Class DenyRuleExplanation (1.40.0)

public final class DenyRuleExplanation extends GeneratedMessageV3 implements DenyRuleExplanationOrBuilder

Details about how a deny rule in a deny policy affects a principal's ability to use a permission.

Protobuf type google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation

Inheritance

Object > AbstractMessageLite<MessageType,BuilderType> > AbstractMessage > GeneratedMessageV3 > DenyRuleExplanation

Static Fields

COMBINED_DENIED_PERMISSION_FIELD_NUMBER

public static final int COMBINED_DENIED_PERMISSION_FIELD_NUMBER
Field Value
TypeDescription
int

COMBINED_DENIED_PRINCIPAL_FIELD_NUMBER

public static final int COMBINED_DENIED_PRINCIPAL_FIELD_NUMBER
Field Value
TypeDescription
int

COMBINED_EXCEPTION_PERMISSION_FIELD_NUMBER

public static final int COMBINED_EXCEPTION_PERMISSION_FIELD_NUMBER
Field Value
TypeDescription
int

COMBINED_EXCEPTION_PRINCIPAL_FIELD_NUMBER

public static final int COMBINED_EXCEPTION_PRINCIPAL_FIELD_NUMBER
Field Value
TypeDescription
int

CONDITION_EXPLANATION_FIELD_NUMBER

public static final int CONDITION_EXPLANATION_FIELD_NUMBER
Field Value
TypeDescription
int

CONDITION_FIELD_NUMBER

public static final int CONDITION_FIELD_NUMBER
Field Value
TypeDescription
int

DENIED_PERMISSIONS_FIELD_NUMBER

public static final int DENIED_PERMISSIONS_FIELD_NUMBER
Field Value
TypeDescription
int

DENIED_PRINCIPALS_FIELD_NUMBER

public static final int DENIED_PRINCIPALS_FIELD_NUMBER
Field Value
TypeDescription
int

DENY_ACCESS_STATE_FIELD_NUMBER

public static final int DENY_ACCESS_STATE_FIELD_NUMBER
Field Value
TypeDescription
int

EXCEPTION_PERMISSIONS_FIELD_NUMBER

public static final int EXCEPTION_PERMISSIONS_FIELD_NUMBER
Field Value
TypeDescription
int

EXCEPTION_PRINCIPALS_FIELD_NUMBER

public static final int EXCEPTION_PRINCIPALS_FIELD_NUMBER
Field Value
TypeDescription
int

RELEVANCE_FIELD_NUMBER

public static final int RELEVANCE_FIELD_NUMBER
Field Value
TypeDescription
int

Static Methods

getDefaultInstance()

public static DenyRuleExplanation getDefaultInstance()
Returns
TypeDescription
DenyRuleExplanation

getDescriptor()

public static final Descriptors.Descriptor getDescriptor()
Returns
TypeDescription
Descriptor

newBuilder()

public static DenyRuleExplanation.Builder newBuilder()
Returns
TypeDescription
DenyRuleExplanation.Builder

newBuilder(DenyRuleExplanation prototype)

public static DenyRuleExplanation.Builder newBuilder(DenyRuleExplanation prototype)
Parameter
NameDescription
prototypeDenyRuleExplanation
Returns
TypeDescription
DenyRuleExplanation.Builder

parseDelimitedFrom(InputStream input)

public static DenyRuleExplanation parseDelimitedFrom(InputStream input)
Parameter
NameDescription
inputInputStream
Returns
TypeDescription
DenyRuleExplanation
Exceptions
TypeDescription
IOException

parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)

public static DenyRuleExplanation parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
DenyRuleExplanation
Exceptions
TypeDescription
IOException

parseFrom(byte[] data)

public static DenyRuleExplanation parseFrom(byte[] data)
Parameter
NameDescription
databyte[]
Returns
TypeDescription
DenyRuleExplanation
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)

public static DenyRuleExplanation parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
databyte[]
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
DenyRuleExplanation
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(ByteString data)

public static DenyRuleExplanation parseFrom(ByteString data)
Parameter
NameDescription
dataByteString
Returns
TypeDescription
DenyRuleExplanation
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)

public static DenyRuleExplanation parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
dataByteString
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
DenyRuleExplanation
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(CodedInputStream input)

public static DenyRuleExplanation parseFrom(CodedInputStream input)
Parameter
NameDescription
inputCodedInputStream
Returns
TypeDescription
DenyRuleExplanation
Exceptions
TypeDescription
IOException

parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)

public static DenyRuleExplanation parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputCodedInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
DenyRuleExplanation
Exceptions
TypeDescription
IOException

parseFrom(InputStream input)

public static DenyRuleExplanation parseFrom(InputStream input)
Parameter
NameDescription
inputInputStream
Returns
TypeDescription
DenyRuleExplanation
Exceptions
TypeDescription
IOException

parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)

public static DenyRuleExplanation parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
DenyRuleExplanation
Exceptions
TypeDescription
IOException

parseFrom(ByteBuffer data)

public static DenyRuleExplanation parseFrom(ByteBuffer data)
Parameter
NameDescription
dataByteBuffer
Returns
TypeDescription
DenyRuleExplanation
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)

public static DenyRuleExplanation parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
dataByteBuffer
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
DenyRuleExplanation
Exceptions
TypeDescription
InvalidProtocolBufferException

parser()

public static Parser<DenyRuleExplanation> parser()
Returns
TypeDescription
Parser<DenyRuleExplanation>

Methods

containsDeniedPermissions(String key)

public boolean containsDeniedPermissions(String key)

Lists all denied permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a denied permission in the rule, and each value indicates whether the denied permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> denied_permissions = 3;

Parameter
NameDescription
keyString
Returns
TypeDescription
boolean

containsDeniedPrincipals(String key)

public boolean containsDeniedPrincipals(String key)

Lists all denied principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a denied principal in the rule, and each value indicates whether the denied principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> denied_principals = 7;

Parameter
NameDescription
keyString
Returns
TypeDescription
boolean

containsExceptionPermissions(String key)

public boolean containsExceptionPermissions(String key)

Lists all exception permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a exception permission in the rule, and each value indicates whether the exception permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> exception_permissions = 5;

Parameter
NameDescription
keyString
Returns
TypeDescription
boolean

containsExceptionPrincipals(String key)

public boolean containsExceptionPrincipals(String key)

Lists all exception principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a exception principal in the rule, and each value indicates whether the exception principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> exception_principals = 9;

Parameter
NameDescription
keyString
Returns
TypeDescription
boolean

equals(Object obj)

public boolean equals(Object obj)
Parameter
NameDescription
objObject
Returns
TypeDescription
boolean
Overrides

getCombinedDeniedPermission()

public DenyRuleExplanation.AnnotatedPermissionMatching getCombinedDeniedPermission()

Indicates whether the permission in the request is listed as a denied permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_denied_permission = 2;

Returns
TypeDescription
DenyRuleExplanation.AnnotatedPermissionMatching

The combinedDeniedPermission.

getCombinedDeniedPermissionOrBuilder()

public DenyRuleExplanation.AnnotatedPermissionMatchingOrBuilder getCombinedDeniedPermissionOrBuilder()

Indicates whether the permission in the request is listed as a denied permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_denied_permission = 2;

Returns
TypeDescription
DenyRuleExplanation.AnnotatedPermissionMatchingOrBuilder

getCombinedDeniedPrincipal()

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching getCombinedDeniedPrincipal()

Indicates whether the principal is listed as a denied principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_denied_principal = 6;

Returns
TypeDescription
DenyRuleExplanation.AnnotatedDenyPrincipalMatching

The combinedDeniedPrincipal.

getCombinedDeniedPrincipalOrBuilder()

public DenyRuleExplanation.AnnotatedDenyPrincipalMatchingOrBuilder getCombinedDeniedPrincipalOrBuilder()

Indicates whether the principal is listed as a denied principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_denied_principal = 6;

Returns
TypeDescription
DenyRuleExplanation.AnnotatedDenyPrincipalMatchingOrBuilder

getCombinedExceptionPermission()

public DenyRuleExplanation.AnnotatedPermissionMatching getCombinedExceptionPermission()

Indicates whether the permission in the request is listed as an exception permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_exception_permission = 4;

Returns
TypeDescription
DenyRuleExplanation.AnnotatedPermissionMatching

The combinedExceptionPermission.

getCombinedExceptionPermissionOrBuilder()

public DenyRuleExplanation.AnnotatedPermissionMatchingOrBuilder getCombinedExceptionPermissionOrBuilder()

Indicates whether the permission in the request is listed as an exception permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_exception_permission = 4;

Returns
TypeDescription
DenyRuleExplanation.AnnotatedPermissionMatchingOrBuilder

getCombinedExceptionPrincipal()

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching getCombinedExceptionPrincipal()

Indicates whether the principal is listed as an exception principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_exception_principal = 8;

Returns
TypeDescription
DenyRuleExplanation.AnnotatedDenyPrincipalMatching

The combinedExceptionPrincipal.

getCombinedExceptionPrincipalOrBuilder()

public DenyRuleExplanation.AnnotatedDenyPrincipalMatchingOrBuilder getCombinedExceptionPrincipalOrBuilder()

Indicates whether the principal is listed as an exception principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_exception_principal = 8;

Returns
TypeDescription
DenyRuleExplanation.AnnotatedDenyPrincipalMatchingOrBuilder

getCondition()

public Expr getCondition()

A condition expression that specifies when the deny rule denies the principal access.

To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.

.google.type.Expr condition = 11;

Returns
TypeDescription
com.google.type.Expr

The condition.

getConditionExplanation()

public ConditionExplanation getConditionExplanation()

Condition evaluation state for this role binding.

.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 12;

Returns
TypeDescription
ConditionExplanation

The conditionExplanation.

getConditionExplanationOrBuilder()

public ConditionExplanationOrBuilder getConditionExplanationOrBuilder()

Condition evaluation state for this role binding.

.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 12;

Returns
TypeDescription
ConditionExplanationOrBuilder

getConditionOrBuilder()

public ExprOrBuilder getConditionOrBuilder()

A condition expression that specifies when the deny rule denies the principal access.

To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.

.google.type.Expr condition = 11;

Returns
TypeDescription
com.google.type.ExprOrBuilder

getDefaultInstanceForType()

public DenyRuleExplanation getDefaultInstanceForType()
Returns
TypeDescription
DenyRuleExplanation

getDeniedPermissions() (deprecated)

public Map<String,DenyRuleExplanation.AnnotatedPermissionMatching> getDeniedPermissions()

Use #getDeniedPermissionsMap() instead.

Returns
TypeDescription
Map<String,AnnotatedPermissionMatching>

getDeniedPermissionsCount()

public int getDeniedPermissionsCount()

Lists all denied permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a denied permission in the rule, and each value indicates whether the denied permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> denied_permissions = 3;

Returns
TypeDescription
int

getDeniedPermissionsMap()

public Map<String,DenyRuleExplanation.AnnotatedPermissionMatching> getDeniedPermissionsMap()

Lists all denied permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a denied permission in the rule, and each value indicates whether the denied permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> denied_permissions = 3;

Returns
TypeDescription
Map<String,AnnotatedPermissionMatching>

getDeniedPermissionsOrDefault(String key, DenyRuleExplanation.AnnotatedPermissionMatching defaultValue)

public DenyRuleExplanation.AnnotatedPermissionMatching getDeniedPermissionsOrDefault(String key, DenyRuleExplanation.AnnotatedPermissionMatching defaultValue)

Lists all denied permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a denied permission in the rule, and each value indicates whether the denied permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> denied_permissions = 3;

Parameters
NameDescription
keyString
defaultValueDenyRuleExplanation.AnnotatedPermissionMatching
Returns
TypeDescription
DenyRuleExplanation.AnnotatedPermissionMatching

getDeniedPermissionsOrThrow(String key)

public DenyRuleExplanation.AnnotatedPermissionMatching getDeniedPermissionsOrThrow(String key)

Lists all denied permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a denied permission in the rule, and each value indicates whether the denied permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> denied_permissions = 3;

Parameter
NameDescription
keyString
Returns
TypeDescription
DenyRuleExplanation.AnnotatedPermissionMatching

getDeniedPrincipals() (deprecated)

public Map<String,DenyRuleExplanation.AnnotatedDenyPrincipalMatching> getDeniedPrincipals()

Use #getDeniedPrincipalsMap() instead.

Returns
TypeDescription
Map<String,AnnotatedDenyPrincipalMatching>

getDeniedPrincipalsCount()

public int getDeniedPrincipalsCount()

Lists all denied principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a denied principal in the rule, and each value indicates whether the denied principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> denied_principals = 7;

Returns
TypeDescription
int

getDeniedPrincipalsMap()

public Map<String,DenyRuleExplanation.AnnotatedDenyPrincipalMatching> getDeniedPrincipalsMap()

Lists all denied principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a denied principal in the rule, and each value indicates whether the denied principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> denied_principals = 7;

Returns
TypeDescription
Map<String,AnnotatedDenyPrincipalMatching>

getDeniedPrincipalsOrDefault(String key, DenyRuleExplanation.AnnotatedDenyPrincipalMatching defaultValue)

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching getDeniedPrincipalsOrDefault(String key, DenyRuleExplanation.AnnotatedDenyPrincipalMatching defaultValue)

Lists all denied principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a denied principal in the rule, and each value indicates whether the denied principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> denied_principals = 7;

Parameters
NameDescription
keyString
defaultValueDenyRuleExplanation.AnnotatedDenyPrincipalMatching
Returns
TypeDescription
DenyRuleExplanation.AnnotatedDenyPrincipalMatching

getDeniedPrincipalsOrThrow(String key)

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching getDeniedPrincipalsOrThrow(String key)

Lists all denied principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a denied principal in the rule, and each value indicates whether the denied principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> denied_principals = 7;

Parameter
NameDescription
keyString
Returns
TypeDescription
DenyRuleExplanation.AnnotatedDenyPrincipalMatching

getDenyAccessState()

public DenyAccessState getDenyAccessState()

Required. Indicates whether this rule denies the specified permission to the specified principal for the specified resource.

This field does not indicate whether the principal is actually denied on the permission for the resource. There might be another rule that overrides this rule. To determine whether the principal actually has the permission, use the overall_access_state field in the TroubleshootIamPolicyResponse.

.google.cloud.policytroubleshooter.iam.v3.DenyAccessState deny_access_state = 1 [(.google.api.field_behavior) = REQUIRED];

Returns
TypeDescription
DenyAccessState

The denyAccessState.

getDenyAccessStateValue()

public int getDenyAccessStateValue()

Required. Indicates whether this rule denies the specified permission to the specified principal for the specified resource.

This field does not indicate whether the principal is actually denied on the permission for the resource. There might be another rule that overrides this rule. To determine whether the principal actually has the permission, use the overall_access_state field in the TroubleshootIamPolicyResponse.

.google.cloud.policytroubleshooter.iam.v3.DenyAccessState deny_access_state = 1 [(.google.api.field_behavior) = REQUIRED];

Returns
TypeDescription
int

The enum numeric value on the wire for denyAccessState.

getExceptionPermissions() (deprecated)

public Map<String,DenyRuleExplanation.AnnotatedPermissionMatching> getExceptionPermissions()

Use #getExceptionPermissionsMap() instead.

Returns
TypeDescription
Map<String,AnnotatedPermissionMatching>

getExceptionPermissionsCount()

public int getExceptionPermissionsCount()

Lists all exception permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a exception permission in the rule, and each value indicates whether the exception permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> exception_permissions = 5;

Returns
TypeDescription
int

getExceptionPermissionsMap()

public Map<String,DenyRuleExplanation.AnnotatedPermissionMatching> getExceptionPermissionsMap()

Lists all exception permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a exception permission in the rule, and each value indicates whether the exception permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> exception_permissions = 5;

Returns
TypeDescription
Map<String,AnnotatedPermissionMatching>

getExceptionPermissionsOrDefault(String key, DenyRuleExplanation.AnnotatedPermissionMatching defaultValue)

public DenyRuleExplanation.AnnotatedPermissionMatching getExceptionPermissionsOrDefault(String key, DenyRuleExplanation.AnnotatedPermissionMatching defaultValue)

Lists all exception permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a exception permission in the rule, and each value indicates whether the exception permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> exception_permissions = 5;

Parameters
NameDescription
keyString
defaultValueDenyRuleExplanation.AnnotatedPermissionMatching
Returns
TypeDescription
DenyRuleExplanation.AnnotatedPermissionMatching

getExceptionPermissionsOrThrow(String key)

public DenyRuleExplanation.AnnotatedPermissionMatching getExceptionPermissionsOrThrow(String key)

Lists all exception permissions in the deny rule and indicates whether each permission matches the permission in the request.

Each key identifies a exception permission in the rule, and each value indicates whether the exception permission matches the permission in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching> exception_permissions = 5;

Parameter
NameDescription
keyString
Returns
TypeDescription
DenyRuleExplanation.AnnotatedPermissionMatching

getExceptionPrincipals() (deprecated)

public Map<String,DenyRuleExplanation.AnnotatedDenyPrincipalMatching> getExceptionPrincipals()

Use #getExceptionPrincipalsMap() instead.

Returns
TypeDescription
Map<String,AnnotatedDenyPrincipalMatching>

getExceptionPrincipalsCount()

public int getExceptionPrincipalsCount()

Lists all exception principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a exception principal in the rule, and each value indicates whether the exception principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> exception_principals = 9;

Returns
TypeDescription
int

getExceptionPrincipalsMap()

public Map<String,DenyRuleExplanation.AnnotatedDenyPrincipalMatching> getExceptionPrincipalsMap()

Lists all exception principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a exception principal in the rule, and each value indicates whether the exception principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> exception_principals = 9;

Returns
TypeDescription
Map<String,AnnotatedDenyPrincipalMatching>

getExceptionPrincipalsOrDefault(String key, DenyRuleExplanation.AnnotatedDenyPrincipalMatching defaultValue)

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching getExceptionPrincipalsOrDefault(String key, DenyRuleExplanation.AnnotatedDenyPrincipalMatching defaultValue)

Lists all exception principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a exception principal in the rule, and each value indicates whether the exception principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> exception_principals = 9;

Parameters
NameDescription
keyString
defaultValueDenyRuleExplanation.AnnotatedDenyPrincipalMatching
Returns
TypeDescription
DenyRuleExplanation.AnnotatedDenyPrincipalMatching

getExceptionPrincipalsOrThrow(String key)

public DenyRuleExplanation.AnnotatedDenyPrincipalMatching getExceptionPrincipalsOrThrow(String key)

Lists all exception principals in the deny rule and indicates whether each principal matches the principal in the request, either directly or through membership in a principal set.

Each key identifies a exception principal in the rule, and each value indicates whether the exception principal matches the principal in the request.

map<string, .google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching> exception_principals = 9;

Parameter
NameDescription
keyString
Returns
TypeDescription
DenyRuleExplanation.AnnotatedDenyPrincipalMatching

getParserForType()

public Parser<DenyRuleExplanation> getParserForType()
Returns
TypeDescription
Parser<DenyRuleExplanation>
Overrides

getRelevance()

public HeuristicRelevance getRelevance()

The relevance of this role binding to the overall determination for the entire policy.

.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance relevance = 10;

Returns
TypeDescription
HeuristicRelevance

The relevance.

getRelevanceValue()

public int getRelevanceValue()

The relevance of this role binding to the overall determination for the entire policy.

.google.cloud.policytroubleshooter.iam.v3.HeuristicRelevance relevance = 10;

Returns
TypeDescription
int

The enum numeric value on the wire for relevance.

getSerializedSize()

public int getSerializedSize()
Returns
TypeDescription
int
Overrides

hasCombinedDeniedPermission()

public boolean hasCombinedDeniedPermission()

Indicates whether the permission in the request is listed as a denied permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_denied_permission = 2;

Returns
TypeDescription
boolean

Whether the combinedDeniedPermission field is set.

hasCombinedDeniedPrincipal()

public boolean hasCombinedDeniedPrincipal()

Indicates whether the principal is listed as a denied principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_denied_principal = 6;

Returns
TypeDescription
boolean

Whether the combinedDeniedPrincipal field is set.

hasCombinedExceptionPermission()

public boolean hasCombinedExceptionPermission()

Indicates whether the permission in the request is listed as an exception permission in the deny rule.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedPermissionMatching combined_exception_permission = 4;

Returns
TypeDescription
boolean

Whether the combinedExceptionPermission field is set.

hasCombinedExceptionPrincipal()

public boolean hasCombinedExceptionPrincipal()

Indicates whether the principal is listed as an exception principal in the deny rule, either directly or through membership in a principal set.

.google.cloud.policytroubleshooter.iam.v3.DenyRuleExplanation.AnnotatedDenyPrincipalMatching combined_exception_principal = 8;

Returns
TypeDescription
boolean

Whether the combinedExceptionPrincipal field is set.

hasCondition()

public boolean hasCondition()

A condition expression that specifies when the deny rule denies the principal access.

To learn about IAM Conditions, see https://cloud.google.com/iam/help/conditions/overview.

.google.type.Expr condition = 11;

Returns
TypeDescription
boolean

Whether the condition field is set.

hasConditionExplanation()

public boolean hasConditionExplanation()

Condition evaluation state for this role binding.

.google.cloud.policytroubleshooter.iam.v3.ConditionExplanation condition_explanation = 12;

Returns
TypeDescription
boolean

Whether the conditionExplanation field is set.

hashCode()

public int hashCode()
Returns
TypeDescription
int
Overrides

internalGetFieldAccessorTable()

protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns
TypeDescription
FieldAccessorTable
Overrides

internalGetMapFieldReflection(int number)

protected MapFieldReflectionAccessor internalGetMapFieldReflection(int number)
Parameter
NameDescription
numberint
Returns
TypeDescription
com.google.protobuf.MapFieldReflectionAccessor
Overrides
com.google.protobuf.GeneratedMessageV3.internalGetMapFieldReflection(int)

isInitialized()

public final boolean isInitialized()
Returns
TypeDescription
boolean
Overrides

newBuilderForType()

public DenyRuleExplanation.Builder newBuilderForType()
Returns
TypeDescription
DenyRuleExplanation.Builder

newBuilderForType(GeneratedMessageV3.BuilderParent parent)

protected DenyRuleExplanation.Builder newBuilderForType(GeneratedMessageV3.BuilderParent parent)
Parameter
NameDescription
parentBuilderParent
Returns
TypeDescription
DenyRuleExplanation.Builder
Overrides

newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)

protected Object newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
Parameter
NameDescription
unusedUnusedPrivateParameter
Returns
TypeDescription
Object
Overrides

toBuilder()

public DenyRuleExplanation.Builder toBuilder()
Returns
TypeDescription
DenyRuleExplanation.Builder

writeTo(CodedOutputStream output)

public void writeTo(CodedOutputStream output)
Parameter
NameDescription
outputCodedOutputStream
Overrides
Exceptions
TypeDescription
IOException