Class AccessApprovalGrpc.AccessApprovalFutureStub (2.14.0)

public static final class AccessApprovalGrpc.AccessApprovalFutureStub extends AbstractFutureStub<AccessApprovalGrpc.AccessApprovalFutureStub>

This API allows a customer to manage accesses to cloud resources by Google personnel. It defines the following resource model:

  • The API has a collection of ApprovalRequest resources, named approvalRequests/{approval_request}
  • The API has top-level settings per Project/Folder/Organization, named accessApprovalSettings The service also periodically emails a list of recipients, defined at the Project/Folder/Organization level in the accessApprovalSettings, when there is a pending ApprovalRequest for them to act on. The ApprovalRequests can also optionally be published to a Pub/Sub topic owned by the customer (contact support if you would like to enable Pub/Sub notifications). ApprovalRequests can be approved or dismissed. Google personnel can only access the indicated resource or resources if the request is approved (subject to some exclusions: https://cloud.google.com/access-approval/docs/overview#exclusions). Note: Using Access Approval functionality will mean that Google may not be able to meet the SLAs for your chosen products, as any support response times may be dramatically increased. As such the SLAs do not apply to any service disruption to the extent impacted by Customer's use of Access Approval. Do not enable Access Approval for projects where you may require high service availability and rapid response by Google Cloud Support. After a request is approved or dismissed, no further action may be taken on it. Requests with the requested_expiration in the past or with no activity for 14 days are considered dismissed. When an approval expires, the request is considered dismissed. If a request is not approved or dismissed, we call it pending.

Inheritance

java.lang.Object > io.grpc.stub.AbstractStub > io.grpc.stub.AbstractFutureStub > AccessApprovalGrpc.AccessApprovalFutureStub

Methods

approveApprovalRequest(ApproveApprovalRequestMessage request)

public ListenableFuture<ApprovalRequest> approveApprovalRequest(ApproveApprovalRequestMessage request)

Approves a request and returns the updated ApprovalRequest. Returns NOT_FOUND if the request does not exist. Returns FAILED_PRECONDITION if the request exists but is not in a pending state.

Parameter
NameDescription
requestApproveApprovalRequestMessage
Returns
TypeDescription
com.google.common.util.concurrent.ListenableFuture<ApprovalRequest>

build(Channel channel, CallOptions callOptions)

protected AccessApprovalGrpc.AccessApprovalFutureStub build(Channel channel, CallOptions callOptions)
Parameters
NameDescription
channelio.grpc.Channel
callOptionsio.grpc.CallOptions
Returns
TypeDescription
AccessApprovalGrpc.AccessApprovalFutureStub
Overrides
io.grpc.stub.AbstractStub.build(io.grpc.Channel,io.grpc.CallOptions)

deleteAccessApprovalSettings(DeleteAccessApprovalSettingsMessage request)

public ListenableFuture<Empty> deleteAccessApprovalSettings(DeleteAccessApprovalSettingsMessage request)

Deletes the settings associated with a project, folder, or organization. This will have the effect of disabling Access Approval for the project, folder, or organization, but only if all ancestors also have Access Approval disabled. If Access Approval is enabled at a higher level of the hierarchy, then Access Approval will still be enabled at this level as the settings are inherited.

Parameter
NameDescription
requestDeleteAccessApprovalSettingsMessage
Returns
TypeDescription
com.google.common.util.concurrent.ListenableFuture<Empty>

dismissApprovalRequest(DismissApprovalRequestMessage request)

public ListenableFuture<ApprovalRequest> dismissApprovalRequest(DismissApprovalRequestMessage request)

Dismisses a request. Returns the updated ApprovalRequest. NOTE: This does not deny access to the resource if another request has been made and approved. It is equivalent in effect to ignoring the request altogether. Returns NOT_FOUND if the request does not exist. Returns FAILED_PRECONDITION if the request exists but is not in a pending state.

Parameter
NameDescription
requestDismissApprovalRequestMessage
Returns
TypeDescription
com.google.common.util.concurrent.ListenableFuture<ApprovalRequest>

getAccessApprovalServiceAccount(GetAccessApprovalServiceAccountMessage request)

public ListenableFuture<AccessApprovalServiceAccount> getAccessApprovalServiceAccount(GetAccessApprovalServiceAccountMessage request)

Retrieves the service account that is used by Access Approval to access KMS keys for signing approved approval requests.

Parameter
NameDescription
requestGetAccessApprovalServiceAccountMessage
Returns
TypeDescription
com.google.common.util.concurrent.ListenableFuture<AccessApprovalServiceAccount>

getAccessApprovalSettings(GetAccessApprovalSettingsMessage request)

public ListenableFuture<AccessApprovalSettings> getAccessApprovalSettings(GetAccessApprovalSettingsMessage request)

Gets the settings associated with a project, folder, or organization.

Parameter
NameDescription
requestGetAccessApprovalSettingsMessage
Returns
TypeDescription
com.google.common.util.concurrent.ListenableFuture<AccessApprovalSettings>

getApprovalRequest(GetApprovalRequestMessage request)

public ListenableFuture<ApprovalRequest> getApprovalRequest(GetApprovalRequestMessage request)

Gets an approval request. Returns NOT_FOUND if the request does not exist.

Parameter
NameDescription
requestGetApprovalRequestMessage
Returns
TypeDescription
com.google.common.util.concurrent.ListenableFuture<ApprovalRequest>

invalidateApprovalRequest(InvalidateApprovalRequestMessage request)

public ListenableFuture<ApprovalRequest> invalidateApprovalRequest(InvalidateApprovalRequestMessage request)

Invalidates an existing ApprovalRequest. Returns the updated ApprovalRequest. NOTE: This does not deny access to the resource if another request has been made and approved. It only invalidates a single approval. Returns FAILED_PRECONDITION if the request exists but is not in an approved state.

Parameter
NameDescription
requestInvalidateApprovalRequestMessage
Returns
TypeDescription
com.google.common.util.concurrent.ListenableFuture<ApprovalRequest>

listApprovalRequests(ListApprovalRequestsMessage request)

public ListenableFuture<ListApprovalRequestsResponse> listApprovalRequests(ListApprovalRequestsMessage request)

Lists approval requests associated with a project, folder, or organization. Approval requests can be filtered by state (pending, active, dismissed). The order is reverse chronological.

Parameter
NameDescription
requestListApprovalRequestsMessage
Returns
TypeDescription
com.google.common.util.concurrent.ListenableFuture<ListApprovalRequestsResponse>

updateAccessApprovalSettings(UpdateAccessApprovalSettingsMessage request)

public ListenableFuture<AccessApprovalSettings> updateAccessApprovalSettings(UpdateAccessApprovalSettingsMessage request)

Updates the settings associated with a project, folder, or organization. Settings to update are determined by the value of field_mask.

Parameter
NameDescription
requestUpdateAccessApprovalSettingsMessage
Returns
TypeDescription
com.google.common.util.concurrent.ListenableFuture<AccessApprovalSettings>