As of January 1, 2020 this library no longer supports Python 2 on the latest released version. Library versions released prior to that date will continue to be available. For more information please visit Python 2 support on Google Cloud.

IamChecker

class google.cloud.policytroubleshooter_v1.services.iam_checker.IamCheckerAsyncClient(*, credentials: google.auth.credentials.Credentials = None, transport: Union[str, google.cloud.policytroubleshooter_v1.services.iam_checker.transports.base.IamCheckerTransport] = 'grpc_asyncio', client_options: <module 'google.api_core.client_options' from '/workspace/.nox/docs/lib/python3.8/site-packages/google/api_core/client_options.py'> = None, client_info: google.api_core.gapic_v1.client_info.ClientInfo = <google.api_core.gapic_v1.client_info.ClientInfo object>)[source]

IAM Policy Troubleshooter service. This service helps you troubleshoot access issues for Google Cloud resources.

Instantiates the iam checker client.

Parameters
  • credentials (Optional[google.auth.credentials.Credentials]) – The authorization credentials to attach to requests. These credentials identify the application to the service; if none are specified, the client will attempt to ascertain the credentials from the environment.

  • transport (Union[str, IamCheckerTransport]) – The transport to use. If set to None, a transport is chosen automatically.

  • client_options (ClientOptions) – Custom options for the client. It won’t take effect if a transport instance is provided. (1) The api_endpoint property can be used to override the default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT environment variable can also be used to override the endpoint: “always” (always use the default mTLS endpoint), “never” (always use the default regular endpoint) and “auto” (auto switch to the default mTLS endpoint if client certificate is present, this is the default value). However, the api_endpoint property takes precedence if provided. (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is “true”, then the client_cert_source property can be used to provide client certificate for mutual TLS transport. If not provided, the default SSL client certificate will be used if present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is “false” or not set, no client certificate will be used.

Raises

google.auth.exceptions.MutualTlsChannelError – If mutual TLS transport creation failed for any reason.

static common_billing_account_path(billing_account: str)str

Returns a fully-qualified billing_account string.

static common_folder_path(folder: str)str

Returns a fully-qualified folder string.

static common_location_path(project: str, location: str)str

Returns a fully-qualified location string.

static common_organization_path(organization: str)str

Returns a fully-qualified organization string.

static common_project_path(project: str)str

Returns a fully-qualified project string.

classmethod from_service_account_file(filename: str, *args, **kwargs)[source]
Creates an instance of this client using the provided credentials

file.

Parameters
  • filename (str) – The path to the service account private key json file.

  • args – Additional arguments to pass to the constructor.

  • kwargs – Additional arguments to pass to the constructor.

Returns

The constructed client.

Return type

IamCheckerAsyncClient

classmethod from_service_account_info(info: dict, *args, **kwargs)[source]
Creates an instance of this client using the provided credentials

info.

Parameters
  • info (dict) – The service account private key info.

  • args – Additional arguments to pass to the constructor.

  • kwargs – Additional arguments to pass to the constructor.

Returns

The constructed client.

Return type

IamCheckerAsyncClient

classmethod from_service_account_json(filename: str, *args, **kwargs)
Creates an instance of this client using the provided credentials

file.

Parameters
  • filename (str) – The path to the service account private key json file.

  • args – Additional arguments to pass to the constructor.

  • kwargs – Additional arguments to pass to the constructor.

Returns

The constructed client.

Return type

IamCheckerAsyncClient

get_transport_class()Type[google.cloud.policytroubleshooter_v1.services.iam_checker.transports.base.IamCheckerTransport]

Returns an appropriate transport class.

Parameters

label – The name of the desired transport. If none is provided, then the first transport in the registry is used.

Returns

The transport class to use.

static parse_common_billing_account_path(path: str)Dict[str, str]

Parse a billing_account path into its component segments.

static parse_common_folder_path(path: str)Dict[str, str]

Parse a folder path into its component segments.

static parse_common_location_path(path: str)Dict[str, str]

Parse a location path into its component segments.

static parse_common_organization_path(path: str)Dict[str, str]

Parse a organization path into its component segments.

static parse_common_project_path(path: str)Dict[str, str]

Parse a project path into its component segments.

property transport: google.cloud.policytroubleshooter_v1.services.iam_checker.transports.base.IamCheckerTransport

Returns the transport used by the client instance.

Returns

The transport used by the client instance.

Return type

IamCheckerTransport

async troubleshoot_iam_policy(request: Optional[google.cloud.policytroubleshooter_v1.types.checker.TroubleshootIamPolicyRequest] = None, *, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())google.cloud.policytroubleshooter_v1.types.checker.TroubleshootIamPolicyResponse[source]

Checks whether a member has a specific permission for a specific resource, and explains why the member does or does not have that permission.

Parameters
Returns

Response for [TroubleshootIamPolicy][google.cloud.policytroubleshooter.v1.IamChecker.TroubleshootIamPolicy].

Return type

google.cloud.policytroubleshooter_v1.types.TroubleshootIamPolicyResponse

class google.cloud.policytroubleshooter_v1.services.iam_checker.IamCheckerClient(*, credentials: Optional[google.auth.credentials.Credentials] = None, transport: Optional[Union[str, google.cloud.policytroubleshooter_v1.services.iam_checker.transports.base.IamCheckerTransport]] = None, client_options: Optional[google.api_core.client_options.ClientOptions] = None, client_info: google.api_core.gapic_v1.client_info.ClientInfo = <google.api_core.gapic_v1.client_info.ClientInfo object>)[source]

IAM Policy Troubleshooter service. This service helps you troubleshoot access issues for Google Cloud resources.

Instantiates the iam checker client.

Parameters
  • credentials (Optional[google.auth.credentials.Credentials]) – The authorization credentials to attach to requests. These credentials identify the application to the service; if none are specified, the client will attempt to ascertain the credentials from the environment.

  • transport (Union[str, IamCheckerTransport]) – The transport to use. If set to None, a transport is chosen automatically.

  • client_options (google.api_core.client_options.ClientOptions) – Custom options for the client. It won’t take effect if a transport instance is provided. (1) The api_endpoint property can be used to override the default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT environment variable can also be used to override the endpoint: “always” (always use the default mTLS endpoint), “never” (always use the default regular endpoint) and “auto” (auto switch to the default mTLS endpoint if client certificate is present, this is the default value). However, the api_endpoint property takes precedence if provided. (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is “true”, then the client_cert_source property can be used to provide client certificate for mutual TLS transport. If not provided, the default SSL client certificate will be used if present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is “false” or not set, no client certificate will be used.

  • client_info (google.api_core.gapic_v1.client_info.ClientInfo) – The client info used to send a user-agent string along with API requests. If None, then default info will be used. Generally, you only need to set this if you’re developing your own client library.

Raises

google.auth.exceptions.MutualTLSChannelError – If mutual TLS transport creation failed for any reason.

__exit__(type, value, traceback)[source]

Releases underlying transport’s resources.

Warning

ONLY use as a context manager if the transport is NOT shared with other clients! Exiting the with block will CLOSE the transport and may cause errors in other clients!

static common_billing_account_path(billing_account: str)str[source]

Returns a fully-qualified billing_account string.

static common_folder_path(folder: str)str[source]

Returns a fully-qualified folder string.

static common_location_path(project: str, location: str)str[source]

Returns a fully-qualified location string.

static common_organization_path(organization: str)str[source]

Returns a fully-qualified organization string.

static common_project_path(project: str)str[source]

Returns a fully-qualified project string.

classmethod from_service_account_file(filename: str, *args, **kwargs)[source]
Creates an instance of this client using the provided credentials

file.

Parameters
  • filename (str) – The path to the service account private key json file.

  • args – Additional arguments to pass to the constructor.

  • kwargs – Additional arguments to pass to the constructor.

Returns

The constructed client.

Return type

IamCheckerClient

classmethod from_service_account_info(info: dict, *args, **kwargs)[source]
Creates an instance of this client using the provided credentials

info.

Parameters
  • info (dict) – The service account private key info.

  • args – Additional arguments to pass to the constructor.

  • kwargs – Additional arguments to pass to the constructor.

Returns

The constructed client.

Return type

IamCheckerClient

classmethod from_service_account_json(filename: str, *args, **kwargs)
Creates an instance of this client using the provided credentials

file.

Parameters
  • filename (str) – The path to the service account private key json file.

  • args – Additional arguments to pass to the constructor.

  • kwargs – Additional arguments to pass to the constructor.

Returns

The constructed client.

Return type

IamCheckerClient

static parse_common_billing_account_path(path: str)Dict[str, str][source]

Parse a billing_account path into its component segments.

static parse_common_folder_path(path: str)Dict[str, str][source]

Parse a folder path into its component segments.

static parse_common_location_path(path: str)Dict[str, str][source]

Parse a location path into its component segments.

static parse_common_organization_path(path: str)Dict[str, str][source]

Parse a organization path into its component segments.

static parse_common_project_path(path: str)Dict[str, str][source]

Parse a project path into its component segments.

property transport: google.cloud.policytroubleshooter_v1.services.iam_checker.transports.base.IamCheckerTransport

Returns the transport used by the client instance.

Returns

The transport used by the client

instance.

Return type

IamCheckerTransport

troubleshoot_iam_policy(request: Optional[Union[google.cloud.policytroubleshooter_v1.types.checker.TroubleshootIamPolicyRequest, dict]] = None, *, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())google.cloud.policytroubleshooter_v1.types.checker.TroubleshootIamPolicyResponse[source]

Checks whether a member has a specific permission for a specific resource, and explains why the member does or does not have that permission.

Parameters
Returns

Response for [TroubleshootIamPolicy][google.cloud.policytroubleshooter.v1.IamChecker.TroubleshootIamPolicy].

Return type

google.cloud.policytroubleshooter_v1.types.TroubleshootIamPolicyResponse