Class v1.PrivilegedAccessManagerClient (0.4.0)

This API allows customers to manage temporary, request based privileged access to their resources.

It defines the following resource model:

* A collection of Entitlement resources. An entitlement allows configuring (among other things):

* Some kind of privileged access that users can request. * A set of users called _requesters_ who can request this access. * A maximum duration for which the access can be requested. * An optional approval workflow which must be satisfied before access is granted.

* A collection of Grant resources. A grant is a request by a requester to get the privileged access specified in an entitlement for some duration.

After the approval workflow as specified in the entitlement is satisfied, the specified access is given to the requester. The access is automatically taken back after the requested duration is over. v1

Package

@google-cloud/privilegedaccessmanager

Constructors

(constructor)(opts, gaxInstance)

constructor(opts?: ClientOptions, gaxInstance?: typeof gax | typeof gax.fallback);

Construct an instance of PrivilegedAccessManagerClient.

Parameters
Name Description
opts ClientOptions
gaxInstance typeof gax | typeof fallback

: loaded instance of google-gax. Useful if you need to avoid loading the default gRPC version and want to use the fallback HTTP implementation. Load only fallback version and pass it to the constructor: ``` const gax = require('google-gax/build/src/fallback'); // avoids loading google-gax with gRPC const client = new PrivilegedAccessManagerClient({fallback: true}, gax); ```

Properties

apiEndpoint

get apiEndpoint(): string;

The DNS address for this API service.

apiEndpoint

static get apiEndpoint(): string;

The DNS address for this API service - same as servicePath.

auth

auth: gax.GoogleAuth;

descriptors

descriptors: Descriptors;

innerApiCalls

innerApiCalls: {
        [name: string]: Function;
    };

locationsClient

locationsClient: LocationsClient;

operationsClient

operationsClient: gax.OperationsClient;

pathTemplates

pathTemplates: {
        [name: string]: gax.PathTemplate;
    };

port

static get port(): number;

The port for this API service.

privilegedAccessManagerStub

privilegedAccessManagerStub?: Promise<{
        [name: string]: Function;
    }>;

scopes

static get scopes(): string[];

The scopes needed to make gRPC calls for every method defined in this service.

servicePath

static get servicePath(): string;

The DNS address for this API service.

universeDomain

get universeDomain(): string;

warn

warn: (code: string, message: string, warnType?: string) => void;

Methods

approveGrant(request, options)

approveGrant(request?: protos.google.cloud.privilegedaccessmanager.v1.IApproveGrantRequest, options?: CallOptions): Promise<[
        protos.google.cloud.privilegedaccessmanager.v1.IGrant,
        (protos.google.cloud.privilegedaccessmanager.v1.IApproveGrantRequest | undefined),
        {} | undefined
    ]>;

ApproveGrant is used to approve a grant. This method can only be called on a grant when it's in the APPROVAL_AWAITED state. This operation can't be undone.

Parameters
Name Description
request IApproveGrantRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Promise<[ protos.google.cloud.privilegedaccessmanager.v1.IGrant, (protos.google.cloud.privilegedaccessmanager.v1.IApproveGrantRequest | undefined), {} | undefined ]>

{Promise} - The promise which resolves to an array. The first element of the array is an object representing . Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. Name of the grant resource which is being approved.
   */
  // const name = 'abc123'
  /**
   *  Optional. The reason for approving this grant. This is required if the
   *  `require_approver_justification` field of the `ManualApprovals` workflow
   *  used in this grant is true.
   */
  // const reason = 'abc123'

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callApproveGrant() {
    // Construct request
    const request = {
      name,
    };

    // Run request
    const response = await privilegedaccessmanagerClient.approveGrant(request);
    console.log(response);
  }

  callApproveGrant();

approveGrant(request, options, callback)

approveGrant(request: protos.google.cloud.privilegedaccessmanager.v1.IApproveGrantRequest, options: CallOptions, callback: Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IApproveGrantRequest | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request IApproveGrantRequest
options CallOptions
callback Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IApproveGrantRequest | null | undefined, {} | null | undefined>
Returns
Type Description
void

approveGrant(request, callback)

approveGrant(request: protos.google.cloud.privilegedaccessmanager.v1.IApproveGrantRequest, callback: Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IApproveGrantRequest | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request IApproveGrantRequest
callback Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IApproveGrantRequest | null | undefined, {} | null | undefined>
Returns
Type Description
void

cancelOperation(request, optionsOrCallback, callback)

cancelOperation(request: protos.google.longrunning.CancelOperationRequest, optionsOrCallback?: gax.CallOptions | Callback<protos.google.longrunning.CancelOperationRequest, protos.google.protobuf.Empty, {} | undefined | null>, callback?: Callback<protos.google.longrunning.CancelOperationRequest, protos.google.protobuf.Empty, {} | undefined | null>): Promise<protos.google.protobuf.Empty>;

Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns google.rpc.Code.UNIMPLEMENTED. Clients can use or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an value with a of 1, corresponding to Code.CANCELLED.

Parameters
Name Description
request CancelOperationRequest

The request object that will be sent.
optionsOrCallback CallOptions | Callback<protos.google.longrunning.CancelOperationRequest, protos.google.protobuf.Empty, {} | undefined | null>
callback Callback<protos.google.longrunning.CancelOperationRequest, protos.google.protobuf.Empty, {} | undefined | null>

The function which will be called with the result of the API call. {Promise} - The promise which resolves when API call finishes. The promise has a method named "cancel" which cancels the ongoing API call.
Returns
Type Description
Promise<protos.google.protobuf.Empty>
Example 

const client = longrunning.operationsClient();
await client.cancelOperation({name: ''});

checkCreateEntitlementProgress(name)

checkCreateEntitlementProgress(name: string): Promise<LROperation<protos.google.cloud.privilegedaccessmanager.v1.Entitlement, protos.google.cloud.privilegedaccessmanager.v1.OperationMetadata>>;

Check the status of the long running operation returned by createEntitlement().

Parameter
Name Description
name string

The operation name that will be passed.
Returns
Type Description
Promise<LROperation<protos.google.cloud.privilegedaccessmanager.v1.Entitlement, protos.google.cloud.privilegedaccessmanager.v1.OperationMetadata>>

{Promise} - The promise which resolves to an object. The decoded operation object has result and metadata field to get information from. Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. Name of the parent resource for the entitlement.
   *  Possible formats:
   *  * `organizations/{organization-number}/locations/{region}`
   *  * `folders/{folder-number}/locations/{region}`
   *  * `projects/{project-id|project-number}/locations/{region}`
   */
  // const parent = 'abc123'
  /**
   *  Required. The ID to use for this entitlement. This becomes the last part of
   *  the resource name.
   *  This value should be 4-63 characters in length, and valid characters are
   *  "[a-z]", "[0-9]", and "-". The first character should be from [a-z].
   *  This value should be unique among all other entitlements under the
   *  specified `parent`.
   */
  // const entitlementId = 'abc123'
  /**
   *  Required. The resource being created
   */
  // const entitlement = {}
  /**
   *  Optional. An optional request ID to identify requests. Specify a unique
   *  request ID so that if you must retry your request, the server knows to
   *  ignore the request if it has already been completed. The server guarantees
   *  this for at least 60 minutes after the first request.
   *  For example, consider a situation where you make an initial request and the
   *  request times out. If you make the request again with the same request
   *  ID, the server can check if original operation with the same request ID
   *  was received, and if so, ignores the second request and returns the
   *  previous operation's response. This prevents clients from accidentally
   *  creating duplicate entitlements.
   *  The request ID must be a valid UUID with the exception that zero UUID is
   *  not supported (00000000-0000-0000-0000-000000000000).
   */
  // const requestId = 'abc123'

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callCreateEntitlement() {
    // Construct request
    const request = {
      parent,
      entitlementId,
      entitlement,
    };

    // Run request
    const [operation] = await privilegedaccessmanagerClient.createEntitlement(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callCreateEntitlement();

checkDeleteEntitlementProgress(name)

checkDeleteEntitlementProgress(name: string): Promise<LROperation<protos.google.cloud.privilegedaccessmanager.v1.Entitlement, protos.google.cloud.privilegedaccessmanager.v1.OperationMetadata>>;

Check the status of the long running operation returned by deleteEntitlement().

Parameter
Name Description
name string

The operation name that will be passed.
Returns
Type Description
Promise<LROperation<protos.google.cloud.privilegedaccessmanager.v1.Entitlement, protos.google.cloud.privilegedaccessmanager.v1.OperationMetadata>>

{Promise} - The promise which resolves to an object. The decoded operation object has result and metadata field to get information from. Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. Name of the resource.
   */
  // const name = 'abc123'
  /**
   *  Optional. An optional request ID to identify requests. Specify a unique
   *  request ID so that if you must retry your request, the server knows to
   *  ignore the request if it has already been completed. The server guarantees
   *  this for at least 60 minutes after the first request.
   *  For example, consider a situation where you make an initial request and the
   *  request times out. If you make the request again with the same request
   *  ID, the server can check if original operation with the same request ID
   *  was received, and if so, ignores the second request.
   *  The request ID must be a valid UUID with the exception that zero UUID is
   *  not supported (00000000-0000-0000-0000-000000000000).
   */
  // const requestId = 'abc123'
  /**
   *  Optional. If set to true, any child grant under this entitlement is also
   *  deleted. (Otherwise, the request only works if the entitlement has no child
   *  grant.)
   */
  // const force = true

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callDeleteEntitlement() {
    // Construct request
    const request = {
      name,
    };

    // Run request
    const [operation] = await privilegedaccessmanagerClient.deleteEntitlement(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callDeleteEntitlement();

checkOnboardingStatus(request, options)

checkOnboardingStatus(request?: protos.google.cloud.privilegedaccessmanager.v1.ICheckOnboardingStatusRequest, options?: CallOptions): Promise<[
        protos.google.cloud.privilegedaccessmanager.v1.ICheckOnboardingStatusResponse,
        (protos.google.cloud.privilegedaccessmanager.v1.ICheckOnboardingStatusRequest | undefined),
        {} | undefined
    ]>;

CheckOnboardingStatus reports the onboarding status for a project/folder/organization. Any findings reported by this API need to be fixed before PAM can be used on the resource.

Parameters
Name Description
request ICheckOnboardingStatusRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Promise<[ protos.google.cloud.privilegedaccessmanager.v1.ICheckOnboardingStatusResponse, (protos.google.cloud.privilegedaccessmanager.v1.ICheckOnboardingStatusRequest | undefined), {} | undefined ]>

{Promise} - The promise which resolves to an array. The first element of the array is an object representing . Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The resource for which the onboarding status should be checked.
   *  Should be in one of the following formats:
   *  * `projects/{project-number|project-id}/locations/{region}`
   *  * `folders/{folder-number}/locations/{region}`
   *  * `organizations/{organization-number}/locations/{region}`
   */
  // const parent = 'abc123'

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callCheckOnboardingStatus() {
    // Construct request
    const request = {
      parent,
    };

    // Run request
    const response = await privilegedaccessmanagerClient.checkOnboardingStatus(request);
    console.log(response);
  }

  callCheckOnboardingStatus();

checkOnboardingStatus(request, options, callback)

checkOnboardingStatus(request: protos.google.cloud.privilegedaccessmanager.v1.ICheckOnboardingStatusRequest, options: CallOptions, callback: Callback<protos.google.cloud.privilegedaccessmanager.v1.ICheckOnboardingStatusResponse, protos.google.cloud.privilegedaccessmanager.v1.ICheckOnboardingStatusRequest | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request ICheckOnboardingStatusRequest
options CallOptions
callback Callback<protos.google.cloud.privilegedaccessmanager.v1.ICheckOnboardingStatusResponse, protos.google.cloud.privilegedaccessmanager.v1.ICheckOnboardingStatusRequest | null | undefined, {} | null | undefined>
Returns
Type Description
void

checkOnboardingStatus(request, callback)

checkOnboardingStatus(request: protos.google.cloud.privilegedaccessmanager.v1.ICheckOnboardingStatusRequest, callback: Callback<protos.google.cloud.privilegedaccessmanager.v1.ICheckOnboardingStatusResponse, protos.google.cloud.privilegedaccessmanager.v1.ICheckOnboardingStatusRequest | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request ICheckOnboardingStatusRequest
callback Callback<protos.google.cloud.privilegedaccessmanager.v1.ICheckOnboardingStatusResponse, protos.google.cloud.privilegedaccessmanager.v1.ICheckOnboardingStatusRequest | null | undefined, {} | null | undefined>
Returns
Type Description
void

checkRevokeGrantProgress(name)

checkRevokeGrantProgress(name: string): Promise<LROperation<protos.google.cloud.privilegedaccessmanager.v1.Grant, protos.google.cloud.privilegedaccessmanager.v1.OperationMetadata>>;

Check the status of the long running operation returned by revokeGrant().

Parameter
Name Description
name string

The operation name that will be passed.
Returns
Type Description
Promise<LROperation<protos.google.cloud.privilegedaccessmanager.v1.Grant, protos.google.cloud.privilegedaccessmanager.v1.OperationMetadata>>

{Promise} - The promise which resolves to an object. The decoded operation object has result and metadata field to get information from. Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. Name of the grant resource which is being revoked.
   */
  // const name = 'abc123'
  /**
   *  Optional. The reason for revoking this grant.
   */
  // const reason = 'abc123'

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callRevokeGrant() {
    // Construct request
    const request = {
      name,
    };

    // Run request
    const [operation] = await privilegedaccessmanagerClient.revokeGrant(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callRevokeGrant();

checkUpdateEntitlementProgress(name)

checkUpdateEntitlementProgress(name: string): Promise<LROperation<protos.google.cloud.privilegedaccessmanager.v1.Entitlement, protos.google.cloud.privilegedaccessmanager.v1.OperationMetadata>>;

Check the status of the long running operation returned by updateEntitlement().

Parameter
Name Description
name string

The operation name that will be passed.
Returns
Type Description
Promise<LROperation<protos.google.cloud.privilegedaccessmanager.v1.Entitlement, protos.google.cloud.privilegedaccessmanager.v1.OperationMetadata>>

{Promise} - The promise which resolves to an object. The decoded operation object has result and metadata field to get information from. Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The entitlement resource that is updated.
   */
  // const entitlement = {}
  /**
   *  Required. The list of fields to update. A field is overwritten if, and only
   *  if, it is in the mask. Any immutable fields set in the mask are ignored by
   *  the server. Repeated fields and map fields are only allowed in the last
   *  position of a `paths` string and overwrite the existing values. Hence an
   *  update to a repeated field or a map should contain the entire list of
   *  values. The fields specified in the update_mask are relative to the
   *  resource and not to the request.
   *  (e.g. `MaxRequestDuration`; *not* `entitlement.MaxRequestDuration`)
   *  A value of '*' for this field refers to full replacement of the resource.
   */
  // const updateMask = {}

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callUpdateEntitlement() {
    // Construct request
    const request = {
      entitlement,
      updateMask,
    };

    // Run request
    const [operation] = await privilegedaccessmanagerClient.updateEntitlement(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callUpdateEntitlement();

close()

close(): Promise<void>;

Terminate the gRPC channel and close the client.

The client will no longer be usable and all future behavior is undefined.

Returns
Type Description
Promise<void>

{Promise} A promise that resolves when the client is closed.

createEntitlement(request, options)

createEntitlement(request?: protos.google.cloud.privilegedaccessmanager.v1.ICreateEntitlementRequest, options?: CallOptions): Promise<[
        LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>,
        protos.google.longrunning.IOperation | undefined,
        {} | undefined
    ]>;

Creates a new entitlement in a given project/folder/organization and location.

Parameters
Name Description
request ICreateEntitlementRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Promise<[ LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | undefined, {} | undefined ]>

{Promise} - The promise which resolves to an array. The first element of the array is an object representing a long running operation. Its promise() method returns a promise you can await for. Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. Name of the parent resource for the entitlement.
   *  Possible formats:
   *  * `organizations/{organization-number}/locations/{region}`
   *  * `folders/{folder-number}/locations/{region}`
   *  * `projects/{project-id|project-number}/locations/{region}`
   */
  // const parent = 'abc123'
  /**
   *  Required. The ID to use for this entitlement. This becomes the last part of
   *  the resource name.
   *  This value should be 4-63 characters in length, and valid characters are
   *  "[a-z]", "[0-9]", and "-". The first character should be from [a-z].
   *  This value should be unique among all other entitlements under the
   *  specified `parent`.
   */
  // const entitlementId = 'abc123'
  /**
   *  Required. The resource being created
   */
  // const entitlement = {}
  /**
   *  Optional. An optional request ID to identify requests. Specify a unique
   *  request ID so that if you must retry your request, the server knows to
   *  ignore the request if it has already been completed. The server guarantees
   *  this for at least 60 minutes after the first request.
   *  For example, consider a situation where you make an initial request and the
   *  request times out. If you make the request again with the same request
   *  ID, the server can check if original operation with the same request ID
   *  was received, and if so, ignores the second request and returns the
   *  previous operation's response. This prevents clients from accidentally
   *  creating duplicate entitlements.
   *  The request ID must be a valid UUID with the exception that zero UUID is
   *  not supported (00000000-0000-0000-0000-000000000000).
   */
  // const requestId = 'abc123'

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callCreateEntitlement() {
    // Construct request
    const request = {
      parent,
      entitlementId,
      entitlement,
    };

    // Run request
    const [operation] = await privilegedaccessmanagerClient.createEntitlement(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callCreateEntitlement();

createEntitlement(request, options, callback)

createEntitlement(request: protos.google.cloud.privilegedaccessmanager.v1.ICreateEntitlementRequest, options: CallOptions, callback: Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request ICreateEntitlementRequest
options CallOptions
callback Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>
Returns
Type Description
void

createEntitlement(request, callback)

createEntitlement(request: protos.google.cloud.privilegedaccessmanager.v1.ICreateEntitlementRequest, callback: Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request ICreateEntitlementRequest
callback Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>
Returns
Type Description
void

createGrant(request, options)

createGrant(request?: protos.google.cloud.privilegedaccessmanager.v1.ICreateGrantRequest, options?: CallOptions): Promise<[
        protos.google.cloud.privilegedaccessmanager.v1.IGrant,
        (protos.google.cloud.privilegedaccessmanager.v1.ICreateGrantRequest | undefined),
        {} | undefined
    ]>;

Creates a new grant in a given project/folder/organization and location.

Parameters
Name Description
request ICreateGrantRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Promise<[ protos.google.cloud.privilegedaccessmanager.v1.IGrant, (protos.google.cloud.privilegedaccessmanager.v1.ICreateGrantRequest | undefined), {} | undefined ]>

{Promise} - The promise which resolves to an array. The first element of the array is an object representing . Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. Name of the parent entitlement for which this grant is being
   *  requested.
   */
  // const parent = 'abc123'
  /**
   *  Required. The resource being created.
   */
  // const grant = {}
  /**
   *  Optional. An optional request ID to identify requests. Specify a unique
   *  request ID so that if you must retry your request, the server knows to
   *  ignore the request if it has already been completed. The server guarantees
   *  this for at least 60 minutes after the first request.
   *  For example, consider a situation where you make an initial request and the
   *  request times out. If you make the request again with the same request
   *  ID, the server can check if original operation with the same request ID
   *  was received, and if so, ignores the second request. This prevents
   *  clients from accidentally creating duplicate grants.
   *  The request ID must be a valid UUID with the exception that zero UUID is
   *  not supported (00000000-0000-0000-0000-000000000000).
   */
  // const requestId = 'abc123'

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callCreateGrant() {
    // Construct request
    const request = {
      parent,
      grant,
    };

    // Run request
    const response = await privilegedaccessmanagerClient.createGrant(request);
    console.log(response);
  }

  callCreateGrant();

createGrant(request, options, callback)

createGrant(request: protos.google.cloud.privilegedaccessmanager.v1.ICreateGrantRequest, options: CallOptions, callback: Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.ICreateGrantRequest | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request ICreateGrantRequest
options CallOptions
callback Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.ICreateGrantRequest | null | undefined, {} | null | undefined>
Returns
Type Description
void

createGrant(request, callback)

createGrant(request: protos.google.cloud.privilegedaccessmanager.v1.ICreateGrantRequest, callback: Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.ICreateGrantRequest | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request ICreateGrantRequest
callback Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.ICreateGrantRequest | null | undefined, {} | null | undefined>
Returns
Type Description
void

deleteEntitlement(request, options)

deleteEntitlement(request?: protos.google.cloud.privilegedaccessmanager.v1.IDeleteEntitlementRequest, options?: CallOptions): Promise<[
        LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>,
        protos.google.longrunning.IOperation | undefined,
        {} | undefined
    ]>;

Deletes a single entitlement. This method can only be called when there are no in-progress (ACTIVE/ACTIVATING/REVOKING) grants under the entitlement.

Parameters
Name Description
request IDeleteEntitlementRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Promise<[ LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | undefined, {} | undefined ]>

{Promise} - The promise which resolves to an array. The first element of the array is an object representing a long running operation. Its promise() method returns a promise you can await for. Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. Name of the resource.
   */
  // const name = 'abc123'
  /**
   *  Optional. An optional request ID to identify requests. Specify a unique
   *  request ID so that if you must retry your request, the server knows to
   *  ignore the request if it has already been completed. The server guarantees
   *  this for at least 60 minutes after the first request.
   *  For example, consider a situation where you make an initial request and the
   *  request times out. If you make the request again with the same request
   *  ID, the server can check if original operation with the same request ID
   *  was received, and if so, ignores the second request.
   *  The request ID must be a valid UUID with the exception that zero UUID is
   *  not supported (00000000-0000-0000-0000-000000000000).
   */
  // const requestId = 'abc123'
  /**
   *  Optional. If set to true, any child grant under this entitlement is also
   *  deleted. (Otherwise, the request only works if the entitlement has no child
   *  grant.)
   */
  // const force = true

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callDeleteEntitlement() {
    // Construct request
    const request = {
      name,
    };

    // Run request
    const [operation] = await privilegedaccessmanagerClient.deleteEntitlement(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callDeleteEntitlement();

deleteEntitlement(request, options, callback)

deleteEntitlement(request: protos.google.cloud.privilegedaccessmanager.v1.IDeleteEntitlementRequest, options: CallOptions, callback: Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request IDeleteEntitlementRequest
options CallOptions
callback Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>
Returns
Type Description
void

deleteEntitlement(request, callback)

deleteEntitlement(request: protos.google.cloud.privilegedaccessmanager.v1.IDeleteEntitlementRequest, callback: Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request IDeleteEntitlementRequest
callback Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>
Returns
Type Description
void

deleteOperation(request, optionsOrCallback, callback)

deleteOperation(request: protos.google.longrunning.DeleteOperationRequest, optionsOrCallback?: gax.CallOptions | Callback<protos.google.protobuf.Empty, protos.google.longrunning.DeleteOperationRequest, {} | null | undefined>, callback?: Callback<protos.google.protobuf.Empty, protos.google.longrunning.DeleteOperationRequest, {} | null | undefined>): Promise<protos.google.protobuf.Empty>;

Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns google.rpc.Code.UNIMPLEMENTED.

Parameters
Name Description
request DeleteOperationRequest

The request object that will be sent.
optionsOrCallback CallOptions | Callback<protos.google.protobuf.Empty, protos.google.longrunning.DeleteOperationRequest, {} | null | undefined>
callback Callback<protos.google.protobuf.Empty, protos.google.longrunning.DeleteOperationRequest, {} | null | undefined>

The function which will be called with the result of the API call. {Promise} - The promise which resolves when API call finishes. The promise has a method named "cancel" which cancels the ongoing API call.
Returns
Type Description
Promise<protos.google.protobuf.Empty>
Example 

const client = longrunning.operationsClient();
await client.deleteOperation({name: ''});

denyGrant(request, options)

denyGrant(request?: protos.google.cloud.privilegedaccessmanager.v1.IDenyGrantRequest, options?: CallOptions): Promise<[
        protos.google.cloud.privilegedaccessmanager.v1.IGrant,
        (protos.google.cloud.privilegedaccessmanager.v1.IDenyGrantRequest | undefined),
        {} | undefined
    ]>;

DenyGrant is used to deny a grant. This method can only be called on a grant when it's in the APPROVAL_AWAITED state. This operation can't be undone.

Parameters
Name Description
request IDenyGrantRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Promise<[ protos.google.cloud.privilegedaccessmanager.v1.IGrant, (protos.google.cloud.privilegedaccessmanager.v1.IDenyGrantRequest | undefined), {} | undefined ]>

{Promise} - The promise which resolves to an array. The first element of the array is an object representing . Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. Name of the grant resource which is being denied.
   */
  // const name = 'abc123'
  /**
   *  Optional. The reason for denying this grant. This is required if
   *  `require_approver_justification` field of the `ManualApprovals` workflow
   *  used in this grant is true.
   */
  // const reason = 'abc123'

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callDenyGrant() {
    // Construct request
    const request = {
      name,
    };

    // Run request
    const response = await privilegedaccessmanagerClient.denyGrant(request);
    console.log(response);
  }

  callDenyGrant();

denyGrant(request, options, callback)

denyGrant(request: protos.google.cloud.privilegedaccessmanager.v1.IDenyGrantRequest, options: CallOptions, callback: Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IDenyGrantRequest | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request IDenyGrantRequest
options CallOptions
callback Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IDenyGrantRequest | null | undefined, {} | null | undefined>
Returns
Type Description
void

denyGrant(request, callback)

denyGrant(request: protos.google.cloud.privilegedaccessmanager.v1.IDenyGrantRequest, callback: Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IDenyGrantRequest | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request IDenyGrantRequest
callback Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IDenyGrantRequest | null | undefined, {} | null | undefined>
Returns
Type Description
void

folderLocationEntitlementGrantPath(folder, location, entitlement, grant)

folderLocationEntitlementGrantPath(folder: string, location: string, entitlement: string, grant: string): string;

Return a fully-qualified folderLocationEntitlementGrant resource name string.

Parameters
Name Description
folder string
location string
entitlement string
grant string
Returns
Type Description
string

{string} Resource name string.

folderLocationEntitlementPath(folder, location, entitlement)

folderLocationEntitlementPath(folder: string, location: string, entitlement: string): string;

Return a fully-qualified folderLocationEntitlement resource name string.

Parameters
Name Description
folder string
location string
entitlement string
Returns
Type Description
string

{string} Resource name string.

getEntitlement(request, options)

getEntitlement(request?: protos.google.cloud.privilegedaccessmanager.v1.IGetEntitlementRequest, options?: CallOptions): Promise<[
        protos.google.cloud.privilegedaccessmanager.v1.IEntitlement,
        (protos.google.cloud.privilegedaccessmanager.v1.IGetEntitlementRequest | undefined),
        {} | undefined
    ]>;

Gets details of a single entitlement.

Parameters
Name Description
request IGetEntitlementRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Promise<[ protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, (protos.google.cloud.privilegedaccessmanager.v1.IGetEntitlementRequest | undefined), {} | undefined ]>

{Promise} - The promise which resolves to an array. The first element of the array is an object representing . Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. Name of the resource.
   */
  // const name = 'abc123'

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callGetEntitlement() {
    // Construct request
    const request = {
      name,
    };

    // Run request
    const response = await privilegedaccessmanagerClient.getEntitlement(request);
    console.log(response);
  }

  callGetEntitlement();

getEntitlement(request, options, callback)

getEntitlement(request: protos.google.cloud.privilegedaccessmanager.v1.IGetEntitlementRequest, options: CallOptions, callback: Callback<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IGetEntitlementRequest | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request IGetEntitlementRequest
options CallOptions
callback Callback<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IGetEntitlementRequest | null | undefined, {} | null | undefined>
Returns
Type Description
void

getEntitlement(request, callback)

getEntitlement(request: protos.google.cloud.privilegedaccessmanager.v1.IGetEntitlementRequest, callback: Callback<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IGetEntitlementRequest | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request IGetEntitlementRequest
callback Callback<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IGetEntitlementRequest | null | undefined, {} | null | undefined>
Returns
Type Description
void

getGrant(request, options)

getGrant(request?: protos.google.cloud.privilegedaccessmanager.v1.IGetGrantRequest, options?: CallOptions): Promise<[
        protos.google.cloud.privilegedaccessmanager.v1.IGrant,
        (protos.google.cloud.privilegedaccessmanager.v1.IGetGrantRequest | undefined),
        {} | undefined
    ]>;

Get details of a single grant.

Parameters
Name Description
request IGetGrantRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Promise<[ protos.google.cloud.privilegedaccessmanager.v1.IGrant, (protos.google.cloud.privilegedaccessmanager.v1.IGetGrantRequest | undefined), {} | undefined ]>

{Promise} - The promise which resolves to an array. The first element of the array is an object representing . Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. Name of the resource.
   */
  // const name = 'abc123'

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callGetGrant() {
    // Construct request
    const request = {
      name,
    };

    // Run request
    const response = await privilegedaccessmanagerClient.getGrant(request);
    console.log(response);
  }

  callGetGrant();

getGrant(request, options, callback)

getGrant(request: protos.google.cloud.privilegedaccessmanager.v1.IGetGrantRequest, options: CallOptions, callback: Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IGetGrantRequest | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request IGetGrantRequest
options CallOptions
callback Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IGetGrantRequest | null | undefined, {} | null | undefined>
Returns
Type Description
void

getGrant(request, callback)

getGrant(request: protos.google.cloud.privilegedaccessmanager.v1.IGetGrantRequest, callback: Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IGetGrantRequest | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request IGetGrantRequest
callback Callback<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IGetGrantRequest | null | undefined, {} | null | undefined>
Returns
Type Description
void

getLocation(request, options, callback)

getLocation(request: LocationProtos.google.cloud.location.IGetLocationRequest, options?: gax.CallOptions | Callback<LocationProtos.google.cloud.location.ILocation, LocationProtos.google.cloud.location.IGetLocationRequest | null | undefined, {} | null | undefined>, callback?: Callback<LocationProtos.google.cloud.location.ILocation, LocationProtos.google.cloud.location.IGetLocationRequest | null | undefined, {} | null | undefined>): Promise<LocationProtos.google.cloud.location.ILocation>;

Gets information about a location.

Parameters
Name Description
request LocationProtos.google.cloud.location.IGetLocationRequest

The request object that will be sent.
options CallOptions | Callback<google.cloud.location.ILocation, google.cloud.location.IGetLocationRequest | null | undefined, {} | null | undefined>

Call options. See CallOptions for more details.
callback Callback<google.cloud.location.ILocation, google.cloud.location.IGetLocationRequest | null | undefined, {} | null | undefined>
Returns
Type Description
Promise<google.cloud.location.ILocation>

{Promise} - The promise which resolves to an array. The first element of the array is an object representing . Please see the documentation for more details and examples.
Example 

const [response] = await client.getLocation(request);

getOperation(request, optionsOrCallback, callback)

getOperation(request: protos.google.longrunning.GetOperationRequest, optionsOrCallback?: gax.CallOptions | Callback<protos.google.longrunning.Operation, protos.google.longrunning.GetOperationRequest, {} | null | undefined>, callback?: Callback<protos.google.longrunning.Operation, protos.google.longrunning.GetOperationRequest, {} | null | undefined>): Promise<[protos.google.longrunning.Operation]>;

Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

Parameters
Name Description
request GetOperationRequest

The request object that will be sent.
optionsOrCallback CallOptions | Callback<protos.google.longrunning.Operation, protos.google.longrunning.GetOperationRequest, {} | null | undefined>
callback Callback<protos.google.longrunning.Operation, protos.google.longrunning.GetOperationRequest, {} | null | undefined>

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing . {Promise} - The promise which resolves to an array. The first element of the array is an object representing . The promise has a method named "cancel" which cancels the ongoing API call.
Returns
Type Description
Promise<[protos.google.longrunning.Operation]>
Example 

const client = longrunning.operationsClient();
const name = '';
const [response] = await client.getOperation({name});
// doThingsWith(response)

getProjectId()

getProjectId(): Promise<string>;
Returns
Type Description
Promise<string>

getProjectId(callback)

getProjectId(callback: Callback<string, undefined, undefined>): void;
Parameter
Name Description
callback Callback<string, undefined, undefined>
Returns
Type Description
void

initialize()

initialize(): Promise<{
        [name: string]: Function;
    }>;

Initialize the client. Performs asynchronous operations (such as authentication) and prepares the client. This function will be called automatically when any class method is called for the first time, but if you need to initialize it before calling an actual method, feel free to call initialize() directly.

You can await on this method if you want to make sure the client is initialized.

Returns
Type Description
Promise<{ [name: string]: Function; }>

{Promise} A promise that resolves to an authenticated service stub.

listEntitlements(request, options)

listEntitlements(request?: protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsRequest, options?: CallOptions): Promise<[
        protos.google.cloud.privilegedaccessmanager.v1.IEntitlement[],
        protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsRequest | null,
        protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsResponse
    ]>;

Lists entitlements in a given project/folder/organization and location.

Parameters
Name Description
request IListEntitlementsRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Promise<[ protos.google.cloud.privilegedaccessmanager.v1.IEntitlement[], protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsRequest | null, protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsResponse ]>

{Promise} - The promise which resolves to an array. The first element of the array is Array of . The client library will perform auto-pagination by default: it will call the API as many times as needed and will merge results from all the pages into this array. Note that it can affect your quota. We recommend using listEntitlementsAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

listEntitlements(request, options, callback)

listEntitlements(request: protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsRequest, options: CallOptions, callback: PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsRequest, protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IEntitlement>): void;
Parameters
Name Description
request IListEntitlementsRequest
options CallOptions
callback PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsRequest, protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IEntitlement>
Returns
Type Description
void

listEntitlements(request, callback)

listEntitlements(request: protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsRequest, callback: PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsRequest, protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IEntitlement>): void;
Parameters
Name Description
request IListEntitlementsRequest
callback PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsRequest, protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IEntitlement>
Returns
Type Description
void

listEntitlementsAsync(request, options)

listEntitlementsAsync(request?: protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsRequest, options?: CallOptions): AsyncIterable<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement>;

Equivalent to listEntitlements, but returns an iterable object.

for-await-of syntax is used with the iterable to get response elements on-demand.

Parameters
Name Description
request IListEntitlementsRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
AsyncIterable<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement>

{Object} An iterable Object that allows async iteration. When you iterate the returned iterable, each element will be an object representing . The API will be called under the hood as needed, once per the page, so you can stop the iteration when you don't need more results. Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The parent which owns the entitlement resources.
   */
  // const parent = 'abc123'
  /**
   *  Optional. Requested page size. Server may return fewer items than
   *  requested. If unspecified, the server picks an appropriate default.
   */
  // const pageSize = 1234
  /**
   *  Optional. A token identifying a page of results the server should return.
   */
  // const pageToken = 'abc123'
  /**
   *  Optional. Filtering results.
   */
  // const filter = 'abc123'
  /**
   *  Optional. Hint for how to order the results.
   */
  // const orderBy = 'abc123'

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callListEntitlements() {
    // Construct request
    const request = {
      parent,
    };

    // Run request
    const iterable = privilegedaccessmanagerClient.listEntitlementsAsync(request);
    for await (const response of iterable) {
        console.log(response);
    }
  }

  callListEntitlements();

listEntitlementsStream(request, options)

listEntitlementsStream(request?: protos.google.cloud.privilegedaccessmanager.v1.IListEntitlementsRequest, options?: CallOptions): Transform;

Equivalent to listEntitlements, but returns a NodeJS Stream object.

Parameters
Name Description
request IListEntitlementsRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Transform

{Stream} An object stream which emits an object representing on 'data' event. The client library will perform auto-pagination by default: it will call the API as many times as needed. Note that it can affect your quota. We recommend using listEntitlementsAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

listGrants(request, options)

listGrants(request?: protos.google.cloud.privilegedaccessmanager.v1.IListGrantsRequest, options?: CallOptions): Promise<[
        protos.google.cloud.privilegedaccessmanager.v1.IGrant[],
        protos.google.cloud.privilegedaccessmanager.v1.IListGrantsRequest | null,
        protos.google.cloud.privilegedaccessmanager.v1.IListGrantsResponse
    ]>;

Lists grants for a given entitlement.

Parameters
Name Description
request IListGrantsRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Promise<[ protos.google.cloud.privilegedaccessmanager.v1.IGrant[], protos.google.cloud.privilegedaccessmanager.v1.IListGrantsRequest | null, protos.google.cloud.privilegedaccessmanager.v1.IListGrantsResponse ]>

{Promise} - The promise which resolves to an array. The first element of the array is Array of . The client library will perform auto-pagination by default: it will call the API as many times as needed and will merge results from all the pages into this array. Note that it can affect your quota. We recommend using listGrantsAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

listGrants(request, options, callback)

listGrants(request: protos.google.cloud.privilegedaccessmanager.v1.IListGrantsRequest, options: CallOptions, callback: PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.IListGrantsRequest, protos.google.cloud.privilegedaccessmanager.v1.IListGrantsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IGrant>): void;
Parameters
Name Description
request IListGrantsRequest
options CallOptions
callback PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.IListGrantsRequest, protos.google.cloud.privilegedaccessmanager.v1.IListGrantsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IGrant>
Returns
Type Description
void

listGrants(request, callback)

listGrants(request: protos.google.cloud.privilegedaccessmanager.v1.IListGrantsRequest, callback: PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.IListGrantsRequest, protos.google.cloud.privilegedaccessmanager.v1.IListGrantsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IGrant>): void;
Parameters
Name Description
request IListGrantsRequest
callback PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.IListGrantsRequest, protos.google.cloud.privilegedaccessmanager.v1.IListGrantsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IGrant>
Returns
Type Description
void

listGrantsAsync(request, options)

listGrantsAsync(request?: protos.google.cloud.privilegedaccessmanager.v1.IListGrantsRequest, options?: CallOptions): AsyncIterable<protos.google.cloud.privilegedaccessmanager.v1.IGrant>;

Equivalent to listGrants, but returns an iterable object.

for-await-of syntax is used with the iterable to get response elements on-demand.

Parameters
Name Description
request IListGrantsRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
AsyncIterable<protos.google.cloud.privilegedaccessmanager.v1.IGrant>

{Object} An iterable Object that allows async iteration. When you iterate the returned iterable, each element will be an object representing . The API will be called under the hood as needed, once per the page, so you can stop the iteration when you don't need more results. Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The parent resource which owns the grants.
   */
  // const parent = 'abc123'
  /**
   *  Optional. Requested page size. The server may return fewer items than
   *  requested. If unspecified, the server picks an appropriate default.
   */
  // const pageSize = 1234
  /**
   *  Optional. A token identifying a page of results the server should return.
   */
  // const pageToken = 'abc123'
  /**
   *  Optional. Filtering results.
   */
  // const filter = 'abc123'
  /**
   *  Optional. Hint for how to order the results
   */
  // const orderBy = 'abc123'

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callListGrants() {
    // Construct request
    const request = {
      parent,
    };

    // Run request
    const iterable = privilegedaccessmanagerClient.listGrantsAsync(request);
    for await (const response of iterable) {
        console.log(response);
    }
  }

  callListGrants();

listGrantsStream(request, options)

listGrantsStream(request?: protos.google.cloud.privilegedaccessmanager.v1.IListGrantsRequest, options?: CallOptions): Transform;

Equivalent to listGrants, but returns a NodeJS Stream object.

Parameters
Name Description
request IListGrantsRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Transform

{Stream} An object stream which emits an object representing on 'data' event. The client library will perform auto-pagination by default: it will call the API as many times as needed. Note that it can affect your quota. We recommend using listGrantsAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

listLocationsAsync(request, options)

listLocationsAsync(request: LocationProtos.google.cloud.location.IListLocationsRequest, options?: CallOptions): AsyncIterable<LocationProtos.google.cloud.location.ILocation>;

Lists information about the supported locations for this service. Returns an iterable object.

for-await-of syntax is used with the iterable to get response elements on-demand.

Parameters
Name Description
request LocationProtos.google.cloud.location.IListLocationsRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
AsyncIterable<google.cloud.location.ILocation>

{Object} An iterable Object that allows async iteration. When you iterate the returned iterable, each element will be an object representing . The API will be called under the hood as needed, once per the page, so you can stop the iteration when you don't need more results. Please see the documentation for more details and examples.
Example 

const iterable = client.listLocationsAsync(request);
for await (const response of iterable) {
  // process response
}

listOperationsAsync(request, options)

listOperationsAsync(request: protos.google.longrunning.ListOperationsRequest, options?: gax.CallOptions): AsyncIterable<protos.google.longrunning.IOperation>;

Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns UNIMPLEMENTED. Returns an iterable object.

For-await-of syntax is used with the iterable to recursively get response element on-demand.

Parameters
Name Description
request ListOperationsRequest

The request object that will be sent.
options CallOptions

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
Returns
Type Description
AsyncIterable<protos.google.longrunning.IOperation>

{Object} An iterable Object that conforms to iteration protocols.
Example 

const client = longrunning.operationsClient();
for await (const response of client.listOperationsAsync(request));
// doThingsWith(response)

locationPath(project, location)

locationPath(project: string, location: string): string;

Return a fully-qualified location resource name string.

Parameters
Name Description
project string
location string
Returns
Type Description
string

{string} Resource name string.

matchEntitlementFromFolderLocationEntitlementGrantName(folderLocationEntitlementGrantName)

matchEntitlementFromFolderLocationEntitlementGrantName(folderLocationEntitlementGrantName: string): string | number;

Parse the entitlement from FolderLocationEntitlementGrant resource.

Parameter
Name Description
folderLocationEntitlementGrantName string

A fully-qualified path representing folder_location_entitlement_grant resource.
Returns
Type Description
string | number

{string} A string representing the entitlement.

matchEntitlementFromFolderLocationEntitlementName(folderLocationEntitlementName)

matchEntitlementFromFolderLocationEntitlementName(folderLocationEntitlementName: string): string | number;

Parse the entitlement from FolderLocationEntitlement resource.

Parameter
Name Description
folderLocationEntitlementName string

A fully-qualified path representing folder_location_entitlement resource.
Returns
Type Description
string | number

{string} A string representing the entitlement.

matchEntitlementFromOrganizationLocationEntitlementGrantName(organizationLocationEntitlementGrantName)

matchEntitlementFromOrganizationLocationEntitlementGrantName(organizationLocationEntitlementGrantName: string): string | number;

Parse the entitlement from OrganizationLocationEntitlementGrant resource.

Parameter
Name Description
organizationLocationEntitlementGrantName string

A fully-qualified path representing organization_location_entitlement_grant resource.
Returns
Type Description
string | number

{string} A string representing the entitlement.

matchEntitlementFromOrganizationLocationEntitlementName(organizationLocationEntitlementName)

matchEntitlementFromOrganizationLocationEntitlementName(organizationLocationEntitlementName: string): string | number;

Parse the entitlement from OrganizationLocationEntitlement resource.

Parameter
Name Description
organizationLocationEntitlementName string

A fully-qualified path representing organization_location_entitlement resource.
Returns
Type Description
string | number

{string} A string representing the entitlement.

matchEntitlementFromProjectLocationEntitlementGrantName(projectLocationEntitlementGrantName)

matchEntitlementFromProjectLocationEntitlementGrantName(projectLocationEntitlementGrantName: string): string | number;

Parse the entitlement from ProjectLocationEntitlementGrant resource.

Parameter
Name Description
projectLocationEntitlementGrantName string

A fully-qualified path representing project_location_entitlement_grant resource.
Returns
Type Description
string | number

{string} A string representing the entitlement.

matchEntitlementFromProjectLocationEntitlementName(projectLocationEntitlementName)

matchEntitlementFromProjectLocationEntitlementName(projectLocationEntitlementName: string): string | number;

Parse the entitlement from ProjectLocationEntitlement resource.

Parameter
Name Description
projectLocationEntitlementName string

A fully-qualified path representing project_location_entitlement resource.
Returns
Type Description
string | number

{string} A string representing the entitlement.

matchFolderFromFolderLocationEntitlementGrantName(folderLocationEntitlementGrantName)

matchFolderFromFolderLocationEntitlementGrantName(folderLocationEntitlementGrantName: string): string | number;

Parse the folder from FolderLocationEntitlementGrant resource.

Parameter
Name Description
folderLocationEntitlementGrantName string

A fully-qualified path representing folder_location_entitlement_grant resource.
Returns
Type Description
string | number

{string} A string representing the folder.

matchFolderFromFolderLocationEntitlementName(folderLocationEntitlementName)

matchFolderFromFolderLocationEntitlementName(folderLocationEntitlementName: string): string | number;

Parse the folder from FolderLocationEntitlement resource.

Parameter
Name Description
folderLocationEntitlementName string

A fully-qualified path representing folder_location_entitlement resource.
Returns
Type Description
string | number

{string} A string representing the folder.

matchGrantFromFolderLocationEntitlementGrantName(folderLocationEntitlementGrantName)

matchGrantFromFolderLocationEntitlementGrantName(folderLocationEntitlementGrantName: string): string | number;

Parse the grant from FolderLocationEntitlementGrant resource.

Parameter
Name Description
folderLocationEntitlementGrantName string

A fully-qualified path representing folder_location_entitlement_grant resource.
Returns
Type Description
string | number

{string} A string representing the grant.

matchGrantFromOrganizationLocationEntitlementGrantName(organizationLocationEntitlementGrantName)

matchGrantFromOrganizationLocationEntitlementGrantName(organizationLocationEntitlementGrantName: string): string | number;

Parse the grant from OrganizationLocationEntitlementGrant resource.

Parameter
Name Description
organizationLocationEntitlementGrantName string

A fully-qualified path representing organization_location_entitlement_grant resource.
Returns
Type Description
string | number

{string} A string representing the grant.

matchGrantFromProjectLocationEntitlementGrantName(projectLocationEntitlementGrantName)

matchGrantFromProjectLocationEntitlementGrantName(projectLocationEntitlementGrantName: string): string | number;

Parse the grant from ProjectLocationEntitlementGrant resource.

Parameter
Name Description
projectLocationEntitlementGrantName string

A fully-qualified path representing project_location_entitlement_grant resource.
Returns
Type Description
string | number

{string} A string representing the grant.

matchLocationFromFolderLocationEntitlementGrantName(folderLocationEntitlementGrantName)

matchLocationFromFolderLocationEntitlementGrantName(folderLocationEntitlementGrantName: string): string | number;

Parse the location from FolderLocationEntitlementGrant resource.

Parameter
Name Description
folderLocationEntitlementGrantName string

A fully-qualified path representing folder_location_entitlement_grant resource.
Returns
Type Description
string | number

{string} A string representing the location.

matchLocationFromFolderLocationEntitlementName(folderLocationEntitlementName)

matchLocationFromFolderLocationEntitlementName(folderLocationEntitlementName: string): string | number;

Parse the location from FolderLocationEntitlement resource.

Parameter
Name Description
folderLocationEntitlementName string

A fully-qualified path representing folder_location_entitlement resource.
Returns
Type Description
string | number

{string} A string representing the location.

matchLocationFromLocationName(locationName)

matchLocationFromLocationName(locationName: string): string | number;

Parse the location from Location resource.

Parameter
Name Description
locationName string

A fully-qualified path representing Location resource.
Returns
Type Description
string | number

{string} A string representing the location.

matchLocationFromOrganizationLocationEntitlementGrantName(organizationLocationEntitlementGrantName)

matchLocationFromOrganizationLocationEntitlementGrantName(organizationLocationEntitlementGrantName: string): string | number;

Parse the location from OrganizationLocationEntitlementGrant resource.

Parameter
Name Description
organizationLocationEntitlementGrantName string

A fully-qualified path representing organization_location_entitlement_grant resource.
Returns
Type Description
string | number

{string} A string representing the location.

matchLocationFromOrganizationLocationEntitlementName(organizationLocationEntitlementName)

matchLocationFromOrganizationLocationEntitlementName(organizationLocationEntitlementName: string): string | number;

Parse the location from OrganizationLocationEntitlement resource.

Parameter
Name Description
organizationLocationEntitlementName string

A fully-qualified path representing organization_location_entitlement resource.
Returns
Type Description
string | number

{string} A string representing the location.

matchLocationFromProjectLocationEntitlementGrantName(projectLocationEntitlementGrantName)

matchLocationFromProjectLocationEntitlementGrantName(projectLocationEntitlementGrantName: string): string | number;

Parse the location from ProjectLocationEntitlementGrant resource.

Parameter
Name Description
projectLocationEntitlementGrantName string

A fully-qualified path representing project_location_entitlement_grant resource.
Returns
Type Description
string | number

{string} A string representing the location.

matchLocationFromProjectLocationEntitlementName(projectLocationEntitlementName)

matchLocationFromProjectLocationEntitlementName(projectLocationEntitlementName: string): string | number;

Parse the location from ProjectLocationEntitlement resource.

Parameter
Name Description
projectLocationEntitlementName string

A fully-qualified path representing project_location_entitlement resource.
Returns
Type Description
string | number

{string} A string representing the location.

matchOrganizationFromOrganizationLocationEntitlementGrantName(organizationLocationEntitlementGrantName)

matchOrganizationFromOrganizationLocationEntitlementGrantName(organizationLocationEntitlementGrantName: string): string | number;

Parse the organization from OrganizationLocationEntitlementGrant resource.

Parameter
Name Description
organizationLocationEntitlementGrantName string

A fully-qualified path representing organization_location_entitlement_grant resource.
Returns
Type Description
string | number

{string} A string representing the organization.

matchOrganizationFromOrganizationLocationEntitlementName(organizationLocationEntitlementName)

matchOrganizationFromOrganizationLocationEntitlementName(organizationLocationEntitlementName: string): string | number;

Parse the organization from OrganizationLocationEntitlement resource.

Parameter
Name Description
organizationLocationEntitlementName string

A fully-qualified path representing organization_location_entitlement resource.
Returns
Type Description
string | number

{string} A string representing the organization.

matchProjectFromLocationName(locationName)

matchProjectFromLocationName(locationName: string): string | number;

Parse the project from Location resource.

Parameter
Name Description
locationName string

A fully-qualified path representing Location resource.
Returns
Type Description
string | number

{string} A string representing the project.

matchProjectFromProjectLocationEntitlementGrantName(projectLocationEntitlementGrantName)

matchProjectFromProjectLocationEntitlementGrantName(projectLocationEntitlementGrantName: string): string | number;

Parse the project from ProjectLocationEntitlementGrant resource.

Parameter
Name Description
projectLocationEntitlementGrantName string

A fully-qualified path representing project_location_entitlement_grant resource.
Returns
Type Description
string | number

{string} A string representing the project.

matchProjectFromProjectLocationEntitlementName(projectLocationEntitlementName)

matchProjectFromProjectLocationEntitlementName(projectLocationEntitlementName: string): string | number;

Parse the project from ProjectLocationEntitlement resource.

Parameter
Name Description
projectLocationEntitlementName string

A fully-qualified path representing project_location_entitlement resource.
Returns
Type Description
string | number

{string} A string representing the project.

matchProjectFromProjectName(projectName)

matchProjectFromProjectName(projectName: string): string | number;

Parse the project from Project resource.

Parameter
Name Description
projectName string

A fully-qualified path representing Project resource.
Returns
Type Description
string | number

{string} A string representing the project.

organizationLocationEntitlementGrantPath(organization, location, entitlement, grant)

organizationLocationEntitlementGrantPath(organization: string, location: string, entitlement: string, grant: string): string;

Return a fully-qualified organizationLocationEntitlementGrant resource name string.

Parameters
Name Description
organization string
location string
entitlement string
grant string
Returns
Type Description
string

{string} Resource name string.

organizationLocationEntitlementPath(organization, location, entitlement)

organizationLocationEntitlementPath(organization: string, location: string, entitlement: string): string;

Return a fully-qualified organizationLocationEntitlement resource name string.

Parameters
Name Description
organization string
location string
entitlement string
Returns
Type Description
string

{string} Resource name string.

projectLocationEntitlementGrantPath(project, location, entitlement, grant)

projectLocationEntitlementGrantPath(project: string, location: string, entitlement: string, grant: string): string;

Return a fully-qualified projectLocationEntitlementGrant resource name string.

Parameters
Name Description
project string
location string
entitlement string
grant string
Returns
Type Description
string

{string} Resource name string.

projectLocationEntitlementPath(project, location, entitlement)

projectLocationEntitlementPath(project: string, location: string, entitlement: string): string;

Return a fully-qualified projectLocationEntitlement resource name string.

Parameters
Name Description
project string
location string
entitlement string
Returns
Type Description
string

{string} Resource name string.

projectPath(project)

projectPath(project: string): string;

Return a fully-qualified project resource name string.

Parameter
Name Description
project string
Returns
Type Description
string

{string} Resource name string.

revokeGrant(request, options)

revokeGrant(request?: protos.google.cloud.privilegedaccessmanager.v1.IRevokeGrantRequest, options?: CallOptions): Promise<[
        LROperation<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>,
        protos.google.longrunning.IOperation | undefined,
        {} | undefined
    ]>;

RevokeGrant is used to immediately revoke access for a grant. This method can be called when the grant is in a non-terminal state.

Parameters
Name Description
request IRevokeGrantRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Promise<[ LROperation<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | undefined, {} | undefined ]>

{Promise} - The promise which resolves to an array. The first element of the array is an object representing a long running operation. Its promise() method returns a promise you can await for. Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. Name of the grant resource which is being revoked.
   */
  // const name = 'abc123'
  /**
   *  Optional. The reason for revoking this grant.
   */
  // const reason = 'abc123'

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callRevokeGrant() {
    // Construct request
    const request = {
      name,
    };

    // Run request
    const [operation] = await privilegedaccessmanagerClient.revokeGrant(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callRevokeGrant();

revokeGrant(request, options, callback)

revokeGrant(request: protos.google.cloud.privilegedaccessmanager.v1.IRevokeGrantRequest, options: CallOptions, callback: Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request IRevokeGrantRequest
options CallOptions
callback Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>
Returns
Type Description
void

revokeGrant(request, callback)

revokeGrant(request: protos.google.cloud.privilegedaccessmanager.v1.IRevokeGrantRequest, callback: Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request IRevokeGrantRequest
callback Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IGrant, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>
Returns
Type Description
void

searchEntitlements(request, options)

searchEntitlements(request?: protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsRequest, options?: CallOptions): Promise<[
        protos.google.cloud.privilegedaccessmanager.v1.IEntitlement[],
        protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsRequest | null,
        protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsResponse
    ]>;

SearchEntitlements returns entitlements on which the caller has the specified access.

Parameters
Name Description
request ISearchEntitlementsRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Promise<[ protos.google.cloud.privilegedaccessmanager.v1.IEntitlement[], protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsRequest | null, protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsResponse ]>

{Promise} - The promise which resolves to an array. The first element of the array is Array of . The client library will perform auto-pagination by default: it will call the API as many times as needed and will merge results from all the pages into this array. Note that it can affect your quota. We recommend using searchEntitlementsAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

searchEntitlements(request, options, callback)

searchEntitlements(request: protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsRequest, options: CallOptions, callback: PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsRequest, protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IEntitlement>): void;
Parameters
Name Description
request ISearchEntitlementsRequest
options CallOptions
callback PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsRequest, protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IEntitlement>
Returns
Type Description
void

searchEntitlements(request, callback)

searchEntitlements(request: protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsRequest, callback: PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsRequest, protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IEntitlement>): void;
Parameters
Name Description
request ISearchEntitlementsRequest
callback PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsRequest, protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IEntitlement>
Returns
Type Description
void

searchEntitlementsAsync(request, options)

searchEntitlementsAsync(request?: protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsRequest, options?: CallOptions): AsyncIterable<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement>;

Equivalent to searchEntitlements, but returns an iterable object.

for-await-of syntax is used with the iterable to get response elements on-demand.

Parameters
Name Description
request ISearchEntitlementsRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
AsyncIterable<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement>

{Object} An iterable Object that allows async iteration. When you iterate the returned iterable, each element will be an object representing . The API will be called under the hood as needed, once per the page, so you can stop the iteration when you don't need more results. Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The parent which owns the entitlement resources.
   */
  // const parent = 'abc123'
  /**
   *  Required. Only entitlements where the calling user has this access are
   *  returned.
   */
  // const callerAccessType = {}
  /**
   *  Optional. Only entitlements matching this filter are returned in the
   *  response.
   */
  // const filter = 'abc123'
  /**
   *  Optional. Requested page size. The server may return fewer items than
   *  requested. If unspecified, the server picks an appropriate default.
   */
  // const pageSize = 1234
  /**
   *  Optional. A token identifying a page of results the server should return.
   */
  // const pageToken = 'abc123'

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callSearchEntitlements() {
    // Construct request
    const request = {
      parent,
      callerAccessType,
    };

    // Run request
    const iterable = privilegedaccessmanagerClient.searchEntitlementsAsync(request);
    for await (const response of iterable) {
        console.log(response);
    }
  }

  callSearchEntitlements();

searchEntitlementsStream(request, options)

searchEntitlementsStream(request?: protos.google.cloud.privilegedaccessmanager.v1.ISearchEntitlementsRequest, options?: CallOptions): Transform;

Equivalent to searchEntitlements, but returns a NodeJS Stream object.

Parameters
Name Description
request ISearchEntitlementsRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Transform

{Stream} An object stream which emits an object representing on 'data' event. The client library will perform auto-pagination by default: it will call the API as many times as needed. Note that it can affect your quota. We recommend using searchEntitlementsAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

searchGrants(request, options)

searchGrants(request?: protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsRequest, options?: CallOptions): Promise<[
        protos.google.cloud.privilegedaccessmanager.v1.IGrant[],
        protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsRequest | null,
        protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsResponse
    ]>;

SearchGrants returns grants that are related to the calling user in the specified way.

Parameters
Name Description
request ISearchGrantsRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Promise<[ protos.google.cloud.privilegedaccessmanager.v1.IGrant[], protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsRequest | null, protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsResponse ]>

{Promise} - The promise which resolves to an array. The first element of the array is Array of . The client library will perform auto-pagination by default: it will call the API as many times as needed and will merge results from all the pages into this array. Note that it can affect your quota. We recommend using searchGrantsAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

searchGrants(request, options, callback)

searchGrants(request: protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsRequest, options: CallOptions, callback: PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsRequest, protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IGrant>): void;
Parameters
Name Description
request ISearchGrantsRequest
options CallOptions
callback PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsRequest, protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IGrant>
Returns
Type Description
void

searchGrants(request, callback)

searchGrants(request: protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsRequest, callback: PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsRequest, protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IGrant>): void;
Parameters
Name Description
request ISearchGrantsRequest
callback PaginationCallback<protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsRequest, protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsResponse | null | undefined, protos.google.cloud.privilegedaccessmanager.v1.IGrant>
Returns
Type Description
void

searchGrantsAsync(request, options)

searchGrantsAsync(request?: protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsRequest, options?: CallOptions): AsyncIterable<protos.google.cloud.privilegedaccessmanager.v1.IGrant>;

Equivalent to searchGrants, but returns an iterable object.

for-await-of syntax is used with the iterable to get response elements on-demand.

Parameters
Name Description
request ISearchGrantsRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
AsyncIterable<protos.google.cloud.privilegedaccessmanager.v1.IGrant>

{Object} An iterable Object that allows async iteration. When you iterate the returned iterable, each element will be an object representing . The API will be called under the hood as needed, once per the page, so you can stop the iteration when you don't need more results. Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The parent which owns the grant resources.
   */
  // const parent = 'abc123'
  /**
   *  Required. Only grants which the caller is related to by this relationship
   *  are returned in the response.
   */
  // const callerRelationship = {}
  /**
   *  Optional. Only grants matching this filter are returned in the response.
   */
  // const filter = 'abc123'
  /**
   *  Optional. Requested page size. The server may return fewer items than
   *  requested. If unspecified, server picks an appropriate default.
   */
  // const pageSize = 1234
  /**
   *  Optional. A token identifying a page of results the server should return.
   */
  // const pageToken = 'abc123'

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callSearchGrants() {
    // Construct request
    const request = {
      parent,
      callerRelationship,
    };

    // Run request
    const iterable = privilegedaccessmanagerClient.searchGrantsAsync(request);
    for await (const response of iterable) {
        console.log(response);
    }
  }

  callSearchGrants();

searchGrantsStream(request, options)

searchGrantsStream(request?: protos.google.cloud.privilegedaccessmanager.v1.ISearchGrantsRequest, options?: CallOptions): Transform;

Equivalent to searchGrants, but returns a NodeJS Stream object.

Parameters
Name Description
request ISearchGrantsRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Transform

{Stream} An object stream which emits an object representing on 'data' event. The client library will perform auto-pagination by default: it will call the API as many times as needed. Note that it can affect your quota. We recommend using searchGrantsAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

updateEntitlement(request, options)

updateEntitlement(request?: protos.google.cloud.privilegedaccessmanager.v1.IUpdateEntitlementRequest, options?: CallOptions): Promise<[
        LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>,
        protos.google.longrunning.IOperation | undefined,
        {} | undefined
    ]>;

Updates the entitlement specified in the request. Updated fields in the entitlement need to be specified in an update mask. The changes made to an entitlement are applicable only on future grants of the entitlement. However, if new approvers are added or existing approvers are removed from the approval workflow, the changes are effective on existing grants.

The following fields are not supported for updates:

* All immutable fields * Entitlement name * Resource name * Resource type * Adding an approval workflow in an entitlement which previously had no approval workflow. * Deleting the approval workflow from an entitlement. * Adding or deleting a step in the approval workflow (only one step is supported)

Note that updates are allowed on the list of approvers in an approval workflow step.

Parameters
Name Description
request IUpdateEntitlementRequest

The request object that will be sent.
options CallOptions

Call options. See CallOptions for more details.
Returns
Type Description
Promise<[ LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | undefined, {} | undefined ]>

{Promise} - The promise which resolves to an array. The first element of the array is an object representing a long running operation. Its promise() method returns a promise you can await for. Please see the documentation for more details and examples.
Example 

  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The entitlement resource that is updated.
   */
  // const entitlement = {}
  /**
   *  Required. The list of fields to update. A field is overwritten if, and only
   *  if, it is in the mask. Any immutable fields set in the mask are ignored by
   *  the server. Repeated fields and map fields are only allowed in the last
   *  position of a `paths` string and overwrite the existing values. Hence an
   *  update to a repeated field or a map should contain the entire list of
   *  values. The fields specified in the update_mask are relative to the
   *  resource and not to the request.
   *  (e.g. `MaxRequestDuration`; *not* `entitlement.MaxRequestDuration`)
   *  A value of '*' for this field refers to full replacement of the resource.
   */
  // const updateMask = {}

  // Imports the Privilegedaccessmanager library
  const {PrivilegedAccessManagerClient} = require('@google-cloud/privilegedaccessmanager').v1;

  // Instantiates a client
  const privilegedaccessmanagerClient = new PrivilegedAccessManagerClient();

  async function callUpdateEntitlement() {
    // Construct request
    const request = {
      entitlement,
      updateMask,
    };

    // Run request
    const [operation] = await privilegedaccessmanagerClient.updateEntitlement(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callUpdateEntitlement();

updateEntitlement(request, options, callback)

updateEntitlement(request: protos.google.cloud.privilegedaccessmanager.v1.IUpdateEntitlementRequest, options: CallOptions, callback: Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request IUpdateEntitlementRequest
options CallOptions
callback Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>
Returns
Type Description
void

updateEntitlement(request, callback)

updateEntitlement(request: protos.google.cloud.privilegedaccessmanager.v1.IUpdateEntitlementRequest, callback: Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>): void;
Parameters
Name Description
request IUpdateEntitlementRequest
callback Callback<LROperation<protos.google.cloud.privilegedaccessmanager.v1.IEntitlement, protos.google.cloud.privilegedaccessmanager.v1.IOperationMetadata>, protos.google.longrunning.IOperation | null | undefined, {} | null | undefined>
Returns
Type Description
void