Class: Google::Cloud::SecurityCenter::V1::Access

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/cloud/securitycenter/v1/access.rb

Overview

Represents an access event.

Instance Attribute Summary collapse

Instance Attribute Details

#caller_ip::String

Returns Caller's IP address, such as "1.1.1.1".

Returns:

  • (::String)

    Caller's IP address, such as "1.1.1.1".



86
87
88
89
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86

class Access
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#caller_ip_geo::Google::Cloud::SecurityCenter::V1::Geolocation

Returns The caller IP's geolocation, which identifies where the call came from.

Returns:



86
87
88
89
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86

class Access
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#method_name::String

Returns The method that the service account called, e.g. "SetIamPolicy".

Returns:

  • (::String)

    The method that the service account called, e.g. "SetIamPolicy".



86
87
88
89
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86

class Access
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#principal_email::String

Returns Associated email, such as "[email protected]".

The email address of the authenticated user or a service account acting on behalf of a third party principal making the request. For third party identity callers, the principal_subject field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see Caller identities in audit logs.

Returns:

  • (::String)

    Associated email, such as "[email protected]".

    The email address of the authenticated user or a service account acting on behalf of a third party principal making the request. For third party identity callers, the principal_subject field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see Caller identities in audit logs.



86
87
88
89
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86

class Access
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#principal_subject::String

Returns A string that represents the principal_subject that is associated with the identity. Unlike principal_email, principal_subject supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format is principal://iam.googleapis.com/{identity pool name}/subject/{subject}. Some GKE identities, such as GKE_WORKLOAD, FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format serviceAccount:{identity pool name}[\\{subject}].

Returns:

  • (::String)

    A string that represents the principal_subject that is associated with the identity. Unlike principal_email, principal_subject supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format is principal://iam.googleapis.com/{identity pool name}/subject/{subject}. Some GKE identities, such as GKE_WORKLOAD, FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format serviceAccount:{identity pool name}[\\{subject}].



86
87
88
89
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86

class Access
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#service_account_delegation_info::Array<::Google::Cloud::SecurityCenter::V1::ServiceAccountDelegationInfo>

Returns The identity delegation history of an authenticated service account that made the request. The serviceAccountDelegationInfo[] object contains information about the real authorities that try to access Google Cloud resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.

Returns:

  • (::Array<::Google::Cloud::SecurityCenter::V1::ServiceAccountDelegationInfo>)

    The identity delegation history of an authenticated service account that made the request. The serviceAccountDelegationInfo[] object contains information about the real authorities that try to access Google Cloud resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.



86
87
88
89
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86

class Access
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#service_account_key_name::String

Returns The name of the service account key that was used to create or exchange credentials when authenticating the service account that made the request. This is a scheme-less URI full resource name. For example:

"//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}".

Returns:

  • (::String)

    The name of the service account key that was used to create or exchange credentials when authenticating the service account that made the request. This is a scheme-less URI full resource name. For example:

    "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}".



86
87
88
89
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86

class Access
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#service_name::String

Returns This is the API service that the service account made a call to, e.g. "iam.googleapis.com".

Returns:

  • (::String)

    This is the API service that the service account made a call to, e.g. "iam.googleapis.com"



86
87
88
89
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86

class Access
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#user_agent::String

Returns The caller's user agent string associated with the finding.

Returns:

  • (::String)

    The caller's user agent string associated with the finding.



86
87
88
89
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86

class Access
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#user_agent_family::String

Returns Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.

Returns:

  • (::String)

    Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.



86
87
88
89
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86

class Access
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#user_name::String

Returns A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.

Returns:

  • (::String)

    A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.



86
87
88
89
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86

class Access
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end