Privileged Access Manager v1 API - Class PrivilegedAccessManagerClientImpl (1.0.0)

public sealed class PrivilegedAccessManagerClientImpl : PrivilegedAccessManagerClient

Reference documentation and code samples for the Privileged Access Manager v1 API class PrivilegedAccessManagerClientImpl.

PrivilegedAccessManager client wrapper implementation, for convenient use.

Inheritance

object > PrivilegedAccessManagerClient > PrivilegedAccessManagerClientImpl

Namespace

Google.Cloud.PrivilegedAccessManager.V1

Assembly

Google.Cloud.PrivilegedAccessManager.V1.dll

Remarks

This API allows customers to manage temporary, request based privileged access to their resources.

It defines the following resource model:

  • A collection of Entitlement resources. An entitlement allows configuring (among other things):

  • Some kind of privileged access that users can request.

  • A set of users called requesters who can request this access.
  • A maximum duration for which the access can be requested.
  • An optional approval workflow which must be satisfied before access is granted.

  • A collection of Grant resources. A grant is a request by a requester to get the privileged access specified in an entitlement for some duration.

After the approval workflow as specified in the entitlement is satisfied, the specified access is given to the requester. The access is automatically taken back after the requested duration is over.

Constructors

PrivilegedAccessManagerClientImpl(PrivilegedAccessManagerClient, PrivilegedAccessManagerSettings, ILogger)

public PrivilegedAccessManagerClientImpl(PrivilegedAccessManager.PrivilegedAccessManagerClient grpcClient, PrivilegedAccessManagerSettings settings, ILogger logger)

Constructs a client wrapper for the PrivilegedAccessManager service, with the specified gRPC client and settings.

Parameters
Name Description
grpcClient PrivilegedAccessManagerPrivilegedAccessManagerClient

The underlying gRPC client.

settings PrivilegedAccessManagerSettings

The base PrivilegedAccessManagerSettings used within this client.

logger ILogger

Optional ILogger to use within this client.

Properties

CreateEntitlementOperationsClient

public override OperationsClient CreateEntitlementOperationsClient { get; }

The long-running operations client for CreateEntitlement.

Property Value
Type Description
OperationsClient
Overrides

DeleteEntitlementOperationsClient

public override OperationsClient DeleteEntitlementOperationsClient { get; }

The long-running operations client for DeleteEntitlement.

Property Value
Type Description
OperationsClient
Overrides

GrpcClient

public override PrivilegedAccessManager.PrivilegedAccessManagerClient GrpcClient { get; }

The underlying gRPC PrivilegedAccessManager client

Property Value
Type Description
PrivilegedAccessManagerPrivilegedAccessManagerClient
Overrides

LocationsClient

public override LocationsClient LocationsClient { get; }

The LocationsClient associated with this client.

Property Value
Type Description
LocationsClient
Overrides

RevokeGrantOperationsClient

public override OperationsClient RevokeGrantOperationsClient { get; }

The long-running operations client for RevokeGrant.

Property Value
Type Description
OperationsClient
Overrides

UpdateEntitlementOperationsClient

public override OperationsClient UpdateEntitlementOperationsClient { get; }

The long-running operations client for UpdateEntitlement.

Property Value
Type Description
OperationsClient
Overrides

Methods

ApproveGrant(ApproveGrantRequest, CallSettings)

public override Grant ApproveGrant(ApproveGrantRequest request, CallSettings callSettings = null)

ApproveGrant is used to approve a grant. This method can only be called on a grant when it's in the APPROVAL_AWAITED state. This operation can't be undone.

Parameters
Name Description
request ApproveGrantRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
Grant

The RPC response.

Overrides

ApproveGrantAsync(ApproveGrantRequest, CallSettings)

public override Task<Grant> ApproveGrantAsync(ApproveGrantRequest request, CallSettings callSettings = null)

ApproveGrant is used to approve a grant. This method can only be called on a grant when it's in the APPROVAL_AWAITED state. This operation can't be undone.

Parameters
Name Description
request ApproveGrantRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
TaskGrant

A Task containing the RPC response.

Overrides

CheckOnboardingStatus(CheckOnboardingStatusRequest, CallSettings)

public override CheckOnboardingStatusResponse CheckOnboardingStatus(CheckOnboardingStatusRequest request, CallSettings callSettings = null)

CheckOnboardingStatus reports the onboarding status for a project/folder/organization. Any findings reported by this API need to be fixed before PAM can be used on the resource.

Parameters
Name Description
request CheckOnboardingStatusRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
CheckOnboardingStatusResponse

The RPC response.

Overrides

CheckOnboardingStatusAsync(CheckOnboardingStatusRequest, CallSettings)

public override Task<CheckOnboardingStatusResponse> CheckOnboardingStatusAsync(CheckOnboardingStatusRequest request, CallSettings callSettings = null)

CheckOnboardingStatus reports the onboarding status for a project/folder/organization. Any findings reported by this API need to be fixed before PAM can be used on the resource.

Parameters
Name Description
request CheckOnboardingStatusRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
TaskCheckOnboardingStatusResponse

A Task containing the RPC response.

Overrides

CreateEntitlement(CreateEntitlementRequest, CallSettings)

public override Operation<Entitlement, OperationMetadata> CreateEntitlement(CreateEntitlementRequest request, CallSettings callSettings = null)

Creates a new entitlement in a given project/folder/organization and location.

Parameters
Name Description
request CreateEntitlementRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
OperationEntitlementOperationMetadata

The RPC response.

Overrides

CreateEntitlementAsync(CreateEntitlementRequest, CallSettings)

public override Task<Operation<Entitlement, OperationMetadata>> CreateEntitlementAsync(CreateEntitlementRequest request, CallSettings callSettings = null)

Creates a new entitlement in a given project/folder/organization and location.

Parameters
Name Description
request CreateEntitlementRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
TaskOperationEntitlementOperationMetadata

A Task containing the RPC response.

Overrides

CreateGrant(CreateGrantRequest, CallSettings)

public override Grant CreateGrant(CreateGrantRequest request, CallSettings callSettings = null)

Creates a new grant in a given project/folder/organization and location.

Parameters
Name Description
request CreateGrantRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
Grant

The RPC response.

Overrides

CreateGrantAsync(CreateGrantRequest, CallSettings)

public override Task<Grant> CreateGrantAsync(CreateGrantRequest request, CallSettings callSettings = null)

Creates a new grant in a given project/folder/organization and location.

Parameters
Name Description
request CreateGrantRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
TaskGrant

A Task containing the RPC response.

Overrides

DeleteEntitlement(DeleteEntitlementRequest, CallSettings)

public override Operation<Entitlement, OperationMetadata> DeleteEntitlement(DeleteEntitlementRequest request, CallSettings callSettings = null)

Deletes a single entitlement. This method can only be called when there are no in-progress (ACTIVE/ACTIVATING/REVOKING) grants under the entitlement.

Parameters
Name Description
request DeleteEntitlementRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
OperationEntitlementOperationMetadata

The RPC response.

Overrides

DeleteEntitlementAsync(DeleteEntitlementRequest, CallSettings)

public override Task<Operation<Entitlement, OperationMetadata>> DeleteEntitlementAsync(DeleteEntitlementRequest request, CallSettings callSettings = null)

Deletes a single entitlement. This method can only be called when there are no in-progress (ACTIVE/ACTIVATING/REVOKING) grants under the entitlement.

Parameters
Name Description
request DeleteEntitlementRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
TaskOperationEntitlementOperationMetadata

A Task containing the RPC response.

Overrides

DenyGrant(DenyGrantRequest, CallSettings)

public override Grant DenyGrant(DenyGrantRequest request, CallSettings callSettings = null)

DenyGrant is used to deny a grant. This method can only be called on a grant when it's in the APPROVAL_AWAITED state. This operation can't be undone.

Parameters
Name Description
request DenyGrantRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
Grant

The RPC response.

Overrides

DenyGrantAsync(DenyGrantRequest, CallSettings)

public override Task<Grant> DenyGrantAsync(DenyGrantRequest request, CallSettings callSettings = null)

DenyGrant is used to deny a grant. This method can only be called on a grant when it's in the APPROVAL_AWAITED state. This operation can't be undone.

Parameters
Name Description
request DenyGrantRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
TaskGrant

A Task containing the RPC response.

Overrides

GetEntitlement(GetEntitlementRequest, CallSettings)

public override Entitlement GetEntitlement(GetEntitlementRequest request, CallSettings callSettings = null)

Gets details of a single entitlement.

Parameters
Name Description
request GetEntitlementRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
Entitlement

The RPC response.

Overrides

GetEntitlementAsync(GetEntitlementRequest, CallSettings)

public override Task<Entitlement> GetEntitlementAsync(GetEntitlementRequest request, CallSettings callSettings = null)

Gets details of a single entitlement.

Parameters
Name Description
request GetEntitlementRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
TaskEntitlement

A Task containing the RPC response.

Overrides

GetGrant(GetGrantRequest, CallSettings)

public override Grant GetGrant(GetGrantRequest request, CallSettings callSettings = null)

Get details of a single grant.

Parameters
Name Description
request GetGrantRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
Grant

The RPC response.

Overrides

GetGrantAsync(GetGrantRequest, CallSettings)

public override Task<Grant> GetGrantAsync(GetGrantRequest request, CallSettings callSettings = null)

Get details of a single grant.

Parameters
Name Description
request GetGrantRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
TaskGrant

A Task containing the RPC response.

Overrides

ListEntitlements(ListEntitlementsRequest, CallSettings)

public override PagedEnumerable<ListEntitlementsResponse, Entitlement> ListEntitlements(ListEntitlementsRequest request, CallSettings callSettings = null)

Lists entitlements in a given project/folder/organization and location.

Parameters
Name Description
request ListEntitlementsRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
PagedEnumerableListEntitlementsResponseEntitlement

A pageable sequence of Entitlement resources.

Overrides

ListEntitlementsAsync(ListEntitlementsRequest, CallSettings)

public override PagedAsyncEnumerable<ListEntitlementsResponse, Entitlement> ListEntitlementsAsync(ListEntitlementsRequest request, CallSettings callSettings = null)

Lists entitlements in a given project/folder/organization and location.

Parameters
Name Description
request ListEntitlementsRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
PagedAsyncEnumerableListEntitlementsResponseEntitlement

A pageable asynchronous sequence of Entitlement resources.

Overrides

ListGrants(ListGrantsRequest, CallSettings)

public override PagedEnumerable<ListGrantsResponse, Grant> ListGrants(ListGrantsRequest request, CallSettings callSettings = null)

Lists grants for a given entitlement.

Parameters
Name Description
request ListGrantsRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
PagedEnumerableListGrantsResponseGrant

A pageable sequence of Grant resources.

Overrides

ListGrantsAsync(ListGrantsRequest, CallSettings)

public override PagedAsyncEnumerable<ListGrantsResponse, Grant> ListGrantsAsync(ListGrantsRequest request, CallSettings callSettings = null)

Lists grants for a given entitlement.

Parameters
Name Description
request ListGrantsRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
PagedAsyncEnumerableListGrantsResponseGrant

A pageable asynchronous sequence of Grant resources.

Overrides

RevokeGrant(RevokeGrantRequest, CallSettings)

public override Operation<Grant, OperationMetadata> RevokeGrant(RevokeGrantRequest request, CallSettings callSettings = null)

RevokeGrant is used to immediately revoke access for a grant. This method can be called when the grant is in a non-terminal state.

Parameters
Name Description
request RevokeGrantRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
OperationGrantOperationMetadata

The RPC response.

Overrides

RevokeGrantAsync(RevokeGrantRequest, CallSettings)

public override Task<Operation<Grant, OperationMetadata>> RevokeGrantAsync(RevokeGrantRequest request, CallSettings callSettings = null)

RevokeGrant is used to immediately revoke access for a grant. This method can be called when the grant is in a non-terminal state.

Parameters
Name Description
request RevokeGrantRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
TaskOperationGrantOperationMetadata

A Task containing the RPC response.

Overrides

SearchEntitlements(SearchEntitlementsRequest, CallSettings)

public override PagedEnumerable<SearchEntitlementsResponse, Entitlement> SearchEntitlements(SearchEntitlementsRequest request, CallSettings callSettings = null)

SearchEntitlements returns entitlements on which the caller has the specified access.

Parameters
Name Description
request SearchEntitlementsRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
PagedEnumerableSearchEntitlementsResponseEntitlement

A pageable sequence of Entitlement resources.

Overrides

SearchEntitlementsAsync(SearchEntitlementsRequest, CallSettings)

public override PagedAsyncEnumerable<SearchEntitlementsResponse, Entitlement> SearchEntitlementsAsync(SearchEntitlementsRequest request, CallSettings callSettings = null)

SearchEntitlements returns entitlements on which the caller has the specified access.

Parameters
Name Description
request SearchEntitlementsRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
PagedAsyncEnumerableSearchEntitlementsResponseEntitlement

A pageable asynchronous sequence of Entitlement resources.

Overrides

SearchGrants(SearchGrantsRequest, CallSettings)

public override PagedEnumerable<SearchGrantsResponse, Grant> SearchGrants(SearchGrantsRequest request, CallSettings callSettings = null)

SearchGrants returns grants that are related to the calling user in the specified way.

Parameters
Name Description
request SearchGrantsRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
PagedEnumerableSearchGrantsResponseGrant

A pageable sequence of Grant resources.

Overrides

SearchGrantsAsync(SearchGrantsRequest, CallSettings)

public override PagedAsyncEnumerable<SearchGrantsResponse, Grant> SearchGrantsAsync(SearchGrantsRequest request, CallSettings callSettings = null)

SearchGrants returns grants that are related to the calling user in the specified way.

Parameters
Name Description
request SearchGrantsRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
PagedAsyncEnumerableSearchGrantsResponseGrant

A pageable asynchronous sequence of Grant resources.

Overrides

UpdateEntitlement(UpdateEntitlementRequest, CallSettings)

public override Operation<Entitlement, OperationMetadata> UpdateEntitlement(UpdateEntitlementRequest request, CallSettings callSettings = null)

Updates the entitlement specified in the request. Updated fields in the entitlement need to be specified in an update mask. The changes made to an entitlement are applicable only on future grants of the entitlement. However, if new approvers are added or existing approvers are removed from the approval workflow, the changes are effective on existing grants.

The following fields are not supported for updates:

  • All immutable fields
  • Entitlement name
  • Resource name
  • Resource type
  • Adding an approval workflow in an entitlement which previously had no approval workflow.
  • Deleting the approval workflow from an entitlement.
  • Adding or deleting a step in the approval workflow (only one step is supported)

Note that updates are allowed on the list of approvers in an approval workflow step.

Parameters
Name Description
request UpdateEntitlementRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
OperationEntitlementOperationMetadata

The RPC response.

Overrides

UpdateEntitlementAsync(UpdateEntitlementRequest, CallSettings)

public override Task<Operation<Entitlement, OperationMetadata>> UpdateEntitlementAsync(UpdateEntitlementRequest request, CallSettings callSettings = null)

Updates the entitlement specified in the request. Updated fields in the entitlement need to be specified in an update mask. The changes made to an entitlement are applicable only on future grants of the entitlement. However, if new approvers are added or existing approvers are removed from the approval workflow, the changes are effective on existing grants.

The following fields are not supported for updates:

  • All immutable fields
  • Entitlement name
  • Resource name
  • Resource type
  • Adding an approval workflow in an entitlement which previously had no approval workflow.
  • Deleting the approval workflow from an entitlement.
  • Adding or deleting a step in the approval workflow (only one step is supported)

Note that updates are allowed on the list of approvers in an approval workflow step.

Parameters
Name Description
request UpdateEntitlementRequest

The request object containing all of the parameters for the API call.

callSettings CallSettings

If not null, applies overrides to this RPC call.

Returns
Type Description
TaskOperationEntitlementOperationMetadata

A Task containing the RPC response.

Overrides