Reference documentation and code samples for the Privileged Access Manager V1 API module Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager.
This API allows customers to manage temporary, request based privileged access to their resources.
It defines the following resource model:
A collection of
Entitlement
resources. An entitlement allows configuring (among other things):- Some kind of privileged access that users can request.
- A set of users called requesters who can request this access.
- A maximum duration for which the access can be requested.
- An optional approval workflow which must be satisfied before access is granted.
A collection of
Grant
resources. A grant is a request by a requester to get the privileged access specified in an entitlement for some duration.
After the approval workflow as specified in the entitlement is satisfied, the specified access is given to the requester. The access is automatically taken back after the requested duration is over.
To load this service and instantiate a REST client:
require "google/cloud/privileged_access_manager/v1/privileged_access_manager/rest"
client = ::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new