Class: Google::Apis::PolicytroubleshooterV1beta::GoogleCloudPolicytroubleshooterV1betaBindingExplanation

Inherits:

Object

• Object
• Google::Apis::PolicytroubleshooterV1beta::GoogleCloudPolicytroubleshooterV1betaBindingExplanation

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

generated/google/apis/policytroubleshooter_v1beta/classes.rb,
generated/google/apis/policytroubleshooter_v1beta/representations.rb,
generated/google/apis/policytroubleshooter_v1beta/representations.rb

Overview

Details about how a binding in a policy affects a member's ability to use a permission.

Instance Attribute Summary

• #access ⇒ String

  Indicates whether this binding provides the specified permission to the specified member for the specified resource.

• #condition ⇒ Google::Apis::PolicytroubleshooterV1beta::GoogleTypeExpr

  Represents a textual expression in the Common Expression Language (CEL) syntax.

• #memberships ⇒ Hash<String,Google::Apis::PolicytroubleshooterV1beta::GoogleCloudPolicytroubleshooterV1betaBindingExplanationAnnotatedMembership>

  Indicates whether each member in the binding includes the member specified in the request, either directly or indirectly.

• #relevance ⇒ String

  The relevance of this binding to the overall determination for the entire policy.

• #role ⇒ String

  The role that this binding grants.

• #role_permission ⇒ String

  Indicates whether the role granted by this binding contains the specified permission.

• #role_permission_relevance ⇒ String

  The relevance of the permission's existence, or nonexistence, in the role to the overall determination for the entire policy.

Instance Method Summary

• #initialize(**args) ⇒ GoogleCloudPolicytroubleshooterV1betaBindingExplanation constructor

  A new instance of GoogleCloudPolicytroubleshooterV1betaBindingExplanation.

• #update!(**args) ⇒ Object

  Update properties of this object.

Methods included from Core::JsonObjectSupport

#to_json

Methods included from Core::Hashable

process_value, #to_h

Constructor Details

#initialize(**args) ⇒ GoogleCloudPolicytroubleshooterV1betaBindingExplanation

Returns a new instance of GoogleCloudPolicytroubleshooterV1betaBindingExplanation.

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 157

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#access ⇒ String

Indicates whether this binding provides the specified permission to the specified member for the specified resource. This field does not indicate whether the member actually has the permission for the resource. There might be another binding that overrides this binding. To determine whether the member actually has the permission, use the access field in the TroubleshootIamPolicyResponse. Corresponds to the JSON property access

Returns:

• (String)

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 84

def access
  @access
end

#condition ⇒ Google::Apis::PolicytroubleshooterV1beta::GoogleTypeExpr

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. Corresponds to the JSON property condition

Returns:

• (Google::Apis::PolicytroubleshooterV1beta::GoogleTypeExpr)

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 110

def condition
  @condition
end

#memberships ⇒ Hash<String,Google::Apis::PolicytroubleshooterV1beta::GoogleCloudPolicytroubleshooterV1betaBindingExplanationAnnotatedMembership>

Indicates whether each member in the binding includes the member specified in the request, either directly or indirectly. Each key identifies a member in the binding, and each value indicates whether the member in the binding includes the member in the request. For example, suppose that a binding includes the following members:

• user:alice@example.com
• group:product-eng@example.com You want to troubleshoot access for user:bob@example.com. This user is a member of the group group:product-eng@example.com. For the first member in the binding, the key is user:alice@example.com, and the membership field in the value is set to MEMBERSHIP_NOT_INCLUDED. For the second member in the binding, the key is group:product-eng@example.com, and the membership field in the value is set to MEMBERSHIP_INCLUDED. Corresponds to the JSON property memberships

Returns:

• (Hash<String,Google::Apis::PolicytroubleshooterV1beta::GoogleCloudPolicytroubleshooterV1betaBindingExplanationAnnotatedMembership>)

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 129

def memberships
  @memberships
end

#relevance ⇒ String

The relevance of this binding to the overall determination for the entire policy. Corresponds to the JSON property relevance

Returns:

• (String)

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 135

def relevance
  @relevance
end

#role ⇒ String

The role that this binding grants. For example, roles/compute.serviceAgent. For a complete list of predefined IAM roles, as well as the permissions in each role, see https://cloud.google.com/iam/help/roles/reference. Corresponds to the JSON property role

Returns:

• (String)

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 143

def role
  @role
end

#role_permission ⇒ String

Indicates whether the role granted by this binding contains the specified permission. Corresponds to the JSON property rolePermission

Returns:

• (String)

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 149

def role_permission
  @role_permission
end

#role_permission_relevance ⇒ String

The relevance of the permission's existence, or nonexistence, in the role to the overall determination for the entire policy. Corresponds to the JSON property rolePermissionRelevance

Returns:

• (String)

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 155

def role_permission_relevance
  @role_permission_relevance
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'generated/google/apis/policytroubleshooter_v1beta/classes.rb', line 162

def update!(**args)
  @access = args[:access] if args.key?(:access)
  @condition = args[:condition] if args.key?(:condition)
  @memberships = args[:memberships] if args.key?(:memberships)
  @relevance = args[:relevance] if args.key?(:relevance)
  @role = args[:role] if args.key?(:role)
  @role_permission = args[:role_permission] if args.key?(:role_permission)
  @role_permission_relevance = args[:role_permission_relevance] if args.key?(:role_permission_relevance)
end