Cloud Security Command Center V1 API - Class Google::Cloud::SecurityCenter::V1::Access (v0.26.0)

Reference documentation and code samples for the Cloud Security Command Center V1 API class Google::Cloud::SecurityCenter::V1::Access.

Represents an access event.

Inherits

Object

Extended By

Google::Protobuf::MessageExts::ClassMethods

Includes

Google::Protobuf::MessageExts

Methods

#caller_ip

def caller_ip() -> ::String

Returns

(::String) — Caller's IP address, such as "1.1.1.1".

#caller_ip=

def caller_ip=(value) -> ::String

Parameter

value (::String) — Caller's IP address, such as "1.1.1.1".

Returns

(::String) — Caller's IP address, such as "1.1.1.1".

#caller_ip_geo

def caller_ip_geo() -> ::Google::Cloud::SecurityCenter::V1::Geolocation

Returns

(::Google::Cloud::SecurityCenter::V1::Geolocation) — The caller IP's geolocation, which identifies where the call came from.

#caller_ip_geo=

def caller_ip_geo=(value) -> ::Google::Cloud::SecurityCenter::V1::Geolocation

Parameter

value (::Google::Cloud::SecurityCenter::V1::Geolocation) — The caller IP's geolocation, which identifies where the call came from.

Returns

(::Google::Cloud::SecurityCenter::V1::Geolocation) — The caller IP's geolocation, which identifies where the call came from.

#method_name

def method_name() -> ::String

Returns

(::String) — The method that the service account called, e.g. "SetIamPolicy".

#method_name=

def method_name=(value) -> ::String

Parameter

value (::String) — The method that the service account called, e.g. "SetIamPolicy".

Returns

(::String) — The method that the service account called, e.g. "SetIamPolicy".

#principal_email

def principal_email() -> ::String

Returns

(::String) — Associated email, such as "foo@google.com".

The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the principal_subject field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see Caller identities in audit logs.

#principal_email=

def principal_email=(value) -> ::String

Parameter

value (::String) — Associated email, such as "foo@google.com".

The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the principal_subject field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see Caller identities in audit logs.

Returns

(::String) — Associated email, such as "foo@google.com".

The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the principal_subject field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see Caller identities in audit logs.

#principal_subject

def principal_subject() -> ::String

Returns

(::String) — A string representing the principal_subject associated with the identity. As compared to principal_email, supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format will be principal://iam.googleapis.com/{identity pool name}/subjects/\\{subject} except for some GKE identities (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy format serviceAccount:{identity pool name}[{subject}]

#principal_subject=

def principal_subject=(value) -> ::String

Parameter

value (::String) — A string representing the principal_subject associated with the identity. As compared to principal_email, supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format will be principal://iam.googleapis.com/{identity pool name}/subjects/\\{subject} except for some GKE identities (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy format serviceAccount:{identity pool name}[{subject}]

Returns

(::String) — A string representing the principal_subject associated with the identity. As compared to principal_email, supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format will be principal://iam.googleapis.com/{identity pool name}/subjects/\\{subject} except for some GKE identities (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy format serviceAccount:{identity pool name}[{subject}]

#service_account_delegation_info

def service_account_delegation_info() -> ::Array<::Google::Cloud::SecurityCenter::V1::ServiceAccountDelegationInfo>

Returns

(::Array<::Google::Cloud::SecurityCenter::V1::ServiceAccountDelegationInfo>) — Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

#service_account_delegation_info=

def service_account_delegation_info=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::ServiceAccountDelegationInfo>

Parameter

value (::Array<::Google::Cloud::SecurityCenter::V1::ServiceAccountDelegationInfo>) — Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

Returns

(::Array<::Google::Cloud::SecurityCenter::V1::ServiceAccountDelegationInfo>) — Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

#service_account_key_name

def service_account_key_name() -> ::String

Returns

(::String) — The name of the service account key used to create or exchange credentials for authenticating the service account making the request. This is a scheme-less URI full resource name. For example:

"//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"

#service_account_key_name=

def service_account_key_name=(value) -> ::String

Parameter

value (::String) — The name of the service account key used to create or exchange credentials for authenticating the service account making the request. This is a scheme-less URI full resource name. For example:

"//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"

Returns

(::String) — The name of the service account key used to create or exchange credentials for authenticating the service account making the request. This is a scheme-less URI full resource name. For example:

"//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"

#service_name

def service_name() -> ::String

Returns

(::String) — This is the API service that the service account made a call to, e.g. "iam.googleapis.com"

#service_name=

def service_name=(value) -> ::String

Parameter

value (::String) — This is the API service that the service account made a call to, e.g. "iam.googleapis.com"

Returns

(::String) — This is the API service that the service account made a call to, e.g. "iam.googleapis.com"

#user_agent_family

def user_agent_family() -> ::String

Returns

(::String) — What kind of user agent is associated, for example operating system shells, embedded or stand-alone applications, etc.

#user_agent_family=

def user_agent_family=(value) -> ::String

Parameter

value (::String) — What kind of user agent is associated, for example operating system shells, embedded or stand-alone applications, etc.

Returns

(::String) — What kind of user agent is associated, for example operating system shells, embedded or stand-alone applications, etc.

#user_name

def user_name() -> ::String

Returns

(::String) — A string that represents the username of a user, user account, or other entity involved in the access event. What the entity is and what its role in the access event is depends on the finding that this field appears in. The entity is likely not an IAM principal, but could be a user that is logged into an operating system, if the finding is VM-related, or a user that is logged into some type of application that is involved in the access event.

#user_name=

def user_name=(value) -> ::String

Parameter

value (::String) — A string that represents the username of a user, user account, or other entity involved in the access event. What the entity is and what its role in the access event is depends on the finding that this field appears in. The entity is likely not an IAM principal, but could be a user that is logged into an operating system, if the finding is VM-related, or a user that is logged into some type of application that is involved in the access event.

Returns

(::String) — A string that represents the username of a user, user account, or other entity involved in the access event. What the entity is and what its role in the access event is depends on the finding that this field appears in. The entity is likely not an IAM principal, but could be a user that is logged into an operating system, if the finding is VM-related, or a user that is logged into some type of application that is involved in the access event.