Common Protos for Google Cloud APIs Client - Class AuthenticationInfo (0.6.0)

Reference documentation and code samples for the Common Protos for Google Cloud APIs Client class AuthenticationInfo.

Authentication information for the operation.

Generated from protobuf message google.cloud.audit.AuthenticationInfo

Namespace

Google \ Cloud \ Audit

Methods

__construct

Constructor.

Parameters
Name Description
data array

Optional. Data for populating the Message object.

↳ principal_email string

The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the principal_subject field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see Caller identities in audit logs.

↳ authority_selector string

The authority selector specified by the requestor, if any. It is not guaranteed that the principal was allowed to use this authority.

↳ third_party_principal Google\Protobuf\Struct

The third party identification (if any) of the authenticated user making the request. When the JSON object represented here has a proto equivalent, the proto name will be indicated in the @type property.

↳ service_account_key_name string

The name of the service account key used to create or exchange credentials for authenticating the service account making the request. This is a scheme-less URI full resource name. For example: "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"

↳ service_account_delegation_info array<ServiceAccountDelegationInfo>

Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

↳ principal_subject string

String representation of identity of requesting party. Populated for both first and third party identities.

getPrincipalEmail

The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the principal_subject field is populated instead of this field.

For privacy reasons, the principal email address is sometimes redacted. For more information, see Caller identities in audit logs.

Returns
Type Description
string

setPrincipalEmail

The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the principal_subject field is populated instead of this field.

For privacy reasons, the principal email address is sometimes redacted. For more information, see Caller identities in audit logs.

Parameter
Name Description
var string
Returns
Type Description
$this

getAuthoritySelector

The authority selector specified by the requestor, if any.

It is not guaranteed that the principal was allowed to use this authority.

Returns
Type Description
string

setAuthoritySelector

The authority selector specified by the requestor, if any.

It is not guaranteed that the principal was allowed to use this authority.

Parameter
Name Description
var string
Returns
Type Description
$this

getThirdPartyPrincipal

The third party identification (if any) of the authenticated user making the request.

When the JSON object represented here has a proto equivalent, the proto name will be indicated in the @type property.

Returns
Type Description
Google\Protobuf\Struct|null

hasThirdPartyPrincipal

clearThirdPartyPrincipal

setThirdPartyPrincipal

The third party identification (if any) of the authenticated user making the request.

When the JSON object represented here has a proto equivalent, the proto name will be indicated in the @type property.

Parameter
Name Description
var Google\Protobuf\Struct
Returns
Type Description
$this

getServiceAccountKeyName

The name of the service account key used to create or exchange credentials for authenticating the service account making the request.

This is a scheme-less URI full resource name. For example: "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"

Returns
Type Description
string

setServiceAccountKeyName

The name of the service account key used to create or exchange credentials for authenticating the service account making the request.

This is a scheme-less URI full resource name. For example: "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"

Parameter
Name Description
var string
Returns
Type Description
$this

getServiceAccountDelegationInfo

Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

Returns
Type Description
Google\Protobuf\Internal\RepeatedField

setServiceAccountDelegationInfo

Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

Parameter
Name Description
var array<ServiceAccountDelegationInfo>
Returns
Type Description
$this

getPrincipalSubject

String representation of identity of requesting party.

Populated for both first and third party identities.

Returns
Type Description
string

setPrincipalSubject

String representation of identity of requesting party.

Populated for both first and third party identities.

Parameter
Name Description
var string
Returns
Type Description
$this