Class KeyAccessJustificationsPolicy (3.2.0)

KeyAccessJustificationsPolicy(
    mapping=None, *, ignore_unknown_fields=False, **kwargs
)

A KeyAccessJustificationsPolicy specifies zero or more allowed AccessReason values for encrypt, decrypt, and sign operations on a CryptoKey.

Attribute

Name Description
allowed_access_reasons MutableSequence[google.cloud.kms_v1.types.AccessReason]
The list of allowed reasons for access to a CryptoKey. Zero allowed access reasons means all encrypt, decrypt, and sign operations for the CryptoKey associated with this policy will fail.