Reference documentation and code samples for the Cloud Key Management Service (KMS) V1 API module Google::Cloud::Kms::V1::AccessReason.
Describes the reason for a data access. Please refer to https://cloud.google.com/assured-workloads/key-access-justifications/docs/justification-codes for the detailed semantic meaning of justification reason codes.
Constants
REASON_UNSPECIFIED
value: 0
Unspecified access reason.
CUSTOMER_INITIATED_SUPPORT
value: 1
Customer-initiated support.
GOOGLE_INITIATED_SERVICE
value: 2
Google-initiated access for system management and troubleshooting.
THIRD_PARTY_DATA_REQUEST
value: 3
Google-initiated access in response to a legal request or legal process.
GOOGLE_INITIATED_REVIEW
value: 4
Google-initiated access for security, fraud, abuse, or compliance purposes.
CUSTOMER_INITIATED_ACCESS
value: 5
Customer uses their account to perform any access to their own data which
their IAM policy authorizes.
GOOGLE_INITIATED_SYSTEM_OPERATION
value: 6
Google systems access customer data to help optimize the structure of the
data or quality for future uses by the customer.
REASON_NOT_EXPECTED
value: 7
No reason is expected for this key request.
MODIFIED_CUSTOMER_INITIATED_ACCESS
value: 8
Customer uses their account to perform any access to their own data which their IAM policy authorizes, and one of the following is true:
- A Google administrator has reset the root-access account associated with the user's organization within the past 7 days.
- A Google-initiated emergency access operation has interacted with a resource in the same project or folder as the currently accessed resource within the past 7 days.
MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION
value: 9
Google systems access customer data to help optimize the structure of the data or quality for future uses by the customer, and one of the following is true:
- A Google administrator has reset the root-access account associated with the user's organization within the past 7 days.
- A Google-initiated emergency access operation has interacted with a resource in the same project or folder as the currently accessed resource within the past 7 days.
GOOGLE_RESPONSE_TO_PRODUCTION_ALERT
value: 10
Google-initiated access to maintain system reliability.
CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING
value: 11
One of the following operations is being executed while simultaneously encountering an internal technical issue which prevented a more precise justification code from being generated:
- Your account has been used to perform any access to your own data which your IAM policy authorizes.
- An automated Google system operates on encrypted customer data which your IAM policy authorizes.
- Customer-initiated Google support access.
- Google-initiated support access to protect system reliability.