An API for setting attribute based access control to requests to GCP services.
- REST Resource: v1beta.accessPolicies
- REST Resource: v1beta.accessPolicies.accessLevels
- REST Resource: v1beta.accessPolicies.servicePerimeters
- REST Resource: v1beta.operations
- REST Resource: v1alpha.accessPolicies
- REST Resource: v1alpha.accessPolicies.accessLevels
- REST Resource: v1alpha.accessPolicies.servicePerimeters
- REST Resource: v1alpha.operations
- REST Resource: v1alpha.organizations.gcpUserAccessBindings
- REST Resource: v1.accessPolicies
- REST Resource: v1.accessPolicies.accessLevels
- REST Resource: v1.accessPolicies.servicePerimeters
- REST Resource: v1.operations
- REST Resource: v1.organizations.gcpUserAccessBindings
Service: accesscontextmanager.googleapis.com
To call this service, we recommend that you use the Google-provided client libraries. If your application needs to use your own libraries to call this service, use the following information when you make the API requests.
Discovery document
A Discovery Document is a machine-readable specification for describing and consuming REST APIs. It is used to build client libraries, IDE plugins, and other tools that interact with Google APIs. One service may provide multiple discovery documents. This service provides the following discovery documents:
Service endpoint
A service endpoint is a base URL that specifies the network address of an API service. One service might have multiple service endpoints. This service has the following service endpoint and all URIs below are relative to this service endpoint:
https://accesscontextmanager.googleapis.com
REST Resource: v1beta.accessPolicies
| Methods | |
|---|---|
create |
POST /v1beta/accessPolicies Create an AccessPolicy. |
delete |
DELETE /v1beta/{name=accessPolicies/*} Delete an AccessPolicy by resource name. |
get |
GET /v1beta/{name=accessPolicies/*} Get an AccessPolicy by name. |
list |
GET /v1beta/accessPolicies List all AccessPolicies under a container. |
patch |
PATCH /v1beta/{policy.name=accessPolicies/*} Update an AccessPolicy. |
REST Resource: v1beta.accessPolicies.accessLevels
| Methods | |
|---|---|
create |
POST /v1beta/{parent=accessPolicies/*}/accessLevels Create an Access Level. |
delete |
DELETE /v1beta/{name=accessPolicies/*/accessLevels/*} Delete an Access Level by resource name. |
get |
GET /v1beta/{name=accessPolicies/*/accessLevels/*} Get an Access Level by resource name. |
list |
GET /v1beta/{parent=accessPolicies/*}/accessLevels List all Access Levels for an access policy. |
patch |
PATCH /v1beta/{accessLevel.name=accessPolicies/*/accessLevels/*} Update an Access Level. |
REST Resource: v1beta.accessPolicies.servicePerimeters
| Methods | |
|---|---|
create |
POST /v1beta/{parent=accessPolicies/*}/servicePerimeters Create a Service Perimeter. |
delete |
DELETE /v1beta/{name=accessPolicies/*/servicePerimeters/*} Delete a Service Perimeter by resource name. |
get |
GET /v1beta/{name=accessPolicies/*/servicePerimeters/*} Get a Service Perimeter by resource name. |
list |
GET /v1beta/{parent=accessPolicies/*}/servicePerimeters List all Service Perimeters for an access policy. |
patch |
PATCH /v1beta/{servicePerimeter.name=accessPolicies/*/servicePerimeters/*} Update a Service Perimeter. |
REST Resource: v1beta.operations
| Methods | |
|---|---|
get |
GET /v1beta/{name=operations/**} Gets the latest state of a long-running operation. |
REST Resource: v1alpha.accessPolicies
| Methods | |
|---|---|
create |
POST /v1alpha/accessPolicies Creates an access policy. |
delete |
DELETE /v1alpha/{name=accessPolicies/*} Deletes an access policy based on the resource name. |
get |
GET /v1alpha/{name=accessPolicies/*} Returns an access policy based on the name. |
getIamPolicy |
POST /v1alpha/{resource=accessPolicies/*}:getIamPolicy Gets the IAM policy for the specified Access Context Manager access policy. |
list |
GET /v1alpha/accessPolicies Lists all access policies in an organization. |
patch |
PATCH /v1alpha/{policy.name=accessPolicies/*} Updates an access policy. |
setIamPolicy |
POST /v1alpha/{resource=accessPolicies/*}:setIamPolicy Sets the IAM policy for the specified Access Context Manager access policy. |
testIamPermissions |
POST /v1alpha/{resource=accessPolicies/*}:testIamPermissions Returns the IAM permissions that the caller has on the specified Access Context Manager resource. |
REST Resource: v1alpha.accessPolicies.accessLevels
| Methods | |
|---|---|
create |
POST /v1alpha/{parent=accessPolicies/*}/accessLevels Creates an access level. |
delete |
DELETE /v1alpha/{name=accessPolicies/*/accessLevels/*} Deletes an access level based on the resource name. |
get |
GET /v1alpha/{name=accessPolicies/*/accessLevels/*} Gets an access level based on the resource name. |
list |
GET /v1alpha/{parent=accessPolicies/*}/accessLevels Lists all access levels for an access policy. |
patch |
PATCH /v1alpha/{accessLevel.name=accessPolicies/*/accessLevels/*} Updates an access level. |
replaceAll |
POST /v1alpha/{parent=accessPolicies/*}/accessLevels:replaceAll Replaces all existing access levels in an access policy with the access levels provided. |
testIamPermissions |
POST /v1alpha/{resource=accessPolicies/*/accessLevels/*}:testIamPermissions Returns the IAM permissions that the caller has on the specified Access Context Manager resource. |
REST Resource: v1alpha.accessPolicies.servicePerimeters
| Methods | |
|---|---|
commit |
POST /v1alpha/{parent=accessPolicies/*}/servicePerimeters:commit Commits the dry-run specification for all the service perimeters in an access policy. |
create |
POST /v1alpha/{parent=accessPolicies/*}/servicePerimeters Creates a service perimeter. |
delete |
DELETE /v1alpha/{name=accessPolicies/*/servicePerimeters/*} Deletes a service perimeter based on the resource name. |
get |
GET /v1alpha/{name=accessPolicies/*/servicePerimeters/*} Gets a service perimeter based on the resource name. |
list |
GET /v1alpha/{parent=accessPolicies/*}/servicePerimeters Lists all service perimeters for an access policy. |
patch |
PATCH /v1alpha/{servicePerimeter.name=accessPolicies/*/servicePerimeters/*} Updates a service perimeter. |
replaceAll |
POST /v1alpha/{parent=accessPolicies/*}/servicePerimeters:replaceAll Replace all existing service perimeters in an access policy with the service perimeters provided. |
testIamPermissions |
POST /v1alpha/{resource=accessPolicies/*/servicePerimeters/*}:testIamPermissions Returns the IAM permissions that the caller has on the specified Access Context Manager resource. |
REST Resource: v1alpha.operations
| Methods | |
|---|---|
get |
GET /v1alpha/{name=operations/**} Gets the latest state of a long-running operation. |
REST Resource: v1alpha.organizations.gcpUserAccessBindings
| Methods | |
|---|---|
create |
POST /v1alpha/{parent=organizations/*}/gcpUserAccessBindings Creates a GcpUserAccessBinding. |
delete |
DELETE /v1alpha/{name=organizations/*/gcpUserAccessBindings/*} Deletes a GcpUserAccessBinding. |
get |
GET /v1alpha/{name=organizations/*/gcpUserAccessBindings/*} Gets the GcpUserAccessBinding with the given name. |
list |
GET /v1alpha/{parent=organizations/*}/gcpUserAccessBindings Lists all GcpUserAccessBindings for a Google Cloud organization. |
patch |
PATCH /v1alpha/{gcpUserAccessBinding.name=organizations/*/gcpUserAccessBindings/*} Updates a GcpUserAccessBinding. |
REST Resource: v1.accessPolicies
| Methods | |
|---|---|
create |
POST /v1/accessPolicies Creates an access policy. |
delete |
DELETE /v1/{name=accessPolicies/*} Deletes an access policy based on the resource name. |
get |
GET /v1/{name=accessPolicies/*} Returns an access policy based on the name. |
getIamPolicy |
POST /v1/{resource=accessPolicies/*}:getIamPolicy Gets the IAM policy for the specified Access Context Manager access policy. |
list |
GET /v1/accessPolicies Lists all access policies in an organization. |
patch |
PATCH /v1/{policy.name=accessPolicies/*} Updates an access policy. |
setIamPolicy |
POST /v1/{resource=accessPolicies/*}:setIamPolicy Sets the IAM policy for the specified Access Context Manager access policy. |
testIamPermissions |
POST /v1/{resource=accessPolicies/*}:testIamPermissions Returns the IAM permissions that the caller has on the specified Access Context Manager resource. |
REST Resource: v1.accessPolicies.accessLevels
| Methods | |
|---|---|
create |
POST /v1/{parent=accessPolicies/*}/accessLevels Creates an access level. |
delete |
DELETE /v1/{name=accessPolicies/*/accessLevels/*} Deletes an access level based on the resource name. |
get |
GET /v1/{name=accessPolicies/*/accessLevels/*} Gets an access level based on the resource name. |
list |
GET /v1/{parent=accessPolicies/*}/accessLevels Lists all access levels for an access policy. |
patch |
PATCH /v1/{accessLevel.name=accessPolicies/*/accessLevels/*} Updates an access level. |
replaceAll |
POST /v1/{parent=accessPolicies/*}/accessLevels:replaceAll Replaces all existing access levels in an access policy with the access levels provided. |
testIamPermissions |
POST /v1/{resource=accessPolicies/*/accessLevels/*}:testIamPermissions Returns the IAM permissions that the caller has on the specified Access Context Manager resource. |
REST Resource: v1.accessPolicies.servicePerimeters
| Methods | |
|---|---|
commit |
POST /v1/{parent=accessPolicies/*}/servicePerimeters:commit Commits the dry-run specification for all the service perimeters in an access policy. |
create |
POST /v1/{parent=accessPolicies/*}/servicePerimeters Creates a service perimeter. |
delete |
DELETE /v1/{name=accessPolicies/*/servicePerimeters/*} Deletes a service perimeter based on the resource name. |
get |
GET /v1/{name=accessPolicies/*/servicePerimeters/*} Gets a service perimeter based on the resource name. |
list |
GET /v1/{parent=accessPolicies/*}/servicePerimeters Lists all service perimeters for an access policy. |
patch |
PATCH /v1/{servicePerimeter.name=accessPolicies/*/servicePerimeters/*} Updates a service perimeter. |
replaceAll |
POST /v1/{parent=accessPolicies/*}/servicePerimeters:replaceAll Replace all existing service perimeters in an access policy with the service perimeters provided. |
testIamPermissions |
POST /v1/{resource=accessPolicies/*/servicePerimeters/*}:testIamPermissions Returns the IAM permissions that the caller has on the specified Access Context Manager resource. |
REST Resource: v1.operations
| Methods | |
|---|---|
cancel |
POST /v1/{name=operations/**}:cancel Starts asynchronous cancellation on a long-running operation. |
delete |
DELETE /v1/{name=operations/**} Deletes a long-running operation. |
get |
GET /v1/{name=operations/**} Gets the latest state of a long-running operation. |
list |
GET /v1/{name} Lists operations that match the specified filter in the request. |
REST Resource: v1.organizations.gcpUserAccessBindings
| Methods | |
|---|---|
create |
POST /v1/{parent=organizations/*}/gcpUserAccessBindings Creates a GcpUserAccessBinding. |
delete |
DELETE /v1/{name=organizations/*/gcpUserAccessBindings/*} Deletes a GcpUserAccessBinding. |
get |
GET /v1/{name=organizations/*/gcpUserAccessBindings/*} Gets the GcpUserAccessBinding with the given name. |
list |
GET /v1/{parent=organizations/*}/gcpUserAccessBindings Lists all GcpUserAccessBindings for a Google Cloud organization. |
patch |
PATCH /v1/{gcpUserAccessBinding.name=organizations/*/gcpUserAccessBindings/*} Updates a GcpUserAccessBinding. |