public static interface Explanations.BindingExplanationOrBuilder
extends com.google.protobuf.MessageOrBuilder
| Modifier and Type | Method and Description |
|---|---|
boolean |
containsMemberships(String key)
Indicates whether each member in the binding includes the member specified
in the request, either directly or indirectly.
|
Explanations.AccessState |
getAccess()
Required.
|
int |
getAccessValue()
Required.
|
com.google.type.Expr |
getCondition()
A condition expression that prevents access unless the expression evaluates
to `true`.
|
com.google.type.ExprOrBuilder |
getConditionOrBuilder()
A condition expression that prevents access unless the expression evaluates
to `true`.
|
Map<String,Explanations.BindingExplanation.AnnotatedMembership> |
getMemberships()
Deprecated.
|
int |
getMembershipsCount()
Indicates whether each member in the binding includes the member specified
in the request, either directly or indirectly.
|
Map<String,Explanations.BindingExplanation.AnnotatedMembership> |
getMembershipsMap()
Indicates whether each member in the binding includes the member specified
in the request, either directly or indirectly.
|
Explanations.BindingExplanation.AnnotatedMembership |
getMembershipsOrDefault(String key,
Explanations.BindingExplanation.AnnotatedMembership defaultValue)
Indicates whether each member in the binding includes the member specified
in the request, either directly or indirectly.
|
Explanations.BindingExplanation.AnnotatedMembership |
getMembershipsOrThrow(String key)
Indicates whether each member in the binding includes the member specified
in the request, either directly or indirectly.
|
Explanations.HeuristicRelevance |
getRelevance()
The relevance of this binding to the overall determination for the entire
policy.
|
int |
getRelevanceValue()
The relevance of this binding to the overall determination for the entire
policy.
|
String |
getRole()
The role that this binding grants.
|
com.google.protobuf.ByteString |
getRoleBytes()
The role that this binding grants.
|
Explanations.BindingExplanation.RolePermission |
getRolePermission()
Indicates whether the role granted by this binding contains the specified
permission.
|
Explanations.HeuristicRelevance |
getRolePermissionRelevance()
The relevance of the permission's existence, or nonexistence, in the role
to the overall determination for the entire policy.
|
int |
getRolePermissionRelevanceValue()
The relevance of the permission's existence, or nonexistence, in the role
to the overall determination for the entire policy.
|
int |
getRolePermissionValue()
Indicates whether the role granted by this binding contains the specified
permission.
|
boolean |
hasCondition()
A condition expression that prevents access unless the expression evaluates
to `true`.
|
findInitializationErrors, getAllFields, getDefaultInstanceForType, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneofint getAccessValue()
Required. Indicates whether _this binding_ provides the specified permission to the specified member for the specified resource. This field does _not_ indicate whether the member actually has the permission for the resource. There might be another binding that overrides this binding. To determine whether the member actually has the permission, use the `access` field in the [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
.google.cloud.policytroubleshooter.v1.AccessState access = 1 [(.google.api.field_behavior) = REQUIRED];
Explanations.AccessState getAccess()
Required. Indicates whether _this binding_ provides the specified permission to the specified member for the specified resource. This field does _not_ indicate whether the member actually has the permission for the resource. There might be another binding that overrides this binding. To determine whether the member actually has the permission, use the `access` field in the [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
.google.cloud.policytroubleshooter.v1.AccessState access = 1 [(.google.api.field_behavior) = REQUIRED];
String getRole()
The role that this binding grants. For example, `roles/compute.serviceAgent`. For a complete list of predefined IAM roles, as well as the permissions in each role, see https://cloud.google.com/iam/help/roles/reference.
string role = 2;com.google.protobuf.ByteString getRoleBytes()
The role that this binding grants. For example, `roles/compute.serviceAgent`. For a complete list of predefined IAM roles, as well as the permissions in each role, see https://cloud.google.com/iam/help/roles/reference.
string role = 2;int getRolePermissionValue()
Indicates whether the role granted by this binding contains the specified permission.
.google.cloud.policytroubleshooter.v1.BindingExplanation.RolePermission role_permission = 3;
Explanations.BindingExplanation.RolePermission getRolePermission()
Indicates whether the role granted by this binding contains the specified permission.
.google.cloud.policytroubleshooter.v1.BindingExplanation.RolePermission role_permission = 3;
int getRolePermissionRelevanceValue()
The relevance of the permission's existence, or nonexistence, in the role to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.v1.HeuristicRelevance role_permission_relevance = 4;
Explanations.HeuristicRelevance getRolePermissionRelevance()
The relevance of the permission's existence, or nonexistence, in the role to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.v1.HeuristicRelevance role_permission_relevance = 4;
int getMembershipsCount()
Indicates whether each member in the binding includes the member specified in the request, either directly or indirectly. Each key identifies a member in the binding, and each value indicates whether the member in the binding includes the member in the request. For example, suppose that a binding includes the following members: * `user:alice@example.com` * `group:product-eng@example.com` You want to troubleshoot access for `user:bob@example.com`. This user is a member of the group `group:product-eng@example.com`. For the first member in the binding, the key is `user:alice@example.com`, and the `membership` field in the value is set to `MEMBERSHIP_NOT_INCLUDED`. For the second member in the binding, the key is `group:product-eng@example.com`, and the `membership` field in the value is set to `MEMBERSHIP_INCLUDED`.
map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5;
boolean containsMemberships(String key)
Indicates whether each member in the binding includes the member specified in the request, either directly or indirectly. Each key identifies a member in the binding, and each value indicates whether the member in the binding includes the member in the request. For example, suppose that a binding includes the following members: * `user:alice@example.com` * `group:product-eng@example.com` You want to troubleshoot access for `user:bob@example.com`. This user is a member of the group `group:product-eng@example.com`. For the first member in the binding, the key is `user:alice@example.com`, and the `membership` field in the value is set to `MEMBERSHIP_NOT_INCLUDED`. For the second member in the binding, the key is `group:product-eng@example.com`, and the `membership` field in the value is set to `MEMBERSHIP_INCLUDED`.
map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5;
@Deprecated Map<String,Explanations.BindingExplanation.AnnotatedMembership> getMemberships()
getMembershipsMap() instead.Map<String,Explanations.BindingExplanation.AnnotatedMembership> getMembershipsMap()
Indicates whether each member in the binding includes the member specified in the request, either directly or indirectly. Each key identifies a member in the binding, and each value indicates whether the member in the binding includes the member in the request. For example, suppose that a binding includes the following members: * `user:alice@example.com` * `group:product-eng@example.com` You want to troubleshoot access for `user:bob@example.com`. This user is a member of the group `group:product-eng@example.com`. For the first member in the binding, the key is `user:alice@example.com`, and the `membership` field in the value is set to `MEMBERSHIP_NOT_INCLUDED`. For the second member in the binding, the key is `group:product-eng@example.com`, and the `membership` field in the value is set to `MEMBERSHIP_INCLUDED`.
map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5;
Explanations.BindingExplanation.AnnotatedMembership getMembershipsOrDefault(String key, Explanations.BindingExplanation.AnnotatedMembership defaultValue)
Indicates whether each member in the binding includes the member specified in the request, either directly or indirectly. Each key identifies a member in the binding, and each value indicates whether the member in the binding includes the member in the request. For example, suppose that a binding includes the following members: * `user:alice@example.com` * `group:product-eng@example.com` You want to troubleshoot access for `user:bob@example.com`. This user is a member of the group `group:product-eng@example.com`. For the first member in the binding, the key is `user:alice@example.com`, and the `membership` field in the value is set to `MEMBERSHIP_NOT_INCLUDED`. For the second member in the binding, the key is `group:product-eng@example.com`, and the `membership` field in the value is set to `MEMBERSHIP_INCLUDED`.
map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5;
Explanations.BindingExplanation.AnnotatedMembership getMembershipsOrThrow(String key)
Indicates whether each member in the binding includes the member specified in the request, either directly or indirectly. Each key identifies a member in the binding, and each value indicates whether the member in the binding includes the member in the request. For example, suppose that a binding includes the following members: * `user:alice@example.com` * `group:product-eng@example.com` You want to troubleshoot access for `user:bob@example.com`. This user is a member of the group `group:product-eng@example.com`. For the first member in the binding, the key is `user:alice@example.com`, and the `membership` field in the value is set to `MEMBERSHIP_NOT_INCLUDED`. For the second member in the binding, the key is `group:product-eng@example.com`, and the `membership` field in the value is set to `MEMBERSHIP_INCLUDED`.
map<string, .google.cloud.policytroubleshooter.v1.BindingExplanation.AnnotatedMembership> memberships = 5;
int getRelevanceValue()
The relevance of this binding to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 6;Explanations.HeuristicRelevance getRelevance()
The relevance of this binding to the overall determination for the entire policy.
.google.cloud.policytroubleshooter.v1.HeuristicRelevance relevance = 6;boolean hasCondition()
A condition expression that prevents access unless the expression evaluates to `true`. To learn about IAM Conditions, see http://cloud.google.com/iam/help/conditions/overview.
.google.type.Expr condition = 7;com.google.type.Expr getCondition()
A condition expression that prevents access unless the expression evaluates to `true`. To learn about IAM Conditions, see http://cloud.google.com/iam/help/conditions/overview.
.google.type.Expr condition = 7;com.google.type.ExprOrBuilder getConditionOrBuilder()
A condition expression that prevents access unless the expression evaluates to `true`. To learn about IAM Conditions, see http://cloud.google.com/iam/help/conditions/overview.
.google.type.Expr condition = 7;Copyright © 2022 Google LLC. All rights reserved.