google-cloud-accessapproval overview (2.23.0)

com.google.cloud.accessapproval.v1

A client to Access Approval API

The interfaces provided are listed below, along with usage samples.

AccessApprovalAdminClient

Service Description: This API allows a customer to manage accesses to cloud resources by Google personnel. It defines the following resource model:

- The API has a collection of ApprovalRequest resources, named approvalRequests/{approval_request} - The API has top-level settings per Project/Folder/Organization, named accessApprovalSettings

The service also periodically emails a list of recipients, defined at the Project/Folder/Organization level in the accessApprovalSettings, when there is a pending ApprovalRequest for them to act on. The ApprovalRequests can also optionally be published to a Pub/Sub topic owned by the customer (contact support if you would like to enable Pub/Sub notifications).

ApprovalRequests can be approved or dismissed. Google personnel can only access the indicated resource or resources if the request is approved (subject to some exclusions: https://cloud.google.com/access-approval/docs/overview#exclusions).

Note: Using Access Approval functionality will mean that Google may not be able to meet the SLAs for your chosen products, as any support response times may be dramatically increased. As such the SLAs do not apply to any service disruption to the extent impacted by Customer's use of Access Approval. Do not enable Access Approval for projects where you may require high service availability and rapid response by Google Cloud Support.

After a request is approved or dismissed, no further action may be taken on it. Requests with the requested_expiration in the past or with no activity for 14 days are considered dismissed. When an approval expires, the request is considered dismissed.

If a request is not approved or dismissed, we call it pending.

Sample for AccessApprovalAdminClient:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (AccessApprovalAdminClient accessApprovalAdminClient = AccessApprovalAdminClient.create()) {
   ApprovalRequestName name =
       ApprovalRequestName.ofProjectApprovalRequestName("[PROJECT]", "[APPROVAL_REQUEST]");
   ApprovalRequest response = accessApprovalAdminClient.getApprovalRequest(name);
 }
 

com.google.cloud.accessapproval.v1.stub