public static final class PrivilegedAccessManagerGrpc.PrivilegedAccessManagerFutureStub extends AbstractFutureStub<PrivilegedAccessManagerGrpc.PrivilegedAccessManagerFutureStub>
A stub to allow clients to do ListenableFuture-style rpc calls to service
PrivilegedAccessManager.
This API allows customers to manage temporary, request based privileged
access to their resources.
It defines the following resource model:
- A collection of
Entitlement
resources. An entitlement allows configuring
(among other things):
- Some kind of privileged access that users can request.
- A set of users called requesters who can request this access.
- A maximum duration for which the access can be requested.
- An optional approval workflow which must be satisfied before access is
granted.
- A collection of
Grant
resources. A grant is a request by a requester to
get the privileged access specified in an entitlement for some duration.
After the approval workflow as specified in the entitlement is satisfied,
the specified access is given to the requester. The access is automatically
taken back after the requested duration is over.
Inheritance
java.lang.Object >
io.grpc.stub.AbstractStub >
io.grpc.stub.AbstractFutureStub >
PrivilegedAccessManagerGrpc.PrivilegedAccessManagerFutureStub
Inherited Members
io.grpc.stub.AbstractFutureStub.<T>newStub(io.grpc.stub.AbstractStub.StubFactory<T>,io.grpc.Channel)
io.grpc.stub.AbstractFutureStub.<T>newStub(io.grpc.stub.AbstractStub.StubFactory<T>,io.grpc.Channel,io.grpc.CallOptions)
io.grpc.stub.AbstractStub.<T>withOption(io.grpc.CallOptions.Key<T>,T)
io.grpc.stub.AbstractStub.build(io.grpc.Channel,io.grpc.CallOptions)
io.grpc.stub.AbstractStub.getCallOptions()
io.grpc.stub.AbstractStub.getChannel()
io.grpc.stub.AbstractStub.withCallCredentials(io.grpc.CallCredentials)
io.grpc.stub.AbstractStub.withChannel(io.grpc.Channel)
io.grpc.stub.AbstractStub.withCompression(java.lang.String)
io.grpc.stub.AbstractStub.withDeadline(io.grpc.Deadline)
io.grpc.stub.AbstractStub.withDeadlineAfter(java.time.Duration)
io.grpc.stub.AbstractStub.withDeadlineAfter(long,java.util.concurrent.TimeUnit)
io.grpc.stub.AbstractStub.withExecutor(java.util.concurrent.Executor)
io.grpc.stub.AbstractStub.withInterceptors(io.grpc.ClientInterceptor...)
io.grpc.stub.AbstractStub.withMaxInboundMessageSize(int)
io.grpc.stub.AbstractStub.withMaxOutboundMessageSize(int)
io.grpc.stub.AbstractStub.withOnReadyThreshold(int)
io.grpc.stub.AbstractStub.withWaitForReady()
Methods
approveGrant(ApproveGrantRequest request)
public ListenableFuture<Grant> approveGrant(ApproveGrantRequest request)
ApproveGrant
is used to approve a grant. This method can only be called
on a grant when it's in the APPROVAL_AWAITED
state. This operation can't
be undone.
Returns |
Type |
Description |
com.google.common.util.concurrent.ListenableFuture<Grant> |
|
build(Channel channel, CallOptions callOptions)
protected PrivilegedAccessManagerGrpc.PrivilegedAccessManagerFutureStub build(Channel channel, CallOptions callOptions)
Parameters |
Name |
Description |
channel |
io.grpc.Channel
|
callOptions |
io.grpc.CallOptions
|
Overrides
io.grpc.stub.AbstractStub.build(io.grpc.Channel,io.grpc.CallOptions)
checkOnboardingStatus(CheckOnboardingStatusRequest request)
public ListenableFuture<CheckOnboardingStatusResponse> checkOnboardingStatus(CheckOnboardingStatusRequest request)
CheckOnboardingStatus
reports the onboarding status for a
project/folder/organization. Any findings reported by this API need to be
fixed before PAM can be used on the resource.
createEntitlement(CreateEntitlementRequest request)
public ListenableFuture<Operation> createEntitlement(CreateEntitlementRequest request)
Creates a new entitlement in a given project/folder/organization and
location.
Returns |
Type |
Description |
com.google.common.util.concurrent.ListenableFuture<Operation> |
|
createGrant(CreateGrantRequest request)
public ListenableFuture<Grant> createGrant(CreateGrantRequest request)
Creates a new grant in a given project/folder/organization and
location.
Returns |
Type |
Description |
com.google.common.util.concurrent.ListenableFuture<Grant> |
|
deleteEntitlement(DeleteEntitlementRequest request)
public ListenableFuture<Operation> deleteEntitlement(DeleteEntitlementRequest request)
Deletes a single entitlement. This method can only be called when there
are no in-progress (ACTIVE
/ACTIVATING
/REVOKING
) grants under the
entitlement.
Returns |
Type |
Description |
com.google.common.util.concurrent.ListenableFuture<Operation> |
|
denyGrant(DenyGrantRequest request)
public ListenableFuture<Grant> denyGrant(DenyGrantRequest request)
DenyGrant
is used to deny a grant. This method can only be called on a
grant when it's in the APPROVAL_AWAITED
state. This operation can't be
undone.
Returns |
Type |
Description |
com.google.common.util.concurrent.ListenableFuture<Grant> |
|
getEntitlement(GetEntitlementRequest request)
public ListenableFuture<Entitlement> getEntitlement(GetEntitlementRequest request)
Gets details of a single entitlement.
Returns |
Type |
Description |
com.google.common.util.concurrent.ListenableFuture<Entitlement> |
|
getGrant(GetGrantRequest request)
public ListenableFuture<Grant> getGrant(GetGrantRequest request)
Get details of a single grant.
Returns |
Type |
Description |
com.google.common.util.concurrent.ListenableFuture<Grant> |
|
listEntitlements(ListEntitlementsRequest request)
public ListenableFuture<ListEntitlementsResponse> listEntitlements(ListEntitlementsRequest request)
Lists entitlements in a given project/folder/organization and location.
listGrants(ListGrantsRequest request)
public ListenableFuture<ListGrantsResponse> listGrants(ListGrantsRequest request)
Lists grants for a given entitlement.
Returns |
Type |
Description |
com.google.common.util.concurrent.ListenableFuture<ListGrantsResponse> |
|
revokeGrant(RevokeGrantRequest request)
public ListenableFuture<Operation> revokeGrant(RevokeGrantRequest request)
RevokeGrant
is used to immediately revoke access for a grant. This method
can be called when the grant is in a non-terminal state.
Returns |
Type |
Description |
com.google.common.util.concurrent.ListenableFuture<Operation> |
|
searchEntitlements(SearchEntitlementsRequest request)
public ListenableFuture<SearchEntitlementsResponse> searchEntitlements(SearchEntitlementsRequest request)
SearchEntitlements
returns entitlements on which the caller has the
specified access.
searchGrants(SearchGrantsRequest request)
public ListenableFuture<SearchGrantsResponse> searchGrants(SearchGrantsRequest request)
SearchGrants
returns grants that are related to the calling user in the
specified way.
updateEntitlement(UpdateEntitlementRequest request)
public ListenableFuture<Operation> updateEntitlement(UpdateEntitlementRequest request)
Updates the entitlement specified in the request. Updated fields in the
entitlement need to be specified in an update mask. The changes made to an
entitlement are applicable only on future grants of the entitlement.
However, if new approvers are added or existing approvers are removed from
the approval workflow, the changes are effective on existing grants.
The following fields are not supported for updates:
- All immutable fields
- Entitlement name
- Resource name
- Resource type
- Adding an approval workflow in an entitlement which previously had no
approval workflow.
- Deleting the approval workflow from an entitlement.
- Adding or deleting a step in the approval workflow (only one step is
supported)
Note that updates are allowed on the list of approvers in an approval
workflow step.
Returns |
Type |
Description |
com.google.common.util.concurrent.ListenableFuture<Operation> |
|