Struct googapis::google::cloud::asset::v1::iam_policy_analysis_result::AccessControlList [−][src]
pub struct AccessControlList {
pub resources: Vec<Resource>,
pub accesses: Vec<Access>,
pub resource_edges: Vec<Edge>,
pub condition_evaluation: Option<ConditionEvaluation>,
}
Expand description
An access control list, derived from the above IAM policy binding, which contains a set of resources and accesses. May include one item from each set to compose an access control entry.
NOTICE that there could be multiple access control lists for one IAM policy binding. The access control lists are created based on resource and access combinations.
For example, assume we have the following cases in one IAM policy binding:
- Permission P1 and P2 apply to resource R1 and R2;
- Permission P3 applies to resource R2 and R3;
This will result in the following access control lists:
- AccessControlList 1: [R1, R2], [P1, P2]
- AccessControlList 2: [R2, R3], [P3]
Fields
resources: Vec<Resource>
The resources that match one of the following conditions:
- The resource_selector, if it is specified in request;
- Otherwise, resources reachable from the policy attached resource.
accesses: Vec<Access>
The accesses that match one of the following conditions:
- The access_selector, if it is specified in request;
- Otherwise, access specifiers reachable from the policy binding’s role.
resource_edges: Vec<Edge>
Resource edges of the graph starting from the policy attached resource to any descendant resources. The [Edge.source_node][google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.source_node] contains the full resource name of a parent resource and [Edge.target_node][google.cloud.asset.v1.IamPolicyAnalysisResult.Edge.target_node] contains the full resource name of a child resource. This field is present only if the output_resource_edges option is enabled in request.
condition_evaluation: Option<ConditionEvaluation>
Condition evaluation for this AccessControlList, if there is a condition defined in the above IAM policy binding.
Trait Implementations
fn merge_field<B>(
&mut self,
tag: u32,
wire_type: WireType,
buf: &mut B,
ctx: DecodeContext
) -> Result<(), DecodeError> where
B: Buf,
Returns the encoded length of the message without a length delimiter.
Encodes the message to a buffer. Read more
Encodes the message to a newly allocated buffer.
Encodes the message with a length-delimiter to a buffer. Read more
Encodes the message with a length-delimiter to a newly allocated buffer.
Decodes an instance of the message from a buffer. Read more
fn decode_length_delimited<B>(buf: B) -> Result<Self, DecodeError> where
Self: Default,
B: Buf,
fn decode_length_delimited<B>(buf: B) -> Result<Self, DecodeError> where
Self: Default,
B: Buf,
Decodes a length-delimited instance of the message from the buffer.
Decodes an instance of the message from a buffer, and merges it into self
. Read more
Decodes a length-delimited instance of the message from buffer, and
merges it into self
. Read more
This method tests for self
and other
values to be equal, and is used
by ==
. Read more
This method tests for !=
.
Auto Trait Implementations
impl RefUnwindSafe for AccessControlList
impl Send for AccessControlList
impl Sync for AccessControlList
impl Unpin for AccessControlList
impl UnwindSafe for AccessControlList
Blanket Implementations
Mutably borrows from an owned value. Read more
Wrap the input message T
in a tonic::Request
pub fn vzip(self) -> V
Attaches the provided Subscriber
to this type, returning a
WithDispatch
wrapper. Read more
Attaches the current default Subscriber
to this type, returning a
WithDispatch
wrapper. Read more