Google Cloud Privileged Access Manager V1 Client - Class Grant (0.1.2)

Reference documentation and code samples for the Google Cloud Privileged Access Manager V1 Client class Grant.

A grant represents a request from a user for obtaining the access specified in an entitlement they are eligible for.

Generated from protobuf message google.cloud.privilegedaccessmanager.v1.Grant

Namespace

Google \ Cloud \ PrivilegedAccessManager \ V1

Methods

__construct

Constructor.

Parameters
Name Description
data array

Optional. Data for populating the Message object.

↳ name string

Identifier. Name of this grant. Possible formats: * * organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id} * * folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id} * * projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id} The last segment of this name ({grant-id}) is autogenerated.

↳ create_time Google\Protobuf\Timestamp

Output only. Create time stamp.

↳ update_time Google\Protobuf\Timestamp

Output only. Update time stamp.

↳ requester string

Output only. Username of the user who created this grant.

↳ requested_duration Google\Protobuf\Duration

Required. The amount of time access is needed for. This value should be less than the max_request_duration value of the entitlement.

↳ justification Justification

Optional. Justification of why this access is needed.

↳ state int

Output only. Current state of this grant.

↳ timeline Grant\Timeline

Output only. Timeline of this grant.

↳ privileged_access PrivilegedAccess

Output only. The access that would be granted by this grant.

↳ audit_trail Grant\AuditTrail

Output only. Audit trail of access provided by this grant. If unspecified then access was never granted.

↳ additional_email_recipients array

Optional. Additional email addresses to notify for all the actions performed on the grant.

↳ externally_modified bool

Output only. Flag set by the PAM system to indicate that policy bindings made by this grant have been modified from outside PAM. After it is set, this flag remains set forever irrespective of the grant state. A true value here indicates that PAM no longer has any certainty on the access a user has because of this grant.

getName

Identifier. Name of this grant.

Possible formats:

  • organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
  • folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
  • projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id} The last segment of this name ({grant-id}) is autogenerated.
Returns
Type Description
string

setName

Identifier. Name of this grant.

Possible formats:

  • organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
  • folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
  • projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id} The last segment of this name ({grant-id}) is autogenerated.
Parameter
Name Description
var string
Returns
Type Description
$this

getCreateTime

Output only. Create time stamp.

Returns
Type Description
Google\Protobuf\Timestamp|null

hasCreateTime

clearCreateTime

setCreateTime

Output only. Create time stamp.

Parameter
Name Description
var Google\Protobuf\Timestamp
Returns
Type Description
$this

getUpdateTime

Output only. Update time stamp.

Returns
Type Description
Google\Protobuf\Timestamp|null

hasUpdateTime

clearUpdateTime

setUpdateTime

Output only. Update time stamp.

Parameter
Name Description
var Google\Protobuf\Timestamp
Returns
Type Description
$this

getRequester

Output only. Username of the user who created this grant.

Returns
Type Description
string

setRequester

Output only. Username of the user who created this grant.

Parameter
Name Description
var string
Returns
Type Description
$this

getRequestedDuration

Required. The amount of time access is needed for. This value should be less than the max_request_duration value of the entitlement.

Returns
Type Description
Google\Protobuf\Duration|null

hasRequestedDuration

clearRequestedDuration

setRequestedDuration

Required. The amount of time access is needed for. This value should be less than the max_request_duration value of the entitlement.

Parameter
Name Description
var Google\Protobuf\Duration
Returns
Type Description
$this

getJustification

Optional. Justification of why this access is needed.

Returns
Type Description
Justification|null

hasJustification

clearJustification

setJustification

Optional. Justification of why this access is needed.

Parameter
Name Description
var Justification
Returns
Type Description
$this

getState

Output only. Current state of this grant.

Returns
Type Description
int

setState

Output only. Current state of this grant.

Parameter
Name Description
var int
Returns
Type Description
$this

getTimeline

Output only. Timeline of this grant.

Returns
Type Description
Grant\Timeline|null

hasTimeline

clearTimeline

setTimeline

Output only. Timeline of this grant.

Parameter
Name Description
var Grant\Timeline
Returns
Type Description
$this

getPrivilegedAccess

Output only. The access that would be granted by this grant.

Returns
Type Description
PrivilegedAccess|null

hasPrivilegedAccess

clearPrivilegedAccess

setPrivilegedAccess

Output only. The access that would be granted by this grant.

Parameter
Name Description
var PrivilegedAccess
Returns
Type Description
$this

getAuditTrail

Output only. Audit trail of access provided by this grant. If unspecified then access was never granted.

Returns
Type Description
Grant\AuditTrail|null

hasAuditTrail

clearAuditTrail

setAuditTrail

Output only. Audit trail of access provided by this grant. If unspecified then access was never granted.

Parameter
Name Description
var Grant\AuditTrail
Returns
Type Description
$this

getAdditionalEmailRecipients

Optional. Additional email addresses to notify for all the actions performed on the grant.

Returns
Type Description
Google\Protobuf\Internal\RepeatedField

setAdditionalEmailRecipients

Optional. Additional email addresses to notify for all the actions performed on the grant.

Parameter
Name Description
var string[]
Returns
Type Description
$this

getExternallyModified

Output only. Flag set by the PAM system to indicate that policy bindings made by this grant have been modified from outside PAM.

After it is set, this flag remains set forever irrespective of the grant state. A true value here indicates that PAM no longer has any certainty on the access a user has because of this grant.

Returns
Type Description
bool

setExternallyModified

Output only. Flag set by the PAM system to indicate that policy bindings made by this grant have been modified from outside PAM.

After it is set, this flag remains set forever irrespective of the grant state. A true value here indicates that PAM no longer has any certainty on the access a user has because of this grant.

Parameter
Name Description
var bool
Returns
Type Description
$this