Google Cloud Policy Troubleshooter Iam V3 Client - Class AllowPolicyExplanation (0.2.8)

Reference documentation and code samples for the Google Cloud Policy Troubleshooter Iam V3 Client class AllowPolicyExplanation.

Details about how the relevant IAM allow policies affect the final access state.

Generated from protobuf message google.cloud.policytroubleshooter.iam.v3.AllowPolicyExplanation

Namespace

Google \ Cloud \ PolicyTroubleshooter \ Iam \ V3

Methods

__construct

Constructor.

Parameters
Name Description
data array

Optional. Data for populating the Message object.

↳ allow_access_state int

Indicates whether the principal has the specified permission for the specified resource, based on evaluating all applicable IAM allow policies.

↳ explained_policies array<ExplainedAllowPolicy>

List of IAM allow policies that were evaluated to check the principal's permissions, with annotations to indicate how each policy contributed to the final result. The list of policies includes the policy for the resource itself, as well as allow policies that are inherited from higher levels of the resource hierarchy, including the organization, the folder, and the project. To learn more about the resource hierarchy, see https://cloud.google.com/iam/help/resource-hierarchy.

↳ relevance int

The relevance of the allow policy type to the overall access state.

getAllowAccessState

Indicates whether the principal has the specified permission for the specified resource, based on evaluating all applicable IAM allow policies.

Returns
Type Description
int

setAllowAccessState

Indicates whether the principal has the specified permission for the specified resource, based on evaluating all applicable IAM allow policies.

Parameter
Name Description
var int
Returns
Type Description
$this

getExplainedPolicies

List of IAM allow policies that were evaluated to check the principal's permissions, with annotations to indicate how each policy contributed to the final result.

The list of policies includes the policy for the resource itself, as well as allow policies that are inherited from higher levels of the resource hierarchy, including the organization, the folder, and the project. To learn more about the resource hierarchy, see https://cloud.google.com/iam/help/resource-hierarchy.

Returns
Type Description
Google\Protobuf\Internal\RepeatedField

setExplainedPolicies

List of IAM allow policies that were evaluated to check the principal's permissions, with annotations to indicate how each policy contributed to the final result.

The list of policies includes the policy for the resource itself, as well as allow policies that are inherited from higher levels of the resource hierarchy, including the organization, the folder, and the project. To learn more about the resource hierarchy, see https://cloud.google.com/iam/help/resource-hierarchy.

Parameter
Name Description
var array<ExplainedAllowPolicy>
Returns
Type Description
$this

getRelevance

The relevance of the allow policy type to the overall access state.

Returns
Type Description
int

setRelevance

The relevance of the allow policy type to the overall access state.

Parameter
Name Description
var int
Returns
Type Description
$this