Policy

JSON representation
Assignment
- JSON representation

Defines an access control policy to the resources.

JSON representation
{ "assignments": [ { object (`Assignment`) } ], "etag": string }

Fields

Fields
`assignments[]`	`object (Assignment)`
`etag`	`string (bytes format)` The [etag] is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the [etag] in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An [etag] is returned in the response to [policies.get], and systems are expected to put that etag in the request to [policies.set] to ensure that their change will be applied to the same version of the policy. If no [etag] is provided in the call to [policies.set], then the existing policy is overwritten blindly. A base64-encoded string.

assignments[]

object (Assignment)

etag

string (bytes format)

The [etag] is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the [etag] in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An [etag] is returned in the response to [policies.get], and systems are expected to put that etag in the request to [policies.set] to ensure that their change will be applied to the same version of the policy.

If no [etag] is provided in the call to [policies.set], then the existing policy is overwritten blindly.

A base64-encoded string.

Assignment

Associates members with a role.

JSON representation
{ "role": string, "members": [ string ] }

Fields

Fields
`role`	`string` Required. Role that is assigned to `members`.
`members[]`	`string` The identities the role is assigned to. It can have the following values: `{user_email}`: An email address that represents a specific Google account. For example: `alice@gmail.com`. `{group_email}`: An email address that represents a Google group. For example, `viewers@gmail.com`.

role

string

Required. Role that is assigned to members.

members[]

string

The identities the role is assigned to. It can have the following values:

{user_email}: An email address that represents a specific Google account. For example: alice@gmail.com.
{group_email}: An email address that represents a Google group. For example, viewers@gmail.com.