Reference documentation and code samples for the Google Cloud Asset V1 Client class IamPolicySearchResult.
A result of IAM Policy search, containing information of an IAM policy.
Generated from protobuf message google.cloud.asset.v1.IamPolicySearchResult
Methods
__construct
Constructor.
Parameters | |
---|---|
Name | Description |
data |
array
Optional. Data for populating the Message object. |
↳ resource |
string
The full resource name of the resource associated with this IAM policy. Example: |
↳ asset_type |
string
The type of the resource associated with this IAM policy. Example: |
↳ project |
string
The project that the associated GCP resource belongs to, in the form of projects/{PROJECT_NUMBER}. If an IAM policy is set on a resource (like VM instance, Cloud Storage bucket), the project field will indicate the project that contains the resource. If an IAM policy is set on a folder or orgnization, this field will be empty. To search against the |
↳ folders |
array
The folder(s) that the IAM policy belongs to, in the form of folders/{FOLDER_NUMBER}. This field is available when the IAM policy belongs to one or more folders. To search against |
↳ organization |
string
The organization that the IAM policy belongs to, in the form of organizations/{ORGANIZATION_NUMBER}. This field is available when the IAM policy belongs to an organization. To search against |
↳ policy |
Google\Cloud\Iam\V1\Policy
The IAM policy directly set on the given resource. Note that the original IAM policy can contain multiple bindings. This only contains the bindings that match the given query. For queries that don't contain a constrain on policies (e.g., an empty query), this contains all the bindings. To search against the |
↳ explanation |
Google\Cloud\Asset\V1\IamPolicySearchResult\Explanation
Explanation about the IAM policy search result. It contains additional information to explain why the search result matches the query. |
getResource
The full resource name of the resource associated with this IAM policy.
Example:
//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1
.
See Cloud Asset Inventory Resource Name
Format
for more information.
To search against the resource
:
- use a field query. Example:
resource:organizations/123
Generated from protobuf field string resource = 1;
Returns | |
---|---|
Type | Description |
string |
setResource
The full resource name of the resource associated with this IAM policy.
Example:
//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1
.
See Cloud Asset Inventory Resource Name
Format
for more information.
To search against the resource
:
- use a field query. Example:
resource:organizations/123
Generated from protobuf field string resource = 1;
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getAssetType
The type of the resource associated with this IAM policy. Example:
compute.googleapis.com/Disk
.
To search against the asset_type
:
- specify the
asset_types
field in your search request.
Generated from protobuf field string asset_type = 5;
Returns | |
---|---|
Type | Description |
string |
setAssetType
The type of the resource associated with this IAM policy. Example:
compute.googleapis.com/Disk
.
To search against the asset_type
:
- specify the
asset_types
field in your search request.
Generated from protobuf field string asset_type = 5;
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getProject
The project that the associated GCP resource belongs to, in the form of projects/{PROJECT_NUMBER}. If an IAM policy is set on a resource (like VM instance, Cloud Storage bucket), the project field will indicate the project that contains the resource. If an IAM policy is set on a folder or orgnization, this field will be empty.
To search against the project
:
- specify the
scope
field as this project in your search request.
Generated from protobuf field string project = 2;
Returns | |
---|---|
Type | Description |
string |
setProject
The project that the associated GCP resource belongs to, in the form of projects/{PROJECT_NUMBER}. If an IAM policy is set on a resource (like VM instance, Cloud Storage bucket), the project field will indicate the project that contains the resource. If an IAM policy is set on a folder or orgnization, this field will be empty.
To search against the project
:
- specify the
scope
field as this project in your search request.
Generated from protobuf field string project = 2;
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getFolders
The folder(s) that the IAM policy belongs to, in the form of folders/{FOLDER_NUMBER}. This field is available when the IAM policy belongs to one or more folders.
To search against folders
:
- use a field query. Example:
folders:(123 OR 456)
- use a free text query. Example:
123
- specify the
scope
field as this folder in your search request.
Generated from protobuf field repeated string folders = 6;
Returns | |
---|---|
Type | Description |
Google\Protobuf\Internal\RepeatedField |
setFolders
The folder(s) that the IAM policy belongs to, in the form of folders/{FOLDER_NUMBER}. This field is available when the IAM policy belongs to one or more folders.
To search against folders
:
- use a field query. Example:
folders:(123 OR 456)
- use a free text query. Example:
123
- specify the
scope
field as this folder in your search request.
Generated from protobuf field repeated string folders = 6;
Parameter | |
---|---|
Name | Description |
var |
string[]
|
Returns | |
---|---|
Type | Description |
$this |
getOrganization
The organization that the IAM policy belongs to, in the form of organizations/{ORGANIZATION_NUMBER}. This field is available when the IAM policy belongs to an organization.
To search against organization
:
- use a field query. Example:
organization:123
- use a free text query. Example:
123
- specify the
scope
field as this organization in your search request.
Generated from protobuf field string organization = 7;
Returns | |
---|---|
Type | Description |
string |
setOrganization
The organization that the IAM policy belongs to, in the form of organizations/{ORGANIZATION_NUMBER}. This field is available when the IAM policy belongs to an organization.
To search against organization
:
- use a field query. Example:
organization:123
- use a free text query. Example:
123
- specify the
scope
field as this organization in your search request.
Generated from protobuf field string organization = 7;
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getPolicy
The IAM policy directly set on the given resource. Note that the original IAM policy can contain multiple bindings. This only contains the bindings that match the given query. For queries that don't contain a constrain on policies (e.g., an empty query), this contains all the bindings.
To search against the policy
bindings:
- use a field query:
- query by the policy contained members. Example:
policy:amy@gmail.com
- query by the policy contained roles. Example:
policy:roles/compute.admin
- query by the policy contained roles' included permissions. Example:
policy.role.permissions:compute.instances.create
- query by the policy contained members. Example:
Generated from protobuf field .google.iam.v1.Policy policy = 3;
Returns | |
---|---|
Type | Description |
Google\Cloud\Iam\V1\Policy|null |
hasPolicy
clearPolicy
setPolicy
The IAM policy directly set on the given resource. Note that the original IAM policy can contain multiple bindings. This only contains the bindings that match the given query. For queries that don't contain a constrain on policies (e.g., an empty query), this contains all the bindings.
To search against the policy
bindings:
- use a field query:
- query by the policy contained members. Example:
policy:amy@gmail.com
- query by the policy contained roles. Example:
policy:roles/compute.admin
- query by the policy contained roles' included permissions. Example:
policy.role.permissions:compute.instances.create
- query by the policy contained members. Example:
Generated from protobuf field .google.iam.v1.Policy policy = 3;
Parameter | |
---|---|
Name | Description |
var |
Google\Cloud\Iam\V1\Policy
|
Returns | |
---|---|
Type | Description |
$this |
getExplanation
Explanation about the IAM policy search result. It contains additional information to explain why the search result matches the query.
Generated from protobuf field .google.cloud.asset.v1.IamPolicySearchResult.Explanation explanation = 4;
Returns | |
---|---|
Type | Description |
Google\Cloud\Asset\V1\IamPolicySearchResult\Explanation|null |
hasExplanation
clearExplanation
setExplanation
Explanation about the IAM policy search result. It contains additional information to explain why the search result matches the query.
Generated from protobuf field .google.cloud.asset.v1.IamPolicySearchResult.Explanation explanation = 4;
Parameter | |
---|---|
Name | Description |
var |
Google\Cloud\Asset\V1\IamPolicySearchResult\Explanation
|
Returns | |
---|---|
Type | Description |
$this |