View Source GoogleApi.CloudAsset.V1.Model.IamPolicySearchResult (google_api_cloud_asset v0.35.0)
A result of IAM Policy search, containing information of an IAM policy.
Attributes
-
assetType
(type:String.t
, default:nil
) - The type of the resource associated with this IAM policy. Example:compute.googleapis.com/Disk
. To search against theasset_type
: * specify theasset_types
field in your search request. -
explanation
(type:GoogleApi.CloudAsset.V1.Model.Explanation.t
, default:nil
) - Explanation about the IAM policy search result. It contains additional information to explain why the search result matches the query. -
folders
(type:list(String.t)
, default:nil
) - The folder(s) that the IAM policy belongs to, in the form of folders/{FOLDER_NUMBER}. This field is available when the IAM policy belongs to one or more folders. To search againstfolders
: use a field query. Example:folders:(123 OR 456)
use a free text query. Example:123
* specify thescope
field as this folder in your search request. -
organization
(type:String.t
, default:nil
) - The organization that the IAM policy belongs to, in the form of organizations/{ORGANIZATION_NUMBER}. This field is available when the IAM policy belongs to an organization. To search againstorganization
: use a field query. Example:organization:123
use a free text query. Example:123
* specify thescope
field as this organization in your search request. -
policy
(type:GoogleApi.CloudAsset.V1.Model.Policy.t
, default:nil
) - The IAM policy directly set on the given resource. Note that the original IAM policy can contain multiple bindings. This only contains the bindings that match the given query. For queries that don't contain a constrain on policies (e.g., an empty query), this contains all the bindings. To search against thepolicy
bindings: * use a field query: - query by the policy contained members. Example:policy:amy@gmail.com
- query by the policy contained roles. Example:policy:roles/compute.admin
- query by the policy contained roles' included permissions. Example:policy.role.permissions:compute.instances.create
-
project
(type:String.t
, default:nil
) - The project that the associated Google Cloud resource belongs to, in the form of projects/{PROJECT_NUMBER}. If an IAM policy is set on a resource (like VM instance, Cloud Storage bucket), the project field will indicate the project that contains the resource. If an IAM policy is set on a folder or orgnization, this field will be empty. To search against theproject
: * specify thescope
field as this project in your search request. -
resource
(type:String.t
, default:nil
) - The full resource name of the resource associated with this IAM policy. Example://compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1
. See Cloud Asset Inventory Resource Name Format for more information. To search against theresource
: * use a field query. Example:resource:organizations/123
Summary
Functions
Unwrap a decoded JSON object into its complex fields.
Types
@type t() :: %GoogleApi.CloudAsset.V1.Model.IamPolicySearchResult{ assetType: String.t() | nil, explanation: GoogleApi.CloudAsset.V1.Model.Explanation.t() | nil, folders: [String.t()] | nil, organization: String.t() | nil, policy: GoogleApi.CloudAsset.V1.Model.Policy.t() | nil, project: String.t() | nil, resource: String.t() | nil }
Functions
Unwrap a decoded JSON object into its complex fields.