2SrSSKJr SSKJr SSKJr Sr"SS\R5r "SS \R5r "S S \R5r "S S \R5r "SS\R5r"SS\R5r"SS\R5r"SS\R5r"SS\R5r"SS\R5r"SS\R5r"SS\R5r"SS\R5r"S S!\R5r"S"S#\R5r"S$S%\R5r"S&S'\R5r"S(S)\R5r"S*S+\R5r"S,S-\R5r"S.S/\R5r"S0S1\R5r"S2S3\R5r "S4S5\R5r!"S6S7\R5r""S8S9\R5r#"S:S;\R5r$"S<S=\R5r%"S>S?\R5r&"S@SA\R5r'"SBSC\R5r("SDSE\R5r)"SFSG\R5r*"SHSI\R5r+"SJSK\R5r,"SLSM\R5r-"SNSO\R5r."SPSQ\R5r/"SRSS\R5r0"STSU\R5r1"SVSW\R5r2"SXSY\R5r3"SZS[\R5r4"S\S]\R5r5"S^S_\R5r6\Rn"\6S`Sa5 \Rp"\6RrSbSc5 \Rp"\6RrSdSe5 gf)gzuGenerated message classes for accessapproval version v1. An API for controlling access to data by Google personnel. )absolute_import)messages)encodingaccessapprovalc`\rSrSrSr\R "S5r\R "S5rSr g)AccessApprovalServiceAccountacAccess Approval service account related to a project/folder/organization. Fields: accountEmail: Email address of the service account. name: The resource name of the Access Approval service account. Format is one of: * "projects/{project}/serviceAccount" * "folders/{folder}/serviceAccount" * "organizations/{organization}/serviceAccount" N) __name__ __module__ __qualname____firstlineno____doc__ _messages StringField accountEmailname__static_attributes__r Ylib/googlecloudsdk/generated_clients/apis/accessapproval/v1/accessapproval_v1_messages.pyrrs) &&q),   q !$rrcd\rSrSrSr"SS\R 5r\R"S5r \R"S5r \R"SS5r \R"SS 5r\R"S 5r\R"S S S S9r\R"S5r\R"S5r\R"SS S9r\R"S5r\R"S5r\R,"S\R.R0S9r\R4"SS5r\R"S5rSrg)AccessApprovalSettings aSettings on a Project/Folder/Organization related to Access Approval. Enums: RequestScopeMaxWidthPreferenceValueValuesEnum: Optional. A setting that indicates the maximum scope of an Access Approval request: either organization, folder, or project. Google administrators will be asked to send requests no broader than the configured scope. Fields: activeKeyVersion: The asymmetric crypto key version to use for signing approval requests. Empty active_key_version indicates that a Google- managed key should be used for signing. This property will be ignored if set by an ancestor of this resource, and new non-empty values may not be set. ancestorHasActiveKeyVersion: Output only. This field is read only (not settable via UpdateAccessApprovalSettings method). If the field is true, that indicates that an ancestor of this Project or Folder has set active_key_version (this field will always be unset for the organization since organizations do not have ancestors). approvalPolicy: Optional. Policy configuration for Access Approval that sets the operating mode. The available policies are Transparency, Streamlined Support, and Approval Required. effectiveApprovalPolicy: Output only. Effective policy applied for Access Approval, inclusive of inheritance. enrolledAncestor: Output only. This field is read only (not settable via UpdateAccessApprovalSettings method). If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Project or Folder (this field will always be unset for the organization since organizations do not have ancestors). enrolledServices: A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required to have explicit approval. If name refers to an organization, enrollment can be done for individual services. If name refers to a folder or project, enrollment can only be done on an all or nothing basis. If a cloud_product is repeated in this list, the first entry will be honored and all following entries will be discarded. invalidKeyVersion: Output only. This field is read only (not settable via UpdateAccessApprovalSettings method). If the field is true, that indicates that there is some configuration issue with the active_key_version configured at this level in the resource hierarchy (e.g. it doesn't exist or the Access Approval service account doesn't have the correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, as key versions are inherited top-down. name: The resource name of the settings. Format is one of: * "projects/{project}/accessApprovalSettings" * "folders/{folder}/accessApprovalSettings" * "organizations/{organization}/accessApprovalSettings" notificationEmails: A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed. notificationPubsubTopic: Optional. A pubsub topic that notifications relating to access approval are published to. Notifications include pre- approved accesses. preferNoBroadApprovalRequests: This field is used to set a preference for granularity of an access approval request. If true, Google personnel will be asked to send resource-level requests when possible. If false, Google personnel will be asked to send requests at the project level. preferredRequestExpirationDays: Set the default access approval request expiration time. This value is able to be set directly by the customer at the time of approval, overriding this suggested value. We recommend setting this value to 30 days. requestScopeMaxWidthPreference: Optional. A setting that indicates the maximum scope of an Access Approval request: either organization, folder, or project. Google administrators will be asked to send requests no broader than the configured scope. requireCustomerVisibleJustification: Optional. When enabled, Google will only be able to send approval requests for access reasons with a customer accessible case ID in the reason detail. Also known as "Require customer initiated support case justification" c(\rSrSrSrSrSrSrSrSr g) DAccessApprovalSettings.RequestScopeMaxWidthPreferenceValueValuesEnumlaOptional. A setting that indicates the maximum scope of an Access Approval request: either organization, folder, or project. Google administrators will be asked to send requests no broader than the configured scope. Values: REQUEST_SCOPE_MAX_WIDTH_PREFERENCE_UNSPECIFIED: Default value, defaults to ORGANIZATION if not set. This value is not able to be configured by the user, do not use. ORGANIZATION: This is the widest scope possible. It means the customer has no scope restriction when it comes to Access Approval requests. FOLDER: Customer allows the scope of Access Approval requests as broad as the Folder level. PROJECT: Customer allows the scope of Access Approval requests as broad as the Project level. rr r r N) r rrrr.REQUEST_SCOPE_MAX_WIDTH_PREFERENCE_UNSPECIFIED ORGANIZATIONFOLDERPROJECTrr rr-RequestScopeMaxWidthPreferenceValueValuesEnumrls 672L FGrr$r r CustomerApprovalApprovalPolicyrEnrolledServiceTrepeated variant r N)r rrrrrEnumr$ractiveKeyVersion BooleanFieldancestorHasActiveKeyVersion MessageFieldapprovalPolicyeffectiveApprovalPolicyenrolledAncestorenrolledServicesinvalidKeyVersionrnotificationEmailsnotificationPubsubTopicpreferNoBroadApprovalRequests IntegerFieldVariantINT32preferredRequestExpirationDays EnumFieldrequestScopeMaxWidthPreference#requireCustomerVisibleJustificationrr rrrr s'IVinn,**1- ) 6 6q 9))*JAN.%223SUVW++A.++,=q4P,,Q/   q !$ ,,Q>%11"5"+"8"8"<#,#9#9"iFWFWF]F]#^ #,#6#67fhj#k (1(>(>r(B%rrc`\rSrSrSr\R "S5r\R "S5rSr g)AccessLocationsaPhysical assigned office and physical location of the Google administrator performing the access. Fields: principalOfficeCountry: The "home office" location of the Google administrator. A two-letter country code (ISO 3166-1 alpha-2), such as "US", "DE" or "GB" or a region code. In some limited situations Google systems may refer refer to a region code instead of a country code. Possible Region Codes: * ASI: Asia * EUR: Europe * OCE: Oceania * AFR: Africa * NAM: North America * SAM: South America * ANT: Antarctica * ANY: Any location principalPhysicalLocationCountry: Physical location of the Google administrator at the time of the access. A two-letter country code (ISO 3166-1 alpha-2), such as "US", "DE" or "GB" or a region code. In some limited situations Google systems may refer refer to a region code instead of a country code. Possible Region Codes: * ASI: Asia * EUR: Europe * OCE: Oceania * AFR: Africa * NAM: North America * SAM: South America * ANT: Antarctica * ANY: Any location r r r N) r rrrrrrprincipalOfficeCountry principalPhysicalLocationCountryrr rrrKrKs+(%003%.%:%:1%="rrKc\rSrSrSr"SS\R 5r\R"S5r \R"SS5r Sr g) AccessReasonzA AccessReason object. Enums: TypeValueValuesEnum: Type of access reason. Fields: detail: More detail about certain reason types. See comments for each type above. type: Type of access reason. c4\rSrSrSrSrSrSrSrSr Sr S r S r g ) AccessReason.TypeValueValuesEnumaType of access reason. Values: TYPE_UNSPECIFIED: This value is not used. CUSTOMER_INITIATED_SUPPORT: Customer made a request or raised an issue that required the principal to access customer data. `detail` is of the form ("#####" is the issue ID): * "Feedback Report: #####" * "Case Number: #####" * "Case ID: #####" * "E-PIN Reference: #####" * "Google-#####" * "T-#####" GOOGLE_INITIATED_SERVICE: The principal accessed customer data in order to diagnose or resolve a suspected issue in services. Often this access is used to confirm that customers are not affected by a suspected service issue or to remediate a reversible system issue. GOOGLE_INITIATED_REVIEW: Google initiated service for security, fraud, abuse, or compliance purposes. THIRD_PARTY_DATA_REQUEST: The principal was compelled to access customer data in order to respond to a legal third party data request or process, including legal processes from customers themselves. GOOGLE_RESPONSE_TO_PRODUCTION_ALERT: The principal accessed customer data in order to diagnose or resolve a suspected issue in services or a known outage. CLOUD_INITIATED_ACCESS: Similar to 'GOOGLE_INITIATED_SERVICE' or 'GOOGLE_INITIATED_REVIEW', but with universe agnostic naming. The principal accessed customer data in order to diagnose or resolve a suspected issue in services or a known outage, or for security, fraud, abuse, or compliance review purposes. rr r rr&r'r)r N) r rrrrTYPE_UNSPECIFIEDCUSTOMER_INITIATED_SUPPORTGOOGLE_INITIATED_SERVICEGOOGLE_INITIATED_REVIEWTHIRD_PARTY_DATA_REQUEST#GOOGLE_RESPONSE_TO_PRODUCTION_ALERTCLOUD_INITIATED_ACCESSrr rrTypeValueValuesEnumrSs36!"  *+'rr\r r r N) r rrrrrr6r\rdetailrGtyperr rrrPrPs= "INN"H   #&   2A 6$rrPc`\rSrSrSr\R "SS5r\R"SSS9r Sr g ) 3AccessapprovalFoldersApprovalRequestsApproveRequestzA AccessapprovalFoldersApprovalRequestsApproveRequest object. Fields: approveApprovalRequestMessage: A ApproveApprovalRequestMessage resource to be passed as the request body. name: Name of the approval request to approve. ApproveApprovalRequestMessager r Trequiredr N r rrrrrr:approveApprovalRequestMessagerrrr rrr`r`0#,"8"89XZ["\   q4 0$rr`c`\rSrSrSr\R "SS5r\R"SSS9r Sr g ) 3AccessapprovalFoldersApprovalRequestsDismissRequestzA AccessapprovalFoldersApprovalRequestsDismissRequest object. Fields: dismissApprovalRequestMessage: A DismissApprovalRequestMessage resource to be passed as the request body. name: Name of the ApprovalRequest to dismiss. DismissApprovalRequestMessager r Trcr N r rrrrrr:dismissApprovalRequestMessagerrrr rrririrgrric:\rSrSrSr\R "SSS9rSrg)/AccessapprovalFoldersApprovalRequestsGetRequestzA AccessapprovalFoldersApprovalRequestsGetRequest object. Fields: name: The name of the approval request to retrieve. Format: "{projects|fol ders|organizations}/{id}/approvalRequests/{approval_request}" r Trcr N r rrrrrrrrr rrroro   q4 0$rroc`\rSrSrSr\R "SS5r\R"SSS9r Sr g ) 6AccessapprovalFoldersApprovalRequestsInvalidateRequestizA AccessapprovalFoldersApprovalRequestsInvalidateRequest object. Fields: invalidateApprovalRequestMessage: A InvalidateApprovalRequestMessage resource to be passed as the request body. name: Name of the ApprovalRequest to invalidate. InvalidateApprovalRequestMessager r Trcr N r rrrrrr: invalidateApprovalRequestMessagerrrr rrrtrt0&/%;%;<^`a%b"   q4 0$rrtc\rSrSrSr\R "S5r\R"S\RRS9r \R "S5r \R "SSS 9r S rg ) 0AccessapprovalFoldersApprovalRequestsListRequestiaDA AccessapprovalFoldersApprovalRequestsListRequest object. Fields: filter: A filter on the type of approval requests to retrieve. Must be one of the following values: * [not set]: Requests that are pending or have active approvals. * ALL: All requests. * PENDING: Only pending requests. * ACTIVE: Only active (i.e. currently approved) requests. * DISMISSED: Only requests that have been dismissed, or requests that are not approved and past expiration. * EXPIRED: Only requests that have been approved, and the approval has expired. * HISTORY: Active, dismissed and expired requests. pageSize: Requested page size. pageToken: A token identifying the page of results to return. parent: The parent resource. This may be "projects/{project}", "folders/{folder}", or "organizations/{organization}". r r r2rr&Trcr Nr rrrrrrfilterrCrDrEpageSize pageTokenparentrr rrrzrzY"   #&  # #Ay/@/@/F/F G(##A&)  T 2&rrzc:\rSrSrSr\R "SSS9rSrg)8AccessapprovalFoldersDeleteAccessApprovalSettingsRequesti)zA AccessapprovalFoldersDeleteAccessApprovalSettingsRequest object. Fields: name: Name of the AccessApprovalSettings to delete. r Trcr Nrqr rrrr)   q4 0$rrc:\rSrSrSr\R "SSS9rSrg)5AccessapprovalFoldersGetAccessApprovalSettingsRequesti3zA AccessapprovalFoldersGetAccessApprovalSettingsRequest object. Fields: name: The name of the AccessApprovalSettings to retrieve. Format: "{projects|folders|organizations}/{id}/accessApprovalSettings" r Trcr Nrqr rrrr3rrrrc:\rSrSrSr\R "SSS9rSrg)-AccessapprovalFoldersGetServiceAccountRequesti>zA AccessapprovalFoldersGetServiceAccountRequest object. Fields: name: Name of the AccessApprovalServiceAccount to retrieve. r Trcr Nrqr rrrr>rrrc\rSrSrSr\R "SS5r\R"SSS9r \R"S5r S r g ) 8AccessapprovalFoldersUpdateAccessApprovalSettingsRequestiHaA AccessapprovalFoldersUpdateAccessApprovalSettingsRequest object. Fields: accessApprovalSettings: A AccessApprovalSettings resource to be passed as the request body. name: The resource name of the settings. Format is one of: * "projects/{project}/accessApprovalSettings" * "folders/{folder}/accessApprovalSettings" * "organizations/{organization}/accessApprovalSettings" updateMask: The update mask applies to the settings. Only the top level fields of AccessApprovalSettings (notification_emails & enrolled_services) are supported. For each field, if it is included, the currently stored value will be entirely overwritten with the value of the field passed in this request. For the `FieldMask` definition, see https://developers.google.com/protocol- buffers/docs/reference/google.protobuf#fieldmask If this field is left unset, only the notification_emails field will be updated. rr r Trcrr N r rrrrrr:accessApprovalSettingsrr updateMaskrr rrrrH?&%112JAN   q4 0$$$Q'*rrc`\rSrSrSr\R "SS5r\R"SSS9r Sr g ) 9AccessapprovalOrganizationsApprovalRequestsApproveRequestiazA AccessapprovalOrganizationsApprovalRequestsApproveRequest object. Fields: approveApprovalRequestMessage: A ApproveApprovalRequestMessage resource to be passed as the request body. name: Name of the approval request to approve. rbr r Trcr Nrer rrrrargrrc`\rSrSrSr\R "SS5r\R"SSS9r Sr g ) 9AccessapprovalOrganizationsApprovalRequestsDismissRequestinzA AccessapprovalOrganizationsApprovalRequestsDismissRequest object. Fields: dismissApprovalRequestMessage: A DismissApprovalRequestMessage resource to be passed as the request body. name: Name of the ApprovalRequest to dismiss. rkr r Trcr Nrlr rrrrnrgrrc:\rSrSrSr\R "SSS9rSrg)5AccessapprovalOrganizationsApprovalRequestsGetRequesti{zA AccessapprovalOrganizationsApprovalRequestsGetRequest object. Fields: name: The name of the approval request to retrieve. Format: "{projects|fol ders|organizations}/{id}/approvalRequests/{approval_request}" r Trcr Nrqr rrrr{rrrrc`\rSrSrSr\R "SS5r\R"SSS9r Sr g ) AccessapprovalOrganizationsDeleteAccessApprovalSettingsRequestizA AccessapprovalOrganizationsDeleteAccessApprovalSettingsRequest object. Fields: name: Name of the AccessApprovalSettings to delete. r Trcr Nrqr rrrrrrrc:\rSrSrSr\R "SSS9rSrg);AccessapprovalOrganizationsGetAccessApprovalSettingsRequestizA AccessapprovalOrganizationsGetAccessApprovalSettingsRequest object. Fields: name: The name of the AccessApprovalSettings to retrieve. Format: "{projects|folders|organizations}/{id}/accessApprovalSettings" r Trcr Nrqr rrrrrrrrc:\rSrSrSr\R "SSS9rSrg)3AccessapprovalOrganizationsGetServiceAccountRequestizA AccessapprovalOrganizationsGetServiceAccountRequest object. Fields: name: Name of the AccessApprovalServiceAccount to retrieve. r Trcr Nrqr rrrrrrrc\rSrSrSr\R "SS5r\R"SSS9r \R"S5r S r g ) >AccessapprovalOrganizationsUpdateAccessApprovalSettingsRequestiaA AccessapprovalOrganizationsUpdateAccessApprovalSettingsRequest object. Fields: accessApprovalSettings: A AccessApprovalSettings resource to be passed as the request body. name: The resource name of the settings. Format is one of: * "projects/{project}/accessApprovalSettings" * "folders/{folder}/accessApprovalSettings" * "organizations/{organization}/accessApprovalSettings" updateMask: The update mask applies to the settings. Only the top level fields of AccessApprovalSettings (notification_emails & enrolled_services) are supported. For each field, if it is included, the currently stored value will be entirely overwritten with the value of the field passed in this request. For the `FieldMask` definition, see https://developers.google.com/protocol- buffers/docs/reference/google.protobuf#fieldmask If this field is left unset, only the notification_emails field will be updated. rr r Trcrr Nrr rrrrrrrc`\rSrSrSr\R "SS5r\R"SSS9r Sr g ) 4AccessapprovalProjectsApprovalRequestsApproveRequestizA AccessapprovalProjectsApprovalRequestsApproveRequest object. Fields: approveApprovalRequestMessage: A ApproveApprovalRequestMessage resource to be passed as the request body. name: Name of the approval request to approve. rbr r Trcr Nrer rrrrrgrrc`\rSrSrSr\R "SS5r\R"SSS9r Sr g ) 4AccessapprovalProjectsApprovalRequestsDismissRequestizA AccessapprovalProjectsApprovalRequestsDismissRequest object. Fields: dismissApprovalRequestMessage: A DismissApprovalRequestMessage resource to be passed as the request body. name: Name of the ApprovalRequest to dismiss. rkr r Trcr Nrlr rrrrrgrrc:\rSrSrSr\R "SSS9rSrg)0AccessapprovalProjectsApprovalRequestsGetRequestizA AccessapprovalProjectsApprovalRequestsGetRequest object. Fields: name: The name of the approval request to retrieve. Format: "{projects|fol ders|organizations}/{id}/approvalRequests/{approval_request}" r Trcr Nrqr rrrrrrrrc`\rSrSrSr\R "SS5r\R"SSS9r Sr g ) 7AccessapprovalProjectsApprovalRequestsInvalidateRequestizA AccessapprovalProjectsApprovalRequestsInvalidateRequest object. Fields: invalidateApprovalRequestMessage: A InvalidateApprovalRequestMessage resource to be passed as the request body. name: Name of the ApprovalRequest to invalidate. rur r Trcr Nrvr rrrrrxrrc\rSrSrSr\R "S5r\R"S\RRS9r \R "S5r \R "SSS 9r S rg ) 1AccessapprovalProjectsApprovalRequestsListRequestiaEA AccessapprovalProjectsApprovalRequestsListRequest object. Fields: filter: A filter on the type of approval requests to retrieve. Must be one of the following values: * [not set]: Requests that are pending or have active approvals. * ALL: All requests. * PENDING: Only pending requests. * ACTIVE: Only active (i.e. currently approved) requests. * DISMISSED: Only requests that have been dismissed, or requests that are not approved and past expiration. * EXPIRED: Only requests that have been approved, and the approval has expired. * HISTORY: Active, dismissed and expired requests. pageSize: Requested page size. pageToken: A token identifying the page of results to return. parent: The parent resource. This may be "projects/{project}", "folders/{folder}", or "organizations/{organization}". r r r2rr&Trcr Nr{r rrrrrrrc:\rSrSrSr\R "SSS9rSrg)9AccessapprovalProjectsDeleteAccessApprovalSettingsRequesti-zA AccessapprovalProjectsDeleteAccessApprovalSettingsRequest object. Fields: name: Name of the AccessApprovalSettings to delete. r Trcr Nrqr rrrr-rrrc:\rSrSrSr\R "SSS9rSrg)6AccessapprovalProjectsGetAccessApprovalSettingsRequesti7zA AccessapprovalProjectsGetAccessApprovalSettingsRequest object. Fields: name: The name of the AccessApprovalSettings to retrieve. Format: "{projects|folders|organizations}/{id}/accessApprovalSettings" r Trcr Nrqr rrrr7rrrrc:\rSrSrSr\R "SSS9rSrg).AccessapprovalProjectsGetServiceAccountRequestiBzA AccessapprovalProjectsGetServiceAccountRequest object. Fields: name: Name of the AccessApprovalServiceAccount to retrieve. r Trcr Nrqr rrrrBrrrc\rSrSrSr\R "SS5r\R"SSS9r \R"S5r S r g ) 9AccessapprovalProjectsUpdateAccessApprovalSettingsRequestiLaA AccessapprovalProjectsUpdateAccessApprovalSettingsRequest object. Fields: accessApprovalSettings: A AccessApprovalSettings resource to be passed as the request body. name: The resource name of the settings. Format is one of: * "projects/{project}/accessApprovalSettings" * "folders/{folder}/accessApprovalSettings" * "organizations/{organization}/accessApprovalSettings" updateMask: The update mask applies to the settings. Only the top level fields of AccessApprovalSettings (notification_emails & enrolled_services) are supported. For each field, if it is included, the currently stored value will be entirely overwritten with the value of the field passed in this request. For the `FieldMask` definition, see https://developers.google.com/protocol- buffers/docs/reference/google.protobuf#fieldmask If this field is left unset, only the notification_emails field will be updated. rr r Trcrr Nrr rrrrLrrrc\rSrSrSr\R "SS5r\R "SS5r\R"S5r \R"S5r \R "S S 5r \R"S 5r \R"S 5r\R "S S5r\R "SS5r\R"S5r\R "SS5rSrg)ApprovalRequestiea#A request for the customer to approve access to a resource. Fields: approve: Access was approved. dismiss: The request was dismissed. name: The resource name of the request. Format is "{projects|folders|organ izations}/{id}/approvalRequests/{approval_request}". requestTime: The time at which approval was requested. requestedAugmentedInfo: This field contains the augmented information of the request. requestedDuration: The requested access duration. requestedExpiration: The original requested expiration for the approval. Calculated by adding the requested_duration to the request_time. requestedLocations: The locations for which approval is being requested. requestedReason: The access reason for which approval is being requested. requestedResourceName: The resource for which approval is being requested. The format of the resource name is defined at https://cloud.google.com/apis/design/resource_names. The resource name here may either be a "full" resource name (e.g. "//library.googleapis.com/shelves/shelf1/books/book2") or a "relative" resource name (e.g. "shelves/shelf1/books/book2") as described in the resource name specification. requestedResourceProperties: Properties related to the resource represented by requested_resource_name. ApproveDecisionr DismissDecisionr rr& AugmentedInfor'r)r,rKr-rPr.r/ResourcePropertiesr0r N)r rrrrrr:approvedismissrr requestTimerequestedAugmentedInforequestedDurationrequestedExpirationrequestedLocationsrequestedReasonrequestedResourceNamerequestedResourcePropertiesrr rrrres4  " "#4a 8'  " "#4a 8'   q !$%%a(+$11/1E++A.!--a0 --.?C**>1=/#//3 ) 6 67KR Prrc<\rSrSrSr\R "S5rSrg)rbizdRequest to approve an ApprovalRequest. Fields: expireTime: The expiration time of this approval. r r N) r rrrrrr expireTimerr rrrbrbs $$Q'*rrbc\rSrSrSr\R "S5r\R"S5r \R "S5r \R "S5r \R"S5r \R"SS 5rS rg ) ria A decision that has been made to approve access to a resource. Fields: approveTime: The time at which approval was granted. autoApproved: True when the request has been auto-approved. expireTime: The time at which the approval expires. invalidateTime: If set, denotes the timestamp at which the approval is invalidated. policyApproved: True when the request has been approved by the customer's defined policy. signatureInfo: The signature for the ApprovalRequest and details on how it was signed. r r rr&r' SignatureInfor)r N)r rrrrrr approveTimer8 autoApprovedrinvalidateTimepolicyApprovedr: signatureInforr rrrrsk %%a(+''*,$$Q'*((+.))!,.((!<-rrc<\rSrSrSr\R "S5rSrg)ria$This field contains the augmented information of the request. Requires augmented administrative access to be enabled. Fields: command: For command-line tools, the full command-line exactly as entered by the actor without adding any additional characters (such as quotation marks). r r N) r rrrrrrcommandrr rrrrs  ! !! $'rrch\rSrSrSr"SS\R 5r\R"SS5r Sr g)r%ia3Represents all the policies that can be set for Customer Approval. Enums: JustificationBasedApprovalPolicyValueValuesEnum: Optional. Policy for approval based on the justification given. Fields: justificationBasedApprovalPolicy: Optional. Policy for approval based on the justification given. c,\rSrSrSrSrSrSrSrSr Sr g ) NCustomerApprovalApprovalPolicy.JustificationBasedApprovalPolicyValueValuesEnumiaOptional. Policy for approval based on the justification given. Values: JUSTIFICATION_BASED_APPROVAL_POLICY_UNSPECIFIED: Default value, defaults to JUSTIFICATION_BASED_APPROVAL_NOT_ENABLED if not set. This value is not able to be configured by the user, do not use. JUSTIFICATION_BASED_APPROVAL_ENABLED_ALL: Audit-only mode. All accesses are pre-approved instantly. JUSTIFICATION_BASED_APPROVAL_ENABLED_EXTERNAL_JUSTIFICATIONS: Customer initiated support access reasons are pre-approved instantly. All other accesses require customer approval. JUSTIFICATION_BASED_APPROVAL_NOT_ENABLED: All access approval requests require customer approval. This is the default value if the policy is not set. JUSTIFICATION_BASED_APPROVAL_INHERITED: Defer configuration to parent settings. This is the default value if the policy is not set and the parent has a value set. rr r rr&r N) r rrrr/JUSTIFICATION_BASED_APPROVAL_POLICY_UNSPECIFIED(JUSTIFICATION_BASED_APPROVAL_ENABLED_ALL" to include in api requests. uploadType: Legacy upload protocol for media (e.g. "media", "multipart"). upload_protocol: Upload protocol for media (e.g. "raw", "multipart"). c$\rSrSrSrSrSrSrSrg)*StandardQueryParameters.AltValueValuesEnumizData format for response. Values: json: Responses with Content-Type of application/json media: Media download with context-dependent Content-Type proto: Responses with Content-Type of application/x-protobuf rr r r N) r rrrrjsonmediaprotorr rrAltValueValuesEnumrAs D E ErrEc \rSrSrSrSrSrSrg)-StandardQueryParameters.FXgafvValueValuesEnumi'zFV1 error format. Values: _1: v1 error format _2: v2 error format rr r N)r rrrr_1_2rr rrFXgafvValueValuesEnumrG's B BrrJr r rrB)defaultr&r'r)r,r-Tr.r/r0r1r N)r rrrrrr6rErJrGf__xgafvr access_tokenaltcallbackfieldskey oauth_tokenr8 prettyPrint quotaUsertrace uploadTypeupload_protocolrr rrr?r?s4 9>>  inn  !8! <(&&q),0!VD#  " "1 %(   #&a #%%a(+&&q$7+##A&)    #%$$R(*))"-/rr?rLz$.xgafvrH1rI2N):r __future__rapitools.base.protorpcliterrapitools.base.pyrpackageMessagerrrKrPr`rirortrzrrrrrrrrrrrrrrrrrrrrrrrrbrrr%rkrrr(rurrrr?AddCustomJsonFieldMappingAddCustomJsonEnumMappingrJr rrras '<%  "9#4#4 " oCY..oCd>i''>2179$$17h 1):K:K 1 1):K:K 11i6G6G1 1Y=N=N 13y7H7H301y?P?P11IO>O 13 8I8I301 @Q@Q11Y=N=N11Y5F5F1( @Q@Q(2%Qi''%QP(I$5$5(=i''=. %I%% %%oY%6%6%oP1I$5$51 'i'' 'I  IMi''IMX5y'8'85 +9#4#4 +2**2W&I%%W&t<.i//<.~ ""Z4!!114>!!114>r