Resource: Grant
A grant represents a request from a user for obtaining the access specified in an entitlement they are eligible for.
JSON representation |
---|
{ "name": string, "createTime": string, "updateTime": string, "requester": string, "requestedDuration": string, "justification": { object ( |
Fields | |
---|---|
name |
Identifier. Name of this grant. Possible formats:
The last segment of this name ( |
createTime |
Output only. Create time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
updateTime |
Output only. Update time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
requester |
Output only. Username of the user who created this grant. |
requestedDuration |
Required. The amount of time access is needed for. This value should be less than the A duration in seconds with up to nine fractional digits, ending with ' |
justification |
Optional. Justification of why this access is needed. |
state |
Output only. Current state of this grant. |
timeline |
Output only. Timeline of this grant. |
privilegedAccess |
Output only. The access that would be granted by this grant. |
auditTrail |
Output only. Audit trail of access provided by this grant. If unspecified then access was never granted. |
additionalEmailRecipients[] |
Optional. Additional email addresses to notify for all the actions performed on the grant. |
externallyModified |
Output only. Flag set by the PAM system to indicate that policy bindings made by this grant have been modified from outside PAM. After it is set, this flag remains set forever irrespective of the grant state. A |
Methods |
|
---|---|
|
ApproveGrant is used to approve a grant. |
|
Creates a new grant in a given project/folder/organization and location. |
|
DenyGrant is used to deny a grant. |
|
Get details of a single grant. |
|
Lists grants for a given entitlement. |
|
RevokeGrant is used to immediately revoke access for a grant. |
|
SearchGrants returns grants that are related to the calling user in the specified way. |