Google Cloud Privileged Access Manager V1 Client - Class Entitlement (0.1.3)

Reference documentation and code samples for the Google Cloud Privileged Access Manager V1 Client class Entitlement.

An entitlement defines the eligibility of a set of users to obtain predefined access for some time possibly after going through an approval workflow.

Generated from protobuf message google.cloud.privilegedaccessmanager.v1.Entitlement

Namespace

Google \ Cloud \ PrivilegedAccessManager \ V1

Methods

__construct

Constructor.

Parameters
Name Description
data array

Optional. Data for populating the Message object.

↳ name string

Identifier. Name of the entitlement. Possible formats: * * organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id} * * folders/{folder-number}/locations/{region}/entitlements/{entitlement-id} * * projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}

↳ create_time Google\Protobuf\Timestamp

Output only. Create time stamp.

↳ update_time Google\Protobuf\Timestamp

Output only. Update time stamp.

↳ eligible_users array<AccessControlEntry>

Optional. Who can create grants using this entitlement. This list should contain at most one entry.

↳ approval_workflow ApprovalWorkflow

Optional. The approvals needed before access are granted to a requester. No approvals are needed if this field is null.

↳ privileged_access PrivilegedAccess

The access granted to a requester on successful approval.

↳ max_request_duration Google\Protobuf\Duration

Required. The maximum amount of time that access is granted for a request. A requester can ask for a duration less than this, but never more.

↳ state int

Output only. Current state of this entitlement.

↳ requester_justification_config Entitlement\RequesterJustificationConfig

Required. The manner in which the requester should provide a justification for requesting access.

↳ additional_notification_targets Entitlement\AdditionalNotificationTargets

Optional. Additional email addresses to be notified based on actions taken.

↳ etag string

An etag is used for optimistic concurrency control as a way to prevent simultaneous updates to the same entitlement. An etag is returned in the response to GetEntitlement and the caller should put the etag in the request to UpdateEntitlement so that their change is applied on the same version. If this field is omitted or if there is a mismatch while updating an entitlement, then the server rejects the request.

getName

Identifier. Name of the entitlement.

Possible formats:

  • organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}
  • folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}
  • projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}
Returns
Type Description
string

setName

Identifier. Name of the entitlement.

Possible formats:

  • organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}
  • folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}
  • projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}
Parameter
Name Description
var string
Returns
Type Description
$this

getCreateTime

Output only. Create time stamp.

Returns
Type Description
Google\Protobuf\Timestamp|null

hasCreateTime

clearCreateTime

setCreateTime

Output only. Create time stamp.

Parameter
Name Description
var Google\Protobuf\Timestamp
Returns
Type Description
$this

getUpdateTime

Output only. Update time stamp.

Returns
Type Description
Google\Protobuf\Timestamp|null

hasUpdateTime

clearUpdateTime

setUpdateTime

Output only. Update time stamp.

Parameter
Name Description
var Google\Protobuf\Timestamp
Returns
Type Description
$this

getEligibleUsers

Optional. Who can create grants using this entitlement. This list should contain at most one entry.

Returns
Type Description
Google\Protobuf\Internal\RepeatedField

setEligibleUsers

Optional. Who can create grants using this entitlement. This list should contain at most one entry.

Parameter
Name Description
var array<AccessControlEntry>
Returns
Type Description
$this

getApprovalWorkflow

Optional. The approvals needed before access are granted to a requester. No approvals are needed if this field is null.

Returns
Type Description
ApprovalWorkflow|null

hasApprovalWorkflow

clearApprovalWorkflow

setApprovalWorkflow

Optional. The approvals needed before access are granted to a requester. No approvals are needed if this field is null.

Parameter
Name Description
var ApprovalWorkflow
Returns
Type Description
$this

getPrivilegedAccess

The access granted to a requester on successful approval.

Returns
Type Description
PrivilegedAccess|null

hasPrivilegedAccess

clearPrivilegedAccess

setPrivilegedAccess

The access granted to a requester on successful approval.

Parameter
Name Description
var PrivilegedAccess
Returns
Type Description
$this

getMaxRequestDuration

Required. The maximum amount of time that access is granted for a request.

A requester can ask for a duration less than this, but never more.

Returns
Type Description
Google\Protobuf\Duration|null

hasMaxRequestDuration

clearMaxRequestDuration

setMaxRequestDuration

Required. The maximum amount of time that access is granted for a request.

A requester can ask for a duration less than this, but never more.

Parameter
Name Description
var Google\Protobuf\Duration
Returns
Type Description
$this

getState

Output only. Current state of this entitlement.

Returns
Type Description
int

setState

Output only. Current state of this entitlement.

Parameter
Name Description
var int
Returns
Type Description
$this

getRequesterJustificationConfig

Required. The manner in which the requester should provide a justification for requesting access.

Returns
Type Description
Entitlement\RequesterJustificationConfig|null

hasRequesterJustificationConfig

clearRequesterJustificationConfig

setRequesterJustificationConfig

Required. The manner in which the requester should provide a justification for requesting access.

Parameter
Name Description
var Entitlement\RequesterJustificationConfig
Returns
Type Description
$this

getAdditionalNotificationTargets

Optional. Additional email addresses to be notified based on actions taken.

Returns
Type Description
Entitlement\AdditionalNotificationTargets|null

hasAdditionalNotificationTargets

clearAdditionalNotificationTargets

setAdditionalNotificationTargets

Optional. Additional email addresses to be notified based on actions taken.

Parameter
Name Description
var Entitlement\AdditionalNotificationTargets
Returns
Type Description
$this

getEtag

An etag is used for optimistic concurrency control as a way to prevent simultaneous updates to the same entitlement. An etag is returned in the response to GetEntitlement and the caller should put the etag in the request to UpdateEntitlement so that their change is applied on the same version. If this field is omitted or if there is a mismatch while updating an entitlement, then the server rejects the request.

Returns
Type Description
string

setEtag

An etag is used for optimistic concurrency control as a way to prevent simultaneous updates to the same entitlement. An etag is returned in the response to GetEntitlement and the caller should put the etag in the request to UpdateEntitlement so that their change is applied on the same version. If this field is omitted or if there is a mismatch while updating an entitlement, then the server rejects the request.

Parameter
Name Description
var string
Returns
Type Description
$this