Class Access (1.16.2)

Stay organized with collections Save and categorize content based on your preferences.
Access(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Represents an access event.


principal_email str
Associated email, such as "". The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the principal_subject field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see `Caller identities in audit logs
caller_ip str
Caller's IP address, such as "".
The caller IP's geolocation, which identifies where the call came from.
user_agent_family str
What kind of user agent is associated, e.g. operating system shells, embedded or stand-alone applications, etc.
service_name str
This is the API service that the service account made a call to, e.g. "".
method_name str
The method that the service account called, e.g. "SetIamPolicy".
principal_subject str
A string representing the principal_subject associated with the identity. As compared to principal_email, supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format will be principal://{identity pool name}/subjects/{subject} except for some GKE identities (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy format serviceAccount:{identity pool name}[{subject}]
service_account_key_name str
The name of the service account key used to create or exchange credentials for authenticating the service account making the request. This is a scheme-less URI full resource name. For example: "//{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}".
service_account_delegation_info Sequence[]
Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.


builtins.object > proto.message.Message > Access