Class ManualApprovals (0.1.5)

ManualApprovals(mapping=None, *, ignore_unknown_fields=False, **kwargs)

A manual approval workflow where users who are designated as approvers need to call the ApproveGrant/DenyGrant APIs for a grant. The workflow can consist of multiple serial steps where each step defines who can act as approver in that step and how many of those users should approve before the workflow moves to the next step.

This can be used to create approval workflows such as:

  • Require an approval from any user in a group G.
  • Require an approval from any k number of users from a Group G.
  • Require an approval from any user in a group G and then from a user U.

A single user might be part of the approvers ACL for multiple steps in this workflow, but they can only approve once and that approval is only considered to satisfy the approval step at which it was granted.

Attributes

Name Description
require_approver_justification bool
Optional. Do the approvers need to provide a justification for their actions?
steps MutableSequence[google.cloud.privilegedaccessmanager_v1.types.ManualApprovals.Step]
Optional. List of approval steps in this workflow. These steps are followed in the specified order sequentially. Only 1 step is supported.

Classes

Step

Step(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Step represents a logical step in a manual approval workflow.