创建 IAM 政策
使用集合让一切井井有条
根据您的偏好保存内容并对其进行分类。
如未另行说明,那么本页面中的内容已根据知识共享署名 4.0 许可获得了许可,并且代码示例已根据 Apache 2.0 许可获得了许可。有关详情,请参阅 Google 开发者网站政策。Java 是 Oracle 和/或其关联公司的注册商标。
[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],[],[[["\u003cp\u003eThis page provides code samples in Java and Python for creating an IAM policy for a BigQuery table.\u003c/p\u003e\n"],["\u003cp\u003eThe Java code sample initializes a BigQuery client, retrieves the existing IAM policy for a specified table, and adds a user with the "roles/bigquery.dataViewer" role.\u003c/p\u003e\n"],["\u003cp\u003eThe Python code sample demonstrates retrieving the IAM policy for a table, defining a binding with a specified role and member, appending the binding to the policy, and then setting and printing the updated policy.\u003c/p\u003e\n"],["\u003cp\u003eBoth Java and Python samples require setting up Application Default Credentials for authentication, as detailed in the linked documentation.\u003c/p\u003e\n"],["\u003cp\u003eThe code provided will allow users to control access to resources within BigQuery, as further explained in a linked article.\u003c/p\u003e\n"]]],[],null,["# Create IAM policy\n\nCreate an IAM policy for a table.\n\nCode sample\n-----------\n\n### Java\n\n\nBefore trying this sample, follow the Java setup instructions in the\n[BigQuery quickstart using\nclient libraries](/bigquery/docs/quickstarts/quickstart-client-libraries).\n\n\nFor more information, see the\n[BigQuery Java API\nreference documentation](/java/docs/reference/google-cloud-bigquery/latest/overview).\n\n\nTo authenticate to BigQuery, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for client libraries](/bigquery/docs/authentication#client-libs).\n\n import com.google.cloud.https://cloud.google.com/java/docs/reference/google-cloud-storageinsights/latest/com.google.cloud.storageinsights.v1.Identity.html;\n import com.google.cloud.https://cloud.google.com/java/docs/reference/google-cloud-compute/latest/com.google.cloud.compute.v1.Policy.html;\n import com.google.cloud.https://cloud.google.com/java/docs/reference/google-cloud-core/latest/com.google.cloud.Role.html;\n import com.google.cloud.bigquery.https://cloud.google.com/java/docs/reference/google-cloud-bigquery/latest/com.google.cloud.bigquery.BigQuery.html;\n import com.google.cloud.bigquery.https://cloud.google.com/java/docs/reference/google-cloud-bigquery/latest/com.google.cloud.bigquery.BigQueryException.html;\n import com.google.cloud.bigquery.https://cloud.google.com/java/docs/reference/google-cloud-bigquery/latest/com.google.cloud.bigquery.BigQueryOptions.html;\n import com.google.cloud.bigquery.https://cloud.google.com/java/docs/reference/google-cloud-bigquery/latest/com.google.cloud.bigquery.TableId.html;\n\n // Sample to create iam policy for table\n public class CreateIamPolicy {\n\n public static void main(https://cloud.google.com/java/docs/reference/google-cloud-bigtable/latest/com.google.cloud.bigtable.common.Type.String.html[] args) {\n // TODO(developer): Replace these variables before running the sample.\n https://cloud.google.com/java/docs/reference/google-cloud-bigtable/latest/com.google.cloud.bigtable.common.Type.String.html datasetName = \"MY_DATASET_NAME\";\n https://cloud.google.com/java/docs/reference/google-cloud-bigtable/latest/com.google.cloud.bigtable.common.Type.String.html tableName = \"MY_TABLE_NAME\";\n createIamPolicy(datasetName, tableName);\n }\n\n public static void createIamPolicy(https://cloud.google.com/java/docs/reference/google-cloud-bigtable/latest/com.google.cloud.bigtable.common.Type.String.html datasetName, https://cloud.google.com/java/docs/reference/google-cloud-bigtable/latest/com.google.cloud.bigtable.common.Type.String.html tableName) {\n try {\n // Initialize client that will be used to send requests. This client only needs to be created\n // once, and can be reused for multiple requests.\n https://cloud.google.com/java/docs/reference/google-cloud-bigquery/latest/com.google.cloud.bigquery.BigQuery.html bigquery = https://cloud.google.com/java/docs/reference/google-cloud-bigquery/latest/com.google.cloud.bigquery.BigQueryOptions.html.getDefaultInstance().getService();\n\n https://cloud.google.com/java/docs/reference/google-cloud-bigquery/latest/com.google.cloud.bigquery.TableId.html tableId = https://cloud.google.com/java/docs/reference/google-cloud-bigquery/latest/com.google.cloud.bigquery.TableId.html.of(datasetName, tableName);\n\n https://cloud.google.com/java/docs/reference/google-cloud-compute/latest/com.google.cloud.compute.v1.Policy.html policy = bigquery.https://cloud.google.com/java/docs/reference/google-cloud-bigquery/latest/com.google.cloud.bigquery.BigQuery.html#com_google_cloud_bigquery_BigQuery_getIamPolicy_com_google_cloud_bigquery_TableId_com_google_cloud_bigquery_BigQuery_IAMOption____(tableId);\n policy\n .toBuilder()\n .https://cloud.google.com/java/docs/reference/google-cloud-core/latest/com.google.cloud.Policy.Builder.html#com_google_cloud_Policy_Builder_addIdentity_com_google_cloud_Role_com_google_cloud_Identity_com_google_cloud_Identity____(\n https://cloud.google.com/java/docs/reference/google-cloud-core/latest/com.google.cloud.Role.html.of(\"roles/bigquery.dataViewer\"),\n https://cloud.google.com/java/docs/reference/google-cloud-storageinsights/latest/com.google.cloud.storageinsights.v1.Identity.html.https://cloud.google.com/java/docs/reference/google-cloud-core/latest/com.google.cloud.Identity.html#com_google_cloud_Identity_user_java_lang_String_(\"example-analyst-group@google.com\"))\n .build();\n bigquery.https://cloud.google.com/java/docs/reference/google-cloud-bigquery/latest/com.google.cloud.bigquery.BigQuery.html#com_google_cloud_bigquery_BigQuery_setIamPolicy_com_google_cloud_bigquery_TableId_com_google_cloud_Policy_com_google_cloud_bigquery_BigQuery_IAMOption____(tableId, policy);\n System.out.println(\"Iam policy created successfully\");\n } catch (https://cloud.google.com/java/docs/reference/google-cloud-bigquery/latest/com.google.cloud.bigquery.BigQueryException.html e) {\n System.out.println(\"Iam policy was not created. \\n\" + e.toString());\n }\n }\n }\n\n### Python\n\n\nBefore trying this sample, follow the Python setup instructions in the\n[BigQuery quickstart using\nclient libraries](/bigquery/docs/quickstarts/quickstart-client-libraries).\n\n\nFor more information, see the\n[BigQuery Python API\nreference documentation](/python/docs/reference/bigquery/latest).\n\n\nTo authenticate to BigQuery, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for client libraries](/bigquery/docs/authentication#client-libs).\n\n from google.cloud import https://cloud.google.com/python/docs/reference/bigquery/latest/\n\n bqclient = https://cloud.google.com/python/docs/reference/bigquery/latest/.https://cloud.google.com/python/docs/reference/bigquery/latest/google.cloud.bigquery.client.Client.html()\n\n policy = bqclient.https://cloud.google.com/python/docs/reference/bigquery/latest/google.cloud.bigquery.client.Client.html#google_cloud_bigquery_client_Client_get_iam_policy(\n your_table_id, # e.g. \"project.dataset.table\"\n )\n\n analyst_email = \"example-analyst-group@google.com\"\n binding = {\n \"role\": \"roles/bigquery.dataViewer\",\n \"members\": {f\"group:{analyst_email}\"},\n }\n policy.bindings.append(binding)\n\n updated_policy = bqclient.https://cloud.google.com/python/docs/reference/bigquery/latest/google.cloud.bigquery.client.Client.html#google_cloud_bigquery_client_Client_set_iam_policy(\n your_table_id, # e.g. \"project.dataset.table\"\n policy,\n )\n\n for binding in updated_policy.bindings:\n print(repr(binding))\n\nWhat's next\n-----------\n\n\nTo search and filter code samples for other Google Cloud products, see the\n[Google Cloud sample browser](/docs/samples?product=bigquery)."]]
