AccessReason(value)Describes the reason for a data access. Please refer to https://cloud.google.com/assured-workloads/key-access-justifications/docs/justification-codes for the detailed semantic meaning of justification reason codes.
Customer uses their account to perform any access to their
own data which their IAM policy authorizes, and one of the
following is true:
- A Google administrator has reset the root-access account
associated with the user's organization within the past 7
days.
- A Google-initiated emergency access operation has
interacted with a resource in the same project or folder
as the currently accessed resource within the past 7 days.
MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION (9):
Deprecated: This code is no longer generated by Google
Cloud. The GOOGLE_RESPONSE_TO_PRODUCTION_ALERT justification
codes available in both Key Access Justifications and Access
Transparency logs provide customer-visible signals of
emergency access in more precise contexts.
Google systems access customer data to help optimize the
structure of the data or quality for future uses by the
customer, and one of the following is true:
- A Google administrator has reset the root-access account
associated with the user's organization within the past 7
days.
- A Google-initiated emergency access operation has
interacted with a resource in the same project or folder
as the currently accessed resource within the past 7 days.
GOOGLE_RESPONSE_TO_PRODUCTION_ALERT (10):
Google-initiated access to maintain system
reliability.
CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING (11):
One of the following operations is being executed while
simultaneously encountering an internal technical issue
which prevented a more precise justification code from being
generated:
- Your account has been used to perform any access to your
own data which your IAM policy authorizes.
- An automated Google system operates on encrypted customer
data which your IAM policy authorizes.
- Customer-initiated Google support access.
- Google-initiated support access to protect system
reliability.
Enums |
|
|---|---|
| Name | Description |
REASON_UNSPECIFIED |
Unspecified access reason. |
CUSTOMER_INITIATED_SUPPORT |
Customer-initiated support. |
GOOGLE_INITIATED_SERVICE |
Google-initiated access for system management and troubleshooting. |
THIRD_PARTY_DATA_REQUEST |
Google-initiated access in response to a legal request or legal process. |
GOOGLE_INITIATED_REVIEW |
Google-initiated access for security, fraud, abuse, or compliance purposes. |
CUSTOMER_INITIATED_ACCESS |
Customer uses their account to perform any access to their own data which their IAM policy authorizes. |
GOOGLE_INITIATED_SYSTEM_OPERATION |
Google systems access customer data to help optimize the structure of the data or quality for future uses by the customer. |
REASON_NOT_EXPECTED |
No reason is expected for this key request. |
MODIFIED_CUSTOMER_INITIATED_ACCESS |
Deprecated: This code is no longer generated by Google Cloud. The GOOGLE_RESPONSE_TO_PRODUCTION_ALERT justification codes available in both Key Access Justifications and Access Transparency logs provide customer-visible signals of emergency access in more precise contexts. |