As of January 1, 2020 this library no longer supports Python 2 on the latest released version. Library versions released prior to that date will continue to be available. For more information please visit Python 2 support on Google Cloud.

Types for Google Cloud Accessapproval v1 API

class google.cloud.accessapproval_v1.types.AccessApprovalSettings(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Settings on a Project/Folder/Organization related to Access Approval.

name

The resource name of the settings. Format is one of:

  • “projects/{project_id}/accessApprovalSettings”

  • “folders/{folder_id}/accessApprovalSettings”

  • “organizations/{organization_id}/accessApprovalSettings”.

Type

str

notification_emails

A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed.

Type

Sequence[str]

enrolled_services

A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required to have explicit approval. If name refers to an organization, enrollment can be done for individual services. If name refers to a folder or project, enrollment can only be done on an all or nothing basis.

If a cloud_product is repeated in this list, the first entry will be honored and all following entries will be discarded. A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded.

Type

Sequence[google.cloud.accessapproval_v1.types.EnrolledService]

enrolled_ancestor

Output only. This field is read only (not settable via UpdateAccessAccessApprovalSettings method). If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Project or Folder (this field will always be unset for the organization since organizations do not have ancestors).

Type

bool

class google.cloud.accessapproval_v1.types.AccessLocations(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Home office and physical location of the principal. .. attribute:: principal_office_country

The “home office” location of the principal. A two-letter country code (ISO 3166-1 alpha-2), such as “US”, “DE” or “GB” or a region code. In some limited situations Google systems may refer refer to a region code instead of a country code. Possible Region Codes:

  • ASI: Asia

  • EUR: Europe

  • OCE: Oceania

  • AFR: Africa

  • NAM: North America

  • SAM: South America

  • ANT: Antarctica

  • ANY: Any location

type

str

principal_physical_location_country

Physical location of the principal at the time of the access. A two-letter country code (ISO 3166-1 alpha-2), such as “US”, “DE” or “GB” or a region code. In some limited situations Google systems may refer refer to a region code instead of a country code. Possible Region Codes:

  • ASI: Asia

  • EUR: Europe

  • OCE: Oceania

  • AFR: Africa

  • NAM: North America

  • SAM: South America

  • ANT: Antarctica

  • ANY: Any location

Type

str

class google.cloud.accessapproval_v1.types.AccessReason(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

type_

Type of access justification.

Type

google.cloud.accessapproval_v1.types.AccessReason.Type

detail

More detail about certain reason types. See comments for each type above.

Type

str

class Type(value)[source]

Bases: proto.enums.Enum

Type of access justification.

CUSTOMER_INITIATED_SUPPORT = 1
GOOGLE_INITIATED_REVIEW = 3
GOOGLE_INITIATED_SERVICE = 2
TYPE_UNSPECIFIED = 0
class google.cloud.accessapproval_v1.types.ApprovalRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A request for the customer to approve access to a resource. .. attribute:: name

The resource name of the request. Format is “{projects|folders|organizations}/{id}/approvalRequests/{approval_request_id}”.

type

str

requested_resource_name

The resource for which approval is being requested. The format of the resource name is defined at https://cloud.google.com/apis/design/resource_names. The resource name here may either be a “full” resource name (e.g. “//library.googleapis.com/shelves/shelf1/books/book2”) or a “relative” resource name (e.g. “shelves/shelf1/books/book2”) as described in the resource name specification.

Type

str

requested_resource_properties

Properties related to the resource represented by requested_resource_name.

Type

google.cloud.accessapproval_v1.types.ResourceProperties

requested_reason

The justification for which approval is being requested.

Type

google.cloud.accessapproval_v1.types.AccessReason

requested_locations

The locations for which approval is being requested.

Type

google.cloud.accessapproval_v1.types.AccessLocations

request_time

The time at which approval was requested.

Type

google.protobuf.timestamp_pb2.Timestamp

requested_expiration

The requested expiration for the approval. If the request is approved, access will be granted from the time of approval until the expiration time.

Type

google.protobuf.timestamp_pb2.Timestamp

approve

Access was approved.

Type

google.cloud.accessapproval_v1.types.ApproveDecision

dismiss

The request was dismissed.

Type

google.cloud.accessapproval_v1.types.DismissDecision

class google.cloud.accessapproval_v1.types.ApproveApprovalRequestMessage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Request to approve an ApprovalRequest. .. attribute:: name

Name of the approval request to approve.

type

str

expire_time

The expiration time of this approval.

Type

google.protobuf.timestamp_pb2.Timestamp

class google.cloud.accessapproval_v1.types.ApproveDecision(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A decision that has been made to approve access to a resource.

approve_time

The time at which approval was granted.

Type

google.protobuf.timestamp_pb2.Timestamp

expire_time

The time at which the approval expires.

Type

google.protobuf.timestamp_pb2.Timestamp

class google.cloud.accessapproval_v1.types.DeleteAccessApprovalSettingsMessage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Request to delete access approval settings. .. attribute:: name

Name of the AccessApprovalSettings to delete.

type

str

class google.cloud.accessapproval_v1.types.DismissApprovalRequestMessage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Request to dismiss an approval request. .. attribute:: name

Name of the ApprovalRequest to dismiss.

type

str

class google.cloud.accessapproval_v1.types.DismissDecision(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

A decision that has been made to dismiss an approval request. .. attribute:: dismiss_time

The time at which the approval request was dismissed.

type

google.protobuf.timestamp_pb2.Timestamp

class google.cloud.accessapproval_v1.types.EnrolledService(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Represents the enrollment of a cloud resource into a specific service.

cloud_product

The product for which Access Approval will be enrolled. Allowed values are listed below (case- sensitive): - all - appengine.googleapis.com - bigquery.googleapis.com - bigtable.googleapis.com - cloudkms.googleapis.com - compute.googleapis.com - dataflow.googleapis.com - iam.googleapis.com - pubsub.googleapis.com - storage.googleapis.com

Type

str

enrollment_level

The enrollment level of the service.

Type

google.cloud.accessapproval_v1.types.EnrollmentLevel

class google.cloud.accessapproval_v1.types.EnrollmentLevel(value)[source]

Bases: proto.enums.Enum

Represents the type of enrollment for a given service to Access Approval.

BLOCK_ALL = 1
ENROLLMENT_LEVEL_UNSPECIFIED = 0
class google.cloud.accessapproval_v1.types.GetAccessApprovalSettingsMessage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Request to get access approval settings. .. attribute:: name

Name of the AccessApprovalSettings to retrieve.

type

str

class google.cloud.accessapproval_v1.types.GetApprovalRequestMessage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Request to get an approval request. .. attribute:: name

Name of the approval request to retrieve.

type

str

class google.cloud.accessapproval_v1.types.ListApprovalRequestsMessage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Request to list approval requests. .. attribute:: parent

The parent resource. This may be “projects/{project_id}”, “folders/{folder_id}”, or “organizations/{organization_id}”.

type

str

filter

A filter on the type of approval requests to retrieve. Must be one of the following values:

  • [not set]: Requests that are pending or have active approvals.

  • ALL: All requests.

  • PENDING: Only pending requests.

  • ACTIVE: Only active (i.e. currently approved) requests.

  • DISMISSED: Only dismissed (including expired) requests.

Type

str

page_size

Requested page size.

Type

int

page_token

A token identifying the page of results to return.

Type

str

class google.cloud.accessapproval_v1.types.ListApprovalRequestsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Response to listing of ApprovalRequest objects. .. attribute:: approval_requests

Approval request details.

type

Sequence[google.cloud.accessapproval_v1.types.ApprovalRequest]

next_page_token

Token to retrieve the next page of results, or empty if there are no more.

Type

str

property raw_page
class google.cloud.accessapproval_v1.types.ResourceProperties(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

The properties associated with the resource of the request. .. attribute:: excludes_descendants

Whether an approval will exclude the descendants of the resource being requested.

type

bool

class google.cloud.accessapproval_v1.types.UpdateAccessApprovalSettingsMessage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]

Bases: proto.message.Message

Request to update access approval settings. .. attribute:: settings

The new AccessApprovalSettings.

type

google.cloud.accessapproval_v1.types.AccessApprovalSettings

update_mask

The update mask applies to the settings. Only the top level fields of AccessApprovalSettings (notification_emails & enrolled_services) are supported. For each field, if it is included, the currently stored value will be entirely overwritten with the value of the field passed in this request.

For the FieldMask definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask If this field is left unset, only the notification_emails field will be updated.

Type

google.protobuf.field_mask_pb2.FieldMask