Common Protos for Google Cloud APIs Client - Class AuthenticationInfo (0.3.8)

Reference documentation and code samples for the Common Protos for Google Cloud APIs Client class AuthenticationInfo.

Authentication information for the operation.

Generated from protobuf message google.cloud.audit.AuthenticationInfo

Methods

__construct

Constructor.

Parameters
NameDescription
data array

Optional. Data for populating the Message object.

↳ principal_email string

The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the principal_subject field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see https://cloud.google.com/logging/docs/audit#user-id.

↳ authority_selector string

The authority selector specified by the requestor, if any. It is not guaranteed that the principal was allowed to use this authority.

↳ third_party_principal Google\Protobuf\Struct

The third party identification (if any) of the authenticated user making the request. When the JSON object represented here has a proto equivalent, the proto name will be indicated in the @type property.

↳ service_account_key_name string

The name of the service account key used to create or exchange credentials for authenticating the service account making the request. This is a scheme-less URI full resource name. For example: "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"

↳ service_account_delegation_info array<Google\Cloud\Audit\ServiceAccountDelegationInfo>

Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

↳ principal_subject string

String representation of identity of requesting party. Populated for both first and third party identities.

getPrincipalEmail

The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the principal_subject field is populated instead of this field.

For privacy reasons, the principal email address is sometimes redacted. For more information, see https://cloud.google.com/logging/docs/audit#user-id.

Returns
TypeDescription
string

setPrincipalEmail

The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the principal_subject field is populated instead of this field.

For privacy reasons, the principal email address is sometimes redacted. For more information, see https://cloud.google.com/logging/docs/audit#user-id.

Parameter
NameDescription
var string
Returns
TypeDescription
$this

getAuthoritySelector

The authority selector specified by the requestor, if any.

It is not guaranteed that the principal was allowed to use this authority.

Returns
TypeDescription
string

setAuthoritySelector

The authority selector specified by the requestor, if any.

It is not guaranteed that the principal was allowed to use this authority.

Parameter
NameDescription
var string
Returns
TypeDescription
$this

getThirdPartyPrincipal

The third party identification (if any) of the authenticated user making the request.

When the JSON object represented here has a proto equivalent, the proto name will be indicated in the @type property.

Returns
TypeDescription
Google\Protobuf\Struct|null

hasThirdPartyPrincipal

clearThirdPartyPrincipal

setThirdPartyPrincipal

The third party identification (if any) of the authenticated user making the request.

When the JSON object represented here has a proto equivalent, the proto name will be indicated in the @type property.

Parameter
NameDescription
var Google\Protobuf\Struct
Returns
TypeDescription
$this

getServiceAccountKeyName

The name of the service account key used to create or exchange credentials for authenticating the service account making the request.

This is a scheme-less URI full resource name. For example: "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"

Returns
TypeDescription
string

setServiceAccountKeyName

The name of the service account key used to create or exchange credentials for authenticating the service account making the request.

This is a scheme-less URI full resource name. For example: "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"

Parameter
NameDescription
var string
Returns
TypeDescription
$this

getServiceAccountDelegationInfo

Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

Returns
TypeDescription
Google\Protobuf\Internal\RepeatedField

setServiceAccountDelegationInfo

Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

Parameter
NameDescription
var array<Google\Cloud\Audit\ServiceAccountDelegationInfo>
Returns
TypeDescription
$this

getPrincipalSubject

String representation of identity of requesting party.

Populated for both first and third party identities.

Returns
TypeDescription
string

setPrincipalSubject

String representation of identity of requesting party.

Populated for both first and third party identities.

Parameter
NameDescription
var string
Returns
TypeDescription
$this