Reference documentation and code samples for the Privileged Access Manager V1 API class Google::Cloud::PrivilegedAccessManager::V1::Entitlement.
An entitlement defines the eligibility of a set of users to obtain predefined access for some time possibly after going through an approval workflow.
Inherits
- Object
Extended By
- Google::Protobuf::MessageExts::ClassMethods
Includes
- Google::Protobuf::MessageExts
Methods
#additional_notification_targets
def additional_notification_targets() -> ::Google::Cloud::PrivilegedAccessManager::V1::Entitlement::AdditionalNotificationTargets
- (::Google::Cloud::PrivilegedAccessManager::V1::Entitlement::AdditionalNotificationTargets) — Optional. Additional email addresses to be notified based on actions taken.
#additional_notification_targets=
def additional_notification_targets=(value) -> ::Google::Cloud::PrivilegedAccessManager::V1::Entitlement::AdditionalNotificationTargets
- value (::Google::Cloud::PrivilegedAccessManager::V1::Entitlement::AdditionalNotificationTargets) — Optional. Additional email addresses to be notified based on actions taken.
- (::Google::Cloud::PrivilegedAccessManager::V1::Entitlement::AdditionalNotificationTargets) — Optional. Additional email addresses to be notified based on actions taken.
#approval_workflow
def approval_workflow() -> ::Google::Cloud::PrivilegedAccessManager::V1::ApprovalWorkflow
- (::Google::Cloud::PrivilegedAccessManager::V1::ApprovalWorkflow) — Optional. The approvals needed before access are granted to a requester. No approvals are needed if this field is null.
#approval_workflow=
def approval_workflow=(value) -> ::Google::Cloud::PrivilegedAccessManager::V1::ApprovalWorkflow
- value (::Google::Cloud::PrivilegedAccessManager::V1::ApprovalWorkflow) — Optional. The approvals needed before access are granted to a requester. No approvals are needed if this field is null.
- (::Google::Cloud::PrivilegedAccessManager::V1::ApprovalWorkflow) — Optional. The approvals needed before access are granted to a requester. No approvals are needed if this field is null.
#create_time
def create_time() -> ::Google::Protobuf::Timestamp
- (::Google::Protobuf::Timestamp) — Output only. Create time stamp.
#eligible_users
def eligible_users() -> ::Array<::Google::Cloud::PrivilegedAccessManager::V1::AccessControlEntry>
- (::Array<::Google::Cloud::PrivilegedAccessManager::V1::AccessControlEntry>) — Optional. Who can create grants using this entitlement. This list should contain at most one entry.
#eligible_users=
def eligible_users=(value) -> ::Array<::Google::Cloud::PrivilegedAccessManager::V1::AccessControlEntry>
- value (::Array<::Google::Cloud::PrivilegedAccessManager::V1::AccessControlEntry>) — Optional. Who can create grants using this entitlement. This list should contain at most one entry.
- (::Array<::Google::Cloud::PrivilegedAccessManager::V1::AccessControlEntry>) — Optional. Who can create grants using this entitlement. This list should contain at most one entry.
#etag
def etag() -> ::String
-
(::String) — An
etag
is used for optimistic concurrency control as a way to prevent simultaneous updates to the same entitlement. Anetag
is returned in the response toGetEntitlement
and the caller should put theetag
in the request toUpdateEntitlement
so that their change is applied on the same version. If this field is omitted or if there is a mismatch while updating an entitlement, then the server rejects the request.
#etag=
def etag=(value) -> ::String
-
value (::String) — An
etag
is used for optimistic concurrency control as a way to prevent simultaneous updates to the same entitlement. Anetag
is returned in the response toGetEntitlement
and the caller should put theetag
in the request toUpdateEntitlement
so that their change is applied on the same version. If this field is omitted or if there is a mismatch while updating an entitlement, then the server rejects the request.
-
(::String) — An
etag
is used for optimistic concurrency control as a way to prevent simultaneous updates to the same entitlement. Anetag
is returned in the response toGetEntitlement
and the caller should put theetag
in the request toUpdateEntitlement
so that their change is applied on the same version. If this field is omitted or if there is a mismatch while updating an entitlement, then the server rejects the request.
#max_request_duration
def max_request_duration() -> ::Google::Protobuf::Duration
- (::Google::Protobuf::Duration) — Required. The maximum amount of time that access is granted for a request. A requester can ask for a duration less than this, but never more.
#max_request_duration=
def max_request_duration=(value) -> ::Google::Protobuf::Duration
- value (::Google::Protobuf::Duration) — Required. The maximum amount of time that access is granted for a request. A requester can ask for a duration less than this, but never more.
- (::Google::Protobuf::Duration) — Required. The maximum amount of time that access is granted for a request. A requester can ask for a duration less than this, but never more.
#name
def name() -> ::String
-
(::String) —
Identifier. Name of the entitlement. Possible formats:
organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}
folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}
projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}
#name=
def name=(value) -> ::String
-
value (::String) —
Identifier. Name of the entitlement. Possible formats:
organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}
folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}
projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}
-
(::String) —
Identifier. Name of the entitlement. Possible formats:
organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}
folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}
projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}
#privileged_access
def privileged_access() -> ::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccess
- (::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccess) — The access granted to a requester on successful approval.
#privileged_access=
def privileged_access=(value) -> ::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccess
- value (::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccess) — The access granted to a requester on successful approval.
- (::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccess) — The access granted to a requester on successful approval.
#requester_justification_config
def requester_justification_config() -> ::Google::Cloud::PrivilegedAccessManager::V1::Entitlement::RequesterJustificationConfig
- (::Google::Cloud::PrivilegedAccessManager::V1::Entitlement::RequesterJustificationConfig) — Required. The manner in which the requester should provide a justification for requesting access.
#requester_justification_config=
def requester_justification_config=(value) -> ::Google::Cloud::PrivilegedAccessManager::V1::Entitlement::RequesterJustificationConfig
- value (::Google::Cloud::PrivilegedAccessManager::V1::Entitlement::RequesterJustificationConfig) — Required. The manner in which the requester should provide a justification for requesting access.
- (::Google::Cloud::PrivilegedAccessManager::V1::Entitlement::RequesterJustificationConfig) — Required. The manner in which the requester should provide a justification for requesting access.
#state
def state() -> ::Google::Cloud::PrivilegedAccessManager::V1::Entitlement::State
- (::Google::Cloud::PrivilegedAccessManager::V1::Entitlement::State) — Output only. Current state of this entitlement.
#update_time
def update_time() -> ::Google::Protobuf::Timestamp
- (::Google::Protobuf::Timestamp) — Output only. Update time stamp.