public static final class AccessApprovalGrpc.AccessApprovalFutureStub extends AbstractFutureStub<AccessApprovalGrpc.AccessApprovalFutureStub>
This API allows a customer to manage accesses to cloud resources by
Google personnel. It defines the following resource model:
- The API has a collection of
ApprovalRequest
resources, named
approvalRequests/{approval_request}
- The API has top-level settings per Project/Folder/Organization, named
accessApprovalSettings
The service also periodically emails a list of recipients, defined at the
Project/Folder/Organization level in the accessApprovalSettings, when there
is a pending ApprovalRequest for them to act on. The ApprovalRequests can
also optionally be published to a Pub/Sub topic owned by the customer
(contact support if you would like to enable Pub/Sub notifications).
ApprovalRequests can be approved or dismissed. Google personnel can only
access the indicated resource or resources if the request is approved
(subject to some exclusions:
https://cloud.google.com/access-approval/docs/overview#exclusions).
Note: Using Access Approval functionality will mean that Google may not be
able to meet the SLAs for your chosen products, as any support response times
may be dramatically increased. As such the SLAs do not apply to any service
disruption to the extent impacted by Customer's use of Access Approval. Do
not enable Access Approval for projects where you may require high service
availability and rapid response by Google Cloud Support.
After a request is approved or dismissed, no further action may be taken on
it. Requests with the requested_expiration in the past or with no activity
for 14 days are considered dismissed. When an approval expires, the request
is considered dismissed.
If a request is not approved or dismissed, we call it pending.
Inheritance
java.lang.Object >
io.grpc.stub.AbstractStub >
io.grpc.stub.AbstractFutureStub >
AccessApprovalGrpc.AccessApprovalFutureStub
Inherited Members
io.grpc.stub.AbstractFutureStub.<T>newStub(io.grpc.stub.AbstractStub.StubFactory<T>,io.grpc.Channel)
io.grpc.stub.AbstractFutureStub.<T>newStub(io.grpc.stub.AbstractStub.StubFactory<T>,io.grpc.Channel,io.grpc.CallOptions)
io.grpc.stub.AbstractStub.<T>withOption(io.grpc.CallOptions.Key<T>,T)
io.grpc.stub.AbstractStub.build(io.grpc.Channel,io.grpc.CallOptions)
io.grpc.stub.AbstractStub.getCallOptions()
io.grpc.stub.AbstractStub.getChannel()
io.grpc.stub.AbstractStub.withCallCredentials(io.grpc.CallCredentials)
io.grpc.stub.AbstractStub.withChannel(io.grpc.Channel)
io.grpc.stub.AbstractStub.withCompression(java.lang.String)
io.grpc.stub.AbstractStub.withDeadline(io.grpc.Deadline)
io.grpc.stub.AbstractStub.withDeadlineAfter(long,java.util.concurrent.TimeUnit)
io.grpc.stub.AbstractStub.withExecutor(java.util.concurrent.Executor)
io.grpc.stub.AbstractStub.withInterceptors(io.grpc.ClientInterceptor...)
io.grpc.stub.AbstractStub.withMaxInboundMessageSize(int)
io.grpc.stub.AbstractStub.withMaxOutboundMessageSize(int)
io.grpc.stub.AbstractStub.withWaitForReady()
Methods
approveApprovalRequest(ApproveApprovalRequestMessage request)
public ListenableFuture<ApprovalRequest> approveApprovalRequest(ApproveApprovalRequestMessage request)
Approves a request and returns the updated ApprovalRequest.
Returns NOT_FOUND if the request does not exist. Returns
FAILED_PRECONDITION if the request exists but is not in a pending state.
Returns |
---|
Type | Description |
com.google.common.util.concurrent.ListenableFuture<ApprovalRequest> | |
build(Channel channel, CallOptions callOptions)
protected AccessApprovalGrpc.AccessApprovalFutureStub build(Channel channel, CallOptions callOptions)
Parameters |
---|
Name | Description |
channel | io.grpc.Channel
|
callOptions | io.grpc.CallOptions
|
Overrides
io.grpc.stub.AbstractStub.build(io.grpc.Channel,io.grpc.CallOptions)
deleteAccessApprovalSettings(DeleteAccessApprovalSettingsMessage request)
public ListenableFuture<Empty> deleteAccessApprovalSettings(DeleteAccessApprovalSettingsMessage request)
Deletes the settings associated with a project, folder, or organization.
This will have the effect of disabling Access Approval for the project,
folder, or organization, but only if all ancestors also have Access
Approval disabled. If Access Approval is enabled at a higher level of the
hierarchy, then Access Approval will still be enabled at this level as
the settings are inherited.
Returns |
---|
Type | Description |
com.google.common.util.concurrent.ListenableFuture<Empty> | |
dismissApprovalRequest(DismissApprovalRequestMessage request)
public ListenableFuture<ApprovalRequest> dismissApprovalRequest(DismissApprovalRequestMessage request)
Dismisses a request. Returns the updated ApprovalRequest.
NOTE: This does not deny access to the resource if another request has been
made and approved. It is equivalent in effect to ignoring the request
altogether.
Returns NOT_FOUND if the request does not exist.
Returns FAILED_PRECONDITION if the request exists but is not in a pending
state.
Returns |
---|
Type | Description |
com.google.common.util.concurrent.ListenableFuture<ApprovalRequest> | |
getAccessApprovalServiceAccount(GetAccessApprovalServiceAccountMessage request)
public ListenableFuture<AccessApprovalServiceAccount> getAccessApprovalServiceAccount(GetAccessApprovalServiceAccountMessage request)
Retrieves the service account that is used by Access Approval to access KMS
keys for signing approved approval requests.
getAccessApprovalSettings(GetAccessApprovalSettingsMessage request)
public ListenableFuture<AccessApprovalSettings> getAccessApprovalSettings(GetAccessApprovalSettingsMessage request)
Gets the settings associated with a project, folder, or organization.
getApprovalRequest(GetApprovalRequestMessage request)
public ListenableFuture<ApprovalRequest> getApprovalRequest(GetApprovalRequestMessage request)
Gets an approval request. Returns NOT_FOUND if the request does not exist.
Returns |
---|
Type | Description |
com.google.common.util.concurrent.ListenableFuture<ApprovalRequest> | |
invalidateApprovalRequest(InvalidateApprovalRequestMessage request)
public ListenableFuture<ApprovalRequest> invalidateApprovalRequest(InvalidateApprovalRequestMessage request)
Invalidates an existing ApprovalRequest. Returns the updated
ApprovalRequest.
NOTE: This does not deny access to the resource if another request has been
made and approved. It only invalidates a single approval.
Returns FAILED_PRECONDITION if the request exists but is not in an approved
state.
Returns |
---|
Type | Description |
com.google.common.util.concurrent.ListenableFuture<ApprovalRequest> | |
listApprovalRequests(ListApprovalRequestsMessage request)
public ListenableFuture<ListApprovalRequestsResponse> listApprovalRequests(ListApprovalRequestsMessage request)
Lists approval requests associated with a project, folder, or organization.
Approval requests can be filtered by state (pending, active, dismissed).
The order is reverse chronological.
updateAccessApprovalSettings(UpdateAccessApprovalSettingsMessage request)
public ListenableFuture<AccessApprovalSettings> updateAccessApprovalSettings(UpdateAccessApprovalSettingsMessage request)
Updates the settings associated with a project, folder, or organization.
Settings to update are determined by the value of field_mask.