policytroubleshooter/v3 library

Policy Troubleshooter API - v3

For more information, see cloud.google.com/iam/

Create an instance of PolicyTroubleshooterApi to access these resources:

Classes

GoogleCloudPolicytroubleshooterIamV3AccessTuple
Information about the principal, resource, and permission to check.
GoogleCloudPolicytroubleshooterIamV3AllowBindingExplanation
Details about how a role binding in an allow policy affects a principal's ability to use a permission.
GoogleCloudPolicytroubleshooterIamV3AllowBindingExplanationAnnotatedAllowMembership
Details about whether the role binding includes the principal.
GoogleCloudPolicytroubleshooterIamV3AllowPolicyExplanation
Details about how the relevant IAM allow policies affect the final access state.
GoogleCloudPolicytroubleshooterIamV3ConditionContext
Additional context for troubleshooting conditional role bindings and deny rules.
GoogleCloudPolicytroubleshooterIamV3ConditionContextEffectiveTag
A tag that applies to a resource during policy evaluation.
GoogleCloudPolicytroubleshooterIamV3ConditionContextPeer
This message defines attributes for a node that handles a network request.
GoogleCloudPolicytroubleshooterIamV3ConditionContextRequest
This message defines attributes for an HTTP request.
GoogleCloudPolicytroubleshooterIamV3ConditionContextResource
Core attributes for a resource.
GoogleCloudPolicytroubleshooterIamV3ConditionExplanation
Explanation for how a condition affects a principal's access
GoogleCloudPolicytroubleshooterIamV3ConditionExplanationEvaluationState
Evaluated state of a condition expression.
GoogleCloudPolicytroubleshooterIamV3DenyPolicyExplanation
Details about how the relevant IAM deny policies affect the final access state.
GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanation
Details about how a deny rule in a deny policy affects a principal's ability to use a permission.
GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedDenyPrincipalMatching
Details about whether the principal in the request is listed as a denied principal in the deny rule, either directly or through membership in a principal set.
GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedPermissionMatching
Details about whether the permission in the request is denied by the deny rule.
GoogleCloudPolicytroubleshooterIamV3ExplainedAllowPolicy
Details about how a specific IAM allow policy contributed to the final access state.
GoogleCloudPolicytroubleshooterIamV3ExplainedDenyPolicy
Details about how a specific IAM deny policy Policy contributed to the access check.
GoogleCloudPolicytroubleshooterIamV3ExplainedDenyResource
Details about how a specific resource contributed to the deny policy evaluation.
GoogleCloudPolicytroubleshooterIamV3TroubleshootIamPolicyRequest
Request for TroubleshootIamPolicy.
GoogleCloudPolicytroubleshooterIamV3TroubleshootIamPolicyResponse
Response for TroubleshootIamPolicy.
GoogleIamV1AuditConfig
Specifies the audit configuration for a service.
GoogleIamV1Binding
Associates members, or principals, with a role.
GoogleIamV1Policy
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
GoogleIamV2DenyRule
A deny rule in an IAM deny policy.
GoogleIamV2Policy
Data for an IAM policy.
GoogleIamV2PolicyRule
A single rule in a Policy.
IamResource
PolicyTroubleshooterApi

Typedefs

GoogleIamV1AuditLogConfig = $AuditLogConfig
Provides the configuration for logging a type of permissions.
GoogleRpcStatus = $Status00
The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs.
GoogleTypeExpr = $Expr
Represents a textual expression in the Common Expression Language (CEL) syntax.

Exceptions / Errors

ApiRequestError
Represents a general error reported by the API endpoint.
DetailedApiRequestError
Represents a specific error reported by the API endpoint.