Interface AccessOrBuilder (2.64.0)

public interface AccessOrBuilder extends MessageOrBuilder

Implements

MessageOrBuilder

Methods

getCallerIp()

public abstract String getCallerIp()

Caller's IP address, such as "1.1.1.1".

string caller_ip = 2;

Returns
Type Description
String

The callerIp.

getCallerIpBytes()

public abstract ByteString getCallerIpBytes()

Caller's IP address, such as "1.1.1.1".

string caller_ip = 2;

Returns
Type Description
ByteString

The bytes for callerIp.

getCallerIpGeo()

public abstract Geolocation getCallerIpGeo()

The caller IP's geolocation, which identifies where the call came from.

.google.cloud.securitycenter.v2.Geolocation caller_ip_geo = 3;

Returns
Type Description
Geolocation

The callerIpGeo.

getCallerIpGeoOrBuilder()

public abstract GeolocationOrBuilder getCallerIpGeoOrBuilder()

The caller IP's geolocation, which identifies where the call came from.

.google.cloud.securitycenter.v2.Geolocation caller_ip_geo = 3;

Returns
Type Description
GeolocationOrBuilder

getMethodName()

public abstract String getMethodName()

The method that the service account called, e.g. "SetIamPolicy".

string method_name = 7;

Returns
Type Description
String

The methodName.

getMethodNameBytes()

public abstract ByteString getMethodNameBytes()

The method that the service account called, e.g. "SetIamPolicy".

string method_name = 7;

Returns
Type Description
ByteString

The bytes for methodName.

getPrincipalEmail()

public abstract String getPrincipalEmail()

Associated email, such as "foo@google.com".

The email address of the authenticated user or a service account acting on behalf of a third party principal making the request. For third party identity callers, the principal_subject field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see Caller identities in audit logs.

string principal_email = 1;

Returns
Type Description
String

The principalEmail.

getPrincipalEmailBytes()

public abstract ByteString getPrincipalEmailBytes()

Associated email, such as "foo@google.com".

The email address of the authenticated user or a service account acting on behalf of a third party principal making the request. For third party identity callers, the principal_subject field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see Caller identities in audit logs.

string principal_email = 1;

Returns
Type Description
ByteString

The bytes for principalEmail.

getPrincipalSubject()

public abstract String getPrincipalSubject()

A string that represents the principal_subject that is associated with the identity. Unlike principal_email, principal_subject supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format is principal://iam.googleapis.com/{identity pool name}/subject/{subject}. Some GKE identities, such as GKE_WORKLOAD, FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format serviceAccount:{identity pool name}[{subject}].

string principal_subject = 8;

Returns
Type Description
String

The principalSubject.

getPrincipalSubjectBytes()

public abstract ByteString getPrincipalSubjectBytes()

A string that represents the principal_subject that is associated with the identity. Unlike principal_email, principal_subject supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format is principal://iam.googleapis.com/{identity pool name}/subject/{subject}. Some GKE identities, such as GKE_WORKLOAD, FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format serviceAccount:{identity pool name}[{subject}].

string principal_subject = 8;

Returns
Type Description
ByteString

The bytes for principalSubject.

getServiceAccountDelegationInfo(int index)

public abstract ServiceAccountDelegationInfo getServiceAccountDelegationInfo(int index)

The identity delegation history of an authenticated service account that made the request. The serviceAccountDelegationInfo[] object contains information about the real authorities that try to access Google Cloud resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

repeated .google.cloud.securitycenter.v2.ServiceAccountDelegationInfo service_account_delegation_info = 10;

Parameter
Name Description
index int
Returns
Type Description
ServiceAccountDelegationInfo

getServiceAccountDelegationInfoCount()

public abstract int getServiceAccountDelegationInfoCount()

The identity delegation history of an authenticated service account that made the request. The serviceAccountDelegationInfo[] object contains information about the real authorities that try to access Google Cloud resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

repeated .google.cloud.securitycenter.v2.ServiceAccountDelegationInfo service_account_delegation_info = 10;

Returns
Type Description
int

getServiceAccountDelegationInfoList()

public abstract List<ServiceAccountDelegationInfo> getServiceAccountDelegationInfoList()

The identity delegation history of an authenticated service account that made the request. The serviceAccountDelegationInfo[] object contains information about the real authorities that try to access Google Cloud resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

repeated .google.cloud.securitycenter.v2.ServiceAccountDelegationInfo service_account_delegation_info = 10;

Returns
Type Description
List<ServiceAccountDelegationInfo>

getServiceAccountDelegationInfoOrBuilder(int index)

public abstract ServiceAccountDelegationInfoOrBuilder getServiceAccountDelegationInfoOrBuilder(int index)

The identity delegation history of an authenticated service account that made the request. The serviceAccountDelegationInfo[] object contains information about the real authorities that try to access Google Cloud resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

repeated .google.cloud.securitycenter.v2.ServiceAccountDelegationInfo service_account_delegation_info = 10;

Parameter
Name Description
index int
Returns
Type Description
ServiceAccountDelegationInfoOrBuilder

getServiceAccountDelegationInfoOrBuilderList()

public abstract List<? extends ServiceAccountDelegationInfoOrBuilder> getServiceAccountDelegationInfoOrBuilderList()

The identity delegation history of an authenticated service account that made the request. The serviceAccountDelegationInfo[] object contains information about the real authorities that try to access Google Cloud resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

repeated .google.cloud.securitycenter.v2.ServiceAccountDelegationInfo service_account_delegation_info = 10;

Returns
Type Description
List<? extends com.google.cloud.securitycenter.v2.ServiceAccountDelegationInfoOrBuilder>

getServiceAccountKeyName()

public abstract String getServiceAccountKeyName()

The name of the service account key that was used to create or exchange credentials when authenticating the service account that made the request. This is a scheme-less URI full resource name. For example:

"//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}".

string service_account_key_name = 9;

Returns
Type Description
String

The serviceAccountKeyName.

getServiceAccountKeyNameBytes()

public abstract ByteString getServiceAccountKeyNameBytes()

The name of the service account key that was used to create or exchange credentials when authenticating the service account that made the request. This is a scheme-less URI full resource name. For example:

"//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}".

string service_account_key_name = 9;

Returns
Type Description
ByteString

The bytes for serviceAccountKeyName.

getServiceName()

public abstract String getServiceName()

This is the API service that the service account made a call to, e.g. "iam.googleapis.com"

string service_name = 6;

Returns
Type Description
String

The serviceName.

getServiceNameBytes()

public abstract ByteString getServiceNameBytes()

This is the API service that the service account made a call to, e.g. "iam.googleapis.com"

string service_name = 6;

Returns
Type Description
ByteString

The bytes for serviceName.

getUserAgent()

public abstract String getUserAgent()

The caller's user agent string associated with the finding.

string user_agent = 5;

Returns
Type Description
String

The userAgent.

getUserAgentBytes()

public abstract ByteString getUserAgentBytes()

The caller's user agent string associated with the finding.

string user_agent = 5;

Returns
Type Description
ByteString

The bytes for userAgent.

getUserAgentFamily()

public abstract String getUserAgentFamily()

Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.

string user_agent_family = 4;

Returns
Type Description
String

The userAgentFamily.

getUserAgentFamilyBytes()

public abstract ByteString getUserAgentFamilyBytes()

Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.

string user_agent_family = 4;

Returns
Type Description
ByteString

The bytes for userAgentFamily.

getUserName()

public abstract String getUserName()

A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.

string user_name = 11;

Returns
Type Description
String

The userName.

getUserNameBytes()

public abstract ByteString getUserNameBytes()

A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.

string user_name = 11;

Returns
Type Description
ByteString

The bytes for userName.

hasCallerIpGeo()

public abstract boolean hasCallerIpGeo()

The caller IP's geolocation, which identifies where the call came from.

.google.cloud.securitycenter.v2.Geolocation caller_ip_geo = 3;

Returns
Type Description
boolean

Whether the callerIpGeo field is set.