google-cloud-policy_simulator-v1 0.a → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.yardopts +12 -0
- data/AUTHENTICATION.md +149 -0
- data/README.md +144 -8
- data/lib/google/cloud/policy_simulator/v1/rest.rb +37 -0
- data/lib/google/cloud/policy_simulator/v1/simulator/client.rb +660 -0
- data/lib/google/cloud/policy_simulator/v1/simulator/credentials.rb +47 -0
- data/lib/google/cloud/policy_simulator/v1/simulator/operations.rb +770 -0
- data/lib/google/cloud/policy_simulator/v1/simulator/paths.rb +91 -0
- data/lib/google/cloud/policy_simulator/v1/simulator/rest/client.rb +560 -0
- data/lib/google/cloud/policy_simulator/v1/simulator/rest/operations.rb +837 -0
- data/lib/google/cloud/policy_simulator/v1/simulator/rest/service_stub.rb +270 -0
- data/lib/google/cloud/policy_simulator/v1/simulator/rest.rb +64 -0
- data/lib/google/cloud/policy_simulator/v1/simulator.rb +67 -0
- data/lib/google/cloud/policy_simulator/v1/version.rb +7 -2
- data/lib/google/cloud/policy_simulator/v1.rb +45 -0
- data/lib/google/cloud/policysimulator/v1/explanations_pb.rb +55 -0
- data/lib/google/cloud/policysimulator/v1/simulator_pb.rb +72 -0
- data/lib/google/cloud/policysimulator/v1/simulator_services_pb.rb +63 -0
- data/lib/google-cloud-policy_simulator-v1.rb +21 -0
- data/proto_docs/README.md +4 -0
- data/proto_docs/google/api/client.rb +381 -0
- data/proto_docs/google/api/field_behavior.rb +71 -0
- data/proto_docs/google/api/launch_stage.rb +71 -0
- data/proto_docs/google/api/resource.rb +222 -0
- data/proto_docs/google/cloud/policysimulator/v1/explanations.rb +277 -0
- data/proto_docs/google/cloud/policysimulator/v1/simulator.rb +396 -0
- data/proto_docs/google/iam/v1/policy.rb +422 -0
- data/proto_docs/google/longrunning/operations.rb +164 -0
- data/proto_docs/google/protobuf/any.rb +144 -0
- data/proto_docs/google/protobuf/duration.rb +98 -0
- data/proto_docs/google/protobuf/empty.rb +34 -0
- data/proto_docs/google/protobuf/timestamp.rb +127 -0
- data/proto_docs/google/rpc/status.rb +48 -0
- data/proto_docs/google/type/date.rb +53 -0
- data/proto_docs/google/type/expr.rb +75 -0
- metadata +215 -12
@@ -0,0 +1,396 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2023 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module PolicySimulator
|
23
|
+
module V1
|
24
|
+
# A resource describing a `Replay`, or simulation.
|
25
|
+
# @!attribute [r] name
|
26
|
+
# @return [::String]
|
27
|
+
# Output only. The resource name of the `Replay`, which has the following
|
28
|
+
# format:
|
29
|
+
#
|
30
|
+
# `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}`,
|
31
|
+
# where `{resource-id}` is the ID of the project, folder, or organization
|
32
|
+
# that owns the Replay.
|
33
|
+
#
|
34
|
+
# Example:
|
35
|
+
# `projects/my-example-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36`
|
36
|
+
# @!attribute [r] state
|
37
|
+
# @return [::Google::Cloud::PolicySimulator::V1::Replay::State]
|
38
|
+
# Output only. The current state of the `Replay`.
|
39
|
+
# @!attribute [rw] config
|
40
|
+
# @return [::Google::Cloud::PolicySimulator::V1::ReplayConfig]
|
41
|
+
# Required. The configuration used for the `Replay`.
|
42
|
+
# @!attribute [r] results_summary
|
43
|
+
# @return [::Google::Cloud::PolicySimulator::V1::Replay::ResultsSummary]
|
44
|
+
# Output only. Summary statistics about the replayed log entries.
|
45
|
+
class Replay
|
46
|
+
include ::Google::Protobuf::MessageExts
|
47
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
48
|
+
|
49
|
+
# Summary statistics about the replayed log entries.
|
50
|
+
# @!attribute [rw] log_count
|
51
|
+
# @return [::Integer]
|
52
|
+
# The total number of log entries replayed.
|
53
|
+
# @!attribute [rw] unchanged_count
|
54
|
+
# @return [::Integer]
|
55
|
+
# The number of replayed log entries with no difference between
|
56
|
+
# baseline and simulated policies.
|
57
|
+
# @!attribute [rw] difference_count
|
58
|
+
# @return [::Integer]
|
59
|
+
# The number of replayed log entries with a difference between baseline and
|
60
|
+
# simulated policies.
|
61
|
+
# @!attribute [rw] error_count
|
62
|
+
# @return [::Integer]
|
63
|
+
# The number of log entries that could not be replayed.
|
64
|
+
# @!attribute [rw] oldest_date
|
65
|
+
# @return [::Google::Type::Date]
|
66
|
+
# The date of the oldest log entry replayed.
|
67
|
+
# @!attribute [rw] newest_date
|
68
|
+
# @return [::Google::Type::Date]
|
69
|
+
# The date of the newest log entry replayed.
|
70
|
+
class ResultsSummary
|
71
|
+
include ::Google::Protobuf::MessageExts
|
72
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
73
|
+
end
|
74
|
+
|
75
|
+
# The current state of the {::Google::Cloud::PolicySimulator::V1::Replay Replay}.
|
76
|
+
module State
|
77
|
+
# Default value. This value is unused.
|
78
|
+
STATE_UNSPECIFIED = 0
|
79
|
+
|
80
|
+
# The `Replay` has not started yet.
|
81
|
+
PENDING = 1
|
82
|
+
|
83
|
+
# The `Replay` is currently running.
|
84
|
+
RUNNING = 2
|
85
|
+
|
86
|
+
# The `Replay` has successfully completed.
|
87
|
+
SUCCEEDED = 3
|
88
|
+
|
89
|
+
# The `Replay` has finished with an error.
|
90
|
+
FAILED = 4
|
91
|
+
end
|
92
|
+
end
|
93
|
+
|
94
|
+
# The result of replaying a single access tuple against a simulated state.
|
95
|
+
# @!attribute [rw] diff
|
96
|
+
# @return [::Google::Cloud::PolicySimulator::V1::ReplayDiff]
|
97
|
+
# The difference between the principal's access under the current
|
98
|
+
# (baseline) policies and the principal's access under the proposed
|
99
|
+
# (simulated) policies.
|
100
|
+
#
|
101
|
+
# This field is only included for access tuples that were successfully
|
102
|
+
# replayed and had different results under the current policies and the
|
103
|
+
# proposed policies.
|
104
|
+
# @!attribute [rw] error
|
105
|
+
# @return [::Google::Rpc::Status]
|
106
|
+
# The error that caused the access tuple replay to fail.
|
107
|
+
#
|
108
|
+
# This field is only included for access tuples that were not replayed
|
109
|
+
# successfully.
|
110
|
+
# @!attribute [rw] name
|
111
|
+
# @return [::String]
|
112
|
+
# The resource name of the `ReplayResult`, in the following format:
|
113
|
+
#
|
114
|
+
# `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}/results/{replay-result-id}`,
|
115
|
+
# where `{resource-id}` is the ID of the project, folder, or organization
|
116
|
+
# that owns the {::Google::Cloud::PolicySimulator::V1::Replay Replay}.
|
117
|
+
#
|
118
|
+
# Example:
|
119
|
+
# `projects/my-example-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36/results/1234`
|
120
|
+
# @!attribute [rw] parent
|
121
|
+
# @return [::String]
|
122
|
+
# The {::Google::Cloud::PolicySimulator::V1::Replay Replay} that the access tuple
|
123
|
+
# was included in.
|
124
|
+
# @!attribute [rw] access_tuple
|
125
|
+
# @return [::Google::Cloud::PolicySimulator::V1::AccessTuple]
|
126
|
+
# The access tuple that was replayed. This field includes information about
|
127
|
+
# the principal, resource, and permission that were involved in the access
|
128
|
+
# attempt.
|
129
|
+
# @!attribute [rw] last_seen_date
|
130
|
+
# @return [::Google::Type::Date]
|
131
|
+
# The latest date this access tuple was seen in the logs.
|
132
|
+
class ReplayResult
|
133
|
+
include ::Google::Protobuf::MessageExts
|
134
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
135
|
+
end
|
136
|
+
|
137
|
+
# Request message for
|
138
|
+
# {::Google::Cloud::PolicySimulator::V1::Simulator::Client#create_replay Simulator.CreateReplay}.
|
139
|
+
# @!attribute [rw] parent
|
140
|
+
# @return [::String]
|
141
|
+
# Required. The parent resource where this
|
142
|
+
# {::Google::Cloud::PolicySimulator::V1::Replay Replay} will be created. This
|
143
|
+
# resource must be a project, folder, or organization with a location.
|
144
|
+
#
|
145
|
+
# Example: `projects/my-example-project/locations/global`
|
146
|
+
# @!attribute [rw] replay
|
147
|
+
# @return [::Google::Cloud::PolicySimulator::V1::Replay]
|
148
|
+
# Required. The {::Google::Cloud::PolicySimulator::V1::Replay Replay} to create.
|
149
|
+
# Set `Replay.ReplayConfig` to configure the replay.
|
150
|
+
class CreateReplayRequest
|
151
|
+
include ::Google::Protobuf::MessageExts
|
152
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
153
|
+
end
|
154
|
+
|
155
|
+
# Metadata about a Replay operation.
|
156
|
+
# @!attribute [rw] start_time
|
157
|
+
# @return [::Google::Protobuf::Timestamp]
|
158
|
+
# Time when the request was received.
|
159
|
+
class ReplayOperationMetadata
|
160
|
+
include ::Google::Protobuf::MessageExts
|
161
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
162
|
+
end
|
163
|
+
|
164
|
+
# Request message for
|
165
|
+
# {::Google::Cloud::PolicySimulator::V1::Simulator::Client#get_replay Simulator.GetReplay}.
|
166
|
+
# @!attribute [rw] name
|
167
|
+
# @return [::String]
|
168
|
+
# Required. The name of the {::Google::Cloud::PolicySimulator::V1::Replay Replay}
|
169
|
+
# to retrieve, in the following format:
|
170
|
+
#
|
171
|
+
# `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}`,
|
172
|
+
# where `{resource-id}` is the ID of the project, folder, or organization
|
173
|
+
# that owns the `Replay`.
|
174
|
+
#
|
175
|
+
# Example:
|
176
|
+
# `projects/my-example-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36`
|
177
|
+
class GetReplayRequest
|
178
|
+
include ::Google::Protobuf::MessageExts
|
179
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
180
|
+
end
|
181
|
+
|
182
|
+
# Request message for
|
183
|
+
# {::Google::Cloud::PolicySimulator::V1::Simulator::Client#list_replay_results Simulator.ListReplayResults}.
|
184
|
+
# @!attribute [rw] parent
|
185
|
+
# @return [::String]
|
186
|
+
# Required. The {::Google::Cloud::PolicySimulator::V1::Replay Replay} whose
|
187
|
+
# results are listed, in the following format:
|
188
|
+
#
|
189
|
+
# `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}`
|
190
|
+
#
|
191
|
+
# Example:
|
192
|
+
# `projects/my-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36`
|
193
|
+
# @!attribute [rw] page_size
|
194
|
+
# @return [::Integer]
|
195
|
+
# The maximum number of
|
196
|
+
# {::Google::Cloud::PolicySimulator::V1::ReplayResult ReplayResult} objects to
|
197
|
+
# return. Defaults to 5000.
|
198
|
+
#
|
199
|
+
# The maximum value is 5000; values above 5000 are rounded down to 5000.
|
200
|
+
# @!attribute [rw] page_token
|
201
|
+
# @return [::String]
|
202
|
+
# A page token, received from a previous
|
203
|
+
# {::Google::Cloud::PolicySimulator::V1::Simulator::Client#list_replay_results Simulator.ListReplayResults}
|
204
|
+
# call. Provide this token to retrieve the next page of results.
|
205
|
+
#
|
206
|
+
# When paginating, all other parameters provided to
|
207
|
+
# [Simulator.ListReplayResults[] must match the call that provided the page
|
208
|
+
# token.
|
209
|
+
class ListReplayResultsRequest
|
210
|
+
include ::Google::Protobuf::MessageExts
|
211
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
212
|
+
end
|
213
|
+
|
214
|
+
# Response message for
|
215
|
+
# {::Google::Cloud::PolicySimulator::V1::Simulator::Client#list_replay_results Simulator.ListReplayResults}.
|
216
|
+
# @!attribute [rw] replay_results
|
217
|
+
# @return [::Array<::Google::Cloud::PolicySimulator::V1::ReplayResult>]
|
218
|
+
# The results of running a {::Google::Cloud::PolicySimulator::V1::Replay Replay}.
|
219
|
+
# @!attribute [rw] next_page_token
|
220
|
+
# @return [::String]
|
221
|
+
# A token that you can use to retrieve the next page of
|
222
|
+
# {::Google::Cloud::PolicySimulator::V1::ReplayResult ReplayResult} objects. If
|
223
|
+
# this field is omitted, there are no subsequent pages.
|
224
|
+
class ListReplayResultsResponse
|
225
|
+
include ::Google::Protobuf::MessageExts
|
226
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
227
|
+
end
|
228
|
+
|
229
|
+
# The configuration used for a
|
230
|
+
# {::Google::Cloud::PolicySimulator::V1::Replay Replay}.
|
231
|
+
# @!attribute [rw] policy_overlay
|
232
|
+
# @return [::Google::Protobuf::Map{::String => ::Google::Iam::V1::Policy}]
|
233
|
+
# A mapping of the resources that you want to simulate policies for and the
|
234
|
+
# policies that you want to simulate.
|
235
|
+
#
|
236
|
+
# Keys are the full resource names for the resources. For example,
|
237
|
+
# `//cloudresourcemanager.googleapis.com/projects/my-project`.
|
238
|
+
# For examples of full resource names for Google Cloud services, see
|
239
|
+
# https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
|
240
|
+
#
|
241
|
+
# Values are {::Google::Iam::V1::Policy Policy} objects representing the policies
|
242
|
+
# that you want to simulate.
|
243
|
+
#
|
244
|
+
# Replays automatically take into account any IAM policies inherited through
|
245
|
+
# the resource hierarchy, and any policies set on descendant resources. You
|
246
|
+
# do not need to include these policies in the policy overlay.
|
247
|
+
# @!attribute [rw] log_source
|
248
|
+
# @return [::Google::Cloud::PolicySimulator::V1::ReplayConfig::LogSource]
|
249
|
+
# The logs to use as input for the
|
250
|
+
# {::Google::Cloud::PolicySimulator::V1::Replay Replay}.
|
251
|
+
class ReplayConfig
|
252
|
+
include ::Google::Protobuf::MessageExts
|
253
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
254
|
+
|
255
|
+
# @!attribute [rw] key
|
256
|
+
# @return [::String]
|
257
|
+
# @!attribute [rw] value
|
258
|
+
# @return [::Google::Iam::V1::Policy]
|
259
|
+
class PolicyOverlayEntry
|
260
|
+
include ::Google::Protobuf::MessageExts
|
261
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
262
|
+
end
|
263
|
+
|
264
|
+
# The source of the logs to use for a
|
265
|
+
# {::Google::Cloud::PolicySimulator::V1::Replay Replay}.
|
266
|
+
module LogSource
|
267
|
+
# An unspecified log source.
|
268
|
+
# If the log source is unspecified, the
|
269
|
+
# {::Google::Cloud::PolicySimulator::V1::Replay Replay} defaults to using
|
270
|
+
# `RECENT_ACCESSES`.
|
271
|
+
LOG_SOURCE_UNSPECIFIED = 0
|
272
|
+
|
273
|
+
# All access logs from the last 90 days. These logs may not include logs
|
274
|
+
# from the most recent 7 days.
|
275
|
+
RECENT_ACCESSES = 1
|
276
|
+
end
|
277
|
+
end
|
278
|
+
|
279
|
+
# The difference between the results of evaluating an access tuple under
|
280
|
+
# the current (baseline) policies and under the proposed (simulated) policies.
|
281
|
+
# This difference explains how a principal's access could change if the
|
282
|
+
# proposed policies were applied.
|
283
|
+
# @!attribute [rw] access_diff
|
284
|
+
# @return [::Google::Cloud::PolicySimulator::V1::AccessStateDiff]
|
285
|
+
# A summary and comparison of the principal's access under the current
|
286
|
+
# (baseline) policies and the proposed (simulated) policies for a single
|
287
|
+
# access tuple.
|
288
|
+
#
|
289
|
+
# The evaluation of the principal's access is reported in the
|
290
|
+
# {::Google::Cloud::PolicySimulator::V1::AccessState AccessState} field.
|
291
|
+
class ReplayDiff
|
292
|
+
include ::Google::Protobuf::MessageExts
|
293
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
294
|
+
end
|
295
|
+
|
296
|
+
# A summary and comparison of the principal's access under the current
|
297
|
+
# (baseline) policies and the proposed (simulated) policies for a single
|
298
|
+
# access tuple.
|
299
|
+
# @!attribute [rw] baseline
|
300
|
+
# @return [::Google::Cloud::PolicySimulator::V1::ExplainedAccess]
|
301
|
+
# The results of evaluating the access tuple under the current (baseline)
|
302
|
+
# policies.
|
303
|
+
#
|
304
|
+
# If the {::Google::Cloud::PolicySimulator::V1::AccessState AccessState} couldn't
|
305
|
+
# be fully evaluated, this field explains why.
|
306
|
+
# @!attribute [rw] simulated
|
307
|
+
# @return [::Google::Cloud::PolicySimulator::V1::ExplainedAccess]
|
308
|
+
# The results of evaluating the access tuple under the proposed (simulated)
|
309
|
+
# policies.
|
310
|
+
#
|
311
|
+
# If the AccessState couldn't be fully evaluated, this field explains why.
|
312
|
+
# @!attribute [rw] access_change
|
313
|
+
# @return [::Google::Cloud::PolicySimulator::V1::AccessStateDiff::AccessChangeType]
|
314
|
+
# How the principal's access, specified in the AccessState field, changed
|
315
|
+
# between the current (baseline) policies and proposed (simulated) policies.
|
316
|
+
class AccessStateDiff
|
317
|
+
include ::Google::Protobuf::MessageExts
|
318
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
319
|
+
|
320
|
+
# How the principal's access, specified in the AccessState field, changed
|
321
|
+
# between the current (baseline) policies and proposed (simulated) policies.
|
322
|
+
module AccessChangeType
|
323
|
+
# Default value. This value is unused.
|
324
|
+
ACCESS_CHANGE_TYPE_UNSPECIFIED = 0
|
325
|
+
|
326
|
+
# The principal's access did not change.
|
327
|
+
# This includes the case where both baseline and simulated are UNKNOWN,
|
328
|
+
# but the unknown information is equivalent.
|
329
|
+
NO_CHANGE = 1
|
330
|
+
|
331
|
+
# The principal's access under both the current policies and the proposed
|
332
|
+
# policies is `UNKNOWN`, but the unknown information differs between them.
|
333
|
+
UNKNOWN_CHANGE = 2
|
334
|
+
|
335
|
+
# The principal had access under the current policies (`GRANTED`), but will
|
336
|
+
# no longer have access after the proposed changes (`NOT_GRANTED`).
|
337
|
+
ACCESS_REVOKED = 3
|
338
|
+
|
339
|
+
# The principal did not have access under the current policies
|
340
|
+
# (`NOT_GRANTED`), but will have access after the proposed changes
|
341
|
+
# (`GRANTED`).
|
342
|
+
ACCESS_GAINED = 4
|
343
|
+
|
344
|
+
# This result can occur for the following reasons:
|
345
|
+
#
|
346
|
+
# * The principal had access under the current policies (`GRANTED`), but
|
347
|
+
# their access after the proposed changes is `UNKNOWN`.
|
348
|
+
#
|
349
|
+
# * The principal's access under the current policies is `UNKNOWN`, but
|
350
|
+
# they
|
351
|
+
# will not have access after the proposed changes (`NOT_GRANTED`).
|
352
|
+
ACCESS_MAYBE_REVOKED = 5
|
353
|
+
|
354
|
+
# This result can occur for the following reasons:
|
355
|
+
#
|
356
|
+
# * The principal did not have access under the current policies
|
357
|
+
# (`NOT_GRANTED`), but their access after the proposed changes is
|
358
|
+
# `UNKNOWN`.
|
359
|
+
#
|
360
|
+
# * The principal's access under the current policies is `UNKNOWN`, but
|
361
|
+
# they will have access after the proposed changes (`GRANTED`).
|
362
|
+
ACCESS_MAYBE_GAINED = 6
|
363
|
+
end
|
364
|
+
end
|
365
|
+
|
366
|
+
# Details about how a set of policies, listed in
|
367
|
+
# {::Google::Cloud::PolicySimulator::V1::ExplainedPolicy ExplainedPolicy}, resulted
|
368
|
+
# in a certain {::Google::Cloud::PolicySimulator::V1::AccessState AccessState} when
|
369
|
+
# replaying an access tuple.
|
370
|
+
# @!attribute [rw] access_state
|
371
|
+
# @return [::Google::Cloud::PolicySimulator::V1::AccessState]
|
372
|
+
# Whether the principal in the access tuple has permission to access the
|
373
|
+
# resource in the access tuple under the given policies.
|
374
|
+
# @!attribute [rw] policies
|
375
|
+
# @return [::Array<::Google::Cloud::PolicySimulator::V1::ExplainedPolicy>]
|
376
|
+
# If the {::Google::Cloud::PolicySimulator::V1::AccessState AccessState} is
|
377
|
+
# `UNKNOWN`, this field contains the policies that led to that result.
|
378
|
+
#
|
379
|
+
# If the `AccessState` is `GRANTED` or `NOT_GRANTED`, this field is
|
380
|
+
# omitted.
|
381
|
+
# @!attribute [rw] errors
|
382
|
+
# @return [::Array<::Google::Rpc::Status>]
|
383
|
+
# If the {::Google::Cloud::PolicySimulator::V1::AccessState AccessState} is
|
384
|
+
# `UNKNOWN`, this field contains a list of errors explaining why the result
|
385
|
+
# is `UNKNOWN`.
|
386
|
+
#
|
387
|
+
# If the `AccessState` is `GRANTED` or `NOT_GRANTED`, this field is
|
388
|
+
# omitted.
|
389
|
+
class ExplainedAccess
|
390
|
+
include ::Google::Protobuf::MessageExts
|
391
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
392
|
+
end
|
393
|
+
end
|
394
|
+
end
|
395
|
+
end
|
396
|
+
end
|