public sealed class AccessTuple : IMessage<AccessTuple>, IEquatable<AccessTuple>, IDeepCloneable<AccessTuple>, IBufferMessage, IMessageReference documentation and code samples for the Policy Troubleshooter v3 API class AccessTuple.
Information about the principal, resource, and permission to check.
Implements
IMessageAccessTuple, IEquatableAccessTuple, IDeepCloneableAccessTuple, IBufferMessage, IMessageNamespace
Google.Cloud.PolicyTroubleshooter.Iam.V3Assembly
Google.Cloud.PolicyTroubleshooter.Iam.V3.dll
Constructors
AccessTuple()
public AccessTuple()AccessTuple(AccessTuple)
public AccessTuple(AccessTuple other)| Parameter | |
|---|---|
| Name | Description |
other |
AccessTuple |
Properties
ConditionContext
public ConditionContext ConditionContext { get; set; }Optional. Additional context for the request, such as the request time or IP address. This context allows Policy Troubleshooter to troubleshoot conditional role bindings and deny rules.
| Property Value | |
|---|---|
| Type | Description |
ConditionContext |
|
FullResourceName
public string FullResourceName { get; set; }Required. The full resource name that identifies the resource. For example,
//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance.
For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
| Property Value | |
|---|---|
| Type | Description |
string |
|
Permission
public string Permission { get; set; }Required. The IAM permission to check for, either in the v1 permission
format or the v2 permission format.
For a complete list of IAM permissions in the v1 format, see
https://cloud.google.com/iam/help/permissions/reference.
For a list of IAM permissions in the v2 format, see
https://cloud.google.com/iam/help/deny/supported-permissions.
For a complete list of predefined IAM roles and the permissions in each role, see https://cloud.google.com/iam/help/roles/reference.
| Property Value | |
|---|---|
| Type | Description |
string |
|
PermissionFqdn
public string PermissionFqdn { get; set; }Output only. The permission that Policy Troubleshooter checked for, in
the v2 format.
| Property Value | |
|---|---|
| Type | Description |
string |
|
Principal
public string Principal { get; set; }Required. The email address of the principal whose access you want to
check. For example, alice@example.com or
my-service-account@my-project.iam.gserviceaccount.com.
The principal must be a Google Account or a service account. Other types of principals are not supported.
| Property Value | |
|---|---|
| Type | Description |
string |
|