Class: Google::Cloud::SecurityCenter::V1::Access
- Inherits:
-
Object
- Object
- Google::Cloud::SecurityCenter::V1::Access
- Extended by:
- Protobuf::MessageExts::ClassMethods
- Includes:
- Protobuf::MessageExts
- Defined in:
- proto_docs/google/cloud/securitycenter/v1/access.rb
Overview
Represents an access event.
Instance Attribute Summary collapse
-
#caller_ip ⇒ ::String
Caller's IP address, such as "1.1.1.1".
-
#caller_ip_geo ⇒ ::Google::Cloud::SecurityCenter::V1::Geolocation
The caller IP's geolocation, which identifies where the call came from.
-
#method_name ⇒ ::String
The method that the service account called, e.g.
-
#principal_email ⇒ ::String
Associated email, such as "[email protected]".
-
#principal_subject ⇒ ::String
A string that represents the principal_subject that is associated with the identity.
-
#service_account_delegation_info ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::ServiceAccountDelegationInfo>
The identity delegation history of an authenticated service account that made the request.
-
#service_account_key_name ⇒ ::String
The name of the service account key that was used to create or exchange credentials when authenticating the service account that made the request.
-
#service_name ⇒ ::String
This is the API service that the service account made a call to, e.g.
-
#user_agent ⇒ ::String
The caller's user agent string associated with the finding.
-
#user_agent_family ⇒ ::String
Type of user agent associated with the finding.
-
#user_name ⇒ ::String
A string that represents a username.
Instance Attribute Details
#caller_ip ⇒ ::String
Returns Caller's IP address, such as "1.1.1.1".
86 87 88 89 |
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86 class Access include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |
#caller_ip_geo ⇒ ::Google::Cloud::SecurityCenter::V1::Geolocation
Returns The caller IP's geolocation, which identifies where the call came from.
86 87 88 89 |
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86 class Access include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |
#method_name ⇒ ::String
Returns The method that the service account called, e.g. "SetIamPolicy".
86 87 88 89 |
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86 class Access include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |
#principal_email ⇒ ::String
Returns Associated email, such as "[email protected]".
The email address of the authenticated user or a service account acting on
behalf of a third party principal making the request. For third party
identity callers, the principal_subject
field is populated instead of
this field. For privacy reasons, the principal email address is sometimes
redacted. For more information, see Caller identities in audit
logs.
86 87 88 89 |
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86 class Access include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |
#principal_subject ⇒ ::String
Returns A string that represents the principal_subject that is associated with the
identity. Unlike principal_email
, principal_subject
supports principals
that aren't associated with email addresses, such as third party
principals. For most identities, the format is
principal://iam.googleapis.com/{identity pool name}/subject/{subject}
.
Some GKE identities, such as GKE_WORKLOAD, FREEFORM, and GKE_HUB_WORKLOAD,
still use the legacy format serviceAccount:{identity pool
name}[\\{subject}]
.
86 87 88 89 |
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86 class Access include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |
#service_account_delegation_info ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::ServiceAccountDelegationInfo>
Returns The identity delegation history of an authenticated service account that
made the request. The serviceAccountDelegationInfo[]
object contains
information about the real authorities that try to access Google Cloud
resources by delegating on a service account. When multiple authorities are
present, they are guaranteed to be sorted based on the original ordering of
the identity delegation events.
86 87 88 89 |
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86 class Access include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |
#service_account_key_name ⇒ ::String
Returns The name of the service account key that was used to create or exchange credentials when authenticating the service account that made the request. This is a scheme-less URI full resource name. For example:
"//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}".
86 87 88 89 |
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86 class Access include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |
#service_name ⇒ ::String
Returns This is the API service that the service account made a call to, e.g. "iam.googleapis.com".
86 87 88 89 |
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86 class Access include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |
#user_agent ⇒ ::String
Returns The caller's user agent string associated with the finding.
86 87 88 89 |
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86 class Access include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |
#user_agent_family ⇒ ::String
Returns Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.
86 87 88 89 |
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86 class Access include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |
#user_name ⇒ ::String
Returns A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.
86 87 88 89 |
# File 'proto_docs/google/cloud/securitycenter/v1/access.rb', line 86 class Access include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |