Google Cloud Asset V1 Client - Class IamPolicySearchResult (2.1.0)

Reference documentation and code samples for the Google Cloud Asset V1 Client class IamPolicySearchResult.

A result of IAM Policy search, containing information of an IAM policy.

Generated from protobuf message google.cloud.asset.v1.IamPolicySearchResult

Namespace

Google \ Cloud \ Asset \ V1

Methods

__construct

Constructor.

Parameters
Name Description
data array

Optional. Data for populating the Message object.
↳ resource string

The full resource name of the resource associated with this IAM policy. Example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. See Cloud Asset Inventory Resource Name Format for more information. To search against the resource: * use a field query. Example: resource:organizations/123
↳ asset_type string

The type of the resource associated with this IAM policy. Example: compute.googleapis.com/Disk. To search against the asset_type: * specify the asset_types field in your search request.
↳ project string

The project that the associated Google Cloud resource belongs to, in the form of projects/{PROJECT_NUMBER}. If an IAM policy is set on a resource (like VM instance, Cloud Storage bucket), the project field will indicate the project that contains the resource. If an IAM policy is set on a folder or orgnization, this field will be empty. To search against the project: * specify the scope field as this project in your search request.
↳ folders array

The folder(s) that the IAM policy belongs to, in the form of folders/{FOLDER_NUMBER}. This field is available when the IAM policy belongs to one or more folders. To search against folders: * use a field query. Example: folders:(123 OR 456) * use a free text query. Example: 123 * specify the scope field as this folder in your search request.
↳ organization string

The organization that the IAM policy belongs to, in the form of organizations/{ORGANIZATION_NUMBER}. This field is available when the IAM policy belongs to an organization. To search against organization: * use a field query. Example: organization:123 * use a free text query. Example: 123 * specify the scope field as this organization in your search request.
↳ policy Google\Cloud\Iam\V1\Policy

The IAM policy directly set on the given resource. Note that the original IAM policy can contain multiple bindings. This only contains the bindings that match the given query. For queries that don't contain a constrain on policies (e.g., an empty query), this contains all the bindings. To search against the policy bindings: * use a field query: - query by the policy contained members. Example: policy:amy@gmail.com - query by the policy contained roles. Example: policy:roles/compute.admin - query by the policy contained roles' included permissions. Example: policy.role.permissions:compute.instances.create
↳ explanation Google\Cloud\Asset\V1\IamPolicySearchResult\Explanation

Explanation about the IAM policy search result. It contains additional information to explain why the search result matches the query.

getResource

The full resource name of the resource associated with this IAM policy.

Example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. See Cloud Asset Inventory Resource Name Format for more information. To search against the resource:

  • use a field query. Example: resource:organizations/123
Returns
Type Description
string

setResource

The full resource name of the resource associated with this IAM policy.

Example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. See Cloud Asset Inventory Resource Name Format for more information. To search against the resource:

  • use a field query. Example: resource:organizations/123
Parameter
Name Description
var string
Returns
Type Description
$this

getAssetType

The type of the resource associated with this IAM policy. Example: compute.googleapis.com/Disk.

To search against the asset_type:

  • specify the asset_types field in your search request.
Returns
Type Description
string

setAssetType

The type of the resource associated with this IAM policy. Example: compute.googleapis.com/Disk.

To search against the asset_type:

  • specify the asset_types field in your search request.
Parameter
Name Description
var string
Returns
Type Description
$this

getProject

The project that the associated Google Cloud resource belongs to, in the form of projects/{PROJECT_NUMBER}. If an IAM policy is set on a resource (like VM instance, Cloud Storage bucket), the project field will indicate the project that contains the resource. If an IAM policy is set on a folder or orgnization, this field will be empty.

To search against the project:

  • specify the scope field as this project in your search request.
Returns
Type Description
string

setProject

The project that the associated Google Cloud resource belongs to, in the form of projects/{PROJECT_NUMBER}. If an IAM policy is set on a resource (like VM instance, Cloud Storage bucket), the project field will indicate the project that contains the resource. If an IAM policy is set on a folder or orgnization, this field will be empty.

To search against the project:

  • specify the scope field as this project in your search request.
Parameter
Name Description
var string
Returns
Type Description
$this

getFolders

The folder(s) that the IAM policy belongs to, in the form of folders/{FOLDER_NUMBER}. This field is available when the IAM policy belongs to one or more folders.

To search against folders:

  • use a field query. Example: folders:(123 OR 456)
  • use a free text query. Example: 123
  • specify the scope field as this folder in your search request.
Returns
Type Description
Google\Protobuf\Internal\RepeatedField

setFolders

The folder(s) that the IAM policy belongs to, in the form of folders/{FOLDER_NUMBER}. This field is available when the IAM policy belongs to one or more folders.

To search against folders:

  • use a field query. Example: folders:(123 OR 456)
  • use a free text query. Example: 123
  • specify the scope field as this folder in your search request.
Parameter
Name Description
var string[]
Returns
Type Description
$this

getOrganization

The organization that the IAM policy belongs to, in the form of organizations/{ORGANIZATION_NUMBER}. This field is available when the IAM policy belongs to an organization.

To search against organization:

  • use a field query. Example: organization:123
  • use a free text query. Example: 123
  • specify the scope field as this organization in your search request.
Returns
Type Description
string

setOrganization

The organization that the IAM policy belongs to, in the form of organizations/{ORGANIZATION_NUMBER}. This field is available when the IAM policy belongs to an organization.

To search against organization:

  • use a field query. Example: organization:123
  • use a free text query. Example: 123
  • specify the scope field as this organization in your search request.
Parameter
Name Description
var string
Returns
Type Description
$this

getPolicy

The IAM policy directly set on the given resource. Note that the original IAM policy can contain multiple bindings. This only contains the bindings that match the given query. For queries that don't contain a constrain on policies (e.g., an empty query), this contains all the bindings.

To search against the policy bindings:

  • use a field query:
    • query by the policy contained members. Example: policy:amy@gmail.com
    • query by the policy contained roles. Example: policy:roles/compute.admin
    • query by the policy contained roles' included permissions. Example: policy.role.permissions:compute.instances.create
Returns
Type Description
Google\Cloud\Iam\V1\Policy|null

hasPolicy

clearPolicy

setPolicy

The IAM policy directly set on the given resource. Note that the original IAM policy can contain multiple bindings. This only contains the bindings that match the given query. For queries that don't contain a constrain on policies (e.g., an empty query), this contains all the bindings.

To search against the policy bindings:

  • use a field query:
    • query by the policy contained members. Example: policy:amy@gmail.com
    • query by the policy contained roles. Example: policy:roles/compute.admin
    • query by the policy contained roles' included permissions. Example: policy.role.permissions:compute.instances.create
Parameter
Name Description
var Google\Cloud\Iam\V1\Policy
Returns
Type Description
$this

getExplanation

Explanation about the IAM policy search result. It contains additional information to explain why the search result matches the query.

Returns
Type Description
Google\Cloud\Asset\V1\IamPolicySearchResult\Explanation|null

hasExplanation

clearExplanation

setExplanation

Explanation about the IAM policy search result. It contains additional information to explain why the search result matches the query.

Parameter
Name Description
var Google\Cloud\Asset\V1\IamPolicySearchResult\Explanation
Returns
Type Description
$this