REST Resource: projects.locations.entitlements

Resource: Entitlement

An entitlement defines the eligibility of a set of users to obtain predefined access for some time possibly after going through an approval workflow.

JSON representation 
{
 "name": string,
 "createTime": string,
 "updateTime": string,
 "eligibleUsers": [
 {
 object (AccessControlEntry )
 }
 ],
 "approvalWorkflow": {
 object (ApprovalWorkflow )
 },
 "privilegedAccess": {
 object (PrivilegedAccess )
 },
 "maxRequestDuration": string,
 "state": enum (State ),
 "requesterJustificationConfig": {
 object (RequesterJustificationConfig )
 },
 "additionalNotificationTargets": {
 object (AdditionalNotificationTargets )
 },
 "etag": string
}
Fields
name

string

Identifier. Name of the entitlement. Possible formats:

  • organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}
  • folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}
  • projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}
createTime

string (Timestamp format)

Output only. Create time stamp.

Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014年10月02日T15:01:23Z", "2014年10月02日T15:01:23.045123456Z" or "2014年10月02日T15:01:23+05:30".
updateTime

string (Timestamp format)

Output only. Update time stamp.

Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014年10月02日T15:01:23Z", "2014年10月02日T15:01:23.045123456Z" or "2014年10月02日T15:01:23+05:30".
eligibleUsers[]

object (AccessControlEntry )

Optional. Who can create grants using this entitlement. This list should contain at most one entry.
approvalWorkflow

object (ApprovalWorkflow )

Optional. The approvals needed before access are granted to a requester. No approvals are needed if this field is null.
privilegedAccess

object (PrivilegedAccess )

The access granted to a requester on successful approval.
maxRequestDuration

string (Duration format)

Required. The maximum amount of time that access is granted for a request. A requester can ask for a duration less than this, but never more.

A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s".
state

enum (State )

Output only. Current state of this entitlement.
requesterJustificationConfig

object (RequesterJustificationConfig )

Required. The manner in which the requester should provide a justification for requesting access.
additionalNotificationTargets

object (AdditionalNotificationTargets )

Optional. Additional email addresses to be notified based on actions taken.
etag

string

An etag is used for optimistic concurrency control as a way to prevent simultaneous updates to the same entitlement. An etag is returned in the response to entitlements.get and the caller should put the etag in the request to entitlements.patch so that their change is applied on the same version. If this field is omitted or if there is a mismatch while updating an entitlement, then the server rejects the request.

Methods

create

Creates a new entitlement in a given project, folder, organization, and in a given location.

delete

Deletes a single entitlement.

get

Gets details of a single entitlement.

list

Lists the entitlements in a given project, folder, organization, and in a given location.

patch

Updates the entitlement specified in the request.
SearchEntitlements returns entitlements on which the caller has the specified access.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025年09月26日 UTC.