policysimulatorpb

package
v0.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 18, 2025 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	OrgPolicyViolationsPreviewService_ListOrgPolicyViolationsPreviews_FullMethodName  = "/google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService/ListOrgPolicyViolationsPreviews"
	OrgPolicyViolationsPreviewService_GetOrgPolicyViolationsPreview_FullMethodName    = "/google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService/GetOrgPolicyViolationsPreview"
	OrgPolicyViolationsPreviewService_CreateOrgPolicyViolationsPreview_FullMethodName = "/google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService/CreateOrgPolicyViolationsPreview"
	OrgPolicyViolationsPreviewService_ListOrgPolicyViolations_FullMethodName          = "/google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService/ListOrgPolicyViolations"
)
View Source 
const (
	Simulator_GetReplay_FullMethodName         = "/google.cloud.policysimulator.v1.Simulator/GetReplay"
	Simulator_CreateReplay_FullMethodName      = "/google.cloud.policysimulator.v1.Simulator/CreateReplay"
	Simulator_ListReplayResults_FullMethodName = "/google.cloud.policysimulator.v1.Simulator/ListReplayResults"
)

Variables

View Source 
var (
	AccessState_name = map[int32]string{
		0: "ACCESS_STATE_UNSPECIFIED",
		1: "GRANTED",
		2: "NOT_GRANTED",
		3: "UNKNOWN_CONDITIONAL",
		4: "UNKNOWN_INFO_DENIED",
	}
	AccessState_value = map[string]int32{
		"ACCESS_STATE_UNSPECIFIED": 0,
		"GRANTED":                  1,
		"NOT_GRANTED":              2,
		"UNKNOWN_CONDITIONAL":      3,
		"UNKNOWN_INFO_DENIED":      4,
	}
)

Enum value maps for AccessState.

View Source 
var (
	HeuristicRelevance_name = map[int32]string{
		0: "HEURISTIC_RELEVANCE_UNSPECIFIED",
		1: "NORMAL",
		2: "HIGH",
	}
	HeuristicRelevance_value = map[string]int32{
		"HEURISTIC_RELEVANCE_UNSPECIFIED": 0,
		"NORMAL":                          1,
		"HIGH":                            2,
	}
)

Enum value maps for HeuristicRelevance.

View Source 
var (
	BindingExplanation_RolePermission_name = map[int32]string{
		0: "ROLE_PERMISSION_UNSPECIFIED",
		1: "ROLE_PERMISSION_INCLUDED",
		2: "ROLE_PERMISSION_NOT_INCLUDED",
		3: "ROLE_PERMISSION_UNKNOWN_INFO_DENIED",
	}
	BindingExplanation_RolePermission_value = map[string]int32{
		"ROLE_PERMISSION_UNSPECIFIED":         0,
		"ROLE_PERMISSION_INCLUDED":            1,
		"ROLE_PERMISSION_NOT_INCLUDED":        2,
		"ROLE_PERMISSION_UNKNOWN_INFO_DENIED": 3,
	}
)

Enum value maps for BindingExplanation_RolePermission.

View Source 
var (
	BindingExplanation_Membership_name = map[int32]string{
		0: "MEMBERSHIP_UNSPECIFIED",
		1: "MEMBERSHIP_INCLUDED",
		2: "MEMBERSHIP_NOT_INCLUDED",
		3: "MEMBERSHIP_UNKNOWN_INFO_DENIED",
		4: "MEMBERSHIP_UNKNOWN_UNSUPPORTED",
	}
	BindingExplanation_Membership_value = map[string]int32{
		"MEMBERSHIP_UNSPECIFIED":         0,
		"MEMBERSHIP_INCLUDED":            1,
		"MEMBERSHIP_NOT_INCLUDED":        2,
		"MEMBERSHIP_UNKNOWN_INFO_DENIED": 3,
		"MEMBERSHIP_UNKNOWN_UNSUPPORTED": 4,
	}
)

Enum value maps for BindingExplanation_Membership.

View Source 
var (
	PreviewState_name = map[int32]string{
		0: "PREVIEW_STATE_UNSPECIFIED",
		1: "PREVIEW_PENDING",
		2: "PREVIEW_RUNNING",
		3: "PREVIEW_SUCCEEDED",
		4: "PREVIEW_FAILED",
	}
	PreviewState_value = map[string]int32{
		"PREVIEW_STATE_UNSPECIFIED": 0,
		"PREVIEW_PENDING":           1,
		"PREVIEW_RUNNING":           2,
		"PREVIEW_SUCCEEDED":         3,
		"PREVIEW_FAILED":            4,
	}
)

Enum value maps for PreviewState.

View Source 
var (
	Replay_State_name = map[int32]string{
		0: "STATE_UNSPECIFIED",
		1: "PENDING",
		2: "RUNNING",
		3: "SUCCEEDED",
		4: "FAILED",
	}
	Replay_State_value = map[string]int32{
		"STATE_UNSPECIFIED": 0,
		"PENDING":           1,
		"RUNNING":           2,
		"SUCCEEDED":         3,
		"FAILED":            4,
	}
)

Enum value maps for Replay_State.

View Source 
var (
	ReplayConfig_LogSource_name = map[int32]string{
		0: "LOG_SOURCE_UNSPECIFIED",
		1: "RECENT_ACCESSES",
	}
	ReplayConfig_LogSource_value = map[string]int32{
		"LOG_SOURCE_UNSPECIFIED": 0,
		"RECENT_ACCESSES":        1,
	}
)

Enum value maps for ReplayConfig_LogSource.

View Source 
var (
	AccessStateDiff_AccessChangeType_name = map[int32]string{
		0: "ACCESS_CHANGE_TYPE_UNSPECIFIED",
		1: "NO_CHANGE",
		2: "UNKNOWN_CHANGE",
		3: "ACCESS_REVOKED",
		4: "ACCESS_GAINED",
		5: "ACCESS_MAYBE_REVOKED",
		6: "ACCESS_MAYBE_GAINED",
	}
	AccessStateDiff_AccessChangeType_value = map[string]int32{
		"ACCESS_CHANGE_TYPE_UNSPECIFIED": 0,
		"NO_CHANGE":                      1,
		"UNKNOWN_CHANGE":                 2,
		"ACCESS_REVOKED":                 3,
		"ACCESS_GAINED":                  4,
		"ACCESS_MAYBE_REVOKED":           5,
		"ACCESS_MAYBE_GAINED":            6,
	}
)

Enum value maps for AccessStateDiff_AccessChangeType.

View Source 
var File_google_cloud_policysimulator_v1_explanations_proto protoreflect.FileDescriptor
View Source 
var File_google_cloud_policysimulator_v1_orgpolicy_proto protoreflect.FileDescriptor
View Source 
var File_google_cloud_policysimulator_v1_simulator_proto protoreflect.FileDescriptor
View Source 
var OrgPolicyViolationsPreviewService_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService",
	HandlerType: (*OrgPolicyViolationsPreviewServiceServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "ListOrgPolicyViolationsPreviews",
			Handler:    _OrgPolicyViolationsPreviewService_ListOrgPolicyViolationsPreviews_Handler,
		},
		{
			MethodName: "GetOrgPolicyViolationsPreview",
			Handler:    _OrgPolicyViolationsPreviewService_GetOrgPolicyViolationsPreview_Handler,
		},
		{
			MethodName: "CreateOrgPolicyViolationsPreview",
			Handler:    _OrgPolicyViolationsPreviewService_CreateOrgPolicyViolationsPreview_Handler,
		},
		{
			MethodName: "ListOrgPolicyViolations",
			Handler:    _OrgPolicyViolationsPreviewService_ListOrgPolicyViolations_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "google/cloud/policysimulator/v1/orgpolicy.proto",
}

OrgPolicyViolationsPreviewService_ServiceDesc is the grpc.ServiceDesc for OrgPolicyViolationsPreviewService service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

View Source 
var Simulator_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "google.cloud.policysimulator.v1.Simulator",
	HandlerType: (*SimulatorServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "GetReplay",
			Handler:    _Simulator_GetReplay_Handler,
		},
		{
			MethodName: "CreateReplay",
			Handler:    _Simulator_CreateReplay_Handler,
		},
		{
			MethodName: "ListReplayResults",
			Handler:    _Simulator_ListReplayResults_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "google/cloud/policysimulator/v1/simulator.proto",
}

Simulator_ServiceDesc is the grpc.ServiceDesc for Simulator service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

Functions

func RegisterOrgPolicyViolationsPreviewServiceServer added in v0.4.0 

func RegisterOrgPolicyViolationsPreviewServiceServer(s grpc.ServiceRegistrar, srv OrgPolicyViolationsPreviewServiceServer)

func RegisterSimulatorServer 

func RegisterSimulatorServer(s grpc.ServiceRegistrar, srv SimulatorServer)

Types

type AccessState 

type AccessState int32

Whether a principal has a permission for a resource. 

const (
	// Default value. This value is unused.
	AccessState_ACCESS_STATE_UNSPECIFIED AccessState = 0
	// The principal has the permission.
	AccessState_GRANTED AccessState = 1
	// The principal does not have the permission.
	AccessState_NOT_GRANTED AccessState = 2
	// The principal has the permission only if a condition expression evaluates
	// to `true`.
	AccessState_UNKNOWN_CONDITIONAL AccessState = 3
	// The user who created the
	// [Replay][google.cloud.policysimulator.v1.Replay] does not have
	// access to all of the policies that Policy Simulator needs to evaluate.
	AccessState_UNKNOWN_INFO_DENIED AccessState = 4
)

func (AccessState) Descriptor 

func (AccessState) Descriptor() protoreflect.EnumDescriptor

func (AccessState) Enum 

func (x AccessState) Enum() *AccessState

func (AccessState) EnumDescriptor deprecated 

func (AccessState) EnumDescriptor() ([]byte, []int)

Deprecated: Use AccessState.Descriptor instead.

func (AccessState) Number 

func (x AccessState) Number() protoreflect.EnumNumber

func (AccessState) String 

func (x AccessState) String() string

func (AccessState) Type 

func (AccessState) Type() protoreflect.EnumType

type AccessStateDiff 

type AccessStateDiff struct {

	// The results of evaluating the access tuple under the current (baseline)
	// policies.
	//
	// If the [AccessState][google.cloud.policysimulator.v1.AccessState] couldn't
	// be fully evaluated, this field explains why.
	Baseline *ExplainedAccess `protobuf:"bytes,1,opt,name=baseline,proto3" json:"baseline,omitempty"`
	// The results of evaluating the access tuple under the proposed (simulated)
	// policies.
	//
	// If the AccessState couldn't be fully evaluated, this field explains why.
	Simulated *ExplainedAccess `protobuf:"bytes,2,opt,name=simulated,proto3" json:"simulated,omitempty"`
	// How the principal's access, specified in the AccessState field, changed
	// between the current (baseline) policies and proposed (simulated) policies.
	AccessChange AccessStateDiff_AccessChangeType `` /* 168-byte string literal not displayed */
	// contains filtered or unexported fields
}

A summary and comparison of the principal's access under the current (baseline) policies and the proposed (simulated) policies for a single access tuple.

func (*AccessStateDiff) Descriptor deprecated 

func (*AccessStateDiff) Descriptor() ([]byte, []int)

Deprecated: Use AccessStateDiff.ProtoReflect.Descriptor instead.

func (*AccessStateDiff) GetAccessChange 

func (x *AccessStateDiff) GetAccessChange() AccessStateDiff_AccessChangeType

func (*AccessStateDiff) GetBaseline 

func (x *AccessStateDiff) GetBaseline() *ExplainedAccess

func (*AccessStateDiff) GetSimulated 

func (x *AccessStateDiff) GetSimulated() *ExplainedAccess

func (*AccessStateDiff) ProtoMessage 

func (*AccessStateDiff) ProtoMessage()

func (*AccessStateDiff) ProtoReflect 

func (x *AccessStateDiff) ProtoReflect() protoreflect.Message

func (*AccessStateDiff) Reset 

func (x *AccessStateDiff) Reset()

func (*AccessStateDiff) String 

func (x *AccessStateDiff) String() string

type AccessStateDiff_AccessChangeType 

type AccessStateDiff_AccessChangeType int32

How the principal's access, specified in the AccessState field, changed between the current (baseline) policies and proposed (simulated) policies. 

const (
	// Default value. This value is unused.
	AccessStateDiff_ACCESS_CHANGE_TYPE_UNSPECIFIED AccessStateDiff_AccessChangeType = 0
	// The principal's access did not change.
	// This includes the case where both baseline and simulated are UNKNOWN,
	// but the unknown information is equivalent.
	AccessStateDiff_NO_CHANGE AccessStateDiff_AccessChangeType = 1
	// The principal's access under both the current policies and the proposed
	// policies is `UNKNOWN`, but the unknown information differs between them.
	AccessStateDiff_UNKNOWN_CHANGE AccessStateDiff_AccessChangeType = 2
	// The principal had access under the current policies (`GRANTED`), but will
	// no longer have access after the proposed changes (`NOT_GRANTED`).
	AccessStateDiff_ACCESS_REVOKED AccessStateDiff_AccessChangeType = 3
	// The principal did not have access under the current policies
	// (`NOT_GRANTED`), but will have access after the proposed changes
	// (`GRANTED`).
	AccessStateDiff_ACCESS_GAINED AccessStateDiff_AccessChangeType = 4
	// This result can occur for the following reasons:
	//
	//   - The principal had access under the current policies (`GRANTED`), but
	//     their access after the proposed changes is `UNKNOWN`.
	//
	// * The principal's access under the current policies is `UNKNOWN`, but
	// they
	//
	//	will not have access after the proposed changes (`NOT_GRANTED`).
	AccessStateDiff_ACCESS_MAYBE_REVOKED AccessStateDiff_AccessChangeType = 5
	// This result can occur for the following reasons:
	//
	//   - The principal did not have access under the current policies
	//     (`NOT_GRANTED`), but their access after the proposed changes is
	//     `UNKNOWN`.
	//
	// * The principal's access under the current policies is `UNKNOWN`, but
	// they will have access after the proposed changes (`GRANTED`).
	AccessStateDiff_ACCESS_MAYBE_GAINED AccessStateDiff_AccessChangeType = 6
)

func (AccessStateDiff_AccessChangeType) Descriptor 

func (AccessStateDiff_AccessChangeType) Descriptor() protoreflect.EnumDescriptor

func (AccessStateDiff_AccessChangeType) Enum 

func (x AccessStateDiff_AccessChangeType) Enum() *AccessStateDiff_AccessChangeType

func (AccessStateDiff_AccessChangeType) EnumDescriptor deprecated 

func (AccessStateDiff_AccessChangeType) EnumDescriptor() ([]byte, []int)

Deprecated: Use AccessStateDiff_AccessChangeType.Descriptor instead.

func (AccessStateDiff_AccessChangeType) Number 

func (x AccessStateDiff_AccessChangeType) Number() protoreflect.EnumNumber

func (AccessStateDiff_AccessChangeType) String 

func (x AccessStateDiff_AccessChangeType) String() string

func (AccessStateDiff_AccessChangeType) Type 

func (AccessStateDiff_AccessChangeType) Type() protoreflect.EnumType

type AccessTuple 

type AccessTuple struct {

	// Required. The principal whose access you want to check, in the form of
	// the email address that represents that principal. For example,
	// `alice@example.com` or
	// `my-service-account@my-project.iam.gserviceaccount.com`.
	//
	// The principal must be a Google Account or a service account. Other types of
	// principals are not supported.
	Principal string `protobuf:"bytes,1,opt,name=principal,proto3" json:"principal,omitempty"`
	// Required. The full resource name that identifies the resource. For example,
	// `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
	//
	// For examples of full resource names for Google Cloud services, see
	// https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
	FullResourceName string `protobuf:"bytes,2,opt,name=full_resource_name,json=fullResourceName,proto3" json:"full_resource_name,omitempty"`
	// Required. The IAM permission to check for the specified principal and
	// resource.
	//
	// For a complete list of IAM permissions, see
	// https://cloud.google.com/iam/help/permissions/reference.
	//
	// For a complete list of predefined IAM roles and the permissions in each
	// role, see https://cloud.google.com/iam/help/roles/reference.
	Permission string `protobuf:"bytes,3,opt,name=permission,proto3" json:"permission,omitempty"`
	// contains filtered or unexported fields
}

Information about the principal, resource, and permission to check.

func (*AccessTuple) Descriptor deprecated 

func (*AccessTuple) Descriptor() ([]byte, []int)

Deprecated: Use AccessTuple.ProtoReflect.Descriptor instead.

func (*AccessTuple) GetFullResourceName 

func (x *AccessTuple) GetFullResourceName() string

func (*AccessTuple) GetPermission 

func (x *AccessTuple) GetPermission() string

func (*AccessTuple) GetPrincipal 

func (x *AccessTuple) GetPrincipal() string

func (*AccessTuple) ProtoMessage 

func (*AccessTuple) ProtoMessage()

func (*AccessTuple) ProtoReflect 

func (x *AccessTuple) ProtoReflect() protoreflect.Message

func (*AccessTuple) Reset 

func (x *AccessTuple) Reset()

func (*AccessTuple) String 

func (x *AccessTuple) String() string

type BindingExplanation 

type BindingExplanation struct {

	// Required. Indicates whether _this binding_ provides the specified
	// permission to the specified principal for the specified resource.
	//
	// This field does _not_ indicate whether the principal actually has the
	// permission for the resource. There might be another binding that overrides
	// this binding. To determine whether the principal actually has the
	// permission, use the `access` field in the
	// [TroubleshootIamPolicyResponse][google.cloud.policytroubleshooter.v3.TroubleshootIamPolicyResponse].
	Access AccessState `protobuf:"varint,1,opt,name=access,proto3,enum=google.cloud.policysimulator.v1.AccessState" json:"access,omitempty"`
	// The role that this binding grants. For example,
	// `roles/compute.serviceAgent`.
	//
	// For a complete list of predefined IAM roles, as well as the permissions in
	// each role, see https://cloud.google.com/iam/help/roles/reference.
	Role string `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"`
	// Indicates whether the role granted by this binding contains the specified
	// permission.
	RolePermission BindingExplanation_RolePermission `` /* 175-byte string literal not displayed */
	// The relevance of the permission's existence, or nonexistence, in the role
	// to the overall determination for the entire policy.
	RolePermissionRelevance HeuristicRelevance `` /* 189-byte string literal not displayed */
	// Indicates whether each principal in the binding includes the principal
	// specified in the request, either directly or indirectly. Each key
	// identifies a principal in the binding, and each value indicates whether the
	// principal in the binding includes the principal in the request.
	//
	// For example, suppose that a binding includes the following principals:
	//
	// * `user:alice@example.com`
	// * `group:product-eng@example.com`
	//
	// The principal in the replayed access tuple is `user:bob@example.com`. This
	// user is a principal of the group `group:product-eng@example.com`.
	//
	// For the first principal in the binding, the key is
	// `user:alice@example.com`, and the `membership` field in the value is set to
	// `MEMBERSHIP_NOT_INCLUDED`.
	//
	// For the second principal in the binding, the key is
	// `group:product-eng@example.com`, and the `membership` field in the value is
	// set to `MEMBERSHIP_INCLUDED`.
	Memberships map[string]*BindingExplanation_AnnotatedMembership `` /* 163-byte string literal not displayed */
	// The relevance of this binding to the overall determination for the entire
	// policy.
	Relevance HeuristicRelevance `` /* 128-byte string literal not displayed */
	// A condition expression that prevents this binding from granting access
	// unless the expression evaluates to `true`.
	//
	// To learn about IAM Conditions, see
	// https://cloud.google.com/iam/docs/conditions-overview.
	Condition *expr.Expr `protobuf:"bytes,7,opt,name=condition,proto3" json:"condition,omitempty"`
	// contains filtered or unexported fields
}

Details about how a binding in a policy affects a principal's ability to use a permission.

func (*BindingExplanation) Descriptor deprecated 

func (*BindingExplanation) Descriptor() ([]byte, []int)

Deprecated: Use BindingExplanation.ProtoReflect.Descriptor instead.

func (*BindingExplanation) GetAccess 

func (x *BindingExplanation) GetAccess() AccessState

func (*BindingExplanation) GetCondition 

func (x *BindingExplanation) GetCondition() *expr.Expr

func (*BindingExplanation) GetMemberships 

func (x *BindingExplanation) GetMemberships() map[string]*BindingExplanation_AnnotatedMembership

func (*BindingExplanation) GetRelevance 

func (x *BindingExplanation) GetRelevance() HeuristicRelevance

func (*BindingExplanation) GetRole 

func (x *BindingExplanation) GetRole() string

func (*BindingExplanation) GetRolePermission 

func (x *BindingExplanation) GetRolePermission() BindingExplanation_RolePermission

func (*BindingExplanation) GetRolePermissionRelevance 

func (x *BindingExplanation) GetRolePermissionRelevance() HeuristicRelevance

func (*BindingExplanation) ProtoMessage 

func (*BindingExplanation) ProtoMessage()

func (*BindingExplanation) ProtoReflect 

func (x *BindingExplanation) ProtoReflect() protoreflect.Message

func (*BindingExplanation) Reset 

func (x *BindingExplanation) Reset()

func (*BindingExplanation) String 

func (x *BindingExplanation) String() string

type BindingExplanation_AnnotatedMembership 

type BindingExplanation_AnnotatedMembership struct {

	// Indicates whether the binding includes the principal.
	Membership BindingExplanation_Membership `` /* 141-byte string literal not displayed */
	// The relevance of the principal's status to the overall determination for
	// the binding.
	Relevance HeuristicRelevance `` /* 128-byte string literal not displayed */
	// contains filtered or unexported fields
}

Details about whether the binding includes the principal.

func (*BindingExplanation_AnnotatedMembership) Descriptor deprecated 

func (*BindingExplanation_AnnotatedMembership) Descriptor() ([]byte, []int)

Deprecated: Use BindingExplanation_AnnotatedMembership.ProtoReflect.Descriptor instead.

func (*BindingExplanation_AnnotatedMembership) GetMembership 

func (x *BindingExplanation_AnnotatedMembership) GetMembership() BindingExplanation_Membership

func (*BindingExplanation_AnnotatedMembership) GetRelevance 

func (x *BindingExplanation_AnnotatedMembership) GetRelevance() HeuristicRelevance

func (*BindingExplanation_AnnotatedMembership) ProtoMessage 

func (*BindingExplanation_AnnotatedMembership) ProtoMessage()

func (*BindingExplanation_AnnotatedMembership) ProtoReflect 

func (x *BindingExplanation_AnnotatedMembership) ProtoReflect() protoreflect.Message

func (*BindingExplanation_AnnotatedMembership) Reset 

func (x *BindingExplanation_AnnotatedMembership) Reset()

func (*BindingExplanation_AnnotatedMembership) String 

func (x *BindingExplanation_AnnotatedMembership) String() string

type BindingExplanation_Membership 

type BindingExplanation_Membership int32

Whether the binding includes the principal. 

const (
	// Default value. This value is unused.
	BindingExplanation_MEMBERSHIP_UNSPECIFIED BindingExplanation_Membership = 0
	// The binding includes the principal. The principal can be included
	// directly or indirectly. For example:
	//
	//   - A principal is included directly if that principal is listed in the
	//     binding.
	//   - A principal is included indirectly if that principal is in a Google
	//     group or Google Workspace domain that is listed in the binding.
	BindingExplanation_MEMBERSHIP_INCLUDED BindingExplanation_Membership = 1
	// The binding does not include the principal.
	BindingExplanation_MEMBERSHIP_NOT_INCLUDED BindingExplanation_Membership = 2
	// The user who created the
	// [Replay][google.cloud.policysimulator.v1.Replay] is not
	// allowed to access the binding.
	BindingExplanation_MEMBERSHIP_UNKNOWN_INFO_DENIED BindingExplanation_Membership = 3
	// The principal is an unsupported type. Only Google Accounts and service
	// accounts are supported.
	BindingExplanation_MEMBERSHIP_UNKNOWN_UNSUPPORTED BindingExplanation_Membership = 4
)

func (BindingExplanation_Membership) Descriptor 

func (BindingExplanation_Membership) Descriptor() protoreflect.EnumDescriptor

func (BindingExplanation_Membership) Enum 

func (x BindingExplanation_Membership) Enum() *BindingExplanation_Membership

func (BindingExplanation_Membership) EnumDescriptor deprecated 

func (BindingExplanation_Membership) EnumDescriptor() ([]byte, []int)

Deprecated: Use BindingExplanation_Membership.Descriptor instead.

func (BindingExplanation_Membership) Number 

func (x BindingExplanation_Membership) Number() protoreflect.EnumNumber

func (BindingExplanation_Membership) String 

func (x BindingExplanation_Membership) String() string

func (BindingExplanation_Membership) Type 

func (BindingExplanation_Membership) Type() protoreflect.EnumType

type BindingExplanation_RolePermission 

type BindingExplanation_RolePermission int32

Whether a role includes a specific permission. 

const (
	// Default value. This value is unused.
	BindingExplanation_ROLE_PERMISSION_UNSPECIFIED BindingExplanation_RolePermission = 0
	// The permission is included in the role.
	BindingExplanation_ROLE_PERMISSION_INCLUDED BindingExplanation_RolePermission = 1
	// The permission is not included in the role.
	BindingExplanation_ROLE_PERMISSION_NOT_INCLUDED BindingExplanation_RolePermission = 2
	// The user who created the
	// [Replay][google.cloud.policysimulator.v1.Replay] is not
	// allowed to access the binding.
	BindingExplanation_ROLE_PERMISSION_UNKNOWN_INFO_DENIED BindingExplanation_RolePermission = 3
)

func (BindingExplanation_RolePermission) Descriptor 

func (BindingExplanation_RolePermission) Descriptor() protoreflect.EnumDescriptor

func (BindingExplanation_RolePermission) Enum 

func (x BindingExplanation_RolePermission) Enum() *BindingExplanation_RolePermission

func (BindingExplanation_RolePermission) EnumDescriptor deprecated 

func (BindingExplanation_RolePermission) EnumDescriptor() ([]byte, []int)

Deprecated: Use BindingExplanation_RolePermission.Descriptor instead.

func (BindingExplanation_RolePermission) Number 

func (x BindingExplanation_RolePermission) Number() protoreflect.EnumNumber

func (BindingExplanation_RolePermission) String 

func (x BindingExplanation_RolePermission) String() string

func (BindingExplanation_RolePermission) Type 

func (BindingExplanation_RolePermission) Type() protoreflect.EnumType

type CreateOrgPolicyViolationsPreviewOperationMetadata added in v0.4.0 

type CreateOrgPolicyViolationsPreviewOperationMetadata struct {

	// Time when the request was received.
	RequestTime *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=request_time,json=requestTime,proto3" json:"request_time,omitempty"`
	// Time when the request started processing, i.e., when the state was set to
	// RUNNING.
	StartTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=start_time,json=startTime,proto3" json:"start_time,omitempty"`
	// Output only. The current state of the operation.
	State PreviewState `protobuf:"varint,3,opt,name=state,proto3,enum=google.cloud.policysimulator.v1.PreviewState" json:"state,omitempty"`
	// Total number of resources that need scanning.
	// Should equal resource_scanned + resources_pending
	ResourcesFound int32 `protobuf:"varint,4,opt,name=resources_found,json=resourcesFound,proto3" json:"resources_found,omitempty"`
	// Number of resources already scanned.
	ResourcesScanned int32 `protobuf:"varint,5,opt,name=resources_scanned,json=resourcesScanned,proto3" json:"resources_scanned,omitempty"`
	// Number of resources still to scan.
	ResourcesPending int32 `protobuf:"varint,6,opt,name=resources_pending,json=resourcesPending,proto3" json:"resources_pending,omitempty"`
	// contains filtered or unexported fields
}

CreateOrgPolicyViolationsPreviewOperationMetadata is metadata about an OrgPolicyViolationsPreview generations operation.

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) Descriptor deprecated added in v0.4.0 

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) Descriptor() ([]byte, []int)

Deprecated: Use CreateOrgPolicyViolationsPreviewOperationMetadata.ProtoReflect.Descriptor instead.

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetRequestTime added in v0.4.0 

func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) GetRequestTime() *timestamppb.Timestamp

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetResourcesFound added in v0.4.0 

func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) GetResourcesFound() int32

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetResourcesPending added in v0.4.0 

func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) GetResourcesPending() int32

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetResourcesScanned added in v0.4.0 

func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) GetResourcesScanned() int32

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetStartTime added in v0.4.0 

func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) GetStartTime() *timestamppb.Timestamp

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) GetState added in v0.4.0 

func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) GetState() PreviewState

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) ProtoMessage added in v0.4.0 

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) ProtoMessage()

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) ProtoReflect added in v0.4.0 

func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) ProtoReflect() protoreflect.Message

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) Reset added in v0.4.0 

func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) Reset()

func (*CreateOrgPolicyViolationsPreviewOperationMetadata) String added in v0.4.0 

func (x *CreateOrgPolicyViolationsPreviewOperationMetadata) String() string

type CreateOrgPolicyViolationsPreviewRequest added in v0.4.0 

type CreateOrgPolicyViolationsPreviewRequest struct {

	// Required. The organization under which this
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// will be created.
	//
	// Example: `organizations/my-example-org/locations/global`
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. The
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// to generate.
	OrgPolicyViolationsPreview *OrgPolicyViolationsPreview `` /* 143-byte string literal not displayed */
	// Optional. An optional user-specified ID for the
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
	// If not provided, a random ID will be generated.
	OrgPolicyViolationsPreviewId string `` /* 151-byte string literal not displayed */
	// contains filtered or unexported fields
}

CreateOrgPolicyViolationsPreviewRequest is the request message for [OrgPolicyViolationsPreviewService.CreateOrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.CreateOrgPolicyViolationsPreview].

func (*CreateOrgPolicyViolationsPreviewRequest) Descriptor deprecated added in v0.4.0 

func (*CreateOrgPolicyViolationsPreviewRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateOrgPolicyViolationsPreviewRequest.ProtoReflect.Descriptor instead.

func (*CreateOrgPolicyViolationsPreviewRequest) GetOrgPolicyViolationsPreview added in v0.4.0 

func (x *CreateOrgPolicyViolationsPreviewRequest) GetOrgPolicyViolationsPreview() *OrgPolicyViolationsPreview

func (*CreateOrgPolicyViolationsPreviewRequest) GetOrgPolicyViolationsPreviewId added in v0.4.0 

func (x *CreateOrgPolicyViolationsPreviewRequest) GetOrgPolicyViolationsPreviewId() string

func (*CreateOrgPolicyViolationsPreviewRequest) GetParent added in v0.4.0 

func (x *CreateOrgPolicyViolationsPreviewRequest) GetParent() string

func (*CreateOrgPolicyViolationsPreviewRequest) ProtoMessage added in v0.4.0 

func (*CreateOrgPolicyViolationsPreviewRequest) ProtoMessage()

func (*CreateOrgPolicyViolationsPreviewRequest) ProtoReflect added in v0.4.0 

func (x *CreateOrgPolicyViolationsPreviewRequest) ProtoReflect() protoreflect.Message

func (*CreateOrgPolicyViolationsPreviewRequest) Reset added in v0.4.0 

func (x *CreateOrgPolicyViolationsPreviewRequest) Reset()

func (*CreateOrgPolicyViolationsPreviewRequest) String added in v0.4.0 

func (x *CreateOrgPolicyViolationsPreviewRequest) String() string

type CreateReplayRequest 

type CreateReplayRequest struct {

	// Required. The parent resource where this
	// [Replay][google.cloud.policysimulator.v1.Replay] will be created. This
	// resource must be a project, folder, or organization with a location.
	//
	// Example: `projects/my-example-project/locations/global`
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. The [Replay][google.cloud.policysimulator.v1.Replay] to create.
	// Set `Replay.ReplayConfig` to configure the replay.
	Replay *Replay `protobuf:"bytes,2,opt,name=replay,proto3" json:"replay,omitempty"`
	// contains filtered or unexported fields
}

Request message for [Simulator.CreateReplay][google.cloud.policysimulator.v1.Simulator.CreateReplay].

func (*CreateReplayRequest) Descriptor deprecated 

func (*CreateReplayRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateReplayRequest.ProtoReflect.Descriptor instead.

func (*CreateReplayRequest) GetParent 

func (x *CreateReplayRequest) GetParent() string

func (*CreateReplayRequest) GetReplay 

func (x *CreateReplayRequest) GetReplay() *Replay

func (*CreateReplayRequest) ProtoMessage 

func (*CreateReplayRequest) ProtoMessage()

func (*CreateReplayRequest) ProtoReflect 

func (x *CreateReplayRequest) ProtoReflect() protoreflect.Message

func (*CreateReplayRequest) Reset 

func (x *CreateReplayRequest) Reset()

func (*CreateReplayRequest) String 

func (x *CreateReplayRequest) String() string

type ExplainedAccess 

type ExplainedAccess struct {

	// Whether the principal in the access tuple has permission to access the
	// resource in the access tuple under the given policies.
	AccessState AccessState `` /* 144-byte string literal not displayed */
	// If the [AccessState][google.cloud.policysimulator.v1.AccessState] is
	// `UNKNOWN`, this field contains the policies that led to that result.
	//
	// If the `AccessState` is `GRANTED` or `NOT_GRANTED`, this field is
	// omitted.
	Policies []*ExplainedPolicy `protobuf:"bytes,2,rep,name=policies,proto3" json:"policies,omitempty"`
	// If the [AccessState][google.cloud.policysimulator.v1.AccessState] is
	// `UNKNOWN`, this field contains a list of errors explaining why the result
	// is `UNKNOWN`.
	//
	// If the `AccessState` is `GRANTED` or `NOT_GRANTED`, this field is
	// omitted.
	Errors []*status.Status `protobuf:"bytes,3,rep,name=errors,proto3" json:"errors,omitempty"`
	// contains filtered or unexported fields
}

Details about how a set of policies, listed in ExplainedPolicy[google.cloud.policysimulator.v1.ExplainedPolicy], resulted in a certain AccessState[google.cloud.policysimulator.v1.AccessState] when replaying an access tuple.

func (*ExplainedAccess) Descriptor deprecated 

func (*ExplainedAccess) Descriptor() ([]byte, []int)

Deprecated: Use ExplainedAccess.ProtoReflect.Descriptor instead.

func (*ExplainedAccess) GetAccessState 

func (x *ExplainedAccess) GetAccessState() AccessState

func (*ExplainedAccess) GetErrors 

func (x *ExplainedAccess) GetErrors() []*status.Status

func (*ExplainedAccess) GetPolicies 

func (x *ExplainedAccess) GetPolicies() []*ExplainedPolicy

func (*ExplainedAccess) ProtoMessage 

func (*ExplainedAccess) ProtoMessage()

func (*ExplainedAccess) ProtoReflect 

func (x *ExplainedAccess) ProtoReflect() protoreflect.Message

func (*ExplainedAccess) Reset 

func (x *ExplainedAccess) Reset()

func (*ExplainedAccess) String 

func (x *ExplainedAccess) String() string

type ExplainedPolicy 

type ExplainedPolicy struct {

	// Indicates whether _this policy_ provides the specified permission to the
	// specified principal for the specified resource.
	//
	// This field does _not_ indicate whether the principal actually has the
	// permission for the resource. There might be another policy that overrides
	// this policy. To determine whether the principal actually has the
	// permission, use the `access` field in the
	// [TroubleshootIamPolicyResponse][google.cloud.policytroubleshooter.v3.TroubleshootIamPolicyResponse].
	Access AccessState `protobuf:"varint,1,opt,name=access,proto3,enum=google.cloud.policysimulator.v1.AccessState" json:"access,omitempty"`
	// The full resource name that identifies the resource. For example,
	// `//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance`.
	//
	// If the user who created the
	// [Replay][google.cloud.policysimulator.v1.Replay] does not have
	// access to the policy, this field is omitted.
	//
	// For examples of full resource names for Google Cloud services, see
	// https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
	FullResourceName string `protobuf:"bytes,2,opt,name=full_resource_name,json=fullResourceName,proto3" json:"full_resource_name,omitempty"`
	// The IAM policy attached to the resource.
	//
	// If the user who created the
	// [Replay][google.cloud.policysimulator.v1.Replay] does not have
	// access to the policy, this field is empty.
	Policy *iampb.Policy `protobuf:"bytes,3,opt,name=policy,proto3" json:"policy,omitempty"`
	// Details about how each binding in the policy affects the principal's
	// ability, or inability, to use the permission for the resource.
	//
	// If the user who created the
	// [Replay][google.cloud.policysimulator.v1.Replay] does not have
	// access to the policy, this field is omitted.
	BindingExplanations []*BindingExplanation `protobuf:"bytes,4,rep,name=binding_explanations,json=bindingExplanations,proto3" json:"binding_explanations,omitempty"`
	// The relevance of this policy to the overall determination in the
	// [TroubleshootIamPolicyResponse][google.cloud.policytroubleshooter.v3.TroubleshootIamPolicyResponse].
	//
	// If the user who created the
	// [Replay][google.cloud.policysimulator.v1.Replay] does not have
	// access to the policy, this field is omitted.
	Relevance HeuristicRelevance `` /* 128-byte string literal not displayed */
	// contains filtered or unexported fields
}

Details about how a specific IAM [Policy][google.iam.v1.Policy] contributed to the access check.

func (*ExplainedPolicy) Descriptor deprecated 

func (*ExplainedPolicy) Descriptor() ([]byte, []int)

Deprecated: Use ExplainedPolicy.ProtoReflect.Descriptor instead.

func (*ExplainedPolicy) GetAccess 

func (x *ExplainedPolicy) GetAccess() AccessState

func (*ExplainedPolicy) GetBindingExplanations 

func (x *ExplainedPolicy) GetBindingExplanations() []*BindingExplanation

func (*ExplainedPolicy) GetFullResourceName 

func (x *ExplainedPolicy) GetFullResourceName() string

func (*ExplainedPolicy) GetPolicy 

func (x *ExplainedPolicy) GetPolicy() *iampb.Policy

func (*ExplainedPolicy) GetRelevance 

func (x *ExplainedPolicy) GetRelevance() HeuristicRelevance

func (*ExplainedPolicy) ProtoMessage 

func (*ExplainedPolicy) ProtoMessage()

func (*ExplainedPolicy) ProtoReflect 

func (x *ExplainedPolicy) ProtoReflect() protoreflect.Message

func (*ExplainedPolicy) Reset 

func (x *ExplainedPolicy) Reset()

func (*ExplainedPolicy) String 

func (x *ExplainedPolicy) String() string

type GetOrgPolicyViolationsPreviewRequest added in v0.4.0 

type GetOrgPolicyViolationsPreviewRequest struct {

	// Required. The name of the OrgPolicyViolationsPreview to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

GetOrgPolicyViolationsPreviewRequest is the request message for [OrgPolicyViolationsPreviewService.GetOrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.GetOrgPolicyViolationsPreview].

func (*GetOrgPolicyViolationsPreviewRequest) Descriptor deprecated added in v0.4.0 

func (*GetOrgPolicyViolationsPreviewRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetOrgPolicyViolationsPreviewRequest.ProtoReflect.Descriptor instead.

func (*GetOrgPolicyViolationsPreviewRequest) GetName added in v0.4.0 

func (x *GetOrgPolicyViolationsPreviewRequest) GetName() string

func (*GetOrgPolicyViolationsPreviewRequest) ProtoMessage added in v0.4.0 

func (*GetOrgPolicyViolationsPreviewRequest) ProtoMessage()

func (*GetOrgPolicyViolationsPreviewRequest) ProtoReflect added in v0.4.0 

func (x *GetOrgPolicyViolationsPreviewRequest) ProtoReflect() protoreflect.Message

func (*GetOrgPolicyViolationsPreviewRequest) Reset added in v0.4.0 

func (x *GetOrgPolicyViolationsPreviewRequest) Reset()

func (*GetOrgPolicyViolationsPreviewRequest) String added in v0.4.0 

func (x *GetOrgPolicyViolationsPreviewRequest) String() string

type GetReplayRequest 

type GetReplayRequest struct {

	// Required. The name of the [Replay][google.cloud.policysimulator.v1.Replay]
	// to retrieve, in the following format:
	//
	// `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}`,
	// where `{resource-id}` is the ID of the project, folder, or organization
	// that owns the `Replay`.
	//
	// Example:
	// `projects/my-example-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36`
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

Request message for [Simulator.GetReplay][google.cloud.policysimulator.v1.Simulator.GetReplay].

func (*GetReplayRequest) Descriptor deprecated 

func (*GetReplayRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetReplayRequest.ProtoReflect.Descriptor instead.

func (*GetReplayRequest) GetName 

func (x *GetReplayRequest) GetName() string

func (*GetReplayRequest) ProtoMessage 

func (*GetReplayRequest) ProtoMessage()

func (*GetReplayRequest) ProtoReflect 

func (x *GetReplayRequest) ProtoReflect() protoreflect.Message

func (*GetReplayRequest) Reset 

func (x *GetReplayRequest) Reset()

func (*GetReplayRequest) String 

func (x *GetReplayRequest) String() string

type HeuristicRelevance 

type HeuristicRelevance int32

The extent to which a single data point, such as the existence of a binding or whether a binding includes a specific principal, contributes to an overall determination. 

const (
	// Default value. This value is unused.
	HeuristicRelevance_HEURISTIC_RELEVANCE_UNSPECIFIED HeuristicRelevance = 0
	// The data point has a limited effect on the result. Changing the data point
	// is unlikely to affect the overall determination.
	HeuristicRelevance_NORMAL HeuristicRelevance = 1
	// The data point has a strong effect on the result. Changing the data point
	// is likely to affect the overall determination.
	HeuristicRelevance_HIGH HeuristicRelevance = 2
)

func (HeuristicRelevance) Descriptor 

func (HeuristicRelevance) Descriptor() protoreflect.EnumDescriptor

func (HeuristicRelevance) Enum 

func (x HeuristicRelevance) Enum() *HeuristicRelevance

func (HeuristicRelevance) EnumDescriptor deprecated 

func (HeuristicRelevance) EnumDescriptor() ([]byte, []int)

Deprecated: Use HeuristicRelevance.Descriptor instead.

func (HeuristicRelevance) Number 

func (x HeuristicRelevance) Number() protoreflect.EnumNumber

func (HeuristicRelevance) String 

func (x HeuristicRelevance) String() string

func (HeuristicRelevance) Type 

func (HeuristicRelevance) Type() protoreflect.EnumType

type ListOrgPolicyViolationsPreviewsRequest added in v0.4.0 

type ListOrgPolicyViolationsPreviewsRequest struct {

	// Required. The parent the violations are scoped to.
	// Format:
	// `organizations/{organization}/locations/{location}`
	//
	// Example: `organizations/my-example-org/locations/global`
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. The maximum number of items to return. The service may return
	// fewer than this value. If unspecified, at most 5 items will be returned.
	// The maximum value is 10; values above 10 will be coerced to 10.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. A page token, received from a previous call. Provide this to
	// retrieve the subsequent page.
	//
	// When paginating, all other parameters must match the call that provided the
	// page token.
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// contains filtered or unexported fields
}

ListOrgPolicyViolationsPreviewsRequest is the request message for [OrgPolicyViolationsPreviewService.ListOrgPolicyViolationsPreviews][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.ListOrgPolicyViolationsPreviews].

func (*ListOrgPolicyViolationsPreviewsRequest) Descriptor deprecated added in v0.4.0 

func (*ListOrgPolicyViolationsPreviewsRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListOrgPolicyViolationsPreviewsRequest.ProtoReflect.Descriptor instead.

func (*ListOrgPolicyViolationsPreviewsRequest) GetPageSize added in v0.4.0 

func (x *ListOrgPolicyViolationsPreviewsRequest) GetPageSize() int32

func (*ListOrgPolicyViolationsPreviewsRequest) GetPageToken added in v0.4.0 

func (x *ListOrgPolicyViolationsPreviewsRequest) GetPageToken() string

func (*ListOrgPolicyViolationsPreviewsRequest) GetParent added in v0.4.0 

func (x *ListOrgPolicyViolationsPreviewsRequest) GetParent() string

func (*ListOrgPolicyViolationsPreviewsRequest) ProtoMessage added in v0.4.0 

func (*ListOrgPolicyViolationsPreviewsRequest) ProtoMessage()

func (*ListOrgPolicyViolationsPreviewsRequest) ProtoReflect added in v0.4.0 

func (x *ListOrgPolicyViolationsPreviewsRequest) ProtoReflect() protoreflect.Message

func (*ListOrgPolicyViolationsPreviewsRequest) Reset added in v0.4.0 

func (x *ListOrgPolicyViolationsPreviewsRequest) Reset()

func (*ListOrgPolicyViolationsPreviewsRequest) String added in v0.4.0 

func (x *ListOrgPolicyViolationsPreviewsRequest) String() string

type ListOrgPolicyViolationsPreviewsResponse added in v0.4.0 

type ListOrgPolicyViolationsPreviewsResponse struct {

	// The list of OrgPolicyViolationsPreview
	OrgPolicyViolationsPreviews []*OrgPolicyViolationsPreview `` /* 146-byte string literal not displayed */
	// A token that you can use to retrieve the next page of results.
	// If this field is omitted, there are no subsequent pages.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// contains filtered or unexported fields
}

ListOrgPolicyViolationsPreviewsResponse is the response message for [OrgPolicyViolationsPreviewService.ListOrgPolicyViolationsPreviews][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.ListOrgPolicyViolationsPreviews].

func (*ListOrgPolicyViolationsPreviewsResponse) Descriptor deprecated added in v0.4.0 

func (*ListOrgPolicyViolationsPreviewsResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListOrgPolicyViolationsPreviewsResponse.ProtoReflect.Descriptor instead.

func (*ListOrgPolicyViolationsPreviewsResponse) GetNextPageToken added in v0.4.0 

func (x *ListOrgPolicyViolationsPreviewsResponse) GetNextPageToken() string

func (*ListOrgPolicyViolationsPreviewsResponse) GetOrgPolicyViolationsPreviews added in v0.4.0 

func (x *ListOrgPolicyViolationsPreviewsResponse) GetOrgPolicyViolationsPreviews() []*OrgPolicyViolationsPreview

func (*ListOrgPolicyViolationsPreviewsResponse) ProtoMessage added in v0.4.0 

func (*ListOrgPolicyViolationsPreviewsResponse) ProtoMessage()

func (*ListOrgPolicyViolationsPreviewsResponse) ProtoReflect added in v0.4.0 

func (x *ListOrgPolicyViolationsPreviewsResponse) ProtoReflect() protoreflect.Message

func (*ListOrgPolicyViolationsPreviewsResponse) Reset added in v0.4.0 

func (x *ListOrgPolicyViolationsPreviewsResponse) Reset()

func (*ListOrgPolicyViolationsPreviewsResponse) String added in v0.4.0 

func (x *ListOrgPolicyViolationsPreviewsResponse) String() string

type ListOrgPolicyViolationsRequest added in v0.4.0 

type ListOrgPolicyViolationsRequest struct {

	// Required. The OrgPolicyViolationsPreview to get OrgPolicyViolations from.
	// Format:
	// organizations/{organization}/locations/{location}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreview}
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. The maximum number of items to return. The service may return
	// fewer than this value. If unspecified, at most 1000 items will be returned.
	// The maximum value is 1000; values above 1000 will be coerced to 1000.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. A page token, received from a previous call. Provide this to
	// retrieve the subsequent page.
	//
	// When paginating, all other parameters must match the call that provided the
	// page token.
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// contains filtered or unexported fields
}

ListOrgPolicyViolationsRequest is the request message for [OrgPolicyViolationsPreviewService.ListOrgPolicyViolations][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.ListOrgPolicyViolations].

func (*ListOrgPolicyViolationsRequest) Descriptor deprecated added in v0.4.0 

func (*ListOrgPolicyViolationsRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListOrgPolicyViolationsRequest.ProtoReflect.Descriptor instead.

func (*ListOrgPolicyViolationsRequest) GetPageSize added in v0.4.0 

func (x *ListOrgPolicyViolationsRequest) GetPageSize() int32

func (*ListOrgPolicyViolationsRequest) GetPageToken added in v0.4.0 

func (x *ListOrgPolicyViolationsRequest) GetPageToken() string

func (*ListOrgPolicyViolationsRequest) GetParent added in v0.4.0 

func (x *ListOrgPolicyViolationsRequest) GetParent() string

func (*ListOrgPolicyViolationsRequest) ProtoMessage added in v0.4.0 

func (*ListOrgPolicyViolationsRequest) ProtoMessage()

func (*ListOrgPolicyViolationsRequest) ProtoReflect added in v0.4.0 

func (x *ListOrgPolicyViolationsRequest) ProtoReflect() protoreflect.Message

func (*ListOrgPolicyViolationsRequest) Reset added in v0.4.0 

func (x *ListOrgPolicyViolationsRequest) Reset()

func (*ListOrgPolicyViolationsRequest) String added in v0.4.0 

func (x *ListOrgPolicyViolationsRequest) String() string

type ListOrgPolicyViolationsResponse added in v0.4.0 

type ListOrgPolicyViolationsResponse struct {

	// The list of OrgPolicyViolations
	OrgPolicyViolations []*OrgPolicyViolation `protobuf:"bytes,1,rep,name=org_policy_violations,json=orgPolicyViolations,proto3" json:"org_policy_violations,omitempty"`
	// A token that you can use to retrieve the next page of results.
	// If this field is omitted, there are no subsequent pages.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// contains filtered or unexported fields
}

ListOrgPolicyViolationsResponse is the response message for [OrgPolicyViolationsPreviewService.ListOrgPolicyViolations][google.cloud.policysimulator.v1.OrgPolicyViolationsPreviewService.ListOrgPolicyViolations]

func (*ListOrgPolicyViolationsResponse) Descriptor deprecated added in v0.4.0 

func (*ListOrgPolicyViolationsResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListOrgPolicyViolationsResponse.ProtoReflect.Descriptor instead.

func (*ListOrgPolicyViolationsResponse) GetNextPageToken added in v0.4.0 

func (x *ListOrgPolicyViolationsResponse) GetNextPageToken() string

func (*ListOrgPolicyViolationsResponse) GetOrgPolicyViolations added in v0.4.0 

func (x *ListOrgPolicyViolationsResponse) GetOrgPolicyViolations() []*OrgPolicyViolation

func (*ListOrgPolicyViolationsResponse) ProtoMessage added in v0.4.0 

func (*ListOrgPolicyViolationsResponse) ProtoMessage()

func (*ListOrgPolicyViolationsResponse) ProtoReflect added in v0.4.0 

func (x *ListOrgPolicyViolationsResponse) ProtoReflect() protoreflect.Message

func (*ListOrgPolicyViolationsResponse) Reset added in v0.4.0 

func (x *ListOrgPolicyViolationsResponse) Reset()

func (*ListOrgPolicyViolationsResponse) String added in v0.4.0 

func (x *ListOrgPolicyViolationsResponse) String() string

type ListReplayResultsRequest 

type ListReplayResultsRequest struct {

	// Required. The [Replay][google.cloud.policysimulator.v1.Replay] whose
	// results are listed, in the following format:
	//
	// `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}`
	//
	// Example:
	// `projects/my-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36`
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// The maximum number of
	// [ReplayResult][google.cloud.policysimulator.v1.ReplayResult] objects to
	// return. Defaults to 5000.
	//
	// The maximum value is 5000; values above 5000 are rounded down to 5000.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// A page token, received from a previous
	// [Simulator.ListReplayResults][google.cloud.policysimulator.v1.Simulator.ListReplayResults]
	// call. Provide this token to retrieve the next page of results.
	//
	// When paginating, all other parameters provided to
	// [Simulator.ListReplayResults[] must match the call that provided the page
	// token.
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// contains filtered or unexported fields
}

Request message for [Simulator.ListReplayResults][google.cloud.policysimulator.v1.Simulator.ListReplayResults].

func (*ListReplayResultsRequest) Descriptor deprecated 

func (*ListReplayResultsRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListReplayResultsRequest.ProtoReflect.Descriptor instead.

func (*ListReplayResultsRequest) GetPageSize 

func (x *ListReplayResultsRequest) GetPageSize() int32

func (*ListReplayResultsRequest) GetPageToken 

func (x *ListReplayResultsRequest) GetPageToken() string

func (*ListReplayResultsRequest) GetParent 

func (x *ListReplayResultsRequest) GetParent() string

func (*ListReplayResultsRequest) ProtoMessage 

func (*ListReplayResultsRequest) ProtoMessage()

func (*ListReplayResultsRequest) ProtoReflect 

func (x *ListReplayResultsRequest) ProtoReflect() protoreflect.Message

func (*ListReplayResultsRequest) Reset 

func (x *ListReplayResultsRequest) Reset()

func (*ListReplayResultsRequest) String 

func (x *ListReplayResultsRequest) String() string

type ListReplayResultsResponse 

type ListReplayResultsResponse struct {

	// The results of running a [Replay][google.cloud.policysimulator.v1.Replay].
	ReplayResults []*ReplayResult `protobuf:"bytes,1,rep,name=replay_results,json=replayResults,proto3" json:"replay_results,omitempty"`
	// A token that you can use to retrieve the next page of
	// [ReplayResult][google.cloud.policysimulator.v1.ReplayResult] objects. If
	// this field is omitted, there are no subsequent pages.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// contains filtered or unexported fields
}

Response message for [Simulator.ListReplayResults][google.cloud.policysimulator.v1.Simulator.ListReplayResults].

func (*ListReplayResultsResponse) Descriptor deprecated 

func (*ListReplayResultsResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListReplayResultsResponse.ProtoReflect.Descriptor instead.

func (*ListReplayResultsResponse) GetNextPageToken 

func (x *ListReplayResultsResponse) GetNextPageToken() string

func (*ListReplayResultsResponse) GetReplayResults 

func (x *ListReplayResultsResponse) GetReplayResults() []*ReplayResult

func (*ListReplayResultsResponse) ProtoMessage 

func (*ListReplayResultsResponse) ProtoMessage()

func (*ListReplayResultsResponse) ProtoReflect 

func (x *ListReplayResultsResponse) ProtoReflect() protoreflect.Message

func (*ListReplayResultsResponse) Reset 

func (x *ListReplayResultsResponse) Reset()

func (*ListReplayResultsResponse) String 

func (x *ListReplayResultsResponse) String() string

type OrgPolicyOverlay added in v0.4.0 

type OrgPolicyOverlay struct {

	// Optional. The OrgPolicy changes to preview violations for.
	//
	// Any existing OrgPolicies with the same name will be overridden
	// in the simulation. That is, violations will be determined as if all
	// policies in the overlay were created or updated.
	Policies []*OrgPolicyOverlay_PolicyOverlay `protobuf:"bytes,1,rep,name=policies,proto3" json:"policies,omitempty"`
	// Optional. The OrgPolicy CustomConstraint changes to preview violations for.
	//
	// Any existing CustomConstraints with the same name will be overridden
	// in the simulation. That is, violations will be determined as if all
	// custom constraints in the overlay were instantiated.
	//
	// Only a single custom_constraint is supported in the overlay at a time.
	// For evaluating multiple constraints, multiple
	// `GenerateOrgPolicyViolationsPreview` requests are made, where each request
	// evaluates a single constraint.
	CustomConstraints []*OrgPolicyOverlay_CustomConstraintOverlay `protobuf:"bytes,2,rep,name=custom_constraints,json=customConstraints,proto3" json:"custom_constraints,omitempty"`
	// contains filtered or unexported fields
}

The proposed changes to OrgPolicy.

func (*OrgPolicyOverlay) Descriptor deprecated added in v0.4.0 

func (*OrgPolicyOverlay) Descriptor() ([]byte, []int)

Deprecated: Use OrgPolicyOverlay.ProtoReflect.Descriptor instead.

func (*OrgPolicyOverlay) GetCustomConstraints added in v0.4.0 

func (x *OrgPolicyOverlay) GetCustomConstraints() []*OrgPolicyOverlay_CustomConstraintOverlay

func (*OrgPolicyOverlay) GetPolicies added in v0.4.0 

func (x *OrgPolicyOverlay) GetPolicies() []*OrgPolicyOverlay_PolicyOverlay

func (*OrgPolicyOverlay) ProtoMessage added in v0.4.0 

func (*OrgPolicyOverlay) ProtoMessage()

func (*OrgPolicyOverlay) ProtoReflect added in v0.4.0 

func (x *OrgPolicyOverlay) ProtoReflect() protoreflect.Message

func (*OrgPolicyOverlay) Reset added in v0.4.0 

func (x *OrgPolicyOverlay) Reset()

func (*OrgPolicyOverlay) String added in v0.4.0 

func (x *OrgPolicyOverlay) String() string

type OrgPolicyOverlay_CustomConstraintOverlay added in v0.4.0 

type OrgPolicyOverlay_CustomConstraintOverlay struct {

	// Optional. Resource the constraint is attached to.
	// Example: "organization/987654"
	CustomConstraintParent string `` /* 129-byte string literal not displayed */
	// Optional. The new or updated custom constraint.
	CustomConstraint *orgpolicypb.CustomConstraint `protobuf:"bytes,2,opt,name=custom_constraint,json=customConstraint,proto3" json:"custom_constraint,omitempty"`
	// contains filtered or unexported fields
}

A change to an OrgPolicy custom constraint.

func (*OrgPolicyOverlay_CustomConstraintOverlay) Descriptor deprecated added in v0.4.0 

func (*OrgPolicyOverlay_CustomConstraintOverlay) Descriptor() ([]byte, []int)

Deprecated: Use OrgPolicyOverlay_CustomConstraintOverlay.ProtoReflect.Descriptor instead.

func (*OrgPolicyOverlay_CustomConstraintOverlay) GetCustomConstraint added in v0.4.0 

func (x *OrgPolicyOverlay_CustomConstraintOverlay) GetCustomConstraint() *orgpolicypb.CustomConstraint

func (*OrgPolicyOverlay_CustomConstraintOverlay) GetCustomConstraintParent added in v0.4.0 

func (x *OrgPolicyOverlay_CustomConstraintOverlay) GetCustomConstraintParent() string

func (*OrgPolicyOverlay_CustomConstraintOverlay) ProtoMessage added in v0.4.0 

func (*OrgPolicyOverlay_CustomConstraintOverlay) ProtoMessage()

func (*OrgPolicyOverlay_CustomConstraintOverlay) ProtoReflect added in v0.4.0 

func (x *OrgPolicyOverlay_CustomConstraintOverlay) ProtoReflect() protoreflect.Message

func (*OrgPolicyOverlay_CustomConstraintOverlay) Reset added in v0.4.0 

func (x *OrgPolicyOverlay_CustomConstraintOverlay) Reset()

func (*OrgPolicyOverlay_CustomConstraintOverlay) String added in v0.4.0 

func (x *OrgPolicyOverlay_CustomConstraintOverlay) String() string

type OrgPolicyOverlay_PolicyOverlay added in v0.4.0 

type OrgPolicyOverlay_PolicyOverlay struct {

	// Optional. The parent of the policy we are attaching to.
	// Example: "projects/123456"
	PolicyParent string `protobuf:"bytes,1,opt,name=policy_parent,json=policyParent,proto3" json:"policy_parent,omitempty"`
	// Optional. The new or updated OrgPolicy.
	Policy *orgpolicypb.Policy `protobuf:"bytes,2,opt,name=policy,proto3" json:"policy,omitempty"`
	// contains filtered or unexported fields
}

A change to an OrgPolicy.

func (*OrgPolicyOverlay_PolicyOverlay) Descriptor deprecated added in v0.4.0 

func (*OrgPolicyOverlay_PolicyOverlay) Descriptor() ([]byte, []int)

Deprecated: Use OrgPolicyOverlay_PolicyOverlay.ProtoReflect.Descriptor instead.

func (*OrgPolicyOverlay_PolicyOverlay) GetPolicy added in v0.4.0 

func (x *OrgPolicyOverlay_PolicyOverlay) GetPolicy() *orgpolicypb.Policy

func (*OrgPolicyOverlay_PolicyOverlay) GetPolicyParent added in v0.4.0 

func (x *OrgPolicyOverlay_PolicyOverlay) GetPolicyParent() string

func (*OrgPolicyOverlay_PolicyOverlay) ProtoMessage added in v0.4.0 

func (*OrgPolicyOverlay_PolicyOverlay) ProtoMessage()

func (*OrgPolicyOverlay_PolicyOverlay) ProtoReflect added in v0.4.0 

func (x *OrgPolicyOverlay_PolicyOverlay) ProtoReflect() protoreflect.Message

func (*OrgPolicyOverlay_PolicyOverlay) Reset added in v0.4.0 

func (x *OrgPolicyOverlay_PolicyOverlay) Reset()

func (*OrgPolicyOverlay_PolicyOverlay) String added in v0.4.0 

func (x *OrgPolicyOverlay_PolicyOverlay) String() string

type OrgPolicyViolation added in v0.4.0 

type OrgPolicyViolation struct {

	// The name of the `OrgPolicyViolation`. Example:
	// organizations/my-example-org/locations/global/orgPolicyViolationsPreviews/506a5f7f/orgPolicyViolations/38ce`
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// The resource violating the constraint.
	Resource *ResourceContext `protobuf:"bytes,2,opt,name=resource,proto3" json:"resource,omitempty"`
	// The custom constraint being violated.
	CustomConstraint *orgpolicypb.CustomConstraint `protobuf:"bytes,3,opt,name=custom_constraint,json=customConstraint,proto3" json:"custom_constraint,omitempty"`
	// Any error encountered during the evaluation.
	Error *status.Status `protobuf:"bytes,4,opt,name=error,proto3" json:"error,omitempty"`
	// contains filtered or unexported fields
}

OrgPolicyViolation is a resource representing a single resource violating a single OrgPolicy constraint.

func (*OrgPolicyViolation) Descriptor deprecated added in v0.4.0 

func (*OrgPolicyViolation) Descriptor() ([]byte, []int)

Deprecated: Use OrgPolicyViolation.ProtoReflect.Descriptor instead.

func (*OrgPolicyViolation) GetCustomConstraint added in v0.4.0 

func (x *OrgPolicyViolation) GetCustomConstraint() *orgpolicypb.CustomConstraint

func (*OrgPolicyViolation) GetError added in v0.4.0 

func (x *OrgPolicyViolation) GetError() *status.Status

func (*OrgPolicyViolation) GetName added in v0.4.0 

func (x *OrgPolicyViolation) GetName() string

func (*OrgPolicyViolation) GetResource added in v0.4.0 

func (x *OrgPolicyViolation) GetResource() *ResourceContext

func (*OrgPolicyViolation) ProtoMessage added in v0.4.0 

func (*OrgPolicyViolation) ProtoMessage()

func (*OrgPolicyViolation) ProtoReflect added in v0.4.0 

func (x *OrgPolicyViolation) ProtoReflect() protoreflect.Message

func (*OrgPolicyViolation) Reset added in v0.4.0 

func (x *OrgPolicyViolation) Reset()

func (*OrgPolicyViolation) String added in v0.4.0 

func (x *OrgPolicyViolation) String() string

type OrgPolicyViolationsPreview added in v0.4.0 

type OrgPolicyViolationsPreview struct {

	// Output only. The resource name of the `OrgPolicyViolationsPreview`. It has
	// the following format:
	//
	// `organizations/{organization}/locations/{location}/orgPolicyViolationsPreviews/{orgPolicyViolationsPreview}`
	//
	// Example:
	// `organizations/my-example-org/locations/global/orgPolicyViolationsPreviews/506a5f7f`
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Output only. The state of the `OrgPolicyViolationsPreview`.
	State PreviewState `protobuf:"varint,2,opt,name=state,proto3,enum=google.cloud.policysimulator.v1.PreviewState" json:"state,omitempty"`
	// Required. The proposed changes we are previewing violations for.
	Overlay *OrgPolicyOverlay `protobuf:"bytes,3,opt,name=overlay,proto3" json:"overlay,omitempty"`
	// Output only. The number of [OrgPolicyViolations][] in this
	// `OrgPolicyViolationsPreview`. This count may differ from
	// `resource_summary.noncompliant_count` because each
	// [OrgPolicyViolation][google.cloud.policysimulator.v1.OrgPolicyViolation] is
	// specific to a resource **and** constraint. If there are multiple
	// constraints being evaluated (i.e. multiple policies in the overlay), a
	// single resource may violate multiple constraints.
	ViolationsCount int32 `protobuf:"varint,4,opt,name=violations_count,json=violationsCount,proto3" json:"violations_count,omitempty"`
	// Output only. A summary of the state of all resources scanned for compliance
	// with the changed OrgPolicy.
	ResourceCounts *OrgPolicyViolationsPreview_ResourceCounts `protobuf:"bytes,5,opt,name=resource_counts,json=resourceCounts,proto3" json:"resource_counts,omitempty"`
	// Output only. The names of the constraints against which all
	// `OrgPolicyViolations` were evaluated.
	//
	// If `OrgPolicyOverlay` only contains `PolicyOverlay` then it contains
	// the name of the configured custom constraint, applicable to the specified
	// policies. Otherwise it contains the name of the constraint specified in
	// `CustomConstraintOverlay`.
	//
	// Format:
	// `organizations/{organization_id}/customConstraints/{custom_constraint_id}`
	//
	// Example: `organizations/123/customConstraints/custom.createOnlyE2TypeVms`
	CustomConstraints []string `protobuf:"bytes,6,rep,name=custom_constraints,json=customConstraints,proto3" json:"custom_constraints,omitempty"`
	// Output only. Time when this `OrgPolicyViolationsPreview` was created.
	CreateTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
	// contains filtered or unexported fields
}

OrgPolicyViolationsPreview is a resource providing a preview of the violations that will exist if an OrgPolicy change is made.

The list of violations are modeled as child resources and retrieved via a [ListOrgPolicyViolations][] API call. There are potentially more [OrgPolicyViolations][] than could fit in an embedded field. Thus, the use of a child resource instead of a field.

func (*OrgPolicyViolationsPreview) Descriptor deprecated added in v0.4.0 

func (*OrgPolicyViolationsPreview) Descriptor() ([]byte, []int)

Deprecated: Use OrgPolicyViolationsPreview.ProtoReflect.Descriptor instead.

func (*OrgPolicyViolationsPreview) GetCreateTime added in v0.4.0 

func (x *OrgPolicyViolationsPreview) GetCreateTime() *timestamppb.Timestamp

func (*OrgPolicyViolationsPreview) GetCustomConstraints added in v0.4.0 

func (x *OrgPolicyViolationsPreview) GetCustomConstraints() []string

func (*OrgPolicyViolationsPreview) GetName added in v0.4.0 

func (x *OrgPolicyViolationsPreview) GetName() string

func (*OrgPolicyViolationsPreview) GetOverlay added in v0.4.0 

func (x *OrgPolicyViolationsPreview) GetOverlay() *OrgPolicyOverlay

func (*OrgPolicyViolationsPreview) GetResourceCounts added in v0.4.0 

func (x *OrgPolicyViolationsPreview) GetResourceCounts() *OrgPolicyViolationsPreview_ResourceCounts

func (*OrgPolicyViolationsPreview) GetState added in v0.4.0 

func (x *OrgPolicyViolationsPreview) GetState() PreviewState

func (*OrgPolicyViolationsPreview) GetViolationsCount added in v0.4.0 

func (x *OrgPolicyViolationsPreview) GetViolationsCount() int32

func (*OrgPolicyViolationsPreview) ProtoMessage added in v0.4.0 

func (*OrgPolicyViolationsPreview) ProtoMessage()

func (*OrgPolicyViolationsPreview) ProtoReflect added in v0.4.0 

func (x *OrgPolicyViolationsPreview) ProtoReflect() protoreflect.Message

func (*OrgPolicyViolationsPreview) Reset added in v0.4.0 

func (x *OrgPolicyViolationsPreview) Reset()

func (*OrgPolicyViolationsPreview) String added in v0.4.0 

func (x *OrgPolicyViolationsPreview) String() string

type OrgPolicyViolationsPreviewServiceClient added in v0.4.0 

type OrgPolicyViolationsPreviewServiceClient interface {
	// ListOrgPolicyViolationsPreviews lists each
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// in an organization. Each
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// is available for at least 7 days.
	ListOrgPolicyViolationsPreviews(ctx context.Context, in *ListOrgPolicyViolationsPreviewsRequest, opts ...grpc.CallOption) (*ListOrgPolicyViolationsPreviewsResponse, error)
	// GetOrgPolicyViolationsPreview gets the specified
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
	// Each
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// is available for at least 7 days.
	GetOrgPolicyViolationsPreview(ctx context.Context, in *GetOrgPolicyViolationsPreviewRequest, opts ...grpc.CallOption) (*OrgPolicyViolationsPreview, error)
	// CreateOrgPolicyViolationsPreview creates an
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// for the proposed changes in the provided
	// [OrgPolicyViolationsPreview.OrgPolicyOverlay][]. The changes to OrgPolicy
	// are specified by this `OrgPolicyOverlay`. The resources to scan are
	// inferred from these specified changes.
	CreateOrgPolicyViolationsPreview(ctx context.Context, in *CreateOrgPolicyViolationsPreviewRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// ListOrgPolicyViolations lists the [OrgPolicyViolations][] that are present
	// in an
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
	ListOrgPolicyViolations(ctx context.Context, in *ListOrgPolicyViolationsRequest, opts ...grpc.CallOption) (*ListOrgPolicyViolationsResponse, error)
}

OrgPolicyViolationsPreviewServiceClient is the client API for OrgPolicyViolationsPreviewService service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewOrgPolicyViolationsPreviewServiceClient added in v0.4.0 

func NewOrgPolicyViolationsPreviewServiceClient(cc grpc.ClientConnInterface) OrgPolicyViolationsPreviewServiceClient

type OrgPolicyViolationsPreviewServiceServer added in v0.4.0 

type OrgPolicyViolationsPreviewServiceServer interface {
	// ListOrgPolicyViolationsPreviews lists each
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// in an organization. Each
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// is available for at least 7 days.
	ListOrgPolicyViolationsPreviews(context.Context, *ListOrgPolicyViolationsPreviewsRequest) (*ListOrgPolicyViolationsPreviewsResponse, error)
	// GetOrgPolicyViolationsPreview gets the specified
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
	// Each
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// is available for at least 7 days.
	GetOrgPolicyViolationsPreview(context.Context, *GetOrgPolicyViolationsPreviewRequest) (*OrgPolicyViolationsPreview, error)
	// CreateOrgPolicyViolationsPreview creates an
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// for the proposed changes in the provided
	// [OrgPolicyViolationsPreview.OrgPolicyOverlay][]. The changes to OrgPolicy
	// are specified by this `OrgPolicyOverlay`. The resources to scan are
	// inferred from these specified changes.
	CreateOrgPolicyViolationsPreview(context.Context, *CreateOrgPolicyViolationsPreviewRequest) (*longrunningpb.Operation, error)
	// ListOrgPolicyViolations lists the [OrgPolicyViolations][] that are present
	// in an
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview].
	ListOrgPolicyViolations(context.Context, *ListOrgPolicyViolationsRequest) (*ListOrgPolicyViolationsResponse, error)
}

OrgPolicyViolationsPreviewServiceServer is the server API for OrgPolicyViolationsPreviewService service. All implementations should embed UnimplementedOrgPolicyViolationsPreviewServiceServer for forward compatibility

type OrgPolicyViolationsPreview_ResourceCounts added in v0.4.0 

type OrgPolicyViolationsPreview_ResourceCounts struct {

	// Output only. Number of resources checked for compliance.
	//
	// Must equal:  unenforced + noncompliant + compliant + error
	Scanned int32 `protobuf:"varint,1,opt,name=scanned,proto3" json:"scanned,omitempty"`
	// Output only. Number of scanned resources with at least one violation.
	Noncompliant int32 `protobuf:"varint,2,opt,name=noncompliant,proto3" json:"noncompliant,omitempty"`
	// Output only. Number of scanned resources with zero violations.
	Compliant int32 `protobuf:"varint,3,opt,name=compliant,proto3" json:"compliant,omitempty"`
	// Output only. Number of resources where the constraint was not enforced,
	// i.e. the Policy set `enforced: false` for that resource.
	Unenforced int32 `protobuf:"varint,4,opt,name=unenforced,proto3" json:"unenforced,omitempty"`
	// Output only. Number of resources that returned an error when scanned.
	Errors int32 `protobuf:"varint,5,opt,name=errors,proto3" json:"errors,omitempty"`
	// contains filtered or unexported fields
}

A summary of the state of all resources scanned for compliance with the changed OrgPolicy.

func (*OrgPolicyViolationsPreview_ResourceCounts) Descriptor deprecated added in v0.4.0 

func (*OrgPolicyViolationsPreview_ResourceCounts) Descriptor() ([]byte, []int)

Deprecated: Use OrgPolicyViolationsPreview_ResourceCounts.ProtoReflect.Descriptor instead.

func (*OrgPolicyViolationsPreview_ResourceCounts) GetCompliant added in v0.4.0 

func (x *OrgPolicyViolationsPreview_ResourceCounts) GetCompliant() int32

func (*OrgPolicyViolationsPreview_ResourceCounts) GetErrors added in v0.4.0 

func (x *OrgPolicyViolationsPreview_ResourceCounts) GetErrors() int32

func (*OrgPolicyViolationsPreview_ResourceCounts) GetNoncompliant added in v0.4.0 

func (x *OrgPolicyViolationsPreview_ResourceCounts) GetNoncompliant() int32

func (*OrgPolicyViolationsPreview_ResourceCounts) GetScanned added in v0.4.0 

func (x *OrgPolicyViolationsPreview_ResourceCounts) GetScanned() int32

func (*OrgPolicyViolationsPreview_ResourceCounts) GetUnenforced added in v0.4.0 

func (x *OrgPolicyViolationsPreview_ResourceCounts) GetUnenforced() int32

func (*OrgPolicyViolationsPreview_ResourceCounts) ProtoMessage added in v0.4.0 

func (*OrgPolicyViolationsPreview_ResourceCounts) ProtoMessage()

func (*OrgPolicyViolationsPreview_ResourceCounts) ProtoReflect added in v0.4.0 

func (x *OrgPolicyViolationsPreview_ResourceCounts) ProtoReflect() protoreflect.Message

func (*OrgPolicyViolationsPreview_ResourceCounts) Reset added in v0.4.0 

func (x *OrgPolicyViolationsPreview_ResourceCounts) Reset()

func (*OrgPolicyViolationsPreview_ResourceCounts) String added in v0.4.0 

func (x *OrgPolicyViolationsPreview_ResourceCounts) String() string

type PreviewState added in v0.4.0 

type PreviewState int32

The current state of an OrgPolicyViolationsPreview[google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]. 

const (
	// The state is unspecified.
	PreviewState_PREVIEW_STATE_UNSPECIFIED PreviewState = 0
	// The
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// has not been created yet.
	PreviewState_PREVIEW_PENDING PreviewState = 1
	// The
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// is currently being created.
	PreviewState_PREVIEW_RUNNING PreviewState = 2
	// The
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// creation finished successfully.
	PreviewState_PREVIEW_SUCCEEDED PreviewState = 3
	// The
	// [OrgPolicyViolationsPreview][google.cloud.policysimulator.v1.OrgPolicyViolationsPreview]
	// creation failed with an error.
	PreviewState_PREVIEW_FAILED PreviewState = 4
)

func (PreviewState) Descriptor added in v0.4.0 

func (PreviewState) Descriptor() protoreflect.EnumDescriptor

func (PreviewState) Enum added in v0.4.0 

func (x PreviewState) Enum() *PreviewState

func (PreviewState) EnumDescriptor deprecated added in v0.4.0 

func (PreviewState) EnumDescriptor() ([]byte, []int)

Deprecated: Use PreviewState.Descriptor instead.

func (PreviewState) Number added in v0.4.0 

func (x PreviewState) Number() protoreflect.EnumNumber

func (PreviewState) String added in v0.4.0 

func (x PreviewState) String() string

func (PreviewState) Type added in v0.4.0 

func (PreviewState) Type() protoreflect.EnumType

type Replay 

type Replay struct {

	// Output only. The resource name of the `Replay`, which has the following
	// format:
	//
	// `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}`,
	// where `{resource-id}` is the ID of the project, folder, or organization
	// that owns the Replay.
	//
	// Example:
	// `projects/my-example-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36`
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Output only. The current state of the `Replay`.
	State Replay_State `protobuf:"varint,2,opt,name=state,proto3,enum=google.cloud.policysimulator.v1.Replay_State" json:"state,omitempty"`
	// Required. The configuration used for the `Replay`.
	Config *ReplayConfig `protobuf:"bytes,3,opt,name=config,proto3" json:"config,omitempty"`
	// Output only. Summary statistics about the replayed log entries.
	ResultsSummary *Replay_ResultsSummary `protobuf:"bytes,5,opt,name=results_summary,json=resultsSummary,proto3" json:"results_summary,omitempty"`
	// contains filtered or unexported fields
}

A resource describing a `Replay`, or simulation.

func (*Replay) Descriptor deprecated 

func (*Replay) Descriptor() ([]byte, []int)

Deprecated: Use Replay.ProtoReflect.Descriptor instead.

func (*Replay) GetConfig 

func (x *Replay) GetConfig() *ReplayConfig

func (*Replay) GetName 

func (x *Replay) GetName() string

func (*Replay) GetResultsSummary 

func (x *Replay) GetResultsSummary() *Replay_ResultsSummary

func (*Replay) GetState 

func (x *Replay) GetState() Replay_State

func (*Replay) ProtoMessage 

func (*Replay) ProtoMessage()

func (*Replay) ProtoReflect 

func (x *Replay) ProtoReflect() protoreflect.Message

func (*Replay) Reset 

func (x *Replay) Reset()

func (*Replay) String 

func (x *Replay) String() string

type ReplayConfig 

type ReplayConfig struct {

	// A mapping of the resources that you want to simulate policies for and the
	// policies that you want to simulate.
	//
	// Keys are the full resource names for the resources. For example,
	// `//cloudresourcemanager.googleapis.com/projects/my-project`.
	// For examples of full resource names for Google Cloud services, see
	// https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
	//
	// Values are [Policy][google.iam.v1.Policy] objects representing the policies
	// that you want to simulate.
	//
	// Replays automatically take into account any IAM policies inherited through
	// the resource hierarchy, and any policies set on descendant resources. You
	// do not need to include these policies in the policy overlay.
	PolicyOverlay map[string]*iampb.Policy `` /* 188-byte string literal not displayed */
	// The logs to use as input for the
	// [Replay][google.cloud.policysimulator.v1.Replay].
	LogSource ReplayConfig_LogSource `` /* 149-byte string literal not displayed */
	// contains filtered or unexported fields
}

The configuration used for a Replay[google.cloud.policysimulator.v1.Replay].

func (*ReplayConfig) Descriptor deprecated 

func (*ReplayConfig) Descriptor() ([]byte, []int)

Deprecated: Use ReplayConfig.ProtoReflect.Descriptor instead.

func (*ReplayConfig) GetLogSource 

func (x *ReplayConfig) GetLogSource() ReplayConfig_LogSource

func (*ReplayConfig) GetPolicyOverlay 

func (x *ReplayConfig) GetPolicyOverlay() map[string]*iampb.Policy

func (*ReplayConfig) ProtoMessage 

func (*ReplayConfig) ProtoMessage()

func (*ReplayConfig) ProtoReflect 

func (x *ReplayConfig) ProtoReflect() protoreflect.Message

func (*ReplayConfig) Reset 

func (x *ReplayConfig) Reset()

func (*ReplayConfig) String 

func (x *ReplayConfig) String() string

type ReplayConfig_LogSource 

type ReplayConfig_LogSource int32

The source of the logs to use for a Replay[google.cloud.policysimulator.v1.Replay]. 

const (
	// An unspecified log source.
	// If the log source is unspecified, the
	// [Replay][google.cloud.policysimulator.v1.Replay] defaults to using
	// `RECENT_ACCESSES`.
	ReplayConfig_LOG_SOURCE_UNSPECIFIED ReplayConfig_LogSource = 0
	// All access logs from the last 90 days. These logs may not include logs
	// from the most recent 7 days.
	ReplayConfig_RECENT_ACCESSES ReplayConfig_LogSource = 1
)

func (ReplayConfig_LogSource) Descriptor 

func (ReplayConfig_LogSource) Descriptor() protoreflect.EnumDescriptor

func (ReplayConfig_LogSource) Enum 

func (x ReplayConfig_LogSource) Enum() *ReplayConfig_LogSource

func (ReplayConfig_LogSource) EnumDescriptor deprecated 

func (ReplayConfig_LogSource) EnumDescriptor() ([]byte, []int)

Deprecated: Use ReplayConfig_LogSource.Descriptor instead.

func (ReplayConfig_LogSource) Number 

func (x ReplayConfig_LogSource) Number() protoreflect.EnumNumber

func (ReplayConfig_LogSource) String 

func (x ReplayConfig_LogSource) String() string

func (ReplayConfig_LogSource) Type 

func (ReplayConfig_LogSource) Type() protoreflect.EnumType

type ReplayDiff 

type ReplayDiff struct {

	// A summary and comparison of the principal's access under the current
	// (baseline) policies and the proposed (simulated) policies for a single
	// access tuple.
	//
	// The evaluation of the principal's access is reported in the
	// [AccessState][google.cloud.policysimulator.v1.AccessState] field.
	AccessDiff *AccessStateDiff `protobuf:"bytes,2,opt,name=access_diff,json=accessDiff,proto3" json:"access_diff,omitempty"`
	// contains filtered or unexported fields
}

The difference between the results of evaluating an access tuple under the current (baseline) policies and under the proposed (simulated) policies. This difference explains how a principal's access could change if the proposed policies were applied.

func (*ReplayDiff) Descriptor deprecated 

func (*ReplayDiff) Descriptor() ([]byte, []int)

Deprecated: Use ReplayDiff.ProtoReflect.Descriptor instead.

func (*ReplayDiff) GetAccessDiff 

func (x *ReplayDiff) GetAccessDiff() *AccessStateDiff

func (*ReplayDiff) ProtoMessage 

func (*ReplayDiff) ProtoMessage()

func (*ReplayDiff) ProtoReflect 

func (x *ReplayDiff) ProtoReflect() protoreflect.Message

func (*ReplayDiff) Reset 

func (x *ReplayDiff) Reset()

func (*ReplayDiff) String 

func (x *ReplayDiff) String() string

type ReplayOperationMetadata 

type ReplayOperationMetadata struct {

	// Time when the request was received.
	StartTime *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=start_time,json=startTime,proto3" json:"start_time,omitempty"`
	// contains filtered or unexported fields
}

Metadata about a Replay operation.

func (*ReplayOperationMetadata) Descriptor deprecated 

func (*ReplayOperationMetadata) Descriptor() ([]byte, []int)

Deprecated: Use ReplayOperationMetadata.ProtoReflect.Descriptor instead.

func (*ReplayOperationMetadata) GetStartTime 

func (x *ReplayOperationMetadata) GetStartTime() *timestamppb.Timestamp

func (*ReplayOperationMetadata) ProtoMessage 

func (*ReplayOperationMetadata) ProtoMessage()

func (*ReplayOperationMetadata) ProtoReflect 

func (x *ReplayOperationMetadata) ProtoReflect() protoreflect.Message

func (*ReplayOperationMetadata) Reset 

func (x *ReplayOperationMetadata) Reset()

func (*ReplayOperationMetadata) String 

func (x *ReplayOperationMetadata) String() string

type ReplayResult 

type ReplayResult struct {

	// The result of replaying the access tuple.
	//
	// Types that are assignable to Result:
	//
	//	*ReplayResult_Diff
	//	*ReplayResult_Error
	Result isReplayResult_Result `protobuf_oneof:"result"`
	// The resource name of the `ReplayResult`, in the following format:
	//
	// `{projects|folders|organizations}/{resource-id}/locations/global/replays/{replay-id}/results/{replay-result-id}`,
	// where `{resource-id}` is the ID of the project, folder, or organization
	// that owns the [Replay][google.cloud.policysimulator.v1.Replay].
	//
	// Example:
	// `projects/my-example-project/locations/global/replays/506a5f7f-38ce-4d7d-8e03-479ce1833c36/results/1234`
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// The [Replay][google.cloud.policysimulator.v1.Replay] that the access tuple
	// was included in.
	Parent string `protobuf:"bytes,2,opt,name=parent,proto3" json:"parent,omitempty"`
	// The access tuple that was replayed. This field includes information about
	// the principal, resource, and permission that were involved in the access
	// attempt.
	AccessTuple *AccessTuple `protobuf:"bytes,3,opt,name=access_tuple,json=accessTuple,proto3" json:"access_tuple,omitempty"`
	// The latest date this access tuple was seen in the logs.
	LastSeenDate *date.Date `protobuf:"bytes,4,opt,name=last_seen_date,json=lastSeenDate,proto3" json:"last_seen_date,omitempty"`
	// contains filtered or unexported fields
}

The result of replaying a single access tuple against a simulated state.

func (*ReplayResult) Descriptor deprecated 

func (*ReplayResult) Descriptor() ([]byte, []int)

Deprecated: Use ReplayResult.ProtoReflect.Descriptor instead.

func (*ReplayResult) GetAccessTuple 

func (x *ReplayResult) GetAccessTuple() *AccessTuple

func (*ReplayResult) GetDiff 

func (x *ReplayResult) GetDiff() *ReplayDiff

func (*ReplayResult) GetError 

func (x *ReplayResult) GetError() *status.Status

func (*ReplayResult) GetLastSeenDate 

func (x *ReplayResult) GetLastSeenDate() *date.Date

func (*ReplayResult) GetName 

func (x *ReplayResult) GetName() string

func (*ReplayResult) GetParent 

func (x *ReplayResult) GetParent() string

func (*ReplayResult) GetResult 

func (m *ReplayResult) GetResult() isReplayResult_Result

func (*ReplayResult) ProtoMessage 

func (*ReplayResult) ProtoMessage()

func (*ReplayResult) ProtoReflect 

func (x *ReplayResult) ProtoReflect() protoreflect.Message

func (*ReplayResult) Reset 

func (x *ReplayResult) Reset()

func (*ReplayResult) String 

func (x *ReplayResult) String() string

type ReplayResult_Diff 

type ReplayResult_Diff struct {
	// The difference between the principal's access under the current
	// (baseline) policies and the principal's access under the proposed
	// (simulated) policies.
	//
	// This field is only included for access tuples that were successfully
	// replayed and had different results under the current policies and the
	// proposed policies.
	Diff *ReplayDiff `protobuf:"bytes,5,opt,name=diff,proto3,oneof"`
}

type ReplayResult_Error 

type ReplayResult_Error struct {
	// The error that caused the access tuple replay to fail.
	//
	// This field is only included for access tuples that were not replayed
	// successfully.
	Error *status.Status `protobuf:"bytes,6,opt,name=error,proto3,oneof"`
}

type Replay_ResultsSummary 

type Replay_ResultsSummary struct {

	// The total number of log entries replayed.
	LogCount int32 `protobuf:"varint,1,opt,name=log_count,json=logCount,proto3" json:"log_count,omitempty"`
	// The number of replayed log entries with no difference between
	// baseline and simulated policies.
	UnchangedCount int32 `protobuf:"varint,2,opt,name=unchanged_count,json=unchangedCount,proto3" json:"unchanged_count,omitempty"`
	// The number of replayed log entries with a difference between baseline and
	// simulated policies.
	DifferenceCount int32 `protobuf:"varint,3,opt,name=difference_count,json=differenceCount,proto3" json:"difference_count,omitempty"`
	// The number of log entries that could not be replayed.
	ErrorCount int32 `protobuf:"varint,4,opt,name=error_count,json=errorCount,proto3" json:"error_count,omitempty"`
	// The date of the oldest log entry replayed.
	OldestDate *date.Date `protobuf:"bytes,5,opt,name=oldest_date,json=oldestDate,proto3" json:"oldest_date,omitempty"`
	// The date of the newest log entry replayed.
	NewestDate *date.Date `protobuf:"bytes,6,opt,name=newest_date,json=newestDate,proto3" json:"newest_date,omitempty"`
	// contains filtered or unexported fields
}

Summary statistics about the replayed log entries.

func (*Replay_ResultsSummary) Descriptor deprecated 

func (*Replay_ResultsSummary) Descriptor() ([]byte, []int)

Deprecated: Use Replay_ResultsSummary.ProtoReflect.Descriptor instead.

func (*Replay_ResultsSummary) GetDifferenceCount 

func (x *Replay_ResultsSummary) GetDifferenceCount() int32

func (*Replay_ResultsSummary) GetErrorCount 

func (x *Replay_ResultsSummary) GetErrorCount() int32

func (*Replay_ResultsSummary) GetLogCount 

func (x *Replay_ResultsSummary) GetLogCount() int32

func (*Replay_ResultsSummary) GetNewestDate 

func (x *Replay_ResultsSummary) GetNewestDate() *date.Date

func (*Replay_ResultsSummary) GetOldestDate 

func (x *Replay_ResultsSummary) GetOldestDate() *date.Date

func (*Replay_ResultsSummary) GetUnchangedCount 

func (x *Replay_ResultsSummary) GetUnchangedCount() int32

func (*Replay_ResultsSummary) ProtoMessage 

func (*Replay_ResultsSummary) ProtoMessage()

func (*Replay_ResultsSummary) ProtoReflect 

func (x *Replay_ResultsSummary) ProtoReflect() protoreflect.Message

func (*Replay_ResultsSummary) Reset 

func (x *Replay_ResultsSummary) Reset()

func (*Replay_ResultsSummary) String 

func (x *Replay_ResultsSummary) String() string

type Replay_State 

type Replay_State int32

The current state of the Replay[google.cloud.policysimulator.v1.Replay]. 

const (
	// Default value. This value is unused.
	Replay_STATE_UNSPECIFIED Replay_State = 0
	// The `Replay` has not started yet.
	Replay_PENDING Replay_State = 1
	// The `Replay` is currently running.
	Replay_RUNNING Replay_State = 2
	// The `Replay` has successfully completed.
	Replay_SUCCEEDED Replay_State = 3
	// The `Replay` has finished with an error.
	Replay_FAILED Replay_State = 4
)

func (Replay_State) Descriptor 

func (Replay_State) Descriptor() protoreflect.EnumDescriptor

func (Replay_State) Enum 

func (x Replay_State) Enum() *Replay_State

func (Replay_State) EnumDescriptor deprecated 

func (Replay_State) EnumDescriptor() ([]byte, []int)

Deprecated: Use Replay_State.Descriptor instead.

func (Replay_State) Number 

func (x Replay_State) Number() protoreflect.EnumNumber

func (Replay_State) String 

func (x Replay_State) String() string

func (Replay_State) Type 

func (Replay_State) Type() protoreflect.EnumType

type ResourceContext added in v0.4.0 

type ResourceContext struct {

	// The full name of the resource. Example:
	// `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`
	//
	// See [Resource
	// names](https://cloud.google.com/apis/design/resource_names#full_resource_name)
	// for more information.
	Resource string `protobuf:"bytes,1,opt,name=resource,proto3" json:"resource,omitempty"`
	// The asset type of the resource as defined by CAIS.
	//
	// Example: `compute.googleapis.com/Firewall`
	//
	// See [Supported asset
	// types](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
	// for more information.
	AssetType string `protobuf:"bytes,2,opt,name=asset_type,json=assetType,proto3" json:"asset_type,omitempty"`
	// The ancestry path of the resource in Google Cloud [resource
	// hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy),
	// represented as a list of relative resource names. An ancestry path starts
	// with the closest ancestor in the hierarchy and ends at root. If the
	// resource is a project, folder, or organization, the ancestry path starts
	// from the resource itself.
	//
	// Example: `["projects/123456789", "folders/5432", "organizations/1234"]`
	Ancestors []string `protobuf:"bytes,3,rep,name=ancestors,proto3" json:"ancestors,omitempty"`
	// contains filtered or unexported fields
}

ResourceContext provides the context we know about a resource. It is similar in concept to google.cloud.asset.v1.Resource, but focuses on the information specifically used by Simulator.

func (*ResourceContext) Descriptor deprecated added in v0.4.0 

func (*ResourceContext) Descriptor() ([]byte, []int)

Deprecated: Use ResourceContext.ProtoReflect.Descriptor instead.

func (*ResourceContext) GetAncestors added in v0.4.0 

func (x *ResourceContext) GetAncestors() []string

func (*ResourceContext) GetAssetType added in v0.4.0 

func (x *ResourceContext) GetAssetType() string

func (*ResourceContext) GetResource added in v0.4.0 

func (x *ResourceContext) GetResource() string

func (*ResourceContext) ProtoMessage added in v0.4.0 

func (*ResourceContext) ProtoMessage()

func (*ResourceContext) ProtoReflect added in v0.4.0 

func (x *ResourceContext) ProtoReflect() protoreflect.Message

func (*ResourceContext) Reset added in v0.4.0 

func (x *ResourceContext) Reset()

func (*ResourceContext) String added in v0.4.0 

func (x *ResourceContext) String() string

type SimulatorClient 

type SimulatorClient interface {
	// Gets the specified [Replay][google.cloud.policysimulator.v1.Replay]. Each
	// `Replay` is available for at least 7 days.
	GetReplay(ctx context.Context, in *GetReplayRequest, opts ...grpc.CallOption) (*Replay, error)
	// Creates and starts a [Replay][google.cloud.policysimulator.v1.Replay] using
	// the given [ReplayConfig][google.cloud.policysimulator.v1.ReplayConfig].
	CreateReplay(ctx context.Context, in *CreateReplayRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// Lists the results of running a
	// [Replay][google.cloud.policysimulator.v1.Replay].
	ListReplayResults(ctx context.Context, in *ListReplayResultsRequest, opts ...grpc.CallOption) (*ListReplayResultsResponse, error)
}

SimulatorClient is the client API for Simulator service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewSimulatorClient 

func NewSimulatorClient(cc grpc.ClientConnInterface) SimulatorClient

type SimulatorServer 

type SimulatorServer interface {
	// Gets the specified [Replay][google.cloud.policysimulator.v1.Replay]. Each
	// `Replay` is available for at least 7 days.
	GetReplay(context.Context, *GetReplayRequest) (*Replay, error)
	// Creates and starts a [Replay][google.cloud.policysimulator.v1.Replay] using
	// the given [ReplayConfig][google.cloud.policysimulator.v1.ReplayConfig].
	CreateReplay(context.Context, *CreateReplayRequest) (*longrunningpb.Operation, error)
	// Lists the results of running a
	// [Replay][google.cloud.policysimulator.v1.Replay].
	ListReplayResults(context.Context, *ListReplayResultsRequest) (*ListReplayResultsResponse, error)
}

SimulatorServer is the server API for Simulator service. All implementations should embed UnimplementedSimulatorServer for forward compatibility

type UnimplementedOrgPolicyViolationsPreviewServiceServer added in v0.4.0 

type UnimplementedOrgPolicyViolationsPreviewServiceServer struct {
}

UnimplementedOrgPolicyViolationsPreviewServiceServer should be embedded to have forward compatible implementations.

func (UnimplementedOrgPolicyViolationsPreviewServiceServer) CreateOrgPolicyViolationsPreview added in v0.4.0 

func (UnimplementedOrgPolicyViolationsPreviewServiceServer) CreateOrgPolicyViolationsPreview(context.Context, *CreateOrgPolicyViolationsPreviewRequest) (*longrunningpb.Operation, error)

func (UnimplementedOrgPolicyViolationsPreviewServiceServer) GetOrgPolicyViolationsPreview added in v0.4.0 

func (UnimplementedOrgPolicyViolationsPreviewServiceServer) GetOrgPolicyViolationsPreview(context.Context, *GetOrgPolicyViolationsPreviewRequest) (*OrgPolicyViolationsPreview, error)

func (UnimplementedOrgPolicyViolationsPreviewServiceServer) ListOrgPolicyViolations added in v0.4.0 

func (UnimplementedOrgPolicyViolationsPreviewServiceServer) ListOrgPolicyViolations(context.Context, *ListOrgPolicyViolationsRequest) (*ListOrgPolicyViolationsResponse, error)

func (UnimplementedOrgPolicyViolationsPreviewServiceServer) ListOrgPolicyViolationsPreviews added in v0.4.0 

func (UnimplementedOrgPolicyViolationsPreviewServiceServer) ListOrgPolicyViolationsPreviews(context.Context, *ListOrgPolicyViolationsPreviewsRequest) (*ListOrgPolicyViolationsPreviewsResponse, error)

type UnimplementedSimulatorServer 

type UnimplementedSimulatorServer struct {
}

UnimplementedSimulatorServer should be embedded to have forward compatible implementations.

func (UnimplementedSimulatorServer) CreateReplay 

func (UnimplementedSimulatorServer) CreateReplay(context.Context, *CreateReplayRequest) (*longrunningpb.Operation, error)

func (UnimplementedSimulatorServer) GetReplay 

func (UnimplementedSimulatorServer) GetReplay(context.Context, *GetReplayRequest) (*Replay, error)

func (UnimplementedSimulatorServer) ListReplayResults 

func (UnimplementedSimulatorServer) ListReplayResults(context.Context, *ListReplayResultsRequest) (*ListReplayResultsResponse, error)

type UnsafeOrgPolicyViolationsPreviewServiceServer added in v0.4.1 

type UnsafeOrgPolicyViolationsPreviewServiceServer interface {
	// contains filtered or unexported methods
}

UnsafeOrgPolicyViolationsPreviewServiceServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to OrgPolicyViolationsPreviewServiceServer will result in compilation errors.

type UnsafeSimulatorServer added in v0.4.1 

type UnsafeSimulatorServer interface {
	// contains filtered or unexported methods
}

UnsafeSimulatorServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to SimulatorServer will result in compilation errors.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.