Console
    Contact Us Start free

    REST Resource: organizations.locations.entitlements.grants

    Resource: Grant

    A grant represents a request from a user for obtaining the access specified in an entitlement they are eligible for.

    JSON representation 
     { 
 "name" 
 : 
 string 
 , 
 "createTime" 
 : 
 string 
 , 
 "updateTime" 
 : 
 string 
 , 
 "requester" 
 : 
 string 
 , 
 "requestedDuration" 
 : 
 string 
 , 
 "justification" 
 : 
 { 
 object (  Justification 
 
) 
 } 
 , 
 "state" 
 : 
 enum (  State 
 
) 
 , 
 "timeline" 
 : 
 { 
 object (  Timeline 
 
) 
 } 
 , 
 "privilegedAccess" 
 : 
 { 
 object (  PrivilegedAccess 
 
) 
 } 
 , 
 "auditTrail" 
 : 
 { 
 object (  AuditTrail 
 
) 
 } 
 , 
 "additionalEmailRecipients" 
 : 
 [ 
 string 
 ] 
 , 
 "externallyModified" 
 : 
 boolean 
 }
    Fields
    name

    string

    Identifier. Name of this grant. Possible formats:

    • organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
    • folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}
    • projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}/grants/{grant-id}

    The last segment of this name ( {grant-id} ) is autogenerated.

    createTime

    string ( Timestamp format)

    Output only. Create time stamp.

    Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z" , "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30" .

    updateTime

    string ( Timestamp format)

    Output only. Update time stamp.

    Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z" , "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30" .

    requester

    string

    Output only. Username of the user who created this grant.

    requestedDuration

    string ( Duration format)

    Required. The amount of time access is needed for. This value should be less than the maxRequestDuration value of the entitlement.

    A duration in seconds with up to nine fractional digits, ending with ' s '. Example: "3.5s" .

    justification

    object ( Justification )

    Optional. Justification of why this access is needed.

    state

    enum ( State )

    Output only. Current state of this grant.

    timeline

    object ( Timeline )

    Output only. Timeline of this grant.

    privilegedAccess

    object ( PrivilegedAccess )

    Output only. The access that would be granted by this grant.

    auditTrail

    object ( AuditTrail )

    Output only. Audit trail of access provided by this grant. If unspecified then access was never granted.

    additionalEmailRecipients[]

    string

    Optional. Additional email addresses to notify for all the actions performed on the grant.

    externallyModified

    boolean

    Output only. Flag set by the PAM system to indicate that policy bindings made by this grant have been modified from outside PAM.

    After it is set, this flag remains set forever irrespective of the grant state. A true value here indicates that PAM no longer has any certainty on the access a user has because of this grant.

    Methods

    approve

    		ApproveGrant is used to approve a grant.

    create

    		Creates a grant in a given project, folder, or organization and location.

    deny

    		DenyGrant is used to deny a grant.

    get

    		Get details of a single grant.

    list

    		Lists grants for a given entitlement.

    revoke

    		RevokeGrant is used to immediately revoke access for a grant.
    SearchGrants returns grants that are related to the calling user in the specified way.
    Design a Mobile Site
    View Site in Mobile | Classic
    Share by: