genproto: google.golang.org/genproto/googleapis/cloud/policytroubleshooter/v1 Index | Files

package policytroubleshooter

import "google.golang.org/genproto/googleapis/cloud/policytroubleshooter/v1"

Index

Package Files

checker.pb.go explanations.pb.go

Variables

var (
    AccessState_name = map[int32]string{
        0:  "ACCESS_STATE_UNSPECIFIED",
        1:  "GRANTED",
        2:  "NOT_GRANTED",
        3:  "UNKNOWN_CONDITIONAL",
        4:  "UNKNOWN_INFO_DENIED",
    }
    AccessState_value = map[string]int32{
        "ACCESS_STATE_UNSPECIFIED": 0,
        "GRANTED":                  1,
        "NOT_GRANTED":              2,
        "UNKNOWN_CONDITIONAL":      3,
        "UNKNOWN_INFO_DENIED":      4,
    }
)

Enum value maps for AccessState.

var (
    HeuristicRelevance_name = map[int32]string{
        0:  "HEURISTIC_RELEVANCE_UNSPECIFIED",
        1:  "NORMAL",
        2:  "HIGH",
    }
    HeuristicRelevance_value = map[string]int32{
        "HEURISTIC_RELEVANCE_UNSPECIFIED": 0,
        "NORMAL":                          1,
        "HIGH":                            2,
    }
)

Enum value maps for HeuristicRelevance.

var (
    BindingExplanation_RolePermission_name = map[int32]string{
        0:  "ROLE_PERMISSION_UNSPECIFIED",
        1:  "ROLE_PERMISSION_INCLUDED",
        2:  "ROLE_PERMISSION_NOT_INCLUDED",
        3:  "ROLE_PERMISSION_UNKNOWN_INFO_DENIED",
    }
    BindingExplanation_RolePermission_value = map[string]int32{
        "ROLE_PERMISSION_UNSPECIFIED":         0,
        "ROLE_PERMISSION_INCLUDED":            1,
        "ROLE_PERMISSION_NOT_INCLUDED":        2,
        "ROLE_PERMISSION_UNKNOWN_INFO_DENIED": 3,
    }
)

Enum value maps for BindingExplanation_RolePermission.

var (
    BindingExplanation_Membership_name = map[int32]string{
        0:  "MEMBERSHIP_UNSPECIFIED",
        1:  "MEMBERSHIP_INCLUDED",
        2:  "MEMBERSHIP_NOT_INCLUDED",
        3:  "MEMBERSHIP_UNKNOWN_INFO_DENIED",
        4:  "MEMBERSHIP_UNKNOWN_UNSUPPORTED",
    }
    BindingExplanation_Membership_value = map[string]int32{
        "MEMBERSHIP_UNSPECIFIED":         0,
        "MEMBERSHIP_INCLUDED":            1,
        "MEMBERSHIP_NOT_INCLUDED":        2,
        "MEMBERSHIP_UNKNOWN_INFO_DENIED": 3,
        "MEMBERSHIP_UNKNOWN_UNSUPPORTED": 4,
    }
)

Enum value maps for BindingExplanation_Membership.

var File_google_cloud_policytroubleshooter_v1_checker_proto protoreflect.FileDescriptor
var File_google_cloud_policytroubleshooter_v1_explanations_proto protoreflect.FileDescriptor

func RegisterIamCheckerServer Uses

func RegisterIamCheckerServer(s *grpc.Server, srv IamCheckerServer)

type AccessState Uses

type AccessState int32

Whether a member has a permission for a resource.

const (
    // Reserved for future use.
    AccessState_ACCESS_STATE_UNSPECIFIED AccessState = 0
    // The member has the permission.
    AccessState_GRANTED AccessState = 1
    // The member does not have the permission.
    AccessState_NOT_GRANTED AccessState = 2
    // The member has the permission only if a condition expression evaluates to
    // `true`.
    AccessState_UNKNOWN_CONDITIONAL AccessState = 3
    // The sender of the request does not have access to all of the policies that
    // Policy Troubleshooter needs to evaluate.
    AccessState_UNKNOWN_INFO_DENIED AccessState = 4
)

func (AccessState) Descriptor Uses

func (AccessState) Descriptor() protoreflect.EnumDescriptor

func (AccessState) Enum Uses

func (x AccessState) Enum() *AccessState

func (AccessState) EnumDescriptor Uses

func (AccessState) EnumDescriptor() ([]byte, []int)

Deprecated: Use AccessState.Descriptor instead.

func (AccessState) Number Uses

func (x AccessState) Number() protoreflect.EnumNumber

func (AccessState) String Uses

func (x AccessState) String() string

func (AccessState) Type Uses

func (AccessState) Type() protoreflect.EnumType

type AccessTuple Uses

type AccessTuple struct {

    // Required. The member, or principal, whose access you want to check, in the form of
    // the email address that represents that member. For example,
    // `alice@example.com` or
    // `my-service-account@my-project.iam.gserviceaccount.com`.
    //
    // The member must be a Google Account or a service account. Other types of
    // members are not supported.
    Principal string `protobuf:"bytes,1,opt,name=principal,proto3" json:"principal,omitempty"`
    // Required. The full resource name that identifies the resource. For example,
    // `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
    //
    // For examples of full resource names for Google Cloud services, see
    // https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
    FullResourceName string `protobuf:"bytes,2,opt,name=full_resource_name,json=fullResourceName,proto3" json:"full_resource_name,omitempty"`
    // Required. The IAM permission to check for the specified member and resource.
    //
    // For a complete list of IAM permissions, see
    // https://cloud.google.com/iam/help/permissions/reference.
    //
    // For a complete list of predefined IAM roles and the permissions in each
    // role, see https://cloud.google.com/iam/help/roles/reference.
    Permission string `protobuf:"bytes,3,opt,name=permission,proto3" json:"permission,omitempty"`
    // contains filtered or unexported fields
}

Information about the member, resource, and permission to check.

func (*AccessTuple) Descriptor Uses

func (*AccessTuple) Descriptor() ([]byte, []int)

Deprecated: Use AccessTuple.ProtoReflect.Descriptor instead.

func (*AccessTuple) GetFullResourceName Uses

func (x *AccessTuple) GetFullResourceName() string

func (*AccessTuple) GetPermission Uses

func (x *AccessTuple) GetPermission() string

func (*AccessTuple) GetPrincipal Uses

func (x *AccessTuple) GetPrincipal() string

func (*AccessTuple) ProtoMessage Uses

func (*AccessTuple) ProtoMessage()

func (*AccessTuple) ProtoReflect Uses

func (x *AccessTuple) ProtoReflect() protoreflect.Message

func (*AccessTuple) Reset Uses

func (x *AccessTuple) Reset()

func (*AccessTuple) String Uses

func (x *AccessTuple) String() string

type BindingExplanation Uses

type BindingExplanation struct {

    // Required. Indicates whether _this binding_ provides the specified permission to the
    // specified member for the specified resource.
    //
    // This field does _not_ indicate whether the member actually has the
    // permission for the resource. There might be another binding that overrides
    // this binding. To determine whether the member actually has the permission,
    // use the `access` field in the
    // [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
    Access AccessState `protobuf:"varint,1,opt,name=access,proto3,enum=google.cloud.policytroubleshooter.v1.AccessState" json:"access,omitempty"`
    // The role that this binding grants. For example,
    // `roles/compute.serviceAgent`.
    //
    // For a complete list of predefined IAM roles, as well as the permissions in
    // each role, see https://cloud.google.com/iam/help/roles/reference.
    Role string `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"`
    // Indicates whether the role granted by this binding contains the specified
    // permission.
    RolePermission BindingExplanation_RolePermission `protobuf:"varint,3,opt,name=role_permission,json=rolePermission,proto3,enum=google.cloud.policytroubleshooter.v1.BindingExplanation_RolePermission" json:"role_permission,omitempty"`
    // The relevance of the permission's existence, or nonexistence, in the role
    // to the overall determination for the entire policy.
    RolePermissionRelevance HeuristicRelevance `protobuf:"varint,4,opt,name=role_permission_relevance,json=rolePermissionRelevance,proto3,enum=google.cloud.policytroubleshooter.v1.HeuristicRelevance" json:"role_permission_relevance,omitempty"`
    // Indicates whether each member in the binding includes the member specified
    // in the request, either directly or indirectly. Each key identifies a member
    // in the binding, and each value indicates whether the member in the binding
    // includes the member in the request.
    //
    // For example, suppose that a binding includes the following members:
    //
    // * `user:alice@example.com`
    // * `group:product-eng@example.com`
    //
    // You want to troubleshoot access for `user:bob@example.com`. This user is a
    // member of the group `group:product-eng@example.com`.
    //
    // For the first member in the binding, the key is `user:alice@example.com`,
    // and the `membership` field in the value is set to
    // `MEMBERSHIP_NOT_INCLUDED`.
    //
    // For the second member in the binding, the key is
    // `group:product-eng@example.com`, and the `membership` field in the value is
    // set to `MEMBERSHIP_INCLUDED`.
    Memberships map[string]*BindingExplanation_AnnotatedMembership `protobuf:"bytes,5,rep,name=memberships,proto3" json:"memberships,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
    // The relevance of this binding to the overall determination for the entire
    // policy.
    Relevance HeuristicRelevance `protobuf:"varint,6,opt,name=relevance,proto3,enum=google.cloud.policytroubleshooter.v1.HeuristicRelevance" json:"relevance,omitempty"`
    // A condition expression that prevents access unless the expression evaluates
    // to `true`.
    //
    // To learn about IAM Conditions, see
    // http://cloud.google.com/iam/help/conditions/overview.
    Condition *expr.Expr `protobuf:"bytes,7,opt,name=condition,proto3" json:"condition,omitempty"`
    // contains filtered or unexported fields
}

Details about how a binding in a policy affects a member's ability to use a permission.

func (*BindingExplanation) Descriptor Uses

func (*BindingExplanation) Descriptor() ([]byte, []int)

Deprecated: Use BindingExplanation.ProtoReflect.Descriptor instead.

func (*BindingExplanation) GetAccess Uses

func (x *BindingExplanation) GetAccess() AccessState

func (*BindingExplanation) GetCondition Uses

func (x *BindingExplanation) GetCondition() *expr.Expr

func (*BindingExplanation) GetMemberships Uses

func (x *BindingExplanation) GetMemberships() map[string]*BindingExplanation_AnnotatedMembership

func (*BindingExplanation) GetRelevance Uses

func (x *BindingExplanation) GetRelevance() HeuristicRelevance

func (*BindingExplanation) GetRole Uses

func (x *BindingExplanation) GetRole() string

func (*BindingExplanation) GetRolePermission Uses

func (x *BindingExplanation) GetRolePermission() BindingExplanation_RolePermission

func (*BindingExplanation) GetRolePermissionRelevance Uses

func (x *BindingExplanation) GetRolePermissionRelevance() HeuristicRelevance

func (*BindingExplanation) ProtoMessage Uses

func (*BindingExplanation) ProtoMessage()

func (*BindingExplanation) ProtoReflect Uses

func (x *BindingExplanation) ProtoReflect() protoreflect.Message

func (*BindingExplanation) Reset Uses

func (x *BindingExplanation) Reset()

func (*BindingExplanation) String Uses

func (x *BindingExplanation) String() string

type BindingExplanation_AnnotatedMembership Uses

type BindingExplanation_AnnotatedMembership struct {

    // Indicates whether the binding includes the member.
    Membership BindingExplanation_Membership `protobuf:"varint,1,opt,name=membership,proto3,enum=google.cloud.policytroubleshooter.v1.BindingExplanation_Membership" json:"membership,omitempty"`
    // The relevance of the member's status to the overall determination for the
    // binding.
    Relevance HeuristicRelevance `protobuf:"varint,2,opt,name=relevance,proto3,enum=google.cloud.policytroubleshooter.v1.HeuristicRelevance" json:"relevance,omitempty"`
    // contains filtered or unexported fields
}

Details about whether the binding includes the member.

func (*BindingExplanation_AnnotatedMembership) Descriptor Uses

func (*BindingExplanation_AnnotatedMembership) Descriptor() ([]byte, []int)

Deprecated: Use BindingExplanation_AnnotatedMembership.ProtoReflect.Descriptor instead.

func (*BindingExplanation_AnnotatedMembership) GetMembership Uses

func (x *BindingExplanation_AnnotatedMembership) GetMembership() BindingExplanation_Membership

func (*BindingExplanation_AnnotatedMembership) GetRelevance Uses

func (x *BindingExplanation_AnnotatedMembership) GetRelevance() HeuristicRelevance

func (*BindingExplanation_AnnotatedMembership) ProtoMessage Uses

func (*BindingExplanation_AnnotatedMembership) ProtoMessage()

func (*BindingExplanation_AnnotatedMembership) ProtoReflect Uses

func (x *BindingExplanation_AnnotatedMembership) ProtoReflect() protoreflect.Message

func (*BindingExplanation_AnnotatedMembership) Reset Uses

func (x *BindingExplanation_AnnotatedMembership) Reset()

func (*BindingExplanation_AnnotatedMembership) String Uses

func (x *BindingExplanation_AnnotatedMembership) String() string

type BindingExplanation_Membership Uses

type BindingExplanation_Membership int32

Whether the binding includes the member.

const (
    // Reserved for future use.
    BindingExplanation_MEMBERSHIP_UNSPECIFIED BindingExplanation_Membership = 0
    // The binding includes the member. The member can be included directly
    // or indirectly. For example:
    //
    // * A member is included directly if that member is listed in the binding.
    // * A member is included indirectly if that member is in a Google group or
    //   G Suite domain that is listed in the binding.
    BindingExplanation_MEMBERSHIP_INCLUDED BindingExplanation_Membership = 1
    // The binding does not include the member.
    BindingExplanation_MEMBERSHIP_NOT_INCLUDED BindingExplanation_Membership = 2
    // The sender of the request is not allowed to access the binding.
    BindingExplanation_MEMBERSHIP_UNKNOWN_INFO_DENIED BindingExplanation_Membership = 3
    // The member is an unsupported type. Only Google Accounts and service
    // accounts are supported.
    BindingExplanation_MEMBERSHIP_UNKNOWN_UNSUPPORTED BindingExplanation_Membership = 4
)

func (BindingExplanation_Membership) Descriptor Uses

func (BindingExplanation_Membership) Descriptor() protoreflect.EnumDescriptor

func (BindingExplanation_Membership) Enum Uses

func (x BindingExplanation_Membership) Enum() *BindingExplanation_Membership

func (BindingExplanation_Membership) EnumDescriptor Uses

func (BindingExplanation_Membership) EnumDescriptor() ([]byte, []int)

Deprecated: Use BindingExplanation_Membership.Descriptor instead.

func (BindingExplanation_Membership) Number Uses

func (x BindingExplanation_Membership) Number() protoreflect.EnumNumber

func (BindingExplanation_Membership) String Uses

func (x BindingExplanation_Membership) String() string

func (BindingExplanation_Membership) Type Uses

func (BindingExplanation_Membership) Type() protoreflect.EnumType

type BindingExplanation_RolePermission Uses

type BindingExplanation_RolePermission int32

Whether a role includes a specific permission.

const (
    // Reserved for future use.
    BindingExplanation_ROLE_PERMISSION_UNSPECIFIED BindingExplanation_RolePermission = 0
    // The permission is included in the role.
    BindingExplanation_ROLE_PERMISSION_INCLUDED BindingExplanation_RolePermission = 1
    // The permission is not included in the role.
    BindingExplanation_ROLE_PERMISSION_NOT_INCLUDED BindingExplanation_RolePermission = 2
    // The sender of the request is not allowed to access the binding.
    BindingExplanation_ROLE_PERMISSION_UNKNOWN_INFO_DENIED BindingExplanation_RolePermission = 3
)

func (BindingExplanation_RolePermission) Descriptor Uses

func (BindingExplanation_RolePermission) Descriptor() protoreflect.EnumDescriptor

func (BindingExplanation_RolePermission) Enum Uses

func (x BindingExplanation_RolePermission) Enum() *BindingExplanation_RolePermission

func (BindingExplanation_RolePermission) EnumDescriptor Uses

func (BindingExplanation_RolePermission) EnumDescriptor() ([]byte, []int)

Deprecated: Use BindingExplanation_RolePermission.Descriptor instead.

func (BindingExplanation_RolePermission) Number Uses

func (x BindingExplanation_RolePermission) Number() protoreflect.EnumNumber

func (BindingExplanation_RolePermission) String Uses

func (x BindingExplanation_RolePermission) String() string

func (BindingExplanation_RolePermission) Type Uses

func (BindingExplanation_RolePermission) Type() protoreflect.EnumType

type ExplainedPolicy Uses

type ExplainedPolicy struct {

    // Indicates whether _this policy_ provides the specified permission to the
    // specified member for the specified resource.
    //
    // This field does _not_ indicate whether the member actually has the
    // permission for the resource. There might be another policy that overrides
    // this policy. To determine whether the member actually has the permission,
    // use the `access` field in the
    // [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
    Access AccessState `protobuf:"varint,1,opt,name=access,proto3,enum=google.cloud.policytroubleshooter.v1.AccessState" json:"access,omitempty"`
    // The full resource name that identifies the resource. For example,
    // `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
    //
    // If the sender of the request does not have access to the policy, this field
    // is omitted.
    //
    // For examples of full resource names for Google Cloud services, see
    // https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
    FullResourceName string `protobuf:"bytes,2,opt,name=full_resource_name,json=fullResourceName,proto3" json:"full_resource_name,omitempty"`
    // The IAM policy attached to the resource.
    //
    // If the sender of the request does not have access to the policy, this field
    // is empty.
    Policy *v1.Policy `protobuf:"bytes,3,opt,name=policy,proto3" json:"policy,omitempty"`
    // Details about how each binding in the policy affects the member's ability,
    // or inability, to use the permission for the resource.
    //
    // If the sender of the request does not have access to the policy, this field
    // is omitted.
    BindingExplanations []*BindingExplanation `protobuf:"bytes,4,rep,name=binding_explanations,json=bindingExplanations,proto3" json:"binding_explanations,omitempty"`
    // The relevance of this policy to the overall determination in the
    // [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
    //
    // If the sender of the request does not have access to the policy, this field
    // is omitted.
    Relevance HeuristicRelevance `protobuf:"varint,5,opt,name=relevance,proto3,enum=google.cloud.policytroubleshooter.v1.HeuristicRelevance" json:"relevance,omitempty"`
    // contains filtered or unexported fields
}

Details about how a specific IAM [Policy][google.iam.v1.Policy] contributed to the access check.

func (*ExplainedPolicy) Descriptor Uses

func (*ExplainedPolicy) Descriptor() ([]byte, []int)

Deprecated: Use ExplainedPolicy.ProtoReflect.Descriptor instead.

func (*ExplainedPolicy) GetAccess Uses

func (x *ExplainedPolicy) GetAccess() AccessState

func (*ExplainedPolicy) GetBindingExplanations Uses

func (x *ExplainedPolicy) GetBindingExplanations() []*BindingExplanation

func (*ExplainedPolicy) GetFullResourceName Uses

func (x *ExplainedPolicy) GetFullResourceName() string

func (*ExplainedPolicy) GetPolicy Uses

func (x *ExplainedPolicy) GetPolicy() *v1.Policy

func (*ExplainedPolicy) GetRelevance Uses

func (x *ExplainedPolicy) GetRelevance() HeuristicRelevance

func (*ExplainedPolicy) ProtoMessage Uses

func (*ExplainedPolicy) ProtoMessage()

func (*ExplainedPolicy) ProtoReflect Uses

func (x *ExplainedPolicy) ProtoReflect() protoreflect.Message

func (*ExplainedPolicy) Reset Uses

func (x *ExplainedPolicy) Reset()

func (*ExplainedPolicy) String Uses

func (x *ExplainedPolicy) String() string

type HeuristicRelevance Uses

type HeuristicRelevance int32

The extent to which a single data point contributes to an overall determination.

const (
    // Reserved for future use.
    HeuristicRelevance_HEURISTIC_RELEVANCE_UNSPECIFIED HeuristicRelevance = 0
    // The data point has a limited effect on the result. Changing the data point
    // is unlikely to affect the overall determination.
    HeuristicRelevance_NORMAL HeuristicRelevance = 1
    // The data point has a strong effect on the result. Changing the data point
    // is likely to affect the overall determination.
    HeuristicRelevance_HIGH HeuristicRelevance = 2
)

func (HeuristicRelevance) Descriptor Uses

func (HeuristicRelevance) Descriptor() protoreflect.EnumDescriptor

func (HeuristicRelevance) Enum Uses

func (x HeuristicRelevance) Enum() *HeuristicRelevance

func (HeuristicRelevance) EnumDescriptor Uses

func (HeuristicRelevance) EnumDescriptor() ([]byte, []int)

Deprecated: Use HeuristicRelevance.Descriptor instead.

func (HeuristicRelevance) Number Uses

func (x HeuristicRelevance) Number() protoreflect.EnumNumber

func (HeuristicRelevance) String Uses

func (x HeuristicRelevance) String() string

func (HeuristicRelevance) Type Uses

func (HeuristicRelevance) Type() protoreflect.EnumType

type IamCheckerClient Uses

type IamCheckerClient interface {
    // Checks whether a member has a specific permission for a specific resource,
    // and explains why the member does or does not have that permission.
    TroubleshootIamPolicy(ctx context.Context, in *TroubleshootIamPolicyRequest, opts ...grpc.CallOption) (*TroubleshootIamPolicyResponse, error)
}

IamCheckerClient is the client API for IamChecker service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

func NewIamCheckerClient Uses

func NewIamCheckerClient(cc grpc.ClientConnInterface) IamCheckerClient

type IamCheckerServer Uses

type IamCheckerServer interface {
    // Checks whether a member has a specific permission for a specific resource,
    // and explains why the member does or does not have that permission.
    TroubleshootIamPolicy(context.Context, *TroubleshootIamPolicyRequest) (*TroubleshootIamPolicyResponse, error)
}

IamCheckerServer is the server API for IamChecker service.

type TroubleshootIamPolicyRequest Uses

type TroubleshootIamPolicyRequest struct {

    // The information to use for checking whether a member has a permission for a
    // resource.
    AccessTuple *AccessTuple `protobuf:"bytes,1,opt,name=access_tuple,json=accessTuple,proto3" json:"access_tuple,omitempty"`
    // contains filtered or unexported fields
}

Request for [TroubleshootIamPolicy][google.cloud.policytroubleshooter.v1.IamChecker.TroubleshootIamPolicy].

func (*TroubleshootIamPolicyRequest) Descriptor Uses

func (*TroubleshootIamPolicyRequest) Descriptor() ([]byte, []int)

Deprecated: Use TroubleshootIamPolicyRequest.ProtoReflect.Descriptor instead.

func (*TroubleshootIamPolicyRequest) GetAccessTuple Uses

func (x *TroubleshootIamPolicyRequest) GetAccessTuple() *AccessTuple

func (*TroubleshootIamPolicyRequest) ProtoMessage Uses

func (*TroubleshootIamPolicyRequest) ProtoMessage()

func (*TroubleshootIamPolicyRequest) ProtoReflect Uses

func (x *TroubleshootIamPolicyRequest) ProtoReflect() protoreflect.Message

func (*TroubleshootIamPolicyRequest) Reset Uses

func (x *TroubleshootIamPolicyRequest) Reset()

func (*TroubleshootIamPolicyRequest) String Uses

func (x *TroubleshootIamPolicyRequest) String() string

type TroubleshootIamPolicyResponse Uses

type TroubleshootIamPolicyResponse struct {

    // Indicates whether the member has the specified permission for the specified
    // resource, based on evaluating all of the applicable IAM policies.
    Access AccessState `protobuf:"varint,1,opt,name=access,proto3,enum=google.cloud.policytroubleshooter.v1.AccessState" json:"access,omitempty"`
    // List of IAM policies that were evaluated to check the member's permissions,
    // with annotations to indicate how each policy contributed to the final
    // result.
    //
    // The list of policies can include the policy for the resource itself. It can
    // also include policies that are inherited from higher levels of the resource
    // hierarchy, including the organization, the folder, and the project.
    //
    // To learn more about the resource hierarchy, see
    // https://cloud.google.com/iam/help/resource-hierarchy.
    ExplainedPolicies []*ExplainedPolicy `protobuf:"bytes,2,rep,name=explained_policies,json=explainedPolicies,proto3" json:"explained_policies,omitempty"`
    // contains filtered or unexported fields
}

Response for [TroubleshootIamPolicy][google.cloud.policytroubleshooter.v1.IamChecker.TroubleshootIamPolicy].

func (*TroubleshootIamPolicyResponse) Descriptor Uses

func (*TroubleshootIamPolicyResponse) Descriptor() ([]byte, []int)

Deprecated: Use TroubleshootIamPolicyResponse.ProtoReflect.Descriptor instead.

func (*TroubleshootIamPolicyResponse) GetAccess Uses

func (x *TroubleshootIamPolicyResponse) GetAccess() AccessState

func (*TroubleshootIamPolicyResponse) GetExplainedPolicies Uses

func (x *TroubleshootIamPolicyResponse) GetExplainedPolicies() []*ExplainedPolicy

func (*TroubleshootIamPolicyResponse) ProtoMessage Uses

func (*TroubleshootIamPolicyResponse) ProtoMessage()

func (*TroubleshootIamPolicyResponse) ProtoReflect Uses

func (x *TroubleshootIamPolicyResponse) ProtoReflect() protoreflect.Message

func (*TroubleshootIamPolicyResponse) Reset Uses

func (x *TroubleshootIamPolicyResponse) Reset()

func (*TroubleshootIamPolicyResponse) String Uses

func (x *TroubleshootIamPolicyResponse) String() string

type UnimplementedIamCheckerServer Uses

type UnimplementedIamCheckerServer struct {
}

UnimplementedIamCheckerServer can be embedded to have forward compatible implementations.

func (*UnimplementedIamCheckerServer) TroubleshootIamPolicy Uses

func (*UnimplementedIamCheckerServer) TroubleshootIamPolicy(context.Context, *TroubleshootIamPolicyRequest) (*TroubleshootIamPolicyResponse, error)

Package policytroubleshooter imports 12 packages (graph) and is imported by 1 packages. Updated 2020-09-28. Refresh now. Tools for package owners.