Access(mapping=None, *, ignore_unknown_fields=False, **kwargs)Represents an access event.
Attributes |
|
|---|---|
| Name | Description |
principal_email |
str
Associated email, such as "foo@google.com". The email address of the authenticated user or a service account acting on behalf of a third party principal making the request. For third party identity callers, the principal_subject field is populated instead of this
field. For privacy reasons, the principal email address is
sometimes redacted. For more information, see `Caller
identities in audit
logs |
caller_ip |
str
Caller's IP address, such as "1.1.1.1". |
caller_ip_geo |
google.cloud.securitycenter_v2.types.Geolocation
The caller IP's geolocation, which identifies where the call came from. |
user_agent_family |
str
Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application. |
user_agent |
str
The caller's user agent string associated with the finding. |
service_name |
str
This is the API service that the service account made a call to, e.g. "iam.googleapis.com". |
method_name |
str
The method that the service account called, e.g. "SetIamPolicy". |
principal_subject |
str
A string that represents the principal_subject that is associated with the identity. Unlike principal_email,
principal_subject supports principals that aren't
associated with email addresses, such as third party
principals. For most identities, the format is
principal://iam.googleapis.com/{identity pool name}/subject/{subject}.
Some GKE identities, such as GKE_WORKLOAD, FREEFORM, and
GKE_HUB_WORKLOAD, still use the legacy format
serviceAccount:{identity pool name}[{subject}].
|
service_account_key_name |
str
The name of the service account key that was used to create or exchange credentials when authenticating the service account that made the request. This is a scheme-less URI full resource name. For example: "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}". |
service_account_delegation_info |
MutableSequence[google.cloud.securitycenter_v2.types.ServiceAccountDelegationInfo]
The identity delegation history of an authenticated service account that made the request. The serviceAccountDelegationInfo[] object contains
information about the real authorities that try to access
Google Cloud resources by delegating on a service account.
When multiple authorities are present, they are guaranteed
to be sorted based on the original ordering of the identity
delegation events.
|
user_name |
str
A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username. |