Class AccessApprovalGrpc.AccessApprovalBlockingStub (2.36.0)

public static final class AccessApprovalGrpc.AccessApprovalBlockingStub extends AbstractBlockingStub<AccessApprovalGrpc.AccessApprovalBlockingStub>

A stub to allow clients to do synchronous rpc calls to service AccessApproval.

This API allows a customer to manage accesses to cloud resources by Google personnel. It defines the following resource model:

  • The API has a collection of ApprovalRequest resources, named approvalRequests/{approval_request}
  • The API has top-level settings per Project/Folder/Organization, named accessApprovalSettings The service also periodically emails a list of recipients, defined at the Project/Folder/Organization level in the accessApprovalSettings, when there is a pending ApprovalRequest for them to act on. The ApprovalRequests can also optionally be published to a Pub/Sub topic owned by the customer (contact support if you would like to enable Pub/Sub notifications). ApprovalRequests can be approved or dismissed. Google personnel can only access the indicated resource or resources if the request is approved (subject to some exclusions: https://cloud.google.com/access-approval/docs/overview#exclusions). Note: Using Access Approval functionality will mean that Google may not be able to meet the SLAs for your chosen products, as any support response times may be dramatically increased. As such the SLAs do not apply to any service disruption to the extent impacted by Customer's use of Access Approval. Do not enable Access Approval for projects where you may require high service availability and rapid response by Google Cloud Support. After a request is approved or dismissed, no further action may be taken on it. Requests with the requested_expiration in the past or with no activity for 14 days are considered dismissed. When an approval expires, the request is considered dismissed. If a request is not approved or dismissed, we call it pending.

Inheritance

java.lang.Object > io.grpc.stub.AbstractStub > io.grpc.stub.AbstractBlockingStub > AccessApprovalGrpc.AccessApprovalBlockingStub

Methods

approveApprovalRequest(ApproveApprovalRequestMessage request)

public ApprovalRequest approveApprovalRequest(ApproveApprovalRequestMessage request)

Approves a request and returns the updated ApprovalRequest. Returns NOT_FOUND if the request does not exist. Returns FAILED_PRECONDITION if the request exists but is not in a pending state.

Parameter
NameDescription
requestApproveApprovalRequestMessage
Returns
TypeDescription
ApprovalRequest

build(Channel channel, CallOptions callOptions)

protected AccessApprovalGrpc.AccessApprovalBlockingStub build(Channel channel, CallOptions callOptions)
Parameters
NameDescription
channelio.grpc.Channel
callOptionsio.grpc.CallOptions
Returns
TypeDescription
AccessApprovalGrpc.AccessApprovalBlockingStub
Overrides
io.grpc.stub.AbstractStub.build(io.grpc.Channel,io.grpc.CallOptions)

deleteAccessApprovalSettings(DeleteAccessApprovalSettingsMessage request)

public Empty deleteAccessApprovalSettings(DeleteAccessApprovalSettingsMessage request)

Deletes the settings associated with a project, folder, or organization. This will have the effect of disabling Access Approval for the project, folder, or organization, but only if all ancestors also have Access Approval disabled. If Access Approval is enabled at a higher level of the hierarchy, then Access Approval will still be enabled at this level as the settings are inherited.

Parameter
NameDescription
requestDeleteAccessApprovalSettingsMessage
Returns
TypeDescription
Empty

dismissApprovalRequest(DismissApprovalRequestMessage request)

public ApprovalRequest dismissApprovalRequest(DismissApprovalRequestMessage request)

Dismisses a request. Returns the updated ApprovalRequest. NOTE: This does not deny access to the resource if another request has been made and approved. It is equivalent in effect to ignoring the request altogether. Returns NOT_FOUND if the request does not exist. Returns FAILED_PRECONDITION if the request exists but is not in a pending state.

Parameter
NameDescription
requestDismissApprovalRequestMessage
Returns
TypeDescription
ApprovalRequest

getAccessApprovalServiceAccount(GetAccessApprovalServiceAccountMessage request)

public AccessApprovalServiceAccount getAccessApprovalServiceAccount(GetAccessApprovalServiceAccountMessage request)

Retrieves the service account that is used by Access Approval to access KMS keys for signing approved approval requests.

Parameter
NameDescription
requestGetAccessApprovalServiceAccountMessage
Returns
TypeDescription
AccessApprovalServiceAccount

getAccessApprovalSettings(GetAccessApprovalSettingsMessage request)

public AccessApprovalSettings getAccessApprovalSettings(GetAccessApprovalSettingsMessage request)

Gets the settings associated with a project, folder, or organization.

Parameter
NameDescription
requestGetAccessApprovalSettingsMessage
Returns
TypeDescription
AccessApprovalSettings

getApprovalRequest(GetApprovalRequestMessage request)

public ApprovalRequest getApprovalRequest(GetApprovalRequestMessage request)

Gets an approval request. Returns NOT_FOUND if the request does not exist.

Parameter
NameDescription
requestGetApprovalRequestMessage
Returns
TypeDescription
ApprovalRequest

invalidateApprovalRequest(InvalidateApprovalRequestMessage request)

public ApprovalRequest invalidateApprovalRequest(InvalidateApprovalRequestMessage request)

Invalidates an existing ApprovalRequest. Returns the updated ApprovalRequest. NOTE: This does not deny access to the resource if another request has been made and approved. It only invalidates a single approval. Returns FAILED_PRECONDITION if the request exists but is not in an approved state.

Parameter
NameDescription
requestInvalidateApprovalRequestMessage
Returns
TypeDescription
ApprovalRequest

listApprovalRequests(ListApprovalRequestsMessage request)

public ListApprovalRequestsResponse listApprovalRequests(ListApprovalRequestsMessage request)

Lists approval requests associated with a project, folder, or organization. Approval requests can be filtered by state (pending, active, dismissed). The order is reverse chronological.

Parameter
NameDescription
requestListApprovalRequestsMessage
Returns
TypeDescription
ListApprovalRequestsResponse

updateAccessApprovalSettings(UpdateAccessApprovalSettingsMessage request)

public AccessApprovalSettings updateAccessApprovalSettings(UpdateAccessApprovalSettingsMessage request)

Updates the settings associated with a project, folder, or organization. Settings to update are determined by the value of field_mask.

Parameter
NameDescription
requestUpdateAccessApprovalSettingsMessage
Returns
TypeDescription
AccessApprovalSettings