Reference documentation and code samples for the Google Cloud Privileged Access Manager V1 Client class Grant.
A grant represents a request from a user for obtaining the access specified in an entitlement they are eligible for.
Generated from protobuf message google.cloud.privilegedaccessmanager.v1.Grant
Namespace
Google \ Cloud \ PrivilegedAccessManager \ V1Methods
__construct
Constructor.
Parameters | |
---|---|
Name | Description |
data |
array
Optional. Data for populating the Message object. |
↳ name |
string
Identifier. Name of this grant. Possible formats: * * |
↳ create_time |
Google\Protobuf\Timestamp
Output only. Create time stamp. |
↳ update_time |
Google\Protobuf\Timestamp
Output only. Update time stamp. |
↳ requester |
string
Output only. Username of the user who created this grant. |
↳ requested_duration |
Google\Protobuf\Duration
Required. The amount of time access is needed for. This value should be less than the |
↳ justification |
Justification
Optional. Justification of why this access is needed. |
↳ state |
int
Output only. Current state of this grant. |
↳ timeline |
Grant\Timeline
Output only. Timeline of this grant. |
↳ privileged_access |
PrivilegedAccess
Output only. The access that would be granted by this grant. |
↳ audit_trail |
Grant\AuditTrail
Output only. Audit trail of access provided by this grant. If unspecified then access was never granted. |
↳ additional_email_recipients |
array
Optional. Additional email addresses to notify for all the actions performed on the grant. |
↳ externally_modified |
bool
Output only. Flag set by the PAM system to indicate that policy bindings made by this grant have been modified from outside PAM. After it is set, this flag remains set forever irrespective of the grant state. A |
getName
Identifier. Name of this grant.
Possible formats:
organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
The last segment of this name ({grant-id}
) is autogenerated.
Returns | |
---|---|
Type | Description |
string |
setName
Identifier. Name of this grant.
Possible formats:
organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
The last segment of this name ({grant-id}
) is autogenerated.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getCreateTime
Output only. Create time stamp.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Timestamp|null |
hasCreateTime
clearCreateTime
setCreateTime
Output only. Create time stamp.
Parameter | |
---|---|
Name | Description |
var |
Google\Protobuf\Timestamp
|
Returns | |
---|---|
Type | Description |
$this |
getUpdateTime
Output only. Update time stamp.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Timestamp|null |
hasUpdateTime
clearUpdateTime
setUpdateTime
Output only. Update time stamp.
Parameter | |
---|---|
Name | Description |
var |
Google\Protobuf\Timestamp
|
Returns | |
---|---|
Type | Description |
$this |
getRequester
Output only. Username of the user who created this grant.
Returns | |
---|---|
Type | Description |
string |
setRequester
Output only. Username of the user who created this grant.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getRequestedDuration
Required. The amount of time access is needed for. This value should be
less than the max_request_duration
value of the entitlement.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Duration|null |
hasRequestedDuration
clearRequestedDuration
setRequestedDuration
Required. The amount of time access is needed for. This value should be
less than the max_request_duration
value of the entitlement.
Parameter | |
---|---|
Name | Description |
var |
Google\Protobuf\Duration
|
Returns | |
---|---|
Type | Description |
$this |
getJustification
Optional. Justification of why this access is needed.
Returns | |
---|---|
Type | Description |
Justification|null |
hasJustification
clearJustification
setJustification
Optional. Justification of why this access is needed.
Parameter | |
---|---|
Name | Description |
var |
Justification
|
Returns | |
---|---|
Type | Description |
$this |
getState
Output only. Current state of this grant.
Returns | |
---|---|
Type | Description |
int |
setState
Output only. Current state of this grant.
Parameter | |
---|---|
Name | Description |
var |
int
|
Returns | |
---|---|
Type | Description |
$this |
getTimeline
Output only. Timeline of this grant.
Returns | |
---|---|
Type | Description |
Grant\Timeline|null |
hasTimeline
clearTimeline
setTimeline
Output only. Timeline of this grant.
Parameter | |
---|---|
Name | Description |
var |
Grant\Timeline
|
Returns | |
---|---|
Type | Description |
$this |
getPrivilegedAccess
Output only. The access that would be granted by this grant.
Returns | |
---|---|
Type | Description |
PrivilegedAccess|null |
hasPrivilegedAccess
clearPrivilegedAccess
setPrivilegedAccess
Output only. The access that would be granted by this grant.
Parameter | |
---|---|
Name | Description |
var |
PrivilegedAccess
|
Returns | |
---|---|
Type | Description |
$this |
getAuditTrail
Output only. Audit trail of access provided by this grant. If unspecified then access was never granted.
Returns | |
---|---|
Type | Description |
Grant\AuditTrail|null |
hasAuditTrail
clearAuditTrail
setAuditTrail
Output only. Audit trail of access provided by this grant. If unspecified then access was never granted.
Parameter | |
---|---|
Name | Description |
var |
Grant\AuditTrail
|
Returns | |
---|---|
Type | Description |
$this |
getAdditionalEmailRecipients
Optional. Additional email addresses to notify for all the actions performed on the grant.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Internal\RepeatedField |
setAdditionalEmailRecipients
Optional. Additional email addresses to notify for all the actions performed on the grant.
Parameter | |
---|---|
Name | Description |
var |
string[]
|
Returns | |
---|---|
Type | Description |
$this |
getExternallyModified
Output only. Flag set by the PAM system to indicate that policy bindings made by this grant have been modified from outside PAM.
After it is set, this flag remains set forever irrespective of the grant
state. A true
value here indicates that PAM no longer has any certainty
on the access a user has because of this grant.
Returns | |
---|---|
Type | Description |
bool |
setExternallyModified
Output only. Flag set by the PAM system to indicate that policy bindings made by this grant have been modified from outside PAM.
After it is set, this flag remains set forever irrespective of the grant
state. A true
value here indicates that PAM no longer has any certainty
on the access a user has because of this grant.
Parameter | |
---|---|
Name | Description |
var |
bool
|
Returns | |
---|---|
Type | Description |
$this |