public sealed class Grant : IMessage<Grant>, IEquatable<Grant>, IDeepCloneable<Grant>, IBufferMessage, IMessage
Reference documentation and code samples for the Privileged Access Manager v1 API class Grant.
This is to ensure that the Grants
and ProducerGrants
proto are byte
compatible.
A grant represents a request from a user for obtaining the access specified
in an entitlement they are eligible for.
Namespace
Google.Cloud.PrivilegedAccessManager.V1Assembly
Google.Cloud.PrivilegedAccessManager.V1.dll
Constructors
Grant()
public Grant()
Grant(Grant)
public Grant(Grant other)
Parameter | |
---|---|
Name | Description |
other |
Grant |
Properties
AdditionalEmailRecipients
public RepeatedField<string> AdditionalEmailRecipients { get; }
Optional. Additional email addresses to notify for all the actions performed on the grant.
Property Value | |
---|---|
Type | Description |
RepeatedFieldstring |
AuditTrail
public Grant.Types.AuditTrail AuditTrail { get; set; }
Output only. Audit trail of access provided by this grant. If unspecified then access was never granted.
Property Value | |
---|---|
Type | Description |
GrantTypesAuditTrail |
CreateTime
public Timestamp CreateTime { get; set; }
Output only. Create time stamp.
Property Value | |
---|---|
Type | Description |
Timestamp |
ExternallyModified
public bool ExternallyModified { get; set; }
Output only. Flag set by the PAM system to indicate that policy bindings made by this grant have been modified from outside PAM.
After it is set, this flag remains set forever irrespective of the grant
state. A true
value here indicates that PAM no longer has any certainty
on the access a user has because of this grant.
Property Value | |
---|---|
Type | Description |
bool |
GrantName
public GrantName GrantName { get; set; }
Property Value | |
---|---|
Type | Description |
GrantName |
Justification
public Justification Justification { get; set; }
Optional. Justification of why this access is needed.
Property Value | |
---|---|
Type | Description |
Justification |
Name
public string Name { get; set; }
Identifier. Name of this grant. Possible formats:
organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
The last segment of this name ({grant-id}
) is autogenerated.
Property Value | |
---|---|
Type | Description |
string |
PrivilegedAccess
public PrivilegedAccess PrivilegedAccess { get; set; }
Output only. The access that would be granted by this grant.
Property Value | |
---|---|
Type | Description |
PrivilegedAccess |
RequestedDuration
public Duration RequestedDuration { get; set; }
Required. The amount of time access is needed for. This value should be
less than the max_request_duration
value of the entitlement.
Property Value | |
---|---|
Type | Description |
Duration |
Requester
public string Requester { get; set; }
Output only. Username of the user who created this grant.
Property Value | |
---|---|
Type | Description |
string |
State
public Grant.Types.State State { get; set; }
Output only. Current state of this grant.
Property Value | |
---|---|
Type | Description |
GrantTypesState |
Timeline
public Grant.Types.Timeline Timeline { get; set; }
Output only. Timeline of this grant.
Property Value | |
---|---|
Type | Description |
GrantTypesTimeline |
UpdateTime
public Timestamp UpdateTime { get; set; }
Output only. Update time stamp.
Property Value | |
---|---|
Type | Description |
Timestamp |