Reference documentation and code samples for the Privileged Access Manager V1 API class Google::Cloud::PrivilegedAccessManager::V1::Grant.
This is to ensure that the Grants
and ProducerGrants
proto are byte
compatible.
A grant represents a request from a user for obtaining the access specified
in an entitlement they are eligible for.
Inherits
- Object
Extended By
- Google::Protobuf::MessageExts::ClassMethods
Includes
- Google::Protobuf::MessageExts
Methods
#additional_email_recipients
def additional_email_recipients() -> ::Array<::String>
- (::Array<::String>) — Optional. Additional email addresses to notify for all the actions performed on the grant.
#additional_email_recipients=
def additional_email_recipients=(value) -> ::Array<::String>
- value (::Array<::String>) — Optional. Additional email addresses to notify for all the actions performed on the grant.
- (::Array<::String>) — Optional. Additional email addresses to notify for all the actions performed on the grant.
#audit_trail
def audit_trail() -> ::Google::Cloud::PrivilegedAccessManager::V1::Grant::AuditTrail
- (::Google::Cloud::PrivilegedAccessManager::V1::Grant::AuditTrail) — Output only. Audit trail of access provided by this grant. If unspecified then access was never granted.
#create_time
def create_time() -> ::Google::Protobuf::Timestamp
- (::Google::Protobuf::Timestamp) — Output only. Create time stamp.
#externally_modified
def externally_modified() -> ::Boolean
-
(::Boolean) — Output only. Flag set by the PAM system to indicate that policy bindings
made by this grant have been modified from outside PAM.
After it is set, this flag remains set forever irrespective of the grant state. A
true
value here indicates that PAM no longer has any certainty on the access a user has because of this grant.
#justification
def justification() -> ::Google::Cloud::PrivilegedAccessManager::V1::Justification
- (::Google::Cloud::PrivilegedAccessManager::V1::Justification) — Optional. Justification of why this access is needed.
#justification=
def justification=(value) -> ::Google::Cloud::PrivilegedAccessManager::V1::Justification
- value (::Google::Cloud::PrivilegedAccessManager::V1::Justification) — Optional. Justification of why this access is needed.
- (::Google::Cloud::PrivilegedAccessManager::V1::Justification) — Optional. Justification of why this access is needed.
#name
def name() -> ::String
-
(::String) — Identifier. Name of this grant.
Possible formats:
organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
The last segment of this name (
{grant-id}
) is autogenerated.
#name=
def name=(value) -> ::String
-
value (::String) — Identifier. Name of this grant.
Possible formats:
organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
The last segment of this name (
{grant-id}
) is autogenerated.
-
(::String) — Identifier. Name of this grant.
Possible formats:
organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
The last segment of this name (
{grant-id}
) is autogenerated.
#privileged_access
def privileged_access() -> ::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccess
- (::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccess) — Output only. The access that would be granted by this grant.
#requested_duration
def requested_duration() -> ::Google::Protobuf::Duration
-
(::Google::Protobuf::Duration) — Required. The amount of time access is needed for. This value should be
less than the
max_request_duration
value of the entitlement.
#requested_duration=
def requested_duration=(value) -> ::Google::Protobuf::Duration
-
value (::Google::Protobuf::Duration) — Required. The amount of time access is needed for. This value should be
less than the
max_request_duration
value of the entitlement.
-
(::Google::Protobuf::Duration) — Required. The amount of time access is needed for. This value should be
less than the
max_request_duration
value of the entitlement.
#requester
def requester() -> ::String
- (::String) — Output only. Username of the user who created this grant.
#state
def state() -> ::Google::Cloud::PrivilegedAccessManager::V1::Grant::State
- (::Google::Cloud::PrivilegedAccessManager::V1::Grant::State) — Output only. Current state of this grant.
#timeline
def timeline() -> ::Google::Cloud::PrivilegedAccessManager::V1::Grant::Timeline
- (::Google::Cloud::PrivilegedAccessManager::V1::Grant::Timeline) — Output only. Timeline of this grant.
#update_time
def update_time() -> ::Google::Protobuf::Timestamp
- (::Google::Protobuf::Timestamp) — Output only. Update time stamp.