Package com.google.cloud.policysimulator.v1

Class ExplainedPolicy

  • All Implemented Interfaces:
    ExplainedPolicyOrBuilder, com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, Serializable
    public final class ExplainedPolicy
extends com.google.protobuf.GeneratedMessageV3
implements ExplainedPolicyOrBuilder
     Details about how a specific IAM [Policy][google.iam.v1.Policy] contributed
 to the access check.
    Protobuf type google.cloud.policysimulator.v1.ExplainedPolicy
    See Also:
    Serialized Form

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description
      static class  ExplainedPolicy.Builder
      Details about how a specific IAM [Policy][google.iam.v1.Policy] contributed to the access check.

      • Nested classes/interfaces inherited from class com.google.protobuf.GeneratedMessageV3

        com.google.protobuf.GeneratedMessageV3.BuilderParent, com.google.protobuf.GeneratedMessageV3.ExtendableBuilder<MessageT extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT>,​BuilderT extends com.google.protobuf.GeneratedMessageV3.ExtendableBuilder<MessageT,​BuilderT>>, com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT>>, com.google.protobuf.GeneratedMessageV3.ExtendableMessageOrBuilder<MessageT extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT>>, com.google.protobuf.GeneratedMessageV3.FieldAccessorTable, com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter

      • Nested classes/interfaces inherited from class com.google.protobuf.AbstractMessageLite

        com.google.protobuf.AbstractMessageLite.InternalOneOfEnum

    • Field Detail

      • FULL_RESOURCE_NAME_FIELD_NUMBER

        public static final int FULL_RESOURCE_NAME_FIELD_NUMBER
        See Also:
        Constant Field Values

      • BINDING_EXPLANATIONS_FIELD_NUMBER

        public static final int BINDING_EXPLANATIONS_FIELD_NUMBER
        See Also:
        Constant Field Values

    • Method Detail

      • newInstance

        protected Object newInstance​(com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter unused)
        Overrides:
        newInstance in class com.google.protobuf.GeneratedMessageV3

      • getDescriptor

        public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

      • internalGetFieldAccessorTable

        protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
        Specified by:
        internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3

      • getAccessValue

        public int getAccessValue()
         Indicates whether _this policy_ provides the specified permission to the
 specified principal for the specified resource.

 This field does _not_ indicate whether the principal actually has the
 permission for the resource. There might be another policy that overrides
 this policy. To determine whether the principal actually has the
 permission, use the `access` field in the
 [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
        .google.cloud.policysimulator.v1.AccessState access = 1;
        Specified by:
        getAccessValue in interface ExplainedPolicyOrBuilder
        Returns:
        The enum numeric value on the wire for access.

      • getAccess

        public AccessState getAccess()
         Indicates whether _this policy_ provides the specified permission to the
 specified principal for the specified resource.

 This field does _not_ indicate whether the principal actually has the
 permission for the resource. There might be another policy that overrides
 this policy. To determine whether the principal actually has the
 permission, use the `access` field in the
 [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
        .google.cloud.policysimulator.v1.AccessState access = 1;
        Specified by:
        getAccess in interface ExplainedPolicyOrBuilder
        Returns:
        The access.

      • getFullResourceName

        public String getFullResourceName()
         The full resource name that identifies the resource. For example,
 `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.

 If the user who created the
 [Replay][google.cloud.policysimulator.v1.Replay] does not have
 access to the policy, this field is omitted.

 For examples of full resource names for Google Cloud services, see
 https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
        string full_resource_name = 2;
        Specified by:
        getFullResourceName in interface ExplainedPolicyOrBuilder
        Returns:
        The fullResourceName.

      • getFullResourceNameBytes

        public com.google.protobuf.ByteString getFullResourceNameBytes()
         The full resource name that identifies the resource. For example,
 `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.

 If the user who created the
 [Replay][google.cloud.policysimulator.v1.Replay] does not have
 access to the policy, this field is omitted.

 For examples of full resource names for Google Cloud services, see
 https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
        string full_resource_name = 2;
        Specified by:
        getFullResourceNameBytes in interface ExplainedPolicyOrBuilder
        Returns:
        The bytes for fullResourceName.

      • hasPolicy

        public boolean hasPolicy()
         The IAM policy attached to the resource.

 If the user who created the
 [Replay][google.cloud.policysimulator.v1.Replay] does not have
 access to the policy, this field is empty.
        .google.iam.v1.Policy policy = 3;
        Specified by:
        hasPolicy in interface ExplainedPolicyOrBuilder
        Returns:
        Whether the policy field is set.

      • getPolicy

        public com.google.iam.v1.Policy getPolicy()
         The IAM policy attached to the resource.

 If the user who created the
 [Replay][google.cloud.policysimulator.v1.Replay] does not have
 access to the policy, this field is empty.
        .google.iam.v1.Policy policy = 3;
        Specified by:
        getPolicy in interface ExplainedPolicyOrBuilder
        Returns:
        The policy.

      • getPolicyOrBuilder

        public com.google.iam.v1.PolicyOrBuilder getPolicyOrBuilder()
         The IAM policy attached to the resource.

 If the user who created the
 [Replay][google.cloud.policysimulator.v1.Replay] does not have
 access to the policy, this field is empty.
        .google.iam.v1.Policy policy = 3;
        Specified by:
        getPolicyOrBuilder in interface ExplainedPolicyOrBuilder

      • getBindingExplanationsList

        public List<BindingExplanation> getBindingExplanationsList()
         Details about how each binding in the policy affects the principal's
 ability, or inability, to use the permission for the resource.

 If the user who created the
 [Replay][google.cloud.policysimulator.v1.Replay] does not have
 access to the policy, this field is omitted.
        repeated .google.cloud.policysimulator.v1.BindingExplanation binding_explanations = 4;
        Specified by:
        getBindingExplanationsList in interface ExplainedPolicyOrBuilder

      • getBindingExplanationsOrBuilderList

        public List<? extends BindingExplanationOrBuilder> getBindingExplanationsOrBuilderList()
         Details about how each binding in the policy affects the principal's
 ability, or inability, to use the permission for the resource.

 If the user who created the
 [Replay][google.cloud.policysimulator.v1.Replay] does not have
 access to the policy, this field is omitted.
        repeated .google.cloud.policysimulator.v1.BindingExplanation binding_explanations = 4;
        Specified by:
        getBindingExplanationsOrBuilderList in interface ExplainedPolicyOrBuilder

      • getBindingExplanationsCount

        public int getBindingExplanationsCount()
         Details about how each binding in the policy affects the principal's
 ability, or inability, to use the permission for the resource.

 If the user who created the
 [Replay][google.cloud.policysimulator.v1.Replay] does not have
 access to the policy, this field is omitted.
        repeated .google.cloud.policysimulator.v1.BindingExplanation binding_explanations = 4;
        Specified by:
        getBindingExplanationsCount in interface ExplainedPolicyOrBuilder

      • getBindingExplanations

        public BindingExplanation getBindingExplanations​(int index)
         Details about how each binding in the policy affects the principal's
 ability, or inability, to use the permission for the resource.

 If the user who created the
 [Replay][google.cloud.policysimulator.v1.Replay] does not have
 access to the policy, this field is omitted.
        repeated .google.cloud.policysimulator.v1.BindingExplanation binding_explanations = 4;
        Specified by:
        getBindingExplanations in interface ExplainedPolicyOrBuilder

      • getBindingExplanationsOrBuilder

        public BindingExplanationOrBuilder getBindingExplanationsOrBuilder​(int index)
         Details about how each binding in the policy affects the principal's
 ability, or inability, to use the permission for the resource.

 If the user who created the
 [Replay][google.cloud.policysimulator.v1.Replay] does not have
 access to the policy, this field is omitted.
        repeated .google.cloud.policysimulator.v1.BindingExplanation binding_explanations = 4;
        Specified by:
        getBindingExplanationsOrBuilder in interface ExplainedPolicyOrBuilder

      • getRelevanceValue

        public int getRelevanceValue()
         The relevance of this policy to the overall determination in the
 [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].

 If the user who created the
 [Replay][google.cloud.policysimulator.v1.Replay] does not have
 access to the policy, this field is omitted.
        .google.cloud.policysimulator.v1.HeuristicRelevance relevance = 5;
        Specified by:
        getRelevanceValue in interface ExplainedPolicyOrBuilder
        Returns:
        The enum numeric value on the wire for relevance.

      • getRelevance

        public HeuristicRelevance getRelevance()
         The relevance of this policy to the overall determination in the
 [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].

 If the user who created the
 [Replay][google.cloud.policysimulator.v1.Replay] does not have
 access to the policy, this field is omitted.
        .google.cloud.policysimulator.v1.HeuristicRelevance relevance = 5;
        Specified by:
        getRelevance in interface ExplainedPolicyOrBuilder
        Returns:
        The relevance.

      • isInitialized

        public final boolean isInitialized()
        Specified by:
        isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
        Overrides:
        isInitialized in class com.google.protobuf.GeneratedMessageV3

      • writeTo

        public void writeTo​(com.google.protobuf.CodedOutputStream output)
             throws IOException
        Specified by:
        writeTo in interface com.google.protobuf.MessageLite
        Overrides:
        writeTo in class com.google.protobuf.GeneratedMessageV3
        Throws:
        IOException

      • getSerializedSize

        public int getSerializedSize()
        Specified by:
        getSerializedSize in interface com.google.protobuf.MessageLite
        Overrides:
        getSerializedSize in class com.google.protobuf.GeneratedMessageV3

      • equals

        public boolean equals​(Object obj)
        Specified by:
        equals in interface com.google.protobuf.Message
        Overrides:
        equals in class com.google.protobuf.AbstractMessage

      • hashCode

        public int hashCode()
        Specified by:
        hashCode in interface com.google.protobuf.Message
        Overrides:
        hashCode in class com.google.protobuf.AbstractMessage

      • parseFrom

        public static ExplainedPolicy parseFrom​(ByteBuffer data)
                                 throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static ExplainedPolicy parseFrom​(ByteBuffer data,
                                        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                 throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static ExplainedPolicy parseFrom​(com.google.protobuf.ByteString data)
                                 throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static ExplainedPolicy parseFrom​(com.google.protobuf.ByteString data,
                                        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                 throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static ExplainedPolicy parseFrom​(byte[] data)
                                 throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static ExplainedPolicy parseFrom​(byte[] data,
                                        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                 throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static ExplainedPolicy parseFrom​(com.google.protobuf.CodedInputStream input,
                                        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                 throws IOException
        Throws:
        IOException

      • newBuilderForType

        public ExplainedPolicy.Builder newBuilderForType()
        Specified by:
        newBuilderForType in interface com.google.protobuf.Message
        Specified by:
        newBuilderForType in interface com.google.protobuf.MessageLite

      • toBuilder

        public ExplainedPolicy.Builder toBuilder()
        Specified by:
        toBuilder in interface com.google.protobuf.Message
        Specified by:
        toBuilder in interface com.google.protobuf.MessageLite

      • newBuilderForType

        protected ExplainedPolicy.Builder newBuilderForType​(com.google.protobuf.GeneratedMessageV3.BuilderParent parent)
        Specified by:
        newBuilderForType in class com.google.protobuf.GeneratedMessageV3

      • parser

        public static com.google.protobuf.Parser<ExplainedPolicy> parser()

      • getParserForType

        public com.google.protobuf.Parser<ExplainedPolicy> getParserForType()
        Specified by:
        getParserForType in interface com.google.protobuf.Message
        Specified by:
        getParserForType in interface com.google.protobuf.MessageLite
        Overrides:
        getParserForType in class com.google.protobuf.GeneratedMessageV3

      • getDefaultInstanceForType

        public ExplainedPolicy getDefaultInstanceForType()
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder