Reference documentation and code samples for the Common Protos for Google Cloud APIs Client class AuthenticationInfo.
Authentication information for the operation.
Generated from protobuf message google.cloud.audit.AuthenticationInfo
Namespace
Google \ Cloud \ AuditMethods
__construct
Constructor.
Parameters | |
---|---|
Name | Description |
data |
array
Optional. Data for populating the Message object. |
↳ principal_email |
string
The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the |
↳ authority_selector |
string
The authority selector specified by the requestor, if any. It is not guaranteed that the principal was allowed to use this authority. |
↳ third_party_principal |
Google\Protobuf\Struct
The third party identification (if any) of the authenticated user making the request. When the JSON object represented here has a proto equivalent, the proto name will be indicated in the |
↳ service_account_key_name |
string
The name of the service account key used to create or exchange credentials for authenticating the service account making the request. This is a scheme-less URI full resource name. For example: "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}" |
↳ service_account_delegation_info |
array<ServiceAccountDelegationInfo>
Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities present, they are guaranteed to be sorted based on the original ordering of the identity delegation events. |
↳ principal_subject |
string
String representation of identity of requesting party. Populated for both first and third party identities. |
getPrincipalEmail
The email address of the authenticated user (or service account on behalf
of third party principal) making the request. For third party identity
callers, the principal_subject
field is populated instead of this field.
For privacy reasons, the principal email address is sometimes redacted. For more information, see Caller identities in audit logs.
Returns | |
---|---|
Type | Description |
string |
setPrincipalEmail
The email address of the authenticated user (or service account on behalf
of third party principal) making the request. For third party identity
callers, the principal_subject
field is populated instead of this field.
For privacy reasons, the principal email address is sometimes redacted. For more information, see Caller identities in audit logs.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getAuthoritySelector
The authority selector specified by the requestor, if any.
It is not guaranteed that the principal was allowed to use this authority.
Returns | |
---|---|
Type | Description |
string |
setAuthoritySelector
The authority selector specified by the requestor, if any.
It is not guaranteed that the principal was allowed to use this authority.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getThirdPartyPrincipal
The third party identification (if any) of the authenticated user making the request.
When the JSON object represented here has a proto equivalent, the proto
name will be indicated in the @type
property.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Struct|null |
hasThirdPartyPrincipal
clearThirdPartyPrincipal
setThirdPartyPrincipal
The third party identification (if any) of the authenticated user making the request.
When the JSON object represented here has a proto equivalent, the proto
name will be indicated in the @type
property.
Parameter | |
---|---|
Name | Description |
var |
Google\Protobuf\Struct
|
Returns | |
---|---|
Type | Description |
$this |
getServiceAccountKeyName
The name of the service account key used to create or exchange credentials for authenticating the service account making the request.
This is a scheme-less URI full resource name. For example: "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"
Returns | |
---|---|
Type | Description |
string |
setServiceAccountKeyName
The name of the service account key used to create or exchange credentials for authenticating the service account making the request.
This is a scheme-less URI full resource name. For example: "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getServiceAccountDelegationInfo
Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Internal\RepeatedField |
setServiceAccountDelegationInfo
Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.
Parameter | |
---|---|
Name | Description |
var |
array<ServiceAccountDelegationInfo>
|
Returns | |
---|---|
Type | Description |
$this |
getPrincipalSubject
String representation of identity of requesting party.
Populated for both first and third party identities.
Returns | |
---|---|
Type | Description |
string |
setPrincipalSubject
String representation of identity of requesting party.
Populated for both first and third party identities.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |