Google Cloud Security Command Center V1 Client - Class Access (1.13.1)

Reference documentation and code samples for the Google Cloud Security Command Center V1 Client class Access.

Represents an access event.

Generated from protobuf message google.cloud.securitycenter.v1.Access

Methods

__construct

Constructor.

Parameters
Name	Description
`data`	`array` Optional. Data for populating the Message object.
`↳ principal_email`	`string` Associated email, such as "foo@google.com". The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the `principal_subject` field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see Caller identities in audit logs.
`↳ caller_ip`	`string` Caller's IP address, such as "1.1.1.1".
`↳ caller_ip_geo`	`Google\Cloud\SecurityCenter\V1\Geolocation` The caller IP's geolocation, which identifies where the call came from.
`↳ user_agent_family`	`string` What kind of user agent is associated, e.g. operating system shells, embedded or stand-alone applications, etc.
`↳ service_name`	`string` This is the API service that the service account made a call to, e.g. "iam.googleapis.com"
`↳ method_name`	`string` The method that the service account called, e.g. "SetIamPolicy".
`↳ principal_subject`	`string` A string representing the principal_subject associated with the identity. As compared to `principal_email`, supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format will be `principal://iam.googleapis.com/{identity pool name}/subjects/{subject}` except for some GKE identities (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy format `serviceAccount:{identity pool name}[{subject}]`
`↳ service_account_key_name`	`string` The name of the service account key used to create or exchange credentials for authenticating the service account making the request. This is a scheme-less URI full resource name. For example: "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"
`↳ service_account_delegation_info`	`array<Google\Cloud\SecurityCenter\V1\ServiceAccountDelegationInfo>` Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

getPrincipalEmail

Associated email, such as "foo@google.com".

The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the principal_subject field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see Caller identities in audit logs.

Generated from protobuf field string principal_email = 1;

Returns
Type	Description
`string`

setPrincipalEmail

Associated email, such as "foo@google.com".

Generated from protobuf field string principal_email = 1;

Parameter
Name	Description
`var`	`string`

Returns
Type	Description
`$this`

getCallerIp

Caller's IP address, such as "1.1.1.1".

Generated from protobuf field string caller_ip = 2;

Returns
Type	Description
`string`

setCallerIp

Caller's IP address, such as "1.1.1.1".

Generated from protobuf field string caller_ip = 2;

Parameter
Name	Description
`var`	`string`

Returns
Type	Description
`$this`

getCallerIpGeo

The caller IP's geolocation, which identifies where the call came from.

Generated from protobuf field .google.cloud.securitycenter.v1.Geolocation caller_ip_geo = 3;

Returns
Type	Description
`Google\Cloud\SecurityCenter\V1\Geolocation\|null`

hasCallerIpGeo

clearCallerIpGeo

setCallerIpGeo

The caller IP's geolocation, which identifies where the call came from.

Generated from protobuf field .google.cloud.securitycenter.v1.Geolocation caller_ip_geo = 3;

Parameter
Name	Description
`var`	`Google\Cloud\SecurityCenter\V1\Geolocation`

Returns
Type	Description
`$this`

getUserAgentFamily

What kind of user agent is associated, e.g. operating system shells, embedded or stand-alone applications, etc.

Generated from protobuf field string user_agent_family = 4;

Returns
Type	Description
`string`

setUserAgentFamily

What kind of user agent is associated, e.g. operating system shells, embedded or stand-alone applications, etc.

Generated from protobuf field string user_agent_family = 4;

Parameter
Name	Description
`var`	`string`

Returns
Type	Description
`$this`

getServiceName

This is the API service that the service account made a call to, e.g.

"iam.googleapis.com"

Generated from protobuf field string service_name = 5;

Returns
Type	Description
`string`

setServiceName

This is the API service that the service account made a call to, e.g.

"iam.googleapis.com"

Generated from protobuf field string service_name = 5;

Parameter
Name	Description
`var`	`string`

Returns
Type	Description
`$this`

getMethodName

The method that the service account called, e.g. "SetIamPolicy".

Generated from protobuf field string method_name = 6;

Returns
Type	Description
`string`

setMethodName

The method that the service account called, e.g. "SetIamPolicy".

Generated from protobuf field string method_name = 6;

Parameter
Name	Description
`var`	`string`

Returns
Type	Description
`$this`

getPrincipalSubject

A string representing the principal_subject associated with the identity.

As compared to principal_email, supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format will be principal://iam.googleapis.com/{identity pool name}/subjects/{subject} except for some GKE identities (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy format serviceAccount:{identity pool name}[{subject}]

Generated from protobuf field string principal_subject = 7;

Returns
Type	Description
`string`

setPrincipalSubject

A string representing the principal_subject associated with the identity.

Generated from protobuf field string principal_subject = 7;

Parameter
Name	Description
`var`	`string`

Returns
Type	Description
`$this`

getServiceAccountKeyName

The name of the service account key used to create or exchange credentials for authenticating the service account making the request.

This is a scheme-less URI full resource name. For example: "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"

Generated from protobuf field string service_account_key_name = 8;

Returns
Type	Description
`string`

setServiceAccountKeyName

The name of the service account key used to create or exchange credentials for authenticating the service account making the request.

This is a scheme-less URI full resource name. For example: "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"

Generated from protobuf field string service_account_key_name = 8;

Parameter
Name	Description
`var`	`string`

Returns
Type	Description
`$this`

getServiceAccountDelegationInfo

Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

Generated from protobuf field repeated .google.cloud.securitycenter.v1.ServiceAccountDelegationInfo service_account_delegation_info = 9;

Returns
Type	Description
`Google\Protobuf\Internal\RepeatedField`

setServiceAccountDelegationInfo

Generated from protobuf field repeated .google.cloud.securitycenter.v1.ServiceAccountDelegationInfo service_account_delegation_info = 9;

Parameter
Name	Description
`var`	`array<Google\Cloud\SecurityCenter\V1\ServiceAccountDelegationInfo>`

Returns
Type	Description
`$this`