Method: organizations.gcpUserAccessBindings.patch

Updates a GcpUserAccessBinding. Completion of this long-running operation does not necessarily signify that the changed binding is deployed onto all affected users, which may take more time.

HTTP request

PATCH https://accesscontextmanager.googleapis.com/v1/{gcpUserAccessBinding.name=organizations/*/gcpUserAccessBindings/*}

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters
gcpUserAccessBinding.name

string

Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by RFC 3986 Section 2.3). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"

Query parameters

Parameters
updateMask

string (FieldMask format)

Required. Only the fields specified in this mask are updated. Because name and groupKey cannot be changed, updateMask is required and may only contain the following fields: accessLevels, dryRunAccessLevels, reauth_settings sessionSettings, scopedAccessSettings.

updateMask { paths: "accessLevels" }

This is a comma-separated list of fully qualified names of fields. Example: "user.displayName,photo".

append

boolean

Optional. This field controls whether or not certain repeated settings in the update request overwrite or append to existing settings on the binding. If true, then append. Otherwise overwrite.

So far, only scopedAccessSettings with reauth_settings supports appending. Global accessLevels, accessLevels in scopedAccessSettings, dryRunAccessLevels, reauth_settings, and sessionSettings are not compatible with append functionality, and the request will return an error if append=true when these settings are in the updateMask. The request will also return an error if append=true when "scopedAccessSettings" is not set in the updateMask.

Request body

The request body contains an instance of GcpUserAccessBinding.

Response body

If successful, the response body contains an instance of Operation.

Authorization scopes

Requires the following OAuth scope:

  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.