allowAccessState property

Indicates whether this role binding gives the specified permission to the specified principal on the specified resource.

This field does not indicate whether the principal actually has the permission on the resource. There might be another role binding that overrides this role binding. To determine whether the principal actually has the permission, use the overall_access_state field in the TroubleshootIamPolicyResponse.

Required. Possible string values are:

• "ALLOW_ACCESS_STATE_UNSPECIFIED" : Not specified.
• "ALLOW_ACCESS_STATE_GRANTED" : The allow policy gives the principal the permission.
• "ALLOW_ACCESS_STATE_NOT_GRANTED" : The allow policy doesn't give the principal the permission.
• "ALLOW_ACCESS_STATE_UNKNOWN_CONDITIONAL" : The allow policy gives the principal the permission if a condition expression evaluate to true. However, the sender of the request didn't provide enough context for Policy Troubleshooter to evaluate the condition expression.
• "ALLOW_ACCESS_STATE_UNKNOWN_INFO" : The sender of the request doesn't have access to all of the allow policies that Policy Troubleshooter needs to evaluate the principal's access.