Module: Google::Cloud::AccessApproval

Defined in:

lib/google/cloud/access_approval.rb,
lib/google/cloud/access_approval/version.rb

Constant Summary

VERSION =

"1.6.2"

Class Method Summary

• .access_approval(version: :v1, transport: :grpc, &block) ⇒ ::Object

  Create a new client object for AccessApproval.

• .access_approval_available?(version: :v1, transport: :grpc) ⇒ boolean

  Determines whether the AccessApproval service is supported by the current client.

• .configure {|::Google::Cloud.configure.access_approval| ... } ⇒ ::Google::Cloud::Config

  Configure the google-cloud-access_approval library.

Class Method Details

.access_approval(version: :v1, transport: :grpc, &block) ⇒ ::Object

Create a new client object for AccessApproval.

By default, this returns an instance of Google::Cloud::AccessApproval::V1::AccessApproval::Client for a gRPC client for version V1 of the API. However, you can specify a different API version by passing it in the version parameter. If the AccessApproval service is supported by that API version, and the corresponding gem is available, the appropriate versioned client will be returned. You can also specify a different transport by passing :rest or :grpc in the transport parameter.

Raises an exception if the currently installed versioned client gem for the given API version does not support the given transport of the AccessApproval service. You can determine whether the method will succeed by calling access_approval_available?.

About AccessApproval

This API allows a customer to manage accesses to cloud resources by Google personnel. It defines the following resource model:

• The API has a collection of ApprovalRequest resources, named approvalRequests/{approval_request}
• The API has top-level settings per Project/Folder/Organization, named accessApprovalSettings

The service also periodically emails a list of recipients, defined at the Project/Folder/Organization level in the accessApprovalSettings, when there is a pending ApprovalRequest for them to act on. The ApprovalRequests can also optionally be published to a Pub/Sub topic owned by the customer (contact support if you would like to enable Pub/Sub notifications).

ApprovalRequests can be approved or dismissed. Google personnel can only access the indicated resource or resources if the request is approved (subject to some exclusions: https://cloud.google.com/access-approval/docs/overview#exclusions).

Note: Using Access Approval functionality will mean that Google may not be able to meet the SLAs for your chosen products, as any support response times may be dramatically increased. As such the SLAs do not apply to any service disruption to the extent impacted by Customer's use of Access Approval. Do not enable Access Approval for projects where you may require high service availability and rapid response by Google Cloud Support.

After a request is approved or dismissed, no further action may be taken on it. Requests with the requested_expiration in the past or with no activity for 14 days are considered dismissed. When an approval expires, the request is considered dismissed.

If a request is not approved or dismissed, we call it pending.

Parameters:

• version (::String, ::Symbol) (defaults to: :v1) —

  The API version to connect to. Optional. Defaults to :v1.

• transport (:grpc, :rest) (defaults to: :grpc) —

  The transport to use. Defaults to :grpc.

Returns:

• (::Object) —

  A client object for the specified version.

# File 'lib/google/cloud/access_approval.rb', line 107

def self.access_approval version: :v1, transport: :grpc, &block
  require "google/cloud/access_approval/#{version.to_s.downcase}"

  package_name = Google::Cloud::AccessApproval
                 .constants
                 .select { |sym| sym.to_s.downcase == version.to_s.downcase.tr("_", "") }
                 .first
  service_module = Google::Cloud::AccessApproval.const_get(package_name).const_get(:AccessApproval)
  service_module = service_module.const_get(:Rest) if transport == :rest
  service_module.const_get(:Client).new(&block)
end

.access_approval_available?(version: :v1, transport: :grpc) ⇒ boolean

Determines whether the AccessApproval service is supported by the current client. If true, you can retrieve a client object by calling access_approval. If false, that method will raise an exception. This could happen if the given API version does not exist or does not support the AccessApproval service, or if the versioned client gem needs an update to support the AccessApproval service.

Parameters:

• version (::String, ::Symbol) (defaults to: :v1) —

  The API version to connect to. Optional. Defaults to :v1.

• transport (:grpc, :rest) (defaults to: :grpc) —

  The transport to use. Defaults to :grpc.

Returns:

• (boolean) —

  Whether the service is available.

# File 'lib/google/cloud/access_approval.rb', line 131

def self.access_approval_available? version: :v1, transport: :grpc
  require "google/cloud/access_approval/#{version.to_s.downcase}"
  package_name = Google::Cloud::AccessApproval
                 .constants
                 .select { |sym| sym.to_s.downcase == version.to_s.downcase.tr("_", "") }
                 .first
  return false unless package_name
  service_module = Google::Cloud::AccessApproval.const_get package_name
  return false unless service_module.const_defined? :AccessApproval
  service_module = service_module.const_get :AccessApproval
  if transport == :rest
    return false unless service_module.const_defined? :Rest
    service_module = service_module.const_get :Rest
  end
  service_module.const_defined? :Client
rescue ::LoadError
  false
end

.configure {|::Google::Cloud.configure.access_approval| ... } ⇒ ::Google::Cloud::Config

Configure the google-cloud-access_approval library.

The following configuration parameters are supported:

• credentials (type: String, Hash, Google::Auth::Credentials) - The path to the keyfile as a String, the contents of the keyfile as a Hash, or a Google::Auth::Credentials object.
• lib_name (type: String) - The library name as recorded in instrumentation and logging.
• lib_version (type: String) - The library version as recorded in instrumentation and logging.
• interceptors (type: Array<GRPC::ClientInterceptor>) - An array of interceptors that are run before calls are executed.
• timeout (type: Numeric) - Default timeout in seconds.
• metadata (type: Hash{Symbol=>String}) - Additional headers to be sent with the call.
• retry_policy (type: Hash) - The retry policy. The value is a hash with the following keys:
  • :initial_delay (type: Numeric) - The initial delay in seconds.
  • :max_delay (type: Numeric) - The max delay in seconds.
  • :multiplier (type: Numeric) - The incremental backoff multiplier.
  • :retry_codes (type: Array<String>) - The error codes that should trigger a retry.

Yields:

• (::Google::Cloud.configure.access_approval)

Returns:

• (::Google::Cloud::Config) —

  The default configuration used by this library

# File 'lib/google/cloud/access_approval.rb', line 178

def self.configure
  yield ::Google::Cloud.configure.access_approval if block_given?

  ::Google::Cloud.configure.access_approval
end