Privileged Access Manager API - Module Google::Cloud::PrivilegedAccessManager (v1.0.2)

Reference documentation and code samples for the Privileged Access Manager API module Google::Cloud::PrivilegedAccessManager.

Configure the google-cloud-privileged_access_manager library.

The following configuration parameters are supported:

• credentials (type: String, Hash, Google::Auth::Credentials) - The path to the keyfile as a String, the contents of the keyfile as a Hash, or a Google::Auth::Credentials object.
• lib_name (type: String) - The library name as recorded in instrumentation and logging.
• lib_version (type: String) - The library version as recorded in instrumentation and logging.
• interceptors (type: Array<GRPC::ClientInterceptor>) - An array of interceptors that are run before calls are executed.
• timeout (type: Numeric) - Default timeout in seconds.
• metadata (type: Hash{Symbol=>String}) - Additional headers to be sent with the call.
• retry_policy (type: Hash) - The retry policy. The value is a hash with the following keys:
  • :initial_delay (type: Numeric) - The initial delay in seconds.
  • :max_delay (type: Numeric) - The max delay in seconds.
  • :multiplier (type: Numeric) - The incremental backoff multiplier.
  • :retry_codes (type: Array<String>) - The error codes that should trigger a retry.

Create a new client object for PrivilegedAccessManager.

By default, this returns an instance of Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Client for a gRPC client for version V1 of the API. However, you can specify a different API version by passing it in the version parameter. If the PrivilegedAccessManager service is supported by that API version, and the corresponding gem is available, the appropriate versioned client will be returned. You can also specify a different transport by passing :rest or :grpc in the transport parameter.

Raises an exception if the currently installed versioned client gem for the given API version does not support the given transport of the PrivilegedAccessManager service. You can determine whether the method will succeed by calling PrivilegedAccessManager.privileged_access_manager_available?.

About PrivilegedAccessManager

This API allows customers to manage temporary, request based privileged access to their resources.

It defines the following resource model:

• A collection of Entitlement resources. An entitlement allows configuring (among other things):

  • Some kind of privileged access that users can request.
  • A set of users called requesters who can request this access.
  • A maximum duration for which the access can be requested.
  • An optional approval workflow which must be satisfied before access is granted.

• A collection of Grant resources. A grant is a request by a requester to get the privileged access specified in an entitlement for some duration.

After the approval workflow as specified in the entitlement is satisfied, the specified access is given to the requester. The access is automatically taken back after the requested duration is over.

Determines whether the PrivilegedAccessManager service is supported by the current client. If true, you can retrieve a client object by calling PrivilegedAccessManager.privileged_access_manager. If false, that method will raise an exception. This could happen if the given API version does not exist or does not support the PrivilegedAccessManager service, or if the versioned client gem needs an update to support the PrivilegedAccessManager service.

value: "1.0.2"