- 1.39.0 (latest)
- 1.38.0
- 1.37.0
- 1.36.0
- 1.35.1
- 1.33.1
- 1.32.1
- 1.31.0
- 1.30.1
- 1.29.0
- 1.28.0
- 1.27.0
- 1.26.1
- 1.25.0
- 1.24.1
- 1.23.2
- 1.22.0
- 1.21.0
- 1.20.0
- 1.19.1
- 1.18.2
- 1.17.0
- 1.16.2
- 1.15.0
- 1.14.0
- 1.13.0
- 1.12.0
- 1.11.1
- 1.10.0
- 1.9.0
- 1.8.0
- 1.7.0
- 1.6.0
- 1.5.2
- 1.4.0
- 1.3.1
- 1.2.0
- 1.1.0
- 1.0.0
- 0.7.3
- 0.6.0
- 0.5.0
- 0.4.0
- 0.3.0
Access(mapping=None, *, ignore_unknown_fields=False, **kwargs)Represents an access event.
Attributes |
|
|---|---|
| Name | Description |
principal_email |
str
Associated email, such as "foo@google.com". The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the principal_subject field is populated instead of this
field. For privacy reasons, the principal email address is
sometimes redacted. For more information, see `Caller
identities in audit
logs |
caller_ip |
str
Caller's IP address, such as "1.1.1.1". |
caller_ip_geo |
google.cloud.securitycenter_v1.types.Geolocation
The caller IP's geolocation, which identifies where the call came from. |
user_agent_family |
str
What kind of user agent is associated, e.g. operating system shells, embedded or stand-alone applications, etc. |
service_name |
str
This is the API service that the service account made a call to, e.g. "iam.googleapis.com". |
method_name |
str
The method that the service account called, e.g. "SetIamPolicy". |
principal_subject |
str
A string representing the principal_subject associated with the identity. As compared to principal_email, supports
principals that aren't associated with email addresses, such
as third party principals. For most identities, the format
will be
principal://iam.googleapis.com/{identity pool name}/subjects/{subject}
except for some GKE identities (GKE_WORKLOAD, FREEFORM,
GKE_HUB_WORKLOAD) that are still in the legacy format
serviceAccount:{identity pool name}[{subject}]
|
service_account_key_name |
str
The name of the service account key used to create or exchange credentials for authenticating the service account making the request. This is a scheme-less URI full resource name. For example: "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}". |
service_account_delegation_info |
Sequence[google.cloud.securitycenter_v1.types.ServiceAccountDelegationInfo]
Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events. |