Privileged Access Manager V1 API - Class Google::Cloud::PrivilegedAccessManager::V1::Grant (v1.2.0)

Reference documentation and code samples for the Privileged Access Manager V1 API class Google::Cloud::PrivilegedAccessManager::V1::Grant.

A grant represents a request from a user for obtaining the access specified in an entitlement they are eligible for.

Inherits

Object

Extended By

Google::Protobuf::MessageExts::ClassMethods

Includes

Google::Protobuf::MessageExts

Methods

#additional_email_recipients

def additional_email_recipients() -> ::Array<::String>

Returns

(::Array<::String>) — Optional. Additional email addresses to notify for all the actions performed on the grant.

#additional_email_recipients=

def additional_email_recipients=(value) -> ::Array<::String>

Parameter

value (::Array<::String>) — Optional. Additional email addresses to notify for all the actions performed on the grant.

Returns

(::Array<::String>) — Optional. Additional email addresses to notify for all the actions performed on the grant.

#audit_trail

def audit_trail() -> ::Google::Cloud::PrivilegedAccessManager::V1::Grant::AuditTrail

Returns

(::Google::Cloud::PrivilegedAccessManager::V1::Grant::AuditTrail) — Output only. Audit trail of access provided by this grant. If unspecified then access was never granted.

#create_time

def create_time() -> ::Google::Protobuf::Timestamp

Returns

(::Google::Protobuf::Timestamp) — Output only. Create time stamp.

#externally_modified

def externally_modified() -> ::Boolean

Returns

(::Boolean) — Output only. Flag set by the PAM system to indicate that policy bindings made by this grant have been modified from outside PAM.

After it is set, this flag remains set forever irrespective of the grant state. A true value here indicates that PAM no longer has any certainty on the access a user has because of this grant.

#justification

def justification() -> ::Google::Cloud::PrivilegedAccessManager::V1::Justification

Returns

(::Google::Cloud::PrivilegedAccessManager::V1::Justification) — Optional. Justification of why this access is needed.

#justification=

def justification=(value) -> ::Google::Cloud::PrivilegedAccessManager::V1::Justification

Parameter

value (::Google::Cloud::PrivilegedAccessManager::V1::Justification) — Optional. Justification of why this access is needed.

Returns

(::Google::Cloud::PrivilegedAccessManager::V1::Justification) — Optional. Justification of why this access is needed.

#name

def name() -> ::String

Returns

(::String) — Identifier. Name of this grant. Possible formats:
- organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
- folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
- projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
The last segment of this name ({grant-id}) is autogenerated.

#name=

def name=(value) -> ::String

Parameter

value (::String) — Identifier. Name of this grant. Possible formats:
- organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
- folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
- projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
The last segment of this name ({grant-id}) is autogenerated.

Returns

(::String) — Identifier. Name of this grant. Possible formats:
- organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
- folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
- projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
The last segment of this name ({grant-id}) is autogenerated.

#privileged_access

def privileged_access() -> ::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccess

Returns

(::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccess) — Output only. The access that would be granted by this grant.

#requested_duration

def requested_duration() -> ::Google::Protobuf::Duration

Returns

(::Google::Protobuf::Duration) — Required. The amount of time access is needed for. This value should be less than the max_request_duration value of the entitlement.

#requested_duration=

def requested_duration=(value) -> ::Google::Protobuf::Duration

Parameter

value (::Google::Protobuf::Duration) — Required. The amount of time access is needed for. This value should be less than the max_request_duration value of the entitlement.

Returns

(::Google::Protobuf::Duration) — Required. The amount of time access is needed for. This value should be less than the max_request_duration value of the entitlement.

#requester

def requester() -> ::String

Returns

(::String) — Output only. Username of the user who created this grant.

#state

def state() -> ::Google::Cloud::PrivilegedAccessManager::V1::Grant::State

Returns

(::Google::Cloud::PrivilegedAccessManager::V1::Grant::State) — Output only. Current state of this grant.

#timeline

def timeline() -> ::Google::Cloud::PrivilegedAccessManager::V1::Grant::Timeline

Returns

(::Google::Cloud::PrivilegedAccessManager::V1::Grant::Timeline) — Output only. Timeline of this grant.

#update_time

def update_time() -> ::Google::Protobuf::Timestamp

Returns

(::Google::Protobuf::Timestamp) — Output only. Update time stamp.

Privileged Access Manager V1 API - Class Google::Cloud::PrivilegedAccessManager::V1::Grant (v1.2.0) Stay organized with collections Save and categorize content based on your preferences.

Inherits

Extended By

Includes

Methods

#additional_email_recipients

#additional_email_recipients=

#audit_trail

#create_time

#externally_modified

#justification

#justification=

#name

#name=

#privileged_access

#requested_duration

#requested_duration=

#requester

#state

#timeline

#update_time

Privileged Access Manager V1 API - Class Google::Cloud::PrivilegedAccessManager::V1::Grant (v1.2.0)