Class: Google::Apis::AccessapprovalV1::AccessApprovalSettings

Inherits:

Object

• Object
• Google::Apis::AccessapprovalV1::AccessApprovalSettings

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

lib/google/apis/accessapproval_v1/classes.rb,
lib/google/apis/accessapproval_v1/representations.rb,
lib/google/apis/accessapproval_v1/representations.rb

Overview

Settings on a Project/Folder/Organization related to Access Approval.

Instance Attribute Summary

• #active_key_version ⇒ String

  The asymmetric crypto key version to use for signing approval requests.

• #ancestor_has_active_key_version ⇒ Boolean (also: #ancestor_has_active_key_version?)

  Output only.

• #enrolled_ancestor ⇒ Boolean (also: #enrolled_ancestor?)

  Output only.

• #enrolled_services ⇒ Array<Google::Apis::AccessapprovalV1::EnrolledService>

  A list of Google Cloud Services for which the given resource has Access Approval enrolled.

• #invalid_key_version ⇒ Boolean (also: #invalid_key_version?)

  Output only.

• #name ⇒ String

  The resource name of the settings.

• #notification_emails ⇒ Array<String>

  A list of email addresses to which notifications relating to approval requests should be sent.

• #notification_pubsub_topic ⇒ String

  Optional.

• #prefer_no_broad_approval_requests ⇒ Boolean (also: #prefer_no_broad_approval_requests?)

  This preference is communicated to Google personnel when sending an approval request but can be overridden if necessary.

• #preferred_request_expiration_days ⇒ Fixnum

  This preference is shared with Google personnel, but can be overridden if said personnel deems necessary.

• #request_scope_max_width_preference ⇒ String

  Optional.

• #require_customer_visible_justification ⇒ Boolean (also: #require_customer_visible_justification?)

  Optional.

Instance Method Summary

• #initialize(**args) ⇒ AccessApprovalSettings constructor

  A new instance of AccessApprovalSettings.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ AccessApprovalSettings

Returns a new instance of AccessApprovalSettings.

# File 'lib/google/apis/accessapproval_v1/classes.rb', line 157

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#active_key_version ⇒ String

The asymmetric crypto key version to use for signing approval requests. Empty active_key_version indicates that a Google-managed key should be used for signing. This property will be ignored if set by an ancestor of this resource, and new non-empty values may not be set. Corresponds to the JSON property activeKeyVersion

Returns:

• (String)

# File 'lib/google/apis/accessapproval_v1/classes.rb', line 62

def active_key_version
  @active_key_version
end

#ancestor_has_active_key_version ⇒ Boolean Also known as: ancestor_has_active_key_version?

Output only. This field is read only (not settable via UpdateAccessApprovalSettings method). If the field is true, that indicates that an ancestor of this Project or Folder has set active_key_version (this field will always be unset for the organization since organizations do not have ancestors). Corresponds to the JSON property ancestorHasActiveKeyVersion

Returns:

• (Boolean)

# File 'lib/google/apis/accessapproval_v1/classes.rb', line 71

def ancestor_has_active_key_version
  @ancestor_has_active_key_version
end

#enrolled_ancestor ⇒ Boolean Also known as: enrolled_ancestor?

Output only. This field is read only (not settable via UpdateAccessApprovalSettings method). If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Project or Folder (this field will always be unset for the organization since organizations do not have ancestors). Corresponds to the JSON property enrolledAncestor

Returns:

• (Boolean)

# File 'lib/google/apis/accessapproval_v1/classes.rb', line 81

def enrolled_ancestor
  @enrolled_ancestor
end

#enrolled_services ⇒ Array<Google::Apis::AccessapprovalV1::EnrolledService>

A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required to have explicit approval. If name refers to an organization, enrollment can be done for individual services. If name refers to a folder or project, enrollment can only be done on an all or nothing basis. If a cloud_product is repeated in this list, the first entry will be honored and all following entries will be discarded. A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. Corresponds to the JSON property enrolledServices

Returns:

• (Array<Google::Apis::AccessapprovalV1::EnrolledService>)

# File 'lib/google/apis/accessapproval_v1/classes.rb', line 95

def enrolled_services
  @enrolled_services
end

#invalid_key_version ⇒ Boolean Also known as: invalid_key_version?

Output only. This field is read only (not settable via UpdateAccessApprovalSettings method). If the field is true, that indicates that there is some configuration issue with the active_key_version configured at this level in the resource hierarchy (e.g. it doesn't exist or the Access Approval service account doesn't have the correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, as key versions are inherited top-down. Corresponds to the JSON property invalidKeyVersion

Returns:

• (Boolean)

# File 'lib/google/apis/accessapproval_v1/classes.rb', line 106

def invalid_key_version
  @invalid_key_version
end

#name ⇒ String

The resource name of the settings. Format is one of: * "projects/project/ accessApprovalSettings" * "folders/folder/accessApprovalSettings" * " organizations/organization/accessApprovalSettings" Corresponds to the JSON property name

Returns:

• (String)

# File 'lib/google/apis/accessapproval_v1/classes.rb', line 114

def name
  @name
end

#notification_emails ⇒ Array<String>

A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed. Corresponds to the JSON property notificationEmails

Returns:

• (Array<String>)

# File 'lib/google/apis/accessapproval_v1/classes.rb', line 122

def notification_emails
  @notification_emails
end

#notification_pubsub_topic ⇒ String

Optional. A pubsub topic to which notifications relating to approval requests should be sent. Corresponds to the JSON property notificationPubsubTopic

Returns:

• (String)

# File 'lib/google/apis/accessapproval_v1/classes.rb', line 128

def notification_pubsub_topic
  @notification_pubsub_topic
end

#prefer_no_broad_approval_requests ⇒ Boolean Also known as: prefer_no_broad_approval_requests?

This preference is communicated to Google personnel when sending an approval request but can be overridden if necessary. Corresponds to the JSON property preferNoBroadApprovalRequests

Returns:

• (Boolean)

# File 'lib/google/apis/accessapproval_v1/classes.rb', line 134

def prefer_no_broad_approval_requests
  @prefer_no_broad_approval_requests
end

#preferred_request_expiration_days ⇒ Fixnum

This preference is shared with Google personnel, but can be overridden if said personnel deems necessary. The approver ultimately can set the expiration at approval time. Corresponds to the JSON property preferredRequestExpirationDays

Returns:

• (Fixnum)

# File 'lib/google/apis/accessapproval_v1/classes.rb', line 142

def preferred_request_expiration_days
  @preferred_request_expiration_days
end

#request_scope_max_width_preference ⇒ String

Optional. A setting to indicate the maximum width of an Access Approval request. Corresponds to the JSON property requestScopeMaxWidthPreference

Returns:

• (String)

# File 'lib/google/apis/accessapproval_v1/classes.rb', line 148

def request_scope_max_width_preference
  @request_scope_max_width_preference
end

#require_customer_visible_justification ⇒ Boolean Also known as: require_customer_visible_justification?

Optional. A setting to require approval request justifications to be customer visible. Corresponds to the JSON property requireCustomerVisibleJustification

Returns:

• (Boolean)

# File 'lib/google/apis/accessapproval_v1/classes.rb', line 154

def require_customer_visible_justification
  @require_customer_visible_justification
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'lib/google/apis/accessapproval_v1/classes.rb', line 162

def update!(**args)
  @active_key_version = args[:active_key_version] if args.key?(:active_key_version)
  @ancestor_has_active_key_version = args[:ancestor_has_active_key_version] if args.key?(:ancestor_has_active_key_version)
  @enrolled_ancestor = args[:enrolled_ancestor] if args.key?(:enrolled_ancestor)
  @enrolled_services = args[:enrolled_services] if args.key?(:enrolled_services)
  @invalid_key_version = args[:invalid_key_version] if args.key?(:invalid_key_version)
  @name = args[:name] if args.key?(:name)
  @notification_emails = args[:notification_emails] if args.key?(:notification_emails)
  @notification_pubsub_topic = args[:notification_pubsub_topic] if args.key?(:notification_pubsub_topic)
  @prefer_no_broad_approval_requests = args[:prefer_no_broad_approval_requests] if args.key?(:prefer_no_broad_approval_requests)
  @preferred_request_expiration_days = args[:preferred_request_expiration_days] if args.key?(:preferred_request_expiration_days)
  @request_scope_max_width_preference = args[:request_scope_max_width_preference] if args.key?(:request_scope_max_width_preference)
  @require_customer_visible_justification = args[:require_customer_visible_justification] if args.key?(:require_customer_visible_justification)
end