Policy Troubleshooter V3 API - Class Google::Cloud::PolicyTroubleshooter::Iam::V3::DenyPolicyExplanation (v0.4.1)

Reference documentation and code samples for the Policy Troubleshooter V3 API class Google::Cloud::PolicyTroubleshooter::Iam::V3::DenyPolicyExplanation.

Details about how the relevant IAM deny policies affect the final access state.

Inherits

  • Object

Extended By

  • Google::Protobuf::MessageExts::ClassMethods

Includes

  • Google::Protobuf::MessageExts

Methods

#deny_access_state

def deny_access_state() -> ::Google::Cloud::PolicyTroubleshooter::Iam::V3::DenyAccessState
Returns

#deny_access_state=

def deny_access_state=(value) -> ::Google::Cloud::PolicyTroubleshooter::Iam::V3::DenyAccessState
Parameter
Returns

#explained_resources

def explained_resources() -> ::Array<::Google::Cloud::PolicyTroubleshooter::Iam::V3::ExplainedDenyResource>
Returns
  • (::Array<::Google::Cloud::PolicyTroubleshooter::Iam::V3::ExplainedDenyResource>) — List of resources with IAM deny policies that were evaluated to check the principal's denied permissions, with annotations to indicate how each policy contributed to the final result.

    The list of resources includes the policy for the resource itself, as well as policies that are inherited from higher levels of the resource hierarchy, including the organization, the folder, and the project. The order of the resources starts from the resource and climbs up the resource hierarchy.

    To learn more about the resource hierarchy, see https://cloud.google.com/iam/help/resource-hierarchy.

#explained_resources=

def explained_resources=(value) -> ::Array<::Google::Cloud::PolicyTroubleshooter::Iam::V3::ExplainedDenyResource>
Parameter
  • value (::Array<::Google::Cloud::PolicyTroubleshooter::Iam::V3::ExplainedDenyResource>) — List of resources with IAM deny policies that were evaluated to check the principal's denied permissions, with annotations to indicate how each policy contributed to the final result.

    The list of resources includes the policy for the resource itself, as well as policies that are inherited from higher levels of the resource hierarchy, including the organization, the folder, and the project. The order of the resources starts from the resource and climbs up the resource hierarchy.

    To learn more about the resource hierarchy, see https://cloud.google.com/iam/help/resource-hierarchy.

Returns
  • (::Array<::Google::Cloud::PolicyTroubleshooter::Iam::V3::ExplainedDenyResource>) — List of resources with IAM deny policies that were evaluated to check the principal's denied permissions, with annotations to indicate how each policy contributed to the final result.

    The list of resources includes the policy for the resource itself, as well as policies that are inherited from higher levels of the resource hierarchy, including the organization, the folder, and the project. The order of the resources starts from the resource and climbs up the resource hierarchy.

    To learn more about the resource hierarchy, see https://cloud.google.com/iam/help/resource-hierarchy.

#permission_deniable

def permission_deniable() -> ::Boolean
Returns
  • (::Boolean) — Indicates whether the permission to troubleshoot is supported in deny policies.

#permission_deniable=

def permission_deniable=(value) -> ::Boolean
Parameter
  • value (::Boolean) — Indicates whether the permission to troubleshoot is supported in deny policies.
Returns
  • (::Boolean) — Indicates whether the permission to troubleshoot is supported in deny policies.

#relevance

def relevance() -> ::Google::Cloud::PolicyTroubleshooter::Iam::V3::HeuristicRelevance
Returns

#relevance=

def relevance=(value) -> ::Google::Cloud::PolicyTroubleshooter::Iam::V3::HeuristicRelevance
Parameter
Returns