google-apis-policytroubleshooter_v3 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.yardopts +13 -0
- data/CHANGELOG.md +7 -0
- data/LICENSE.md +202 -0
- data/OVERVIEW.md +96 -0
- data/lib/google/apis/policytroubleshooter_v3/classes.rb +1585 -0
- data/lib/google/apis/policytroubleshooter_v3/gem_version.rb +28 -0
- data/lib/google/apis/policytroubleshooter_v3/representations.rb +529 -0
- data/lib/google/apis/policytroubleshooter_v3/service.rb +94 -0
- data/lib/google/apis/policytroubleshooter_v3.rb +36 -0
- data/lib/google-apis-policytroubleshooter_v3.rb +15 -0
- metadata +79 -0
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
# Copyright 2020 Google LLC
|
|
2
|
+
#
|
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
# you may not use this file except in compliance with the License.
|
|
5
|
+
# You may obtain a copy of the License at
|
|
6
|
+
#
|
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
#
|
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
# See the License for the specific language governing permissions and
|
|
13
|
+
# limitations under the License.
|
|
14
|
+
|
|
15
|
+
module Google
|
|
16
|
+
module Apis
|
|
17
|
+
module PolicytroubleshooterV3
|
|
18
|
+
# Version of the google-apis-policytroubleshooter_v3 gem
|
|
19
|
+
GEM_VERSION = "0.1.0"
|
|
20
|
+
|
|
21
|
+
# Version of the code generator used to generate this client
|
|
22
|
+
GENERATOR_VERSION = "0.18.0"
|
|
23
|
+
|
|
24
|
+
# Revision of the discovery document this client was generated from
|
|
25
|
+
REVISION = "20260111"
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
@@ -0,0 +1,529 @@
|
|
|
1
|
+
# Copyright 2020 Google LLC
|
|
2
|
+
#
|
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
# you may not use this file except in compliance with the License.
|
|
5
|
+
# You may obtain a copy of the License at
|
|
6
|
+
#
|
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
#
|
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
# See the License for the specific language governing permissions and
|
|
13
|
+
# limitations under the License.
|
|
14
|
+
|
|
15
|
+
require 'date'
|
|
16
|
+
require 'google/apis/core/base_service'
|
|
17
|
+
require 'google/apis/core/json_representation'
|
|
18
|
+
require 'google/apis/core/hashable'
|
|
19
|
+
require 'google/apis/errors'
|
|
20
|
+
|
|
21
|
+
module Google
|
|
22
|
+
module Apis
|
|
23
|
+
module PolicytroubleshooterV3
|
|
24
|
+
|
|
25
|
+
class GoogleCloudPolicytroubleshooterIamV3AccessTuple
|
|
26
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
27
|
+
|
|
28
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
class GoogleCloudPolicytroubleshooterIamV3AllowBindingExplanation
|
|
32
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
33
|
+
|
|
34
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
class GoogleCloudPolicytroubleshooterIamV3AllowBindingExplanationAnnotatedAllowMembership
|
|
38
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
39
|
+
|
|
40
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
class GoogleCloudPolicytroubleshooterIamV3AllowPolicyExplanation
|
|
44
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
45
|
+
|
|
46
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
class GoogleCloudPolicytroubleshooterIamV3ConditionContext
|
|
50
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
51
|
+
|
|
52
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
class GoogleCloudPolicytroubleshooterIamV3ConditionContextEffectiveTag
|
|
56
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
57
|
+
|
|
58
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
class GoogleCloudPolicytroubleshooterIamV3ConditionContextPeer
|
|
62
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
63
|
+
|
|
64
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
class GoogleCloudPolicytroubleshooterIamV3ConditionContextRequest
|
|
68
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
69
|
+
|
|
70
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
class GoogleCloudPolicytroubleshooterIamV3ConditionContextResource
|
|
74
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
75
|
+
|
|
76
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
class GoogleCloudPolicytroubleshooterIamV3ConditionExplanation
|
|
80
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
81
|
+
|
|
82
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
class GoogleCloudPolicytroubleshooterIamV3ConditionExplanationEvaluationState
|
|
86
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
87
|
+
|
|
88
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
class GoogleCloudPolicytroubleshooterIamV3DenyPolicyExplanation
|
|
92
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
93
|
+
|
|
94
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
class GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanation
|
|
98
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
99
|
+
|
|
100
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
class GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedDenyPrincipalMatching
|
|
104
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
105
|
+
|
|
106
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
107
|
+
end
|
|
108
|
+
|
|
109
|
+
class GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedPermissionMatching
|
|
110
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
111
|
+
|
|
112
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
class GoogleCloudPolicytroubleshooterIamV3ExplainedAllowPolicy
|
|
116
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
117
|
+
|
|
118
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
class GoogleCloudPolicytroubleshooterIamV3ExplainedDenyPolicy
|
|
122
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
123
|
+
|
|
124
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
125
|
+
end
|
|
126
|
+
|
|
127
|
+
class GoogleCloudPolicytroubleshooterIamV3ExplainedDenyResource
|
|
128
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
129
|
+
|
|
130
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
131
|
+
end
|
|
132
|
+
|
|
133
|
+
class GoogleCloudPolicytroubleshooterIamV3TroubleshootIamPolicyRequest
|
|
134
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
135
|
+
|
|
136
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
137
|
+
end
|
|
138
|
+
|
|
139
|
+
class GoogleCloudPolicytroubleshooterIamV3TroubleshootIamPolicyResponse
|
|
140
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
141
|
+
|
|
142
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
143
|
+
end
|
|
144
|
+
|
|
145
|
+
class GoogleIamV1AuditConfig
|
|
146
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
147
|
+
|
|
148
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
149
|
+
end
|
|
150
|
+
|
|
151
|
+
class GoogleIamV1AuditLogConfig
|
|
152
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
153
|
+
|
|
154
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
155
|
+
end
|
|
156
|
+
|
|
157
|
+
class GoogleIamV1Binding
|
|
158
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
159
|
+
|
|
160
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
161
|
+
end
|
|
162
|
+
|
|
163
|
+
class GoogleIamV1Policy
|
|
164
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
165
|
+
|
|
166
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
167
|
+
end
|
|
168
|
+
|
|
169
|
+
class GoogleIamV2DenyRule
|
|
170
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
171
|
+
|
|
172
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
173
|
+
end
|
|
174
|
+
|
|
175
|
+
class GoogleIamV2Policy
|
|
176
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
177
|
+
|
|
178
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
179
|
+
end
|
|
180
|
+
|
|
181
|
+
class GoogleIamV2PolicyRule
|
|
182
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
183
|
+
|
|
184
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
185
|
+
end
|
|
186
|
+
|
|
187
|
+
class GoogleRpcStatus
|
|
188
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
189
|
+
|
|
190
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
191
|
+
end
|
|
192
|
+
|
|
193
|
+
class GoogleTypeExpr
|
|
194
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
|
195
|
+
|
|
196
|
+
include Google::Apis::Core::JsonObjectSupport
|
|
197
|
+
end
|
|
198
|
+
|
|
199
|
+
class GoogleCloudPolicytroubleshooterIamV3AccessTuple
|
|
200
|
+
# @private
|
|
201
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
202
|
+
property :condition_context, as: 'conditionContext', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionContext, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionContext::Representation
|
|
203
|
+
|
|
204
|
+
property :full_resource_name, as: 'fullResourceName'
|
|
205
|
+
property :permission, as: 'permission'
|
|
206
|
+
property :permission_fqdn, as: 'permissionFqdn'
|
|
207
|
+
property :principal, as: 'principal'
|
|
208
|
+
end
|
|
209
|
+
end
|
|
210
|
+
|
|
211
|
+
class GoogleCloudPolicytroubleshooterIamV3AllowBindingExplanation
|
|
212
|
+
# @private
|
|
213
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
214
|
+
property :allow_access_state, as: 'allowAccessState'
|
|
215
|
+
property :combined_membership, as: 'combinedMembership', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3AllowBindingExplanationAnnotatedAllowMembership, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3AllowBindingExplanationAnnotatedAllowMembership::Representation
|
|
216
|
+
|
|
217
|
+
property :condition, as: 'condition', class: Google::Apis::PolicytroubleshooterV3::GoogleTypeExpr, decorator: Google::Apis::PolicytroubleshooterV3::GoogleTypeExpr::Representation
|
|
218
|
+
|
|
219
|
+
property :condition_explanation, as: 'conditionExplanation', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionExplanation, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionExplanation::Representation
|
|
220
|
+
|
|
221
|
+
hash :memberships, as: 'memberships', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3AllowBindingExplanationAnnotatedAllowMembership, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3AllowBindingExplanationAnnotatedAllowMembership::Representation
|
|
222
|
+
|
|
223
|
+
property :relevance, as: 'relevance'
|
|
224
|
+
property :role, as: 'role'
|
|
225
|
+
property :role_permission, as: 'rolePermission'
|
|
226
|
+
property :role_permission_relevance, as: 'rolePermissionRelevance'
|
|
227
|
+
end
|
|
228
|
+
end
|
|
229
|
+
|
|
230
|
+
class GoogleCloudPolicytroubleshooterIamV3AllowBindingExplanationAnnotatedAllowMembership
|
|
231
|
+
# @private
|
|
232
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
233
|
+
property :membership, as: 'membership'
|
|
234
|
+
property :relevance, as: 'relevance'
|
|
235
|
+
end
|
|
236
|
+
end
|
|
237
|
+
|
|
238
|
+
class GoogleCloudPolicytroubleshooterIamV3AllowPolicyExplanation
|
|
239
|
+
# @private
|
|
240
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
241
|
+
property :allow_access_state, as: 'allowAccessState'
|
|
242
|
+
collection :explained_policies, as: 'explainedPolicies', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ExplainedAllowPolicy, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ExplainedAllowPolicy::Representation
|
|
243
|
+
|
|
244
|
+
property :relevance, as: 'relevance'
|
|
245
|
+
end
|
|
246
|
+
end
|
|
247
|
+
|
|
248
|
+
class GoogleCloudPolicytroubleshooterIamV3ConditionContext
|
|
249
|
+
# @private
|
|
250
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
251
|
+
property :destination, as: 'destination', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionContextPeer, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionContextPeer::Representation
|
|
252
|
+
|
|
253
|
+
collection :effective_tags, as: 'effectiveTags', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionContextEffectiveTag, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionContextEffectiveTag::Representation
|
|
254
|
+
|
|
255
|
+
property :request, as: 'request', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionContextRequest, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionContextRequest::Representation
|
|
256
|
+
|
|
257
|
+
property :resource, as: 'resource', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionContextResource, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionContextResource::Representation
|
|
258
|
+
|
|
259
|
+
end
|
|
260
|
+
end
|
|
261
|
+
|
|
262
|
+
class GoogleCloudPolicytroubleshooterIamV3ConditionContextEffectiveTag
|
|
263
|
+
# @private
|
|
264
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
265
|
+
property :inherited, as: 'inherited'
|
|
266
|
+
property :namespaced_tag_key, as: 'namespacedTagKey'
|
|
267
|
+
property :namespaced_tag_value, as: 'namespacedTagValue'
|
|
268
|
+
property :tag_key, as: 'tagKey'
|
|
269
|
+
property :tag_key_parent_name, as: 'tagKeyParentName'
|
|
270
|
+
property :tag_value, as: 'tagValue'
|
|
271
|
+
end
|
|
272
|
+
end
|
|
273
|
+
|
|
274
|
+
class GoogleCloudPolicytroubleshooterIamV3ConditionContextPeer
|
|
275
|
+
# @private
|
|
276
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
277
|
+
property :ip, as: 'ip'
|
|
278
|
+
property :port, :numeric_string => true, as: 'port'
|
|
279
|
+
end
|
|
280
|
+
end
|
|
281
|
+
|
|
282
|
+
class GoogleCloudPolicytroubleshooterIamV3ConditionContextRequest
|
|
283
|
+
# @private
|
|
284
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
285
|
+
property :receive_time, as: 'receiveTime'
|
|
286
|
+
end
|
|
287
|
+
end
|
|
288
|
+
|
|
289
|
+
class GoogleCloudPolicytroubleshooterIamV3ConditionContextResource
|
|
290
|
+
# @private
|
|
291
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
292
|
+
property :name, as: 'name'
|
|
293
|
+
property :service, as: 'service'
|
|
294
|
+
property :type, as: 'type'
|
|
295
|
+
end
|
|
296
|
+
end
|
|
297
|
+
|
|
298
|
+
class GoogleCloudPolicytroubleshooterIamV3ConditionExplanation
|
|
299
|
+
# @private
|
|
300
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
301
|
+
collection :errors, as: 'errors', class: Google::Apis::PolicytroubleshooterV3::GoogleRpcStatus, decorator: Google::Apis::PolicytroubleshooterV3::GoogleRpcStatus::Representation
|
|
302
|
+
|
|
303
|
+
collection :evaluation_states, as: 'evaluationStates', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionExplanationEvaluationState, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionExplanationEvaluationState::Representation
|
|
304
|
+
|
|
305
|
+
property :value, as: 'value'
|
|
306
|
+
end
|
|
307
|
+
end
|
|
308
|
+
|
|
309
|
+
class GoogleCloudPolicytroubleshooterIamV3ConditionExplanationEvaluationState
|
|
310
|
+
# @private
|
|
311
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
312
|
+
property :end, as: 'end'
|
|
313
|
+
collection :errors, as: 'errors', class: Google::Apis::PolicytroubleshooterV3::GoogleRpcStatus, decorator: Google::Apis::PolicytroubleshooterV3::GoogleRpcStatus::Representation
|
|
314
|
+
|
|
315
|
+
property :start, as: 'start'
|
|
316
|
+
property :value, as: 'value'
|
|
317
|
+
end
|
|
318
|
+
end
|
|
319
|
+
|
|
320
|
+
class GoogleCloudPolicytroubleshooterIamV3DenyPolicyExplanation
|
|
321
|
+
# @private
|
|
322
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
323
|
+
property :deny_access_state, as: 'denyAccessState'
|
|
324
|
+
collection :explained_resources, as: 'explainedResources', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ExplainedDenyResource, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ExplainedDenyResource::Representation
|
|
325
|
+
|
|
326
|
+
property :permission_deniable, as: 'permissionDeniable'
|
|
327
|
+
property :relevance, as: 'relevance'
|
|
328
|
+
end
|
|
329
|
+
end
|
|
330
|
+
|
|
331
|
+
class GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanation
|
|
332
|
+
# @private
|
|
333
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
334
|
+
property :combined_denied_permission, as: 'combinedDeniedPermission', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedPermissionMatching, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedPermissionMatching::Representation
|
|
335
|
+
|
|
336
|
+
property :combined_denied_principal, as: 'combinedDeniedPrincipal', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedDenyPrincipalMatching, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedDenyPrincipalMatching::Representation
|
|
337
|
+
|
|
338
|
+
property :combined_exception_permission, as: 'combinedExceptionPermission', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedPermissionMatching, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedPermissionMatching::Representation
|
|
339
|
+
|
|
340
|
+
property :combined_exception_principal, as: 'combinedExceptionPrincipal', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedDenyPrincipalMatching, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedDenyPrincipalMatching::Representation
|
|
341
|
+
|
|
342
|
+
property :condition, as: 'condition', class: Google::Apis::PolicytroubleshooterV3::GoogleTypeExpr, decorator: Google::Apis::PolicytroubleshooterV3::GoogleTypeExpr::Representation
|
|
343
|
+
|
|
344
|
+
property :condition_explanation, as: 'conditionExplanation', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionExplanation, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ConditionExplanation::Representation
|
|
345
|
+
|
|
346
|
+
hash :denied_permissions, as: 'deniedPermissions', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedPermissionMatching, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedPermissionMatching::Representation
|
|
347
|
+
|
|
348
|
+
hash :denied_principals, as: 'deniedPrincipals', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedDenyPrincipalMatching, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedDenyPrincipalMatching::Representation
|
|
349
|
+
|
|
350
|
+
property :deny_access_state, as: 'denyAccessState'
|
|
351
|
+
hash :exception_permissions, as: 'exceptionPermissions', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedPermissionMatching, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedPermissionMatching::Representation
|
|
352
|
+
|
|
353
|
+
hash :exception_principals, as: 'exceptionPrincipals', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedDenyPrincipalMatching, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedDenyPrincipalMatching::Representation
|
|
354
|
+
|
|
355
|
+
property :relevance, as: 'relevance'
|
|
356
|
+
end
|
|
357
|
+
end
|
|
358
|
+
|
|
359
|
+
class GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedDenyPrincipalMatching
|
|
360
|
+
# @private
|
|
361
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
362
|
+
property :membership, as: 'membership'
|
|
363
|
+
property :relevance, as: 'relevance'
|
|
364
|
+
end
|
|
365
|
+
end
|
|
366
|
+
|
|
367
|
+
class GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanationAnnotatedPermissionMatching
|
|
368
|
+
# @private
|
|
369
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
370
|
+
property :permission_matching_state, as: 'permissionMatchingState'
|
|
371
|
+
property :relevance, as: 'relevance'
|
|
372
|
+
end
|
|
373
|
+
end
|
|
374
|
+
|
|
375
|
+
class GoogleCloudPolicytroubleshooterIamV3ExplainedAllowPolicy
|
|
376
|
+
# @private
|
|
377
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
378
|
+
property :allow_access_state, as: 'allowAccessState'
|
|
379
|
+
collection :binding_explanations, as: 'bindingExplanations', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3AllowBindingExplanation, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3AllowBindingExplanation::Representation
|
|
380
|
+
|
|
381
|
+
property :full_resource_name, as: 'fullResourceName'
|
|
382
|
+
property :policy, as: 'policy', class: Google::Apis::PolicytroubleshooterV3::GoogleIamV1Policy, decorator: Google::Apis::PolicytroubleshooterV3::GoogleIamV1Policy::Representation
|
|
383
|
+
|
|
384
|
+
property :relevance, as: 'relevance'
|
|
385
|
+
end
|
|
386
|
+
end
|
|
387
|
+
|
|
388
|
+
class GoogleCloudPolicytroubleshooterIamV3ExplainedDenyPolicy
|
|
389
|
+
# @private
|
|
390
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
391
|
+
property :deny_access_state, as: 'denyAccessState'
|
|
392
|
+
property :policy, as: 'policy', class: Google::Apis::PolicytroubleshooterV3::GoogleIamV2Policy, decorator: Google::Apis::PolicytroubleshooterV3::GoogleIamV2Policy::Representation
|
|
393
|
+
|
|
394
|
+
property :relevance, as: 'relevance'
|
|
395
|
+
collection :rule_explanations, as: 'ruleExplanations', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanation, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyRuleExplanation::Representation
|
|
396
|
+
|
|
397
|
+
end
|
|
398
|
+
end
|
|
399
|
+
|
|
400
|
+
class GoogleCloudPolicytroubleshooterIamV3ExplainedDenyResource
|
|
401
|
+
# @private
|
|
402
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
403
|
+
property :deny_access_state, as: 'denyAccessState'
|
|
404
|
+
collection :explained_policies, as: 'explainedPolicies', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ExplainedDenyPolicy, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3ExplainedDenyPolicy::Representation
|
|
405
|
+
|
|
406
|
+
property :full_resource_name, as: 'fullResourceName'
|
|
407
|
+
property :relevance, as: 'relevance'
|
|
408
|
+
end
|
|
409
|
+
end
|
|
410
|
+
|
|
411
|
+
class GoogleCloudPolicytroubleshooterIamV3TroubleshootIamPolicyRequest
|
|
412
|
+
# @private
|
|
413
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
414
|
+
property :access_tuple, as: 'accessTuple', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3AccessTuple, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3AccessTuple::Representation
|
|
415
|
+
|
|
416
|
+
end
|
|
417
|
+
end
|
|
418
|
+
|
|
419
|
+
class GoogleCloudPolicytroubleshooterIamV3TroubleshootIamPolicyResponse
|
|
420
|
+
# @private
|
|
421
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
422
|
+
property :access_tuple, as: 'accessTuple', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3AccessTuple, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3AccessTuple::Representation
|
|
423
|
+
|
|
424
|
+
property :allow_policy_explanation, as: 'allowPolicyExplanation', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3AllowPolicyExplanation, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3AllowPolicyExplanation::Representation
|
|
425
|
+
|
|
426
|
+
property :deny_policy_explanation, as: 'denyPolicyExplanation', class: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyPolicyExplanation, decorator: Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3DenyPolicyExplanation::Representation
|
|
427
|
+
|
|
428
|
+
property :overall_access_state, as: 'overallAccessState'
|
|
429
|
+
end
|
|
430
|
+
end
|
|
431
|
+
|
|
432
|
+
class GoogleIamV1AuditConfig
|
|
433
|
+
# @private
|
|
434
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
435
|
+
collection :audit_log_configs, as: 'auditLogConfigs', class: Google::Apis::PolicytroubleshooterV3::GoogleIamV1AuditLogConfig, decorator: Google::Apis::PolicytroubleshooterV3::GoogleIamV1AuditLogConfig::Representation
|
|
436
|
+
|
|
437
|
+
property :service, as: 'service'
|
|
438
|
+
end
|
|
439
|
+
end
|
|
440
|
+
|
|
441
|
+
class GoogleIamV1AuditLogConfig
|
|
442
|
+
# @private
|
|
443
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
444
|
+
collection :exempted_members, as: 'exemptedMembers'
|
|
445
|
+
property :log_type, as: 'logType'
|
|
446
|
+
end
|
|
447
|
+
end
|
|
448
|
+
|
|
449
|
+
class GoogleIamV1Binding
|
|
450
|
+
# @private
|
|
451
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
452
|
+
property :condition, as: 'condition', class: Google::Apis::PolicytroubleshooterV3::GoogleTypeExpr, decorator: Google::Apis::PolicytroubleshooterV3::GoogleTypeExpr::Representation
|
|
453
|
+
|
|
454
|
+
collection :members, as: 'members'
|
|
455
|
+
property :role, as: 'role'
|
|
456
|
+
end
|
|
457
|
+
end
|
|
458
|
+
|
|
459
|
+
class GoogleIamV1Policy
|
|
460
|
+
# @private
|
|
461
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
462
|
+
collection :audit_configs, as: 'auditConfigs', class: Google::Apis::PolicytroubleshooterV3::GoogleIamV1AuditConfig, decorator: Google::Apis::PolicytroubleshooterV3::GoogleIamV1AuditConfig::Representation
|
|
463
|
+
|
|
464
|
+
collection :bindings, as: 'bindings', class: Google::Apis::PolicytroubleshooterV3::GoogleIamV1Binding, decorator: Google::Apis::PolicytroubleshooterV3::GoogleIamV1Binding::Representation
|
|
465
|
+
|
|
466
|
+
property :etag, :base64 => true, as: 'etag'
|
|
467
|
+
property :version, as: 'version'
|
|
468
|
+
end
|
|
469
|
+
end
|
|
470
|
+
|
|
471
|
+
class GoogleIamV2DenyRule
|
|
472
|
+
# @private
|
|
473
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
474
|
+
property :denial_condition, as: 'denialCondition', class: Google::Apis::PolicytroubleshooterV3::GoogleTypeExpr, decorator: Google::Apis::PolicytroubleshooterV3::GoogleTypeExpr::Representation
|
|
475
|
+
|
|
476
|
+
collection :denied_permissions, as: 'deniedPermissions'
|
|
477
|
+
collection :denied_principals, as: 'deniedPrincipals'
|
|
478
|
+
collection :exception_permissions, as: 'exceptionPermissions'
|
|
479
|
+
collection :exception_principals, as: 'exceptionPrincipals'
|
|
480
|
+
end
|
|
481
|
+
end
|
|
482
|
+
|
|
483
|
+
class GoogleIamV2Policy
|
|
484
|
+
# @private
|
|
485
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
486
|
+
hash :annotations, as: 'annotations'
|
|
487
|
+
property :create_time, as: 'createTime'
|
|
488
|
+
property :delete_time, as: 'deleteTime'
|
|
489
|
+
property :display_name, as: 'displayName'
|
|
490
|
+
property :etag, as: 'etag'
|
|
491
|
+
property :kind, as: 'kind'
|
|
492
|
+
property :name, as: 'name'
|
|
493
|
+
collection :rules, as: 'rules', class: Google::Apis::PolicytroubleshooterV3::GoogleIamV2PolicyRule, decorator: Google::Apis::PolicytroubleshooterV3::GoogleIamV2PolicyRule::Representation
|
|
494
|
+
|
|
495
|
+
property :uid, as: 'uid'
|
|
496
|
+
property :update_time, as: 'updateTime'
|
|
497
|
+
end
|
|
498
|
+
end
|
|
499
|
+
|
|
500
|
+
class GoogleIamV2PolicyRule
|
|
501
|
+
# @private
|
|
502
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
503
|
+
property :deny_rule, as: 'denyRule', class: Google::Apis::PolicytroubleshooterV3::GoogleIamV2DenyRule, decorator: Google::Apis::PolicytroubleshooterV3::GoogleIamV2DenyRule::Representation
|
|
504
|
+
|
|
505
|
+
property :description, as: 'description'
|
|
506
|
+
end
|
|
507
|
+
end
|
|
508
|
+
|
|
509
|
+
class GoogleRpcStatus
|
|
510
|
+
# @private
|
|
511
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
512
|
+
property :code, as: 'code'
|
|
513
|
+
collection :details, as: 'details'
|
|
514
|
+
property :message, as: 'message'
|
|
515
|
+
end
|
|
516
|
+
end
|
|
517
|
+
|
|
518
|
+
class GoogleTypeExpr
|
|
519
|
+
# @private
|
|
520
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
|
521
|
+
property :description, as: 'description'
|
|
522
|
+
property :expression, as: 'expression'
|
|
523
|
+
property :location, as: 'location'
|
|
524
|
+
property :title, as: 'title'
|
|
525
|
+
end
|
|
526
|
+
end
|
|
527
|
+
end
|
|
528
|
+
end
|
|
529
|
+
end
|
|
@@ -0,0 +1,94 @@
|
|
|
1
|
+
# Copyright 2020 Google LLC
|
|
2
|
+
#
|
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
# you may not use this file except in compliance with the License.
|
|
5
|
+
# You may obtain a copy of the License at
|
|
6
|
+
#
|
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
#
|
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
# See the License for the specific language governing permissions and
|
|
13
|
+
# limitations under the License.
|
|
14
|
+
|
|
15
|
+
require 'google/apis/core/base_service'
|
|
16
|
+
require 'google/apis/core/json_representation'
|
|
17
|
+
require 'google/apis/core/hashable'
|
|
18
|
+
require 'google/apis/errors'
|
|
19
|
+
|
|
20
|
+
module Google
|
|
21
|
+
module Apis
|
|
22
|
+
module PolicytroubleshooterV3
|
|
23
|
+
# Policy Troubleshooter API
|
|
24
|
+
#
|
|
25
|
+
#
|
|
26
|
+
#
|
|
27
|
+
# @example
|
|
28
|
+
# require 'google/apis/policytroubleshooter_v3'
|
|
29
|
+
#
|
|
30
|
+
# Policytroubleshooter = Google::Apis::PolicytroubleshooterV3 # Alias the module
|
|
31
|
+
# service = Policytroubleshooter::PolicyTroubleshooterService.new
|
|
32
|
+
#
|
|
33
|
+
# @see https://cloud.google.com/iam/
|
|
34
|
+
class PolicyTroubleshooterService < Google::Apis::Core::BaseService
|
|
35
|
+
DEFAULT_ENDPOINT_TEMPLATE = "https://policytroubleshooter.$UNIVERSE_DOMAIN$/"
|
|
36
|
+
|
|
37
|
+
# @return [String]
|
|
38
|
+
# API key. Your API key identifies your project and provides you with API access,
|
|
39
|
+
# quota, and reports. Required unless you provide an OAuth 2.0 token.
|
|
40
|
+
attr_accessor :key
|
|
41
|
+
|
|
42
|
+
# @return [String]
|
|
43
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
|
44
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
45
|
+
attr_accessor :quota_user
|
|
46
|
+
|
|
47
|
+
def initialize
|
|
48
|
+
super(DEFAULT_ENDPOINT_TEMPLATE, '',
|
|
49
|
+
client_name: 'google-apis-policytroubleshooter_v3',
|
|
50
|
+
client_version: Google::Apis::PolicytroubleshooterV3::GEM_VERSION)
|
|
51
|
+
@batch_path = 'batch'
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
# Checks whether a principal has a specific permission for a specific resource,
|
|
55
|
+
# and explains why the principal does or doesn't have that permission.
|
|
56
|
+
# @param [Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3TroubleshootIamPolicyRequest] google_cloud_policytroubleshooter_iam_v3_troubleshoot_iam_policy_request_object
|
|
57
|
+
# @param [String] fields
|
|
58
|
+
# Selector specifying which fields to include in a partial response.
|
|
59
|
+
# @param [String] quota_user
|
|
60
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
|
61
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
62
|
+
# @param [Google::Apis::RequestOptions] options
|
|
63
|
+
# Request-specific options
|
|
64
|
+
#
|
|
65
|
+
# @yield [result, err] Result & error if block supplied
|
|
66
|
+
# @yieldparam result [Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3TroubleshootIamPolicyResponse] parsed result object
|
|
67
|
+
# @yieldparam err [StandardError] error object if request failed
|
|
68
|
+
#
|
|
69
|
+
# @return [Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3TroubleshootIamPolicyResponse]
|
|
70
|
+
#
|
|
71
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
72
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
73
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
|
74
|
+
def troubleshoot_iam(google_cloud_policytroubleshooter_iam_v3_troubleshoot_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
|
75
|
+
command = make_simple_command(:post, 'v3/iam:troubleshoot', options)
|
|
76
|
+
command.request_representation = Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3TroubleshootIamPolicyRequest::Representation
|
|
77
|
+
command.request_object = google_cloud_policytroubleshooter_iam_v3_troubleshoot_iam_policy_request_object
|
|
78
|
+
command.response_representation = Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3TroubleshootIamPolicyResponse::Representation
|
|
79
|
+
command.response_class = Google::Apis::PolicytroubleshooterV3::GoogleCloudPolicytroubleshooterIamV3TroubleshootIamPolicyResponse
|
|
80
|
+
command.query['fields'] = fields unless fields.nil?
|
|
81
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
82
|
+
execute_or_queue_command(command, &block)
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
protected
|
|
86
|
+
|
|
87
|
+
def apply_command_defaults(command)
|
|
88
|
+
command.query['key'] = key unless key.nil?
|
|
89
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
90
|
+
end
|
|
91
|
+
end
|
|
92
|
+
end
|
|
93
|
+
end
|
|
94
|
+
end
|