Class PrivilegedAccessManagerGrpc.PrivilegedAccessManagerStub (0.8.0)

public static final class PrivilegedAccessManagerGrpc.PrivilegedAccessManagerStub extends AbstractAsyncStub<PrivilegedAccessManagerGrpc.PrivilegedAccessManagerStub>

A stub to allow clients to do asynchronous rpc calls to service PrivilegedAccessManager.

This API allows customers to manage temporary, request based privileged access to their resources. It defines the following resource model:

  • A collection of Entitlement resources. An entitlement allows configuring (among other things):
    • Some kind of privileged access that users can request.
    • A set of users called requesters who can request this access.
    • A maximum duration for which the access can be requested.
    • An optional approval workflow which must be satisfied before access is granted.
  • A collection of Grant resources. A grant is a request by a requester to get the privileged access specified in an entitlement for some duration. After the approval workflow as specified in the entitlement is satisfied, the specified access is given to the requester. The access is automatically taken back after the requested duration is over.

Inheritance

java.lang.Object > io.grpc.stub.AbstractStub > io.grpc.stub.AbstractAsyncStub > PrivilegedAccessManagerGrpc.PrivilegedAccessManagerStub

Methods

approveGrant(ApproveGrantRequest request, StreamObserver<Grant> responseObserver)

public void approveGrant(ApproveGrantRequest request, StreamObserver<Grant> responseObserver)

ApproveGrant is used to approve a grant. This method can only be called on a grant when it's in the APPROVAL_AWAITED state. This operation can't be undone.

Parameters
Name Description
request ApproveGrantRequest
responseObserver io.grpc.stub.StreamObserver<Grant>

build(Channel channel, CallOptions callOptions)

protected PrivilegedAccessManagerGrpc.PrivilegedAccessManagerStub build(Channel channel, CallOptions callOptions)
Parameters
Name Description
channel io.grpc.Channel
callOptions io.grpc.CallOptions
Returns
Type Description
PrivilegedAccessManagerGrpc.PrivilegedAccessManagerStub
Overrides
io.grpc.stub.AbstractStub.build(io.grpc.Channel,io.grpc.CallOptions)

checkOnboardingStatus(CheckOnboardingStatusRequest request, StreamObserver<CheckOnboardingStatusResponse> responseObserver)

public void checkOnboardingStatus(CheckOnboardingStatusRequest request, StreamObserver<CheckOnboardingStatusResponse> responseObserver)

CheckOnboardingStatus reports the onboarding status for a project/folder/organization. Any findings reported by this API need to be fixed before PAM can be used on the resource.

Parameters
Name Description
request CheckOnboardingStatusRequest
responseObserver io.grpc.stub.StreamObserver<CheckOnboardingStatusResponse>

createEntitlement(CreateEntitlementRequest request, StreamObserver<Operation> responseObserver)

public void createEntitlement(CreateEntitlementRequest request, StreamObserver<Operation> responseObserver)

Creates a new entitlement in a given project/folder/organization and location.

Parameters
Name Description
request CreateEntitlementRequest
responseObserver io.grpc.stub.StreamObserver<Operation>

createGrant(CreateGrantRequest request, StreamObserver<Grant> responseObserver)

public void createGrant(CreateGrantRequest request, StreamObserver<Grant> responseObserver)

Creates a new grant in a given project/folder/organization and location.

Parameters
Name Description
request CreateGrantRequest
responseObserver io.grpc.stub.StreamObserver<Grant>

deleteEntitlement(DeleteEntitlementRequest request, StreamObserver<Operation> responseObserver)

public void deleteEntitlement(DeleteEntitlementRequest request, StreamObserver<Operation> responseObserver)

Deletes a single entitlement. This method can only be called when there are no in-progress (ACTIVE/ACTIVATING/REVOKING) grants under the entitlement.

Parameters
Name Description
request DeleteEntitlementRequest
responseObserver io.grpc.stub.StreamObserver<Operation>

denyGrant(DenyGrantRequest request, StreamObserver<Grant> responseObserver)

public void denyGrant(DenyGrantRequest request, StreamObserver<Grant> responseObserver)

DenyGrant is used to deny a grant. This method can only be called on a grant when it's in the APPROVAL_AWAITED state. This operation can't be undone.

Parameters
Name Description
request DenyGrantRequest
responseObserver io.grpc.stub.StreamObserver<Grant>

getEntitlement(GetEntitlementRequest request, StreamObserver<Entitlement> responseObserver)

public void getEntitlement(GetEntitlementRequest request, StreamObserver<Entitlement> responseObserver)

Gets details of a single entitlement.

Parameters
Name Description
request GetEntitlementRequest
responseObserver io.grpc.stub.StreamObserver<Entitlement>

getGrant(GetGrantRequest request, StreamObserver<Grant> responseObserver)

public void getGrant(GetGrantRequest request, StreamObserver<Grant> responseObserver)

Get details of a single grant.

Parameters
Name Description
request GetGrantRequest
responseObserver io.grpc.stub.StreamObserver<Grant>

listEntitlements(ListEntitlementsRequest request, StreamObserver<ListEntitlementsResponse> responseObserver)

public void listEntitlements(ListEntitlementsRequest request, StreamObserver<ListEntitlementsResponse> responseObserver)

Lists entitlements in a given project/folder/organization and location.

Parameters
Name Description
request ListEntitlementsRequest
responseObserver io.grpc.stub.StreamObserver<ListEntitlementsResponse>

listGrants(ListGrantsRequest request, StreamObserver<ListGrantsResponse> responseObserver)

public void listGrants(ListGrantsRequest request, StreamObserver<ListGrantsResponse> responseObserver)

Lists grants for a given entitlement.

Parameters
Name Description
request ListGrantsRequest
responseObserver io.grpc.stub.StreamObserver<ListGrantsResponse>

revokeGrant(RevokeGrantRequest request, StreamObserver<Operation> responseObserver)

public void revokeGrant(RevokeGrantRequest request, StreamObserver<Operation> responseObserver)

RevokeGrant is used to immediately revoke access for a grant. This method can be called when the grant is in a non-terminal state.

Parameters
Name Description
request RevokeGrantRequest
responseObserver io.grpc.stub.StreamObserver<Operation>

searchEntitlements(SearchEntitlementsRequest request, StreamObserver<SearchEntitlementsResponse> responseObserver)

public void searchEntitlements(SearchEntitlementsRequest request, StreamObserver<SearchEntitlementsResponse> responseObserver)

SearchEntitlements returns entitlements on which the caller has the specified access.

Parameters
Name Description
request SearchEntitlementsRequest
responseObserver io.grpc.stub.StreamObserver<SearchEntitlementsResponse>

searchGrants(SearchGrantsRequest request, StreamObserver<SearchGrantsResponse> responseObserver)

public void searchGrants(SearchGrantsRequest request, StreamObserver<SearchGrantsResponse> responseObserver)

SearchGrants returns grants that are related to the calling user in the specified way.

Parameters
Name Description
request SearchGrantsRequest
responseObserver io.grpc.stub.StreamObserver<SearchGrantsResponse>

updateEntitlement(UpdateEntitlementRequest request, StreamObserver<Operation> responseObserver)

public void updateEntitlement(UpdateEntitlementRequest request, StreamObserver<Operation> responseObserver)

Updates the entitlement specified in the request. Updated fields in the entitlement need to be specified in an update mask. The changes made to an entitlement are applicable only on future grants of the entitlement. However, if new approvers are added or existing approvers are removed from the approval workflow, the changes are effective on existing grants. The following fields are not supported for updates:

  • All immutable fields
  • Entitlement name
  • Resource name
  • Resource type
  • Adding an approval workflow in an entitlement which previously had no approval workflow.
  • Deleting the approval workflow from an entitlement.
  • Adding or deleting a step in the approval workflow (only one step is supported) Note that updates are allowed on the list of approvers in an approval workflow step.
Parameters
Name Description
request UpdateEntitlementRequest
responseObserver io.grpc.stub.StreamObserver<Operation>