue)

public DenyRuleExplanation.AnnotatedPermissionMatching getExceptionPermissionsOrDefault(String key, DenyRuleExplanation.AnnotatedPermissionMatching defaultValue)

Lists all exception permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a exception permission in the rule, and each value indicates whether the exception permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> exception_permissions = 5;

Parameters
Name Description
key String
defaultValue DenyRuleExplanation.AnnotatedPermissionMatching
Returns
Type Description
DenyRuleExplanation.AnnotatedPermissionMatching

getExceptionPermissionsOrThrow(String key)

public DenyRuleExplanation.AnnotatedPermissionMatching getExceptionPermissionsOrThrow(String key)

Lists all exception permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a exception permission in the rule, and each value indicates whether the exception permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> exception_permissions = 5;

Parameter
Name Description
key String
Returns
Type Description
DenyRuleExplanation.AnnotatedPermissionMatching

getExceptionPrincipals() (deprecated)

public Map<String,DenyRuleExplanation.AnnotatedDenyPrincipalMatching> getExceptionPrincipals()
Returns
Type Description
Map<String,AnnotatedDenyPrincipalMatching>

getExceptionPrincipalsCount()

public int getExceptionPrincipalsCount()

Lists all exception principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a exception principal in the rule, and each value indicates whether the exception principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> exception_principals = 9;

Returns
Type Description
int

getExceptionPrincipalsMap()

public Map<String,DenyRuleExplanation.AnnotatedDenyPrincipalMatching> getExceptionPrincipalsMap()

Lists all exception principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a exception principal in the rule, and each value indicates whether the exception principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> exception_principals = 9;

Returns
Type Description
Map<String,AnnotatedDenyPrincipalMatching>

getExceptionPrincipalsOrDefault(String key, DenyRuleExplanation.AnnotatedDenyPrincipalMatching defaultValue)

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching getExceptionPrincipalsOrDefault(String key, DenyRuleExplanation.AnnotatedDenyPrincipalMatching defaultValue)

Lists all exception principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a exception principal in the rule, and each value indicates whether the exception principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> exception_principals = 9;

Parameters
Name Description
key String
defaultValue DenyRuleExplanation.AnnotatedDenyPrincipalMatching
Returns
Type Description
DenyRuleExplanation.AnnotatedDenyPrincipalMatching

getExceptionPrincipalsOrThrow(String key)

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching getExceptionPrincipalsOrThrow(String key)

Lists all exception principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a exception principal in the rule, and each value indicates whether the exception principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> exception_principals = 9;

Parameter
Name Description
key String
Returns
Type Description
DenyRuleExplanation.AnnotatedDenyPrincipalMatching

getMutableDeniedPermissions() (deprecated)

public Map<String,DenyRuleExplanation.AnnotatedPermissionMatching> getMutableDeniedPermissions()

Use alternate mutation accessors instead.

Returns
Type Description
Map<String,AnnotatedPermissionMatching>

getMutableDeniedPrincipals() (deprecated)

public Map<String,DenyRuleExplanation.AnnotatedDenyPrincipalMatching> getMutableDeniedPrincipals()

Use alternate mutation accessors instead.

Returns
Type Description
Map<String,AnnotatedDenyPrincipalMatching>

getMutableExceptionPermissions() (deprecated)

public Map<String,DenyRuleExplanation.AnnotatedPermissionMatching> getMutableExceptionPermissions()

Use alternate mutation accessors instead.

Returns
Type Description
Map<String,AnnotatedPermissionMatching>

getMutableExceptionPrincipals() (deprecated)

public Map<String,DenyRuleExplanation.AnnotatedDenyPrincipalMatching> getMutableExceptionPrincipals()

Use alternate mutation accessors instead.

Returns
Type Description
Map<String,AnnotatedDenyPrincipalMatching>

getRelevance()

public HeuristicRelevance getRelevance()

The relevance of this role binding to the overall determination for the entire policy.

.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance relevance = 10;

Returns
Type Description
HeuristicRelevance

The relevance.

getRelevanceValue()

public int getRelevanceValue()

The relevance of this role binding to the overall determination for the entire policy.

.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance relevance = 10;

Returns
Type Description
int

The enum numeric value on the wire for relevance.

hasCombinedDeniedPermission()

public boolean hasCombinedDeniedPermission()

Indicates whether the permission in the request is listed as a denied permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_denied_permission = 2;

Returns
Type Description
boolean

Whether the combinedDeniedPermission field is set.

hasCombinedDeniedPrincipal()

public boolean hasCombinedDeniedPrincipal()

Indicates whether the principal is listed as a denied principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_denied_principal = 6;

Returns
Type Description
boolean

Whether the combinedDeniedPrincipal field is set.

hasCombinedExceptionPermission()

public boolean hasCombinedExceptionPermission()

Indicates whether the permission in the request is listed as an exception permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_exception_permission = 4;

Returns
Type Description
boolean

Whether the combinedExceptionPermission field is set.

hasCombinedExceptionPrincipal()

public boolean hasCombinedExceptionPrincipal()

Indicates whether the principal is listed as an exception principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_exception_principal = 8;

Returns
Type Description
boolean

Whether the combinedExceptionPrincipal field is set.

hasCondition()

public boolean hasCondition()

A condition expression that specifies when the deny rule denies the principal access.

To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.

.google.type.Expr condition = 11;

Returns
Type Description
boolean

Whether the condition field is set.

hasConditionExplanation()

public boolean hasConditionExplanation()

Condition evaluation state for this role binding.

.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 12;

Returns
Type Description
boolean

Whether the conditionExplanation field is set.

internalGetFieldAccessorTable()

protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns
Type Description
FieldAccessorTable
Overrides

internalGetMapFieldReflection(int number)

protected MapFieldReflectionAccessor internalGetMapFieldReflection(int number)
Parameter
Name Description
number int
Returns
Type Description
com.google.protobuf.MapFieldReflectionAccessor
Overrides
com.google.protobuf.GeneratedMessageV3.Builder.internalGetMapFieldReflection(int)

internalGetMutableMapFieldReflection(int number)

protected MapFieldReflectionAccessor internalGetMutableMapFieldReflection(int number)
Parameter
Name Description
number int
Returns
Type Description
com.google.protobuf.MapFieldReflectionAccessor
Overrides
com.google.protobuf.GeneratedMessageV3.Builder.internalGetMutableMapFieldReflection(int)

isInitialized()

public final boolean isInitialized()
Returns
Type Description
boolean
Overrides

mergeCombinedDeniedPermission(DenyRuleExplanation.AnnotatedPermissionMatching value)

public DenyRuleExplanation.Builder mergeCombinedDeniedPermission(DenyRuleExplanation.AnnotatedPermissionMatching value)

Indicates whether the permission in the request is listed as a denied permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_denied_permission = 2;

Parameter
Name Description
value DenyRuleExplanation.AnnotatedPermissionMatching
Returns
Type Description
DenyRuleExplanation.Builder

mergeCombinedDeniedPrincipal(DenyRuleExplanation.AnnotatedDenyPrincipalMatching value)

public DenyRuleExplanation.Builder mergeCombinedDeniedPrincipal(DenyRuleExplanation.AnnotatedDenyPrincipalMatching value)

Indicates whether the principal is listed as a denied principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_denied_principal = 6;

Parameter
Name Description
value DenyRuleExplanation.AnnotatedDenyPrincipalMatching
Returns
Type Description
DenyRuleExplanation.Builder

mergeCombinedExceptionPermission(DenyRuleExplanation.AnnotatedPermissionMatching value)

public DenyRuleExplanation.Builder mergeCombinedExceptionPermission(DenyRuleExplanation.AnnotatedPermissionMatching value)

Indicates whether the permission in the request is listed as an exception permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_exception_permission = 4;

Parameter
Name Description
value DenyRuleExplanation.AnnotatedPermissionMatching
Returns
Type Description
DenyRuleExplanation.Builder

mergeCombinedExceptionPrincipal(DenyRuleExplanation.AnnotatedDenyPrincipalMatching value)

public DenyRuleExplanation.Builder mergeCombinedExceptionPrincipal(DenyRuleExplanation.AnnotatedDenyPrincipalMatching value)

Indicates whether the principal is listed as an exception principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_exception_principal = 8;

Parameter
Name Description
value DenyRuleExplanation.AnnotatedDenyPrincipalMatching
Returns
Type Description
DenyRuleExplanation.Builder

mergeCondition(Expr value)

public DenyRuleExplanation.Builder mergeCondition(Expr value)

A condition expression that specifies when the deny rule denies the principal access.

To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.

.google.type.Expr condition = 11;

Parameter
Name Description
value com.google.type.Expr
Returns
Type Description
DenyRuleExplanation.Builder

mergeConditionExplanation(ConditionExplanation value)

public DenyRuleExplanation.Builder mergeConditionExplanation(ConditionExplanation value)

Condition evaluation state for this role binding.

.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 12;

Parameter
Name Description
value ConditionExplanation
Returns
Type Description
DenyRuleExplanation.Builder

mergeFrom(DenyRuleExplanation other)

public DenyRuleExplanation.Builder mergeFrom(DenyRuleExplanation other)
Parameter
Name Description
other DenyRuleExplanation
Returns
Type Description
DenyRuleExplanation.Builder

mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)

public DenyRuleExplanation.Builder mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
Name Description
input CodedInputStream
extensionRegistry ExtensionRegistryLite
Returns
Type Description
DenyRuleExplanation.Builder
Overrides
Exceptions
Type Description
IOException

mergeFrom(Message other)

public DenyRuleExplanation.Builder mergeFrom(Message other)
Parameter
Name Description
other Message
Returns
Type Description
DenyRuleExplanation.Builder
Overrides

mergeUnknownFields(UnknownFieldSet unknownFields)

public final DenyRuleExplanation.Builder mergeUnknownFields(UnknownFieldSet unknownFields)
Parameter
Name Description
unknownFields UnknownFieldSet
Returns
Type Description
DenyRuleExplanation.Builder
Overrides

putAllDeniedPermissions(Map<String,DenyRuleExplanation.AnnotatedPermissionMatching> values)

public DenyRuleExplanation.Builder putAllDeniedPermissions(Map<String,DenyRuleExplanation.AnnotatedPermissionMatching> values)

Lists all denied permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a denied permission in the rule, and each value indicates whether the denied permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> denied_permissions = 3;

Parameter
Name Description
values Map<String,AnnotatedPermissionMatching>
Returns
Type Description
DenyRuleExplanation.Builder

putAllDeniedPrincipals(Map<String,DenyRuleExplanation.AnnotatedDenyPrincipalMatching> values)

public DenyRuleExplanation.Builder putAllDeniedPrincipals(Map<String,DenyRuleExplanation.AnnotatedDenyPrincipalMatching> values)

Lists all denied principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a denied principal in the rule, and each value indicates whether the denied principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> denied_principals = 7;

Parameter
Name Description
values Map<String,AnnotatedDenyPrincipalMatching>
Returns
Type Description
DenyRuleExplanation.Builder

putAllExceptionPermissions(Map<String,DenyRuleExplanation.AnnotatedPermissionMatching> values)

public DenyRuleExplanation.Builder putAllExceptionPermissions(Map<String,DenyRuleExplanation.AnnotatedPermissionMatching> values)

Lists all exception permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a exception permission in the rule, and each value indicates whether the exception permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> exception_permissions = 5;

Parameter
Name Description
values Map<String,AnnotatedPermissionMatching>
Returns
Type Description
DenyRuleExplanation.Builder

putAllExceptionPrincipals(Map<String,DenyRuleExplanation.AnnotatedDenyPrincipalMatching> values)

public DenyRuleExplanation.Builder putAllExceptionPrincipals(Map<String,DenyRuleExplanation.AnnotatedDenyPrincipalMatching> values)

Lists all exception principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a exception principal in the rule, and each value indicates whether the exception principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> exception_principals = 9;

Parameter
Name Description
values Map<String,AnnotatedDenyPrincipalMatching>
Returns
Type Description
DenyRuleExplanation.Builder

putDeniedPermissions(String key, DenyRuleExplanation.AnnotatedPermissionMatching value)

public DenyRuleExplanation.Builder putDeniedPermissions(String key, DenyRuleExplanation.AnnotatedPermissionMatching value)

Lists all denied permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a denied permission in the rule, and each value indicates whether the denied permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> denied_permissions = 3;

Parameters
Name Description
key String
value DenyRuleExplanation.AnnotatedPermissionMatching
Returns
Type Description
DenyRuleExplanation.Builder

putDeniedPermissionsBuilderIfAbsent(String key)

public DenyRuleExplanation.AnnotatedPermissionMatching.Builder putDeniedPermissionsBuilderIfAbsent(String key)

Lists all denied permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a denied permission in the rule, and each value indicates whether the denied permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> denied_permissions = 3;

Parameter
Name Description
key String
Returns
Type Description
DenyRuleExplanation.AnnotatedPermissionMatching.Builder

putDeniedPrincipals(String key, DenyRuleExplanation.AnnotatedDenyPrincipalMatching value)

public DenyRuleExplanation.Builder putDeniedPrincipals(String key, DenyRuleExplanation.AnnotatedDenyPrincipalMatching value)

Lists all denied principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a denied principal in the rule, and each value indicates whether the denied principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> denied_principals = 7;

Parameters
Name Description
key String
value DenyRuleExplanation.AnnotatedDenyPrincipalMatching
Returns
Type Description
DenyRuleExplanation.Builder

putDeniedPrincipalsBuilderIfAbsent(String key)

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching.Builder putDeniedPrincipalsBuilderIfAbsent(String key)

Lists all denied principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a denied principal in the rule, and each value indicates whether the denied principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> denied_principals = 7;

Parameter
Name Description
key String
Returns
Type Description
DenyRuleExplanation.AnnotatedDenyPrincipalMatching.Builder

putExceptionPermissions(String key, DenyRuleExplanation.AnnotatedPermissionMatching value)

public DenyRuleExplanation.Builder putExceptionPermissions(String key, DenyRuleExplanation.AnnotatedPermissionMatching value)

Lists all exception permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a exception permission in the rule, and each value indicates whether the exception permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> exception_permissions = 5;

Parameters
Name Description
key String
value DenyRuleExplanation.AnnotatedPermissionMatching
Returns
Type Description
DenyRuleExplanation.Builder

putExceptionPermissionsBuilderIfAbsent(String key)

public DenyRuleExplanation.AnnotatedPermissionMatching.Builder putExceptionPermissionsBuilderIfAbsent(String key)

Lists all exception permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a exception permission in the rule, and each value indicates whether the exception permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> exception_permissions = 5;

Parameter
Name Description
key String
Returns
Type Description
DenyRuleExplanation.AnnotatedPermissionMatching.Builder

putExceptionPrincipals(String key, DenyRuleExplanation.AnnotatedDenyPrincipalMatching value)

public DenyRuleExplanation.Builder putExceptionPrincipals(String key, DenyRuleExplanation.AnnotatedDenyPrincipalMatching value)

Lists all exception principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a exception principal in the rule, and each value indicates whether the exception principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> exception_principals = 9;

Parameters
Name Description
key String
value DenyRuleExplanation.AnnotatedDenyPrincipalMatching
Returns
Type Description
DenyRuleExplanation.Builder

putExceptionPrincipalsBuilderIfAbsent(String key)

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching.Builder putExceptionPrincipalsBuilderIfAbsent(String key)

Lists all exception principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a exception principal in the rule, and each value indicates whether the exception principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> exception_principals = 9;

Parameter
Name Description
key String
Returns
Type Description
DenyRuleExplanation.AnnotatedDenyPrincipalMatching.Builder

removeDeniedPermissions(String key)

public DenyRuleExplanation.Builder removeDeniedPermissions(String key)

Lists all denied permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a denied permission in the rule, and each value indicates whether the denied permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> denied_permissions = 3;

Parameter
Name Description
key String
Returns
Type Description
DenyRuleExplanation.Builder

removeDeniedPrincipals(String key)

public DenyRuleExplanation.Builder removeDeniedPrincipals(String key)

Lists all denied principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a denied principal in the rule, and each value indicates whether the denied principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> denied_principals = 7;

Parameter
Name Description
key String
Returns
Type Description
DenyRuleExplanation.Builder

removeExceptionPermissions(String key)

public DenyRuleExplanation.Builder removeExceptionPermissions(String key)

Lists all exception permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a exception permission in the rule, and each value indicates whether the exception permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> exception_permissions = 5;

Parameter
Name Description
key String
Returns
Type Description
DenyRuleExplanation.Builder

removeExceptionPrincipals(String key)

public DenyRuleExplanation.Builder removeExceptionPrincipals(String key)

Lists all exception principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a exception principal in the rule, and each value indicates whether the exception principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> exception_principals = 9;

Parameter
Name Description
key String
Returns
Type Description
DenyRuleExplanation.Builder

setCombinedDeniedPermission(DenyRuleExplanation.AnnotatedPermissionMatching value)

public DenyRuleExplanation.Builder setCombinedDeniedPermission(DenyRuleExplanation.AnnotatedPermissionMatching value)

Indicates whether the permission in the request is listed as a denied permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_denied_permission = 2;

Parameter
Name Description
value DenyRuleExplanation.AnnotatedPermissionMatching
Returns
Type Description
DenyRuleExplanation.Builder

setCombinedDeniedPermission(DenyRuleExplanation.AnnotatedPermissionMatching.Builder builderForValue)

public DenyRuleExplanation.Builder setCombinedDeniedPermission(DenyRuleExplanation.AnnotatedPermissionMatching.Builder builderForValue)

Indicates whether the permission in the request is listed as a denied permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_denied_permission = 2;

Parameter
Name Description
builderForValue DenyRuleExplanation.AnnotatedPermissionMatching.Builder
Returns
Type Description
DenyRuleExplanation.Builder

setCombinedDeniedPrincipal(DenyRuleExplanation.AnnotatedDenyPrincipalMatching value)

public DenyRuleExplanation.Builder setCombinedDeniedPrincipal(DenyRuleExplanation.AnnotatedDenyPrincipalMatching value)

Indicates whether the principal is listed as a denied principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_denied_principal = 6;

Parameter
Name Description
value DenyRuleExplanation.AnnotatedDenyPrincipalMatching
Returns
Type Description
DenyRuleExplanation.Builder

setCombinedDeniedPrincipal(DenyRuleExplanation.AnnotatedDenyPrincipalMatching.Builder builderForValue)

public DenyRuleExplanation.Builder setCombinedDeniedPrincipal(DenyRuleExplanation.AnnotatedDenyPrincipalMatching.Builder builderForValue)

Indicates whether the principal is listed as a denied principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_denied_principal = 6;

Parameter
Name Description
builderForValue DenyRuleExplanation.AnnotatedDenyPrincipalMatching.Builder
Returns
Type Description
DenyRuleExplanation.Builder

setCombinedExceptionPermission(DenyRuleExplanation.AnnotatedPermissionMatching value)

public DenyRuleExplanation.Builder setCombinedExceptionPermission(DenyRuleExplanation.AnnotatedPermissionMatching value)

Indicates whether the permission in the request is listed as an exception permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_exception_permission = 4;

Parameter
Name Description
value DenyRuleExplanation.AnnotatedPermissionMatching
Returns
Type Description
DenyRuleExplanation.Builder

setCombinedExceptionPermission(DenyRuleExplanation.AnnotatedPermissionMatching.Builder builderForValue)

public DenyRuleExplanation.Builder setCombinedExceptionPermission(DenyRuleExplanation.AnnotatedPermissionMatching.Builder builderForValue)

Indicates whether the permission in the request is listed as an exception permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_exception_permission = 4;

Parameter
Name Description
builderForValue DenyRuleExplanation.AnnotatedPermissionMatching.Builder
Returns
Type Description
DenyRuleExplanation.Builder

setCombinedExceptionPrincipal(DenyRuleExplanation.AnnotatedDenyPrincipalMatching value)

public DenyRuleExplanation.Builder setCombinedExceptionPrincipal(DenyRuleExplanation.AnnotatedDenyPrincipalMatching value)

Indicates whether the principal is listed as an exception principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_exception_principal = 8;

Parameter
Name Description
value DenyRuleExplanation.AnnotatedDenyPrincipalMatching
Returns
Type Description
DenyRuleExplanation.Builder

setCombinedExceptionPrincipal(DenyRuleExplanation.AnnotatedDenyPrincipalMatching.Builder builderForValue)

public DenyRuleExplanation.Builder setCombinedExceptionPrincipal(DenyRuleExplanation.AnnotatedDenyPrincipalMatching.Builder builderForValue)

Indicates whether the principal is listed as an exception principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_exception_principal = 8;

Parameter
Name Description
builderForValue DenyRuleExplanation.AnnotatedDenyPrincipalMatching.Builder
Returns
Type Description
DenyRuleExplanation.Builder

setCondition(Expr value)

public DenyRuleExplanation.Builder setCondition(Expr value)

A condition expression that specifies when the deny rule denies the principal access.

To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.

.google.type.Expr condition = 11;

Parameter
Name Description
value com.google.type.Expr
Returns
Type Description
DenyRuleExplanation.Builder

setCondition(Expr.Builder builderForValue)

public DenyRuleExplanation.Builder setCondition(Expr.Builder builderForValue)

A condition expression that specifies when the deny rule denies the principal access.

To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.

.google.type.Expr condition = 11;

Parameter
Name Description
builderForValue com.google.type.Expr.Builder
Returns
Type Description
DenyRuleExplanation.Builder

setConditionExplanation(ConditionExplanation value)

public DenyRuleExplanation.Builder setConditionExplanation(ConditionExplanation value)

Condition evaluation state for this role binding.

.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 12;

Parameter
Name Description
value ConditionExplanation
Returns
Type Description
DenyRuleExplanation.Builder

setConditionExplanation(ConditionExplanation.Builder builderForValue)

public DenyRuleExplanation.Builder setConditionExplanation(ConditionExplanation.Builder builderForValue)

Condition evaluation state for this role binding.

.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 12;

Parameter
Name Description
builderForValue ConditionExplanation.Builder
Returns
Type Description
DenyRuleExplanation.Builder

setDenyAccessState(DenyAccessState value)

public DenyRuleExplanation.Builder setDenyAccessState(DenyAccessState value)

Required. Indicates whether this rule denies the specified permission to the specified principal for the specified resource.

This field does not indicate whether the principal is actually denied on the permission for the resource. There might be another rule that overrides this rule. To determine whether the principal actually has the permission, use the overall_access_state field in the TroubleshootIamPolicyResponse.

.google.cloud.policytroubleshooter.iam.v3.DenyAccessState deny_access_state = 1 [(.google.api.field_behavior) = REQUIRED];

Parameter
Name Description
value DenyAccessState

The denyAccessState to set.

Returns
Type Description
DenyRuleExplanation.Builder

This builder for chaining.

setDenyAccessStateValue(int value)

public DenyRuleExplanation.Builder setDenyAccessStateValue(int value)

Required. Indicates whether this rule denies the specified permission to the specified principal for the specified resource.

This field does not indicate whether the principal is actually denied on the permission for the resource. There might be another rule that overrides this rule. To determine whether the principal actually has the permission, use the overall_access_state field in the TroubleshootIamPolicyResponse.

.google.cloud.policytroubleshooter.iam.v3.DenyAccessState deny_access_state = 1 [(.google.api.field_behavior) = REQUIRED];

Parameter
Name Description
value int

The enum numeric value on the wire for denyAccessState to set.

Returns
Type Description
DenyRuleExplanation.Builder

This builder for chaining.

setField(Descriptors.FieldDescriptor field, Object value)

public DenyRuleExplanation.Builder setField(Descriptors.FieldDescriptor field, Object value)
Parameters
Name Description
field FieldDescriptor
value Object
Returns
Type Description
DenyRuleExplanation.Builder
Overrides

setRelevance(HeuristicRelevance value)

public DenyRuleExplanation.Builder setRelevance(HeuristicRelevance value)

The relevance of this role binding to the overall determination for the entire policy.

.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance relevance = 10;

Parameter
Name Description
value HeuristicRelevance

The relevance to set.

Returns
Type Description
DenyRuleExplanation.Builder

This builder for chaining.

setRelevanceValue(int value)

public DenyRuleExplanation.Builder setRelevanceValue(int value)

The relevance of this role binding to the overall determination for the entire policy.

.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance relevance = 10;

Parameter
Name Description
value int

The enum numeric value on the wire for relevance to set.

Returns
Type Description
DenyRuleExplanation.Builder

This builder for chaining.

setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)

public DenyRuleExplanation.Builder setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)
Parameters
Name Description
field FieldDescriptor
index int
value Object
Returns
Type Description
DenyRuleExplanation.Builder
Overrides

setUnknownFields(UnknownFieldSet unknownFields)

public final DenyRuleExplanation.Builder setUnknownFields(UnknownFieldSet unknownFields)
Parameter
Name Description
unknownFields UnknownFieldSet
Returns
Type Description
DenyRuleExplanation.Builder
Overrides