Class: Google::Apis::PolicytroubleshooterV1beta::GoogleCloudPolicytroubleshooterV1betaExplainedPolicy

Inherits:

Object

• Object
• Google::Apis::PolicytroubleshooterV1beta::GoogleCloudPolicytroubleshooterV1betaExplainedPolicy

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

generated/google/apis/policytroubleshooter_v1beta/classes.rb,
generated/google/apis/policytroubleshooter_v1beta/representations.rb,
generated/google/apis/policytroubleshooter_v1beta/representations.rb

Overview

An explained IAM policy combines the raw policy in the context of the resource which it is attached to along with detailed evaluation on the evaluation parameters provided through the request.

Instance Attribute Summary

• #access ⇒ String

  Access decision for this section of the resource's effective policy.

• #binding_explanations ⇒ Array<Google::Apis::PolicytroubleshooterV1beta::GoogleCloudPolicytroubleshooterV1betaBindingExplanation>

  Detailed binding evaluation explanations provide information about how each binding contributes to the principal's access or the lack thereof.

• #full_resource_name ⇒ String

  Resource that this section of the effective policy attaches to.

• #policy ⇒ Google::Apis::PolicytroubleshooterV1beta::GoogleIamV1Policy

  Defines an Identity and Access Management (IAM) policy.

• #relevance ⇒ String

  Relevance of this Policy.

Instance Method Summary

• #initialize(**args) ⇒ GoogleCloudPolicytroubleshooterV1betaExplainedPolicy constructor

  A new instance of GoogleCloudPolicytroubleshooterV1betaExplainedPolicy.

• #update!(**args) ⇒ Object

  Update properties of this object.

Methods included from Core::JsonObjectSupport

#to_json

Methods included from Core::Hashable

process_value, #to_h

Constructor Details

#initialize(**args) ⇒ GoogleCloudPolicytroubleshooterV1betaExplainedPolicy

Returns a new instance of GoogleCloudPolicytroubleshooterV1betaExplainedPolicy

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 240

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#access ⇒ String

Access decision for this section of the resource's effective policy. Corresponds to the JSON property access

Returns:

• (String)

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 167

def access
  @access
end

#binding_explanations ⇒ Array<Google::Apis::PolicytroubleshooterV1beta::GoogleCloudPolicytroubleshooterV1betaBindingExplanation>

Detailed binding evaluation explanations provide information about how each binding contributes to the principal's access or the lack thereof. Corresponds to the JSON property bindingExplanations

Returns:

• (Array<Google::Apis::PolicytroubleshooterV1beta::GoogleCloudPolicytroubleshooterV1betaBindingExplanation>)

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 174

def binding_explanations
  @binding_explanations
end

#full_resource_name ⇒ String

Resource that this section of the effective policy attaches to. Corresponds to the JSON property fullResourceName

Returns:

• (String)

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 179

def full_resource_name
  @full_resource_name
end

#policy ⇒ Google::Apis::PolicytroubleshooterV1beta::GoogleIamV1Policy

Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources. A Policy is a collection of bindings. A binding binds one or more members to a single role. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions (defined by IAM or configured by users). A binding can optionally specify a condition, which is a logic expression that further constrains the role binding based on attributes about the request and/or target resource. JSON Example "bindings": [ "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] , "role": "roles/resourcemanager.organizationViewer", "members": ["user:eve@example.com"], "condition": "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", ] YAML Example bindings:

• members:
• user:mike@example.com
• group:admins@example.com
• domain:google.com
• serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin
• members:
• user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') For a description of IAM and its features, see the IAM developer's guide. Corresponds to the JSON property policy

Returns:

• (Google::Apis::PolicytroubleshooterV1beta::GoogleIamV1Policy)

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 233

def policy
  @policy
end

#relevance ⇒ String

Relevance of this Policy. Corresponds to the JSON property relevance

Returns:

• (String)

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 238

def relevance
  @relevance
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 245

def update!(**args)
  @access = args[:access] if args.key?(:access)
  @binding_explanations = args[:binding_explanations] if args.key?(:binding_explanations)
  @full_resource_name = args[:full_resource_name] if args.key?(:full_resource_name)
  @policy = args[:policy] if args.key?(:policy)
  @relevance = args[:relevance] if args.key?(:relevance)
end