Module: Google::Cloud::Kms::V1::AccessReason

Defined in:: proto_docs/google/cloud/kms/v1/resources.rb

Overview

Describes the reason for a data access. Please refer to https://cloud.google.com/assured-workloads/key-access-justifications/docs/justification-codes for the detailed semantic meaning of justification reason codes.

Constant Summary collapse

REASON_UNSPECIFIED = Unspecified access reason.

CUSTOMER_INITIATED_SUPPORT = Customer-initiated support.

GOOGLE_INITIATED_SERVICE = Google-initiated access for system management and troubleshooting.

THIRD_PARTY_DATA_REQUEST = Google-initiated access in response to a legal request or legal process.

GOOGLE_INITIATED_REVIEW = Google-initiated access for security, fraud, abuse, or compliance purposes.

CUSTOMER_INITIATED_ACCESS = Customer uses their account to perform any access to their own data which their IAM policy authorizes.

GOOGLE_INITIATED_SYSTEM_OPERATION = Google systems access customer data to help optimize the structure of the data or quality for future uses by the customer.

REASON_NOT_EXPECTED = No reason is expected for this key request.

MODIFIED_CUSTOMER_INITIATED_ACCESS = Deprecated: This code is no longer generated by Google Cloud. The GOOGLE_RESPONSE_TO_PRODUCTION_ALERT justification codes available in both Key Access Justifications and Access Transparency logs provide customer-visible signals of emergency access in more precise contexts. Customer uses their account to perform any access to their own data which their IAM policy authorizes, and one of the following is true: A Google administrator has reset the root-access account associated with the user's organization within the past 7 days. A Google-initiated emergency access operation has interacted with a resource in the same project or folder as the currently accessed resource within the past 7 days.

MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION = Deprecated: This code is no longer generated by Google Cloud. The GOOGLE_RESPONSE_TO_PRODUCTION_ALERT justification codes available in both Key Access Justifications and Access Transparency logs provide customer-visible signals of emergency access in more precise contexts. Google systems access customer data to help optimize the structure of the data or quality for future uses by the customer, and one of the following is true: A Google administrator has reset the root-access account associated with the user's organization within the past 7 days. A Google-initiated emergency access operation has interacted with a resource in the same project or folder as the currently accessed resource within the past 7 days.

GOOGLE_RESPONSE_TO_PRODUCTION_ALERT = Google-initiated access to maintain system reliability.

CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING = One of the following operations is being executed while simultaneously encountering an internal technical issue which prevented a more precise justification code from being generated: Your account has been used to perform any access to your own data which your IAM policy authorizes. An automated Google system operates on encrypted customer data which your IAM policy authorizes. Customer-initiated Google support access. Google-initiated support access to protect system reliability.