Reference documentation and code samples for the Google Cloud Policy Troubleshooter Iam V3 Client class AccessTuple.
Information about the principal, resource, and permission to check.
Generated from protobuf message google.cloud.policytroubleshooter.iam.v3.AccessTuple
Namespace
Google \ Cloud \ PolicyTroubleshooter \ Iam \ V3Methods
__construct
Constructor.
| Parameters | |
|---|---|
| Name | Description | 
| data | arrayOptional. Data for populating the Message object. | 
| ↳ principal | stringRequired. The email address of the principal whose access you want to check. For example,  | 
| ↳ full_resource_name | stringRequired. The full resource name that identifies the resource. For example,  | 
| ↳ permission | stringRequired. The IAM permission to check for, either in the  | 
| ↳ permission_fqdn | stringOutput only. The permission that Policy Troubleshooter checked for, in the  | 
| ↳ condition_context | ConditionContextOptional. Additional context for the request, such as the request time or IP address. This context allows Policy Troubleshooter to troubleshoot conditional role bindings and deny rules. | 
getPrincipal
Required. The email address of the principal whose access you want to
check. For example, alice@example.com or
my-service-account@my-project.iam.gserviceaccount.com.
The principal must be a Google Account or a service account. Other types of principals are not supported.
| Returns | |
|---|---|
| Type | Description | 
| string | |
setPrincipal
Required. The email address of the principal whose access you want to
check. For example, alice@example.com or
my-service-account@my-project.iam.gserviceaccount.com.
The principal must be a Google Account or a service account. Other types of principals are not supported.
| Parameter | |
|---|---|
| Name | Description | 
| var | string | 
| Returns | |
|---|---|
| Type | Description | 
| $this | |
getFullResourceName
Required. The full resource name that identifies the resource. For example,
//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance.
For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
| Returns | |
|---|---|
| Type | Description | 
| string | |
setFullResourceName
Required. The full resource name that identifies the resource. For example,
//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance.
For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
| Parameter | |
|---|---|
| Name | Description | 
| var | string | 
| Returns | |
|---|---|
| Type | Description | 
| $this | |
getPermission
Required. The IAM permission to check for, either in the v1 permission
format or the v2 permission format.
For a complete list of IAM permissions in the v1 format, see
https://cloud.google.com/iam/help/permissions/reference.
For a list of IAM permissions in the v2 format, see
https://cloud.google.com/iam/help/deny/supported-permissions.
For a complete list of predefined IAM roles and the permissions in each
role, see https://cloud.google.com/iam/help/roles/reference.
| Returns | |
|---|---|
| Type | Description | 
| string | |
setPermission
Required. The IAM permission to check for, either in the v1 permission
format or the v2 permission format.
For a complete list of IAM permissions in the v1 format, see
https://cloud.google.com/iam/help/permissions/reference.
For a list of IAM permissions in the v2 format, see
https://cloud.google.com/iam/help/deny/supported-permissions.
For a complete list of predefined IAM roles and the permissions in each
role, see https://cloud.google.com/iam/help/roles/reference.
| Parameter | |
|---|---|
| Name | Description | 
| var | string | 
| Returns | |
|---|---|
| Type | Description | 
| $this | |
getPermissionFqdn
Output only. The permission that Policy Troubleshooter checked for, in
the v2 format.
| Returns | |
|---|---|
| Type | Description | 
| string | |
setPermissionFqdn
Output only. The permission that Policy Troubleshooter checked for, in
the v2 format.
| Parameter | |
|---|---|
| Name | Description | 
| var | string | 
| Returns | |
|---|---|
| Type | Description | 
| $this | |
getConditionContext
Optional. Additional context for the request, such as the request time or IP address. This context allows Policy Troubleshooter to troubleshoot conditional role bindings and deny rules.
| Returns | |
|---|---|
| Type | Description | 
| ConditionContext|null | |
hasConditionContext
clearConditionContext
setConditionContext
Optional. Additional context for the request, such as the request time or IP address. This context allows Policy Troubleshooter to troubleshoot conditional role bindings and deny rules.
| Parameter | |
|---|---|
| Name | Description | 
| var | ConditionContext | 
| Returns | |
|---|---|
| Type | Description | 
| $this | |