public sealed class PrivilegedAccessManagerClientImpl : PrivilegedAccessManagerClient
Reference documentation and code samples for the Privileged Access Manager v1 API class PrivilegedAccessManagerClientImpl.
PrivilegedAccessManager client wrapper implementation, for convenient use.
Namespace
Google.Cloud.PrivilegedAccessManager.V1Assembly
Google.Cloud.PrivilegedAccessManager.V1.dll
Remarks
This API allows customers to manage temporary, request based privileged access to their resources.
It defines the following resource model:
A collection of
Entitlement
resources. An entitlement allows configuring (among other things):Some kind of privileged access that users can request.
- A set of users called requesters who can request this access.
- A maximum duration for which the access can be requested.
An optional approval workflow which must be satisfied before access is granted.
A collection of
Grant
resources. A grant is a request by a requester to get the privileged access specified in an entitlement for some duration.
After the approval workflow as specified in the entitlement is satisfied, the specified access is given to the requester. The access is automatically taken back after the requested duration is over.
Constructors
PrivilegedAccessManagerClientImpl(PrivilegedAccessManagerClient, PrivilegedAccessManagerSettings, ILogger)
public PrivilegedAccessManagerClientImpl(PrivilegedAccessManager.PrivilegedAccessManagerClient grpcClient, PrivilegedAccessManagerSettings settings, ILogger logger)
Constructs a client wrapper for the PrivilegedAccessManager service, with the specified gRPC client and settings.
Parameters | |
---|---|
Name | Description |
grpcClient |
PrivilegedAccessManagerPrivilegedAccessManagerClient The underlying gRPC client. |
settings |
PrivilegedAccessManagerSettings The base PrivilegedAccessManagerSettings used within this client. |
logger |
ILogger Optional ILogger to use within this client. |
Properties
CreateEntitlementOperationsClient
public override OperationsClient CreateEntitlementOperationsClient { get; }
The long-running operations client for CreateEntitlement
.
Property Value | |
---|---|
Type | Description |
OperationsClient |
DeleteEntitlementOperationsClient
public override OperationsClient DeleteEntitlementOperationsClient { get; }
The long-running operations client for DeleteEntitlement
.
Property Value | |
---|---|
Type | Description |
OperationsClient |
GrpcClient
public override PrivilegedAccessManager.PrivilegedAccessManagerClient GrpcClient { get; }
The underlying gRPC PrivilegedAccessManager client
Property Value | |
---|---|
Type | Description |
PrivilegedAccessManagerPrivilegedAccessManagerClient |
LocationsClient
public override LocationsClient LocationsClient { get; }
The LocationsClient associated with this client.
Property Value | |
---|---|
Type | Description |
LocationsClient |
RevokeGrantOperationsClient
public override OperationsClient RevokeGrantOperationsClient { get; }
The long-running operations client for RevokeGrant
.
Property Value | |
---|---|
Type | Description |
OperationsClient |
UpdateEntitlementOperationsClient
public override OperationsClient UpdateEntitlementOperationsClient { get; }
The long-running operations client for UpdateEntitlement
.
Property Value | |
---|---|
Type | Description |
OperationsClient |
Methods
ApproveGrant(ApproveGrantRequest, CallSettings)
public override Grant ApproveGrant(ApproveGrantRequest request, CallSettings callSettings = null)
ApproveGrant
is used to approve a grant. This method can only be called
on a grant when it's in the APPROVAL_AWAITED
state. This operation can't
be undone.
Parameters | |
---|---|
Name | Description |
request |
ApproveGrantRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
Grant |
The RPC response. |
ApproveGrantAsync(ApproveGrantRequest, CallSettings)
public override Task<Grant> ApproveGrantAsync(ApproveGrantRequest request, CallSettings callSettings = null)
ApproveGrant
is used to approve a grant. This method can only be called
on a grant when it's in the APPROVAL_AWAITED
state. This operation can't
be undone.
Parameters | |
---|---|
Name | Description |
request |
ApproveGrantRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
TaskGrant |
A Task containing the RPC response. |
CheckOnboardingStatus(CheckOnboardingStatusRequest, CallSettings)
public override CheckOnboardingStatusResponse CheckOnboardingStatus(CheckOnboardingStatusRequest request, CallSettings callSettings = null)
CheckOnboardingStatus
reports the onboarding status for a
project/folder/organization. Any findings reported by this API need to be
fixed before PAM can be used on the resource.
Parameters | |
---|---|
Name | Description |
request |
CheckOnboardingStatusRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
CheckOnboardingStatusResponse |
The RPC response. |
CheckOnboardingStatusAsync(CheckOnboardingStatusRequest, CallSettings)
public override Task<CheckOnboardingStatusResponse> CheckOnboardingStatusAsync(CheckOnboardingStatusRequest request, CallSettings callSettings = null)
CheckOnboardingStatus
reports the onboarding status for a
project/folder/organization. Any findings reported by this API need to be
fixed before PAM can be used on the resource.
Parameters | |
---|---|
Name | Description |
request |
CheckOnboardingStatusRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
TaskCheckOnboardingStatusResponse |
A Task containing the RPC response. |
CreateEntitlement(CreateEntitlementRequest, CallSettings)
public override Operation<Entitlement, OperationMetadata> CreateEntitlement(CreateEntitlementRequest request, CallSettings callSettings = null)
Creates a new entitlement in a given project/folder/organization and location.
Parameters | |
---|---|
Name | Description |
request |
CreateEntitlementRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
OperationEntitlementOperationMetadata |
The RPC response. |
CreateEntitlementAsync(CreateEntitlementRequest, CallSettings)
public override Task<Operation<Entitlement, OperationMetadata>> CreateEntitlementAsync(CreateEntitlementRequest request, CallSettings callSettings = null)
Creates a new entitlement in a given project/folder/organization and location.
Parameters | |
---|---|
Name | Description |
request |
CreateEntitlementRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
TaskOperationEntitlementOperationMetadata |
A Task containing the RPC response. |
CreateGrant(CreateGrantRequest, CallSettings)
public override Grant CreateGrant(CreateGrantRequest request, CallSettings callSettings = null)
Creates a new grant in a given project/folder/organization and location.
Parameters | |
---|---|
Name | Description |
request |
CreateGrantRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
Grant |
The RPC response. |
CreateGrantAsync(CreateGrantRequest, CallSettings)
public override Task<Grant> CreateGrantAsync(CreateGrantRequest request, CallSettings callSettings = null)
Creates a new grant in a given project/folder/organization and location.
Parameters | |
---|---|
Name | Description |
request |
CreateGrantRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
TaskGrant |
A Task containing the RPC response. |
DeleteEntitlement(DeleteEntitlementRequest, CallSettings)
public override Operation<Entitlement, OperationMetadata> DeleteEntitlement(DeleteEntitlementRequest request, CallSettings callSettings = null)
Deletes a single entitlement. This method can only be called when there
are no in-progress (ACTIVE
/ACTIVATING
/REVOKING
) grants under the
entitlement.
Parameters | |
---|---|
Name | Description |
request |
DeleteEntitlementRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
OperationEntitlementOperationMetadata |
The RPC response. |
DeleteEntitlementAsync(DeleteEntitlementRequest, CallSettings)
public override Task<Operation<Entitlement, OperationMetadata>> DeleteEntitlementAsync(DeleteEntitlementRequest request, CallSettings callSettings = null)
Deletes a single entitlement. This method can only be called when there
are no in-progress (ACTIVE
/ACTIVATING
/REVOKING
) grants under the
entitlement.
Parameters | |
---|---|
Name | Description |
request |
DeleteEntitlementRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
TaskOperationEntitlementOperationMetadata |
A Task containing the RPC response. |
DenyGrant(DenyGrantRequest, CallSettings)
public override Grant DenyGrant(DenyGrantRequest request, CallSettings callSettings = null)
DenyGrant
is used to deny a grant. This method can only be called on a
grant when it's in the APPROVAL_AWAITED
state. This operation can't be
undone.
Parameters | |
---|---|
Name | Description |
request |
DenyGrantRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
Grant |
The RPC response. |
DenyGrantAsync(DenyGrantRequest, CallSettings)
public override Task<Grant> DenyGrantAsync(DenyGrantRequest request, CallSettings callSettings = null)
DenyGrant
is used to deny a grant. This method can only be called on a
grant when it's in the APPROVAL_AWAITED
state. This operation can't be
undone.
Parameters | |
---|---|
Name | Description |
request |
DenyGrantRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
TaskGrant |
A Task containing the RPC response. |
GetEntitlement(GetEntitlementRequest, CallSettings)
public override Entitlement GetEntitlement(GetEntitlementRequest request, CallSettings callSettings = null)
Gets details of a single entitlement.
Parameters | |
---|---|
Name | Description |
request |
GetEntitlementRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
Entitlement |
The RPC response. |
GetEntitlementAsync(GetEntitlementRequest, CallSettings)
public override Task<Entitlement> GetEntitlementAsync(GetEntitlementRequest request, CallSettings callSettings = null)
Gets details of a single entitlement.
Parameters | |
---|---|
Name | Description |
request |
GetEntitlementRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
TaskEntitlement |
A Task containing the RPC response. |
GetGrant(GetGrantRequest, CallSettings)
public override Grant GetGrant(GetGrantRequest request, CallSettings callSettings = null)
Get details of a single grant.
Parameters | |
---|---|
Name | Description |
request |
GetGrantRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
Grant |
The RPC response. |
GetGrantAsync(GetGrantRequest, CallSettings)
public override Task<Grant> GetGrantAsync(GetGrantRequest request, CallSettings callSettings = null)
Get details of a single grant.
Parameters | |
---|---|
Name | Description |
request |
GetGrantRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
TaskGrant |
A Task containing the RPC response. |
ListEntitlements(ListEntitlementsRequest, CallSettings)
public override PagedEnumerable<ListEntitlementsResponse, Entitlement> ListEntitlements(ListEntitlementsRequest request, CallSettings callSettings = null)
Lists entitlements in a given project/folder/organization and location.
Parameters | |
---|---|
Name | Description |
request |
ListEntitlementsRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
PagedEnumerableListEntitlementsResponseEntitlement |
A pageable sequence of Entitlement resources. |
ListEntitlementsAsync(ListEntitlementsRequest, CallSettings)
public override PagedAsyncEnumerable<ListEntitlementsResponse, Entitlement> ListEntitlementsAsync(ListEntitlementsRequest request, CallSettings callSettings = null)
Lists entitlements in a given project/folder/organization and location.
Parameters | |
---|---|
Name | Description |
request |
ListEntitlementsRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
PagedAsyncEnumerableListEntitlementsResponseEntitlement |
A pageable asynchronous sequence of Entitlement resources. |
ListGrants(ListGrantsRequest, CallSettings)
public override PagedEnumerable<ListGrantsResponse, Grant> ListGrants(ListGrantsRequest request, CallSettings callSettings = null)
Lists grants for a given entitlement.
Parameters | |
---|---|
Name | Description |
request |
ListGrantsRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
PagedEnumerableListGrantsResponseGrant |
A pageable sequence of Grant resources. |
ListGrantsAsync(ListGrantsRequest, CallSettings)
public override PagedAsyncEnumerable<ListGrantsResponse, Grant> ListGrantsAsync(ListGrantsRequest request, CallSettings callSettings = null)
Lists grants for a given entitlement.
Parameters | |
---|---|
Name | Description |
request |
ListGrantsRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
PagedAsyncEnumerableListGrantsResponseGrant |
A pageable asynchronous sequence of Grant resources. |
RevokeGrant(RevokeGrantRequest, CallSettings)
public override Operation<Grant, OperationMetadata> RevokeGrant(RevokeGrantRequest request, CallSettings callSettings = null)
RevokeGrant
is used to immediately revoke access for a grant. This method
can be called when the grant is in a non-terminal state.
Parameters | |
---|---|
Name | Description |
request |
RevokeGrantRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
OperationGrantOperationMetadata |
The RPC response. |
RevokeGrantAsync(RevokeGrantRequest, CallSettings)
public override Task<Operation<Grant, OperationMetadata>> RevokeGrantAsync(RevokeGrantRequest request, CallSettings callSettings = null)
RevokeGrant
is used to immediately revoke access for a grant. This method
can be called when the grant is in a non-terminal state.
Parameters | |
---|---|
Name | Description |
request |
RevokeGrantRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
TaskOperationGrantOperationMetadata |
A Task containing the RPC response. |
SearchEntitlements(SearchEntitlementsRequest, CallSettings)
public override PagedEnumerable<SearchEntitlementsResponse, Entitlement> SearchEntitlements(SearchEntitlementsRequest request, CallSettings callSettings = null)
SearchEntitlements
returns entitlements on which the caller has the
specified access.
Parameters | |
---|---|
Name | Description |
request |
SearchEntitlementsRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
PagedEnumerableSearchEntitlementsResponseEntitlement |
A pageable sequence of Entitlement resources. |
SearchEntitlementsAsync(SearchEntitlementsRequest, CallSettings)
public override PagedAsyncEnumerable<SearchEntitlementsResponse, Entitlement> SearchEntitlementsAsync(SearchEntitlementsRequest request, CallSettings callSettings = null)
SearchEntitlements
returns entitlements on which the caller has the
specified access.
Parameters | |
---|---|
Name | Description |
request |
SearchEntitlementsRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
PagedAsyncEnumerableSearchEntitlementsResponseEntitlement |
A pageable asynchronous sequence of Entitlement resources. |
SearchGrants(SearchGrantsRequest, CallSettings)
public override PagedEnumerable<SearchGrantsResponse, Grant> SearchGrants(SearchGrantsRequest request, CallSettings callSettings = null)
SearchGrants
returns grants that are related to the calling user in the
specified way.
Parameters | |
---|---|
Name | Description |
request |
SearchGrantsRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
PagedEnumerableSearchGrantsResponseGrant |
A pageable sequence of Grant resources. |
SearchGrantsAsync(SearchGrantsRequest, CallSettings)
public override PagedAsyncEnumerable<SearchGrantsResponse, Grant> SearchGrantsAsync(SearchGrantsRequest request, CallSettings callSettings = null)
SearchGrants
returns grants that are related to the calling user in the
specified way.
Parameters | |
---|---|
Name | Description |
request |
SearchGrantsRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
PagedAsyncEnumerableSearchGrantsResponseGrant |
A pageable asynchronous sequence of Grant resources. |
UpdateEntitlement(UpdateEntitlementRequest, CallSettings)
public override Operation<Entitlement, OperationMetadata> UpdateEntitlement(UpdateEntitlementRequest request, CallSettings callSettings = null)
Updates the entitlement specified in the request. Updated fields in the entitlement need to be specified in an update mask. The changes made to an entitlement are applicable only on future grants of the entitlement. However, if new approvers are added or existing approvers are removed from the approval workflow, the changes are effective on existing grants.
The following fields are not supported for updates:
- All immutable fields
- Entitlement name
- Resource name
- Resource type
- Adding an approval workflow in an entitlement which previously had no approval workflow.
- Deleting the approval workflow from an entitlement.
- Adding or deleting a step in the approval workflow (only one step is supported)
Note that updates are allowed on the list of approvers in an approval workflow step.
Parameters | |
---|---|
Name | Description |
request |
UpdateEntitlementRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
OperationEntitlementOperationMetadata |
The RPC response. |
UpdateEntitlementAsync(UpdateEntitlementRequest, CallSettings)
public override Task<Operation<Entitlement, OperationMetadata>> UpdateEntitlementAsync(UpdateEntitlementRequest request, CallSettings callSettings = null)
Updates the entitlement specified in the request. Updated fields in the entitlement need to be specified in an update mask. The changes made to an entitlement are applicable only on future grants of the entitlement. However, if new approvers are added or existing approvers are removed from the approval workflow, the changes are effective on existing grants.
The following fields are not supported for updates:
- All immutable fields
- Entitlement name
- Resource name
- Resource type
- Adding an approval workflow in an entitlement which previously had no approval workflow.
- Deleting the approval workflow from an entitlement.
- Adding or deleting a step in the approval workflow (only one step is supported)
Note that updates are allowed on the list of approvers in an approval workflow step.
Parameters | |
---|---|
Name | Description |
request |
UpdateEntitlementRequest The request object containing all of the parameters for the API call. |
callSettings |
CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
TaskOperationEntitlementOperationMetadata |
A Task containing the RPC response. |