public sealed class IdentitySelector : IMessage<IamPolicyAnalysisQuery.Types.IdentitySelector>, IEquatable<IamPolicyAnalysisQuery.Types.IdentitySelector>, IDeepCloneable<IamPolicyAnalysisQuery.Types.IdentitySelector>, IBufferMessage, IMessage
Specifies an identity for which to determine resource access, based on
roles assigned either directly to them or to the groups they belong to,
directly or indirectly.
Required. The identity appear in the form of principals in
IAM policy
binding.
The examples of supported forms are:
"user:mike@example.com",
"group:admins@example.com",
"domain:google.com",
"serviceAccount:my-project-id@appspot.gserviceaccount.com".
Notice that wildcard characters (such as * and ?) are not supported.
You must give a specific identity.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-07 UTC."],[[["\u003cp\u003eThis webpage details the \u003ccode\u003eIdentitySelector\u003c/code\u003e class within the \u003ccode\u003eGoogle.Cloud.Asset.V1\u003c/code\u003e namespace, used for determining resource access based on assigned roles.\u003c/p\u003e\n"],["\u003cp\u003eThe latest version of \u003ccode\u003eIdentitySelector\u003c/code\u003e is 3.12.0, and the page provides documentation for numerous previous versions, ranging from 3.11.0 down to 2.7.0, with direct links to each.\u003c/p\u003e\n"],["\u003cp\u003e\u003ccode\u003eIdentitySelector\u003c/code\u003e can be instantiated using a default constructor or by providing another \u003ccode\u003eIdentitySelector\u003c/code\u003e instance.\u003c/p\u003e\n"],["\u003cp\u003eThe class implements interfaces like \u003ccode\u003eIMessage\u003c/code\u003e, \u003ccode\u003eIEquatable\u003c/code\u003e, \u003ccode\u003eIDeepCloneable\u003c/code\u003e, and \u003ccode\u003eIBufferMessage\u003c/code\u003e, indicating its role within the Google Cloud Asset framework.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eIdentity\u003c/code\u003e property within the \u003ccode\u003eIdentitySelector\u003c/code\u003e class is a string that specifies the identity for which access is being analyzed, with examples provided, such as user, group, or service account, all of which have to be specific without wildcard support.\u003c/p\u003e\n"]]],[],null,[]]
