Types for Google Cloud Accessapproval v1 API¶
- class google.cloud.accessapproval_v1.types.AccessApprovalSettings(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
Settings on a Project/Folder/Organization related to Access Approval.
- name¶
The resource name of the settings. Format is one of:
“projects/{project_id}/accessApprovalSettings”
“folders/{folder_id}/accessApprovalSettings”
“organizations/{organization_id}/accessApprovalSettings”.
- Type
str
- notification_emails¶
A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed.
- Type
Sequence[str]
- enrolled_services¶
A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required to have explicit approval. If name refers to an organization, enrollment can be done for individual services. If name refers to a folder or project, enrollment can only be done on an all or nothing basis.
If a cloud_product is repeated in this list, the first entry will be honored and all following entries will be discarded. A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded.
- Type
Sequence[google.cloud.accessapproval_v1.types.EnrolledService]
- enrolled_ancestor¶
Output only. This field is read only (not settable via UpdateAccessAccessApprovalSettings method). If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Project or Folder (this field will always be unset for the organization since organizations do not have ancestors).
- Type
bool
- class google.cloud.accessapproval_v1.types.AccessLocations(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
Home office and physical location of the principal. .. attribute:: principal_office_country
The “home office” location of the principal. A two-letter country code (ISO 3166-1 alpha-2), such as “US”, “DE” or “GB” or a region code. In some limited situations Google systems may refer refer to a region code instead of a country code. Possible Region Codes:
ASI: Asia
EUR: Europe
OCE: Oceania
AFR: Africa
NAM: North America
SAM: South America
ANT: Antarctica
ANY: Any location
- type
str
- principal_physical_location_country¶
Physical location of the principal at the time of the access. A two-letter country code (ISO 3166-1 alpha-2), such as “US”, “DE” or “GB” or a region code. In some limited situations Google systems may refer refer to a region code instead of a country code. Possible Region Codes:
ASI: Asia
EUR: Europe
OCE: Oceania
AFR: Africa
NAM: North America
SAM: South America
ANT: Antarctica
ANY: Any location
- Type
str
- class google.cloud.accessapproval_v1.types.AccessReason(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
- type_¶
Type of access justification.
- detail¶
More detail about certain reason types. See comments for each type above.
- Type
str
- class google.cloud.accessapproval_v1.types.ApprovalRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
A request for the customer to approve access to a resource. .. attribute:: name
The resource name of the request. Format is “{projects|folders|organizations}/{id}/approvalRequests/{approval_request_id}”.
- type
str
- requested_resource_name¶
The resource for which approval is being requested. The format of the resource name is defined at https://cloud.google.com/apis/design/resource_names. The resource name here may either be a “full” resource name (e.g. “//library.googleapis.com/shelves/shelf1/books/book2”) or a “relative” resource name (e.g. “shelves/shelf1/books/book2”) as described in the resource name specification.
- Type
str
- requested_resource_properties¶
Properties related to the resource represented by requested_resource_name.
- requested_reason¶
The justification for which approval is being requested.
- requested_locations¶
The locations for which approval is being requested.
- request_time¶
The time at which approval was requested.
- Type
google.protobuf.timestamp_pb2.Timestamp
- requested_expiration¶
The requested expiration for the approval. If the request is approved, access will be granted from the time of approval until the expiration time.
- Type
google.protobuf.timestamp_pb2.Timestamp
- approve¶
Access was approved.
- dismiss¶
The request was dismissed.
- class google.cloud.accessapproval_v1.types.ApproveApprovalRequestMessage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
Request to approve an ApprovalRequest. .. attribute:: name
Name of the approval request to approve.
- type
str
- expire_time¶
The expiration time of this approval.
- Type
google.protobuf.timestamp_pb2.Timestamp
- class google.cloud.accessapproval_v1.types.ApproveDecision(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
A decision that has been made to approve access to a resource.
- approve_time¶
The time at which approval was granted.
- Type
google.protobuf.timestamp_pb2.Timestamp
- expire_time¶
The time at which the approval expires.
- Type
google.protobuf.timestamp_pb2.Timestamp
- class google.cloud.accessapproval_v1.types.DeleteAccessApprovalSettingsMessage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
Request to delete access approval settings. .. attribute:: name
Name of the AccessApprovalSettings to delete.
- type
str
- class google.cloud.accessapproval_v1.types.DismissApprovalRequestMessage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
Request to dismiss an approval request. .. attribute:: name
Name of the ApprovalRequest to dismiss.
- type
str
- class google.cloud.accessapproval_v1.types.DismissDecision(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
A decision that has been made to dismiss an approval request. .. attribute:: dismiss_time
The time at which the approval request was dismissed.
- type
google.protobuf.timestamp_pb2.Timestamp
- class google.cloud.accessapproval_v1.types.EnrolledService(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
Represents the enrollment of a cloud resource into a specific service.
- cloud_product¶
The product for which Access Approval will be enrolled. Allowed values are listed below (case- sensitive): - all - appengine.googleapis.com - bigquery.googleapis.com - bigtable.googleapis.com - cloudkms.googleapis.com - compute.googleapis.com - dataflow.googleapis.com - iam.googleapis.com - pubsub.googleapis.com - storage.googleapis.com
- Type
str
- enrollment_level¶
The enrollment level of the service.
- class google.cloud.accessapproval_v1.types.EnrollmentLevel(value)[source]¶
Bases:
proto.enums.Enum
Represents the type of enrollment for a given service to Access Approval.
- BLOCK_ALL = 1¶
- ENROLLMENT_LEVEL_UNSPECIFIED = 0¶
- class google.cloud.accessapproval_v1.types.GetAccessApprovalSettingsMessage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
Request to get access approval settings. .. attribute:: name
Name of the AccessApprovalSettings to retrieve.
- type
str
- class google.cloud.accessapproval_v1.types.GetApprovalRequestMessage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
Request to get an approval request. .. attribute:: name
Name of the approval request to retrieve.
- type
str
- class google.cloud.accessapproval_v1.types.ListApprovalRequestsMessage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
Request to list approval requests. .. attribute:: parent
The parent resource. This may be “projects/{project_id}”, “folders/{folder_id}”, or “organizations/{organization_id}”.
- type
str
- filter¶
A filter on the type of approval requests to retrieve. Must be one of the following values:
[not set]: Requests that are pending or have active approvals.
ALL: All requests.
PENDING: Only pending requests.
ACTIVE: Only active (i.e. currently approved) requests.
DISMISSED: Only dismissed (including expired) requests.
- Type
str
- page_size¶
Requested page size.
- Type
int
- page_token¶
A token identifying the page of results to return.
- Type
str
- class google.cloud.accessapproval_v1.types.ListApprovalRequestsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
Response to listing of ApprovalRequest objects. .. attribute:: approval_requests
Approval request details.
- type
Sequence[google.cloud.accessapproval_v1.types.ApprovalRequest]
- next_page_token¶
Token to retrieve the next page of results, or empty if there are no more.
- Type
str
- property raw_page¶
- class google.cloud.accessapproval_v1.types.ResourceProperties(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
The properties associated with the resource of the request. .. attribute:: excludes_descendants
Whether an approval will exclude the descendants of the resource being requested.
- type
bool
- class google.cloud.accessapproval_v1.types.UpdateAccessApprovalSettingsMessage(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message
Request to update access approval settings. .. attribute:: settings
The new AccessApprovalSettings.
- type
google.cloud.accessapproval_v1.types.AccessApprovalSettings
- update_mask¶
The update mask applies to the settings. Only the top level fields of AccessApprovalSettings (notification_emails & enrolled_services) are supported. For each field, if it is included, the currently stored value will be entirely overwritten with the value of the field passed in this request.
For the
FieldMask
definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask If this field is left unset, only the notification_emails field will be updated.- Type
google.protobuf.field_mask_pb2.FieldMask