Cloud Key Management Service (KMS) V1 API - Module Google::Cloud::Kms::V1::AccessReason (v1.2.0)

Reference documentation and code samples for the Cloud Key Management Service (KMS) V1 API module Google::Cloud::Kms::V1::AccessReason.

Describes the reason for a data access. Please refer to https://cloud.google.com/assured-workloads/key-access-justifications/docs/justification-codes for the detailed semantic meaning of justification reason codes.

Constants

REASON_UNSPECIFIED

value: 0
Unspecified access reason.

CUSTOMER_INITIATED_SUPPORT

value: 1
Customer-initiated support.

GOOGLE_INITIATED_SERVICE

value: 2
Google-initiated access for system management and troubleshooting.

THIRD_PARTY_DATA_REQUEST

value: 3
Google-initiated access in response to a legal request or legal process.

GOOGLE_INITIATED_REVIEW

value: 4
Google-initiated access for security, fraud, abuse, or compliance purposes.

CUSTOMER_INITIATED_ACCESS

value: 5
Customer uses their account to perform any access to their own data which their IAM policy authorizes.

GOOGLE_INITIATED_SYSTEM_OPERATION

value: 6
Google systems access customer data to help optimize the structure of the data or quality for future uses by the customer.

REASON_NOT_EXPECTED

value: 7
No reason is expected for this key request.

MODIFIED_CUSTOMER_INITIATED_ACCESS

value: 8

Customer uses their account to perform any access to their own data which their IAM policy authorizes, and one of the following is true:

  • A Google administrator has reset the root-access account associated with the user's organization within the past 7 days.
  • A Google-initiated emergency access operation has interacted with a resource in the same project or folder as the currently accessed resource within the past 7 days.

MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION

value: 9

Google systems access customer data to help optimize the structure of the data or quality for future uses by the customer, and one of the following is true:

  • A Google administrator has reset the root-access account associated with the user's organization within the past 7 days.
  • A Google-initiated emergency access operation has interacted with a resource in the same project or folder as the currently accessed resource within the past 7 days.

GOOGLE_RESPONSE_TO_PRODUCTION_ALERT

value: 10
Google-initiated access to maintain system reliability.

CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING

value: 11

One of the following operations is being executed while simultaneously encountering an internal technical issue which prevented a more precise justification code from being generated:

  • Your account has been used to perform any access to your own data which your IAM policy authorizes.
  • An automated Google system operates on encrypted customer data which your IAM policy authorizes.
  • Customer-initiated Google support access.
  • Google-initiated support access to protect system reliability.