Google Cloud Asset V1 Client - Class IamPolicySearchResult (1.9.2)

Reference documentation and code samples for the Google Cloud Asset V1 Client class IamPolicySearchResult.

A result of IAM Policy search, containing information of an IAM policy.

Generated from protobuf message google.cloud.asset.v1.IamPolicySearchResult

Methods

__construct

Constructor.

Parameters
NameDescription
data array

Optional. Data for populating the Message object.

↳ resource string

The full resource name of the resource associated with this IAM policy. Example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. See Cloud Asset Inventory Resource Name Format for more information. To search against the resource: * use a field query. Example: resource:organizations/123

↳ asset_type string

The type of the resource associated with this IAM policy. Example: compute.googleapis.com/Disk. To search against the asset_type: * specify the asset_types field in your search request.

↳ project string

The project that the associated GCP resource belongs to, in the form of projects/{PROJECT_NUMBER}. If an IAM policy is set on a resource (like VM instance, Cloud Storage bucket), the project field will indicate the project that contains the resource. If an IAM policy is set on a folder or orgnization, this field will be empty. To search against the project: * specify the scope field as this project in your search request.

↳ folders array

The folder(s) that the IAM policy belongs to, in the form of folders/{FOLDER_NUMBER}. This field is available when the IAM policy belongs to one or more folders. To search against folders: * use a field query. Example: folders:(123 OR 456) * use a free text query. Example: 123 * specify the scope field as this folder in your search request.

↳ organization string

The organization that the IAM policy belongs to, in the form of organizations/{ORGANIZATION_NUMBER}. This field is available when the IAM policy belongs to an organization. To search against organization: * use a field query. Example: organization:123 * use a free text query. Example: 123 * specify the scope field as this organization in your search request.

↳ policy Google\Cloud\Iam\V1\Policy

The IAM policy directly set on the given resource. Note that the original IAM policy can contain multiple bindings. This only contains the bindings that match the given query. For queries that don't contain a constrain on policies (e.g., an empty query), this contains all the bindings. To search against the policy bindings: * use a field query: - query by the policy contained members. Example: policy:amy@gmail.com - query by the policy contained roles. Example: policy:roles/compute.admin - query by the policy contained roles' included permissions. Example: policy.role.permissions:compute.instances.create

↳ explanation Google\Cloud\Asset\V1\IamPolicySearchResult\Explanation

Explanation about the IAM policy search result. It contains additional information to explain why the search result matches the query.

getResource

The full resource name of the resource associated with this IAM policy.

Example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. See Cloud Asset Inventory Resource Name Format for more information. To search against the resource:

  • use a field query. Example: resource:organizations/123

Generated from protobuf field string resource = 1;

Returns
TypeDescription
string

setResource

The full resource name of the resource associated with this IAM policy.

Example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. See Cloud Asset Inventory Resource Name Format for more information. To search against the resource:

  • use a field query. Example: resource:organizations/123

Generated from protobuf field string resource = 1;

Parameter
NameDescription
var string
Returns
TypeDescription
$this

getAssetType

The type of the resource associated with this IAM policy. Example: compute.googleapis.com/Disk.

To search against the asset_type:

  • specify the asset_types field in your search request.

Generated from protobuf field string asset_type = 5;

Returns
TypeDescription
string

setAssetType

The type of the resource associated with this IAM policy. Example: compute.googleapis.com/Disk.

To search against the asset_type:

  • specify the asset_types field in your search request.

Generated from protobuf field string asset_type = 5;

Parameter
NameDescription
var string
Returns
TypeDescription
$this

getProject

The project that the associated GCP resource belongs to, in the form of projects/{PROJECT_NUMBER}. If an IAM policy is set on a resource (like VM instance, Cloud Storage bucket), the project field will indicate the project that contains the resource. If an IAM policy is set on a folder or orgnization, this field will be empty.

To search against the project:

  • specify the scope field as this project in your search request.

Generated from protobuf field string project = 2;

Returns
TypeDescription
string

setProject

The project that the associated GCP resource belongs to, in the form of projects/{PROJECT_NUMBER}. If an IAM policy is set on a resource (like VM instance, Cloud Storage bucket), the project field will indicate the project that contains the resource. If an IAM policy is set on a folder or orgnization, this field will be empty.

To search against the project:

  • specify the scope field as this project in your search request.

Generated from protobuf field string project = 2;

Parameter
NameDescription
var string
Returns
TypeDescription
$this

getFolders

The folder(s) that the IAM policy belongs to, in the form of folders/{FOLDER_NUMBER}. This field is available when the IAM policy belongs to one or more folders.

To search against folders:

  • use a field query. Example: folders:(123 OR 456)
  • use a free text query. Example: 123
  • specify the scope field as this folder in your search request.

Generated from protobuf field repeated string folders = 6;

Returns
TypeDescription
Google\Protobuf\Internal\RepeatedField

setFolders

The folder(s) that the IAM policy belongs to, in the form of folders/{FOLDER_NUMBER}. This field is available when the IAM policy belongs to one or more folders.

To search against folders:

  • use a field query. Example: folders:(123 OR 456)
  • use a free text query. Example: 123
  • specify the scope field as this folder in your search request.

Generated from protobuf field repeated string folders = 6;

Parameter
NameDescription
var string[]
Returns
TypeDescription
$this

getOrganization

The organization that the IAM policy belongs to, in the form of organizations/{ORGANIZATION_NUMBER}. This field is available when the IAM policy belongs to an organization.

To search against organization:

  • use a field query. Example: organization:123
  • use a free text query. Example: 123
  • specify the scope field as this organization in your search request.

Generated from protobuf field string organization = 7;

Returns
TypeDescription
string

setOrganization

The organization that the IAM policy belongs to, in the form of organizations/{ORGANIZATION_NUMBER}. This field is available when the IAM policy belongs to an organization.

To search against organization:

  • use a field query. Example: organization:123
  • use a free text query. Example: 123
  • specify the scope field as this organization in your search request.

Generated from protobuf field string organization = 7;

Parameter
NameDescription
var string
Returns
TypeDescription
$this

getPolicy

The IAM policy directly set on the given resource. Note that the original IAM policy can contain multiple bindings. This only contains the bindings that match the given query. For queries that don't contain a constrain on policies (e.g., an empty query), this contains all the bindings.

To search against the policy bindings:

  • use a field query:
    • query by the policy contained members. Example: policy:amy@gmail.com
    • query by the policy contained roles. Example: policy:roles/compute.admin
    • query by the policy contained roles' included permissions. Example: policy.role.permissions:compute.instances.create

Generated from protobuf field .google.iam.v1.Policy policy = 3;

Returns
TypeDescription
Google\Cloud\Iam\V1\Policy|null

hasPolicy

clearPolicy

setPolicy

The IAM policy directly set on the given resource. Note that the original IAM policy can contain multiple bindings. This only contains the bindings that match the given query. For queries that don't contain a constrain on policies (e.g., an empty query), this contains all the bindings.

To search against the policy bindings:

  • use a field query:
    • query by the policy contained members. Example: policy:amy@gmail.com
    • query by the policy contained roles. Example: policy:roles/compute.admin
    • query by the policy contained roles' included permissions. Example: policy.role.permissions:compute.instances.create

Generated from protobuf field .google.iam.v1.Policy policy = 3;

Parameter
NameDescription
var Google\Cloud\Iam\V1\Policy
Returns
TypeDescription
$this

getExplanation

Explanation about the IAM policy search result. It contains additional information to explain why the search result matches the query.

Generated from protobuf field .google.cloud.asset.v1.IamPolicySearchResult.Explanation explanation = 4;

Returns
TypeDescription
Google\Cloud\Asset\V1\IamPolicySearchResult\Explanation|null

hasExplanation

clearExplanation

setExplanation

Explanation about the IAM policy search result. It contains additional information to explain why the search result matches the query.

Generated from protobuf field .google.cloud.asset.v1.IamPolicySearchResult.Explanation explanation = 4;

Parameter
NameDescription
var Google\Cloud\Asset\V1\IamPolicySearchResult\Explanation
Returns
TypeDescription
$this