REST Resource: organizations.locations.entitlements
Resource: Entitlement
An entitlement defines the eligibility of a set of users to obtain predefined access for some time possibly after going through an approval workflow.
| JSON representation |
{
"name": string,
"createTime": string,
"updateTime": string,
"eligibleUsers": [
{
object (AccessControlEntry)
}
],
"approvalWorkflow": {
object (ApprovalWorkflow)
},
"privilegedAccess": {
object (PrivilegedAccess)
},
"maxRequestDuration": string,
"state": enum (State),
"requesterJustificationConfig": {
object (RequesterJustificationConfig)
},
"additionalNotificationTargets": {
object (AdditionalNotificationTargets)
},
"etag": string
} |
| Fields |
name |
string
Identifier. Name of the entitlement. Possible formats:
organizations/{organization-number}/locations/{region}/entitlements/{entitlement-id}folders/{folder-number}/locations/{region}/entitlements/{entitlement-id}projects/{project-id|project-number}/locations/{region}/entitlements/{entitlement-id}
|
createTime |
string (Timestamp format)
Output only. Create time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
|
updateTime |
string (Timestamp format)
Output only. Update time stamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
|
eligibleUsers[] |
object (AccessControlEntry)
Optional. Who can create grants using this entitlement. This list should contain at most one entry.
|
approvalWorkflow |
object (ApprovalWorkflow)
Optional. The approvals needed before access are granted to a requester. No approvals are needed if this field is null.
|
privilegedAccess |
object (PrivilegedAccess)
The access granted to a requester on successful approval.
|
maxRequestDuration |
string (Duration format)
Required. The maximum amount of time that access is granted for a request. A requester can ask for a duration less than this, but never more. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s".
|
state |
enum (State)
Output only. Current state of this entitlement.
|
requesterJustificationConfig |
object (RequesterJustificationConfig)
Required. The manner in which the requester should provide a justification for requesting access.
|
additionalNotificationTargets |
object (AdditionalNotificationTargets)
Optional. Additional email addresses to be notified based on actions taken.
|
etag |
string
An etag is used for optimistic concurrency control as a way to prevent simultaneous updates to the same entitlement. An etag is returned in the response to entitlements.get and the caller should put the etag in the request to entitlements.patch so that their change is applied on the same version. If this field is omitted or if there is a mismatch while updating an entitlement, then the server rejects the request.
|
Methods |
|
|
Creates a new entitlement in a given project/folder/organization and location. |
|
|
Deletes a single entitlement. |
|
|
Gets details of a single entitlement. |
|
|
Lists entitlements in a given project/folder/organization and location. |
|
|
Updates the entitlement specified in the request. |
|
|
SearchEntitlements returns entitlements on which the caller has the specified access. |
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-05-21 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-05-21 UTC."],[[["\u003cp\u003eEntitlements define user eligibility for time-bound access, potentially requiring approval workflows.\u003c/p\u003e\n"],["\u003cp\u003eThe JSON representation of an entitlement includes fields like \u003ccode\u003ename\u003c/code\u003e, \u003ccode\u003ecreateTime\u003c/code\u003e, \u003ccode\u003eupdateTime\u003c/code\u003e, \u003ccode\u003eeligibleUsers\u003c/code\u003e, \u003ccode\u003eapprovalWorkflow\u003c/code\u003e, \u003ccode\u003eprivilegedAccess\u003c/code\u003e, \u003ccode\u003emaxRequestDuration\u003c/code\u003e, and \u003ccode\u003estate\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eEntitlements have configurable settings for access duration, requester justification, and notification targets, and the access granted is defined by the privilegedAccess field.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eetag\u003c/code\u003e field is used for optimistic concurrency control to prevent conflicting updates to an entitlement.\u003c/p\u003e\n"],["\u003cp\u003eSeveral methods are available for managing entitlements, including creating, deleting, getting, listing, patching, and searching.\u003c/p\u003e\n"]]],[],null,["# REST Resource: organizations.locations.entitlements\n\n- [Resource: Entitlement](#Entitlement)\n - [JSON representation](#Entitlement.SCHEMA_REPRESENTATION)\n- [Methods](#METHODS_SUMMARY)\n\nResource: Entitlement\n---------------------\n\nAn entitlement defines the eligibility of a set of users to obtain predefined access for some time possibly after going through an approval workflow."]]
