Method: dataAccessScopes.create

HTTP request
Path parameters
Query parameters
Request body
Response body
Authorization scopes
IAM Permissions
Try it!

Full name: projects.locations.instances.dataAccessScopes.create

Creates a data access scope. Data access scope is a combination of allowed and denied labels attached to a permission group. If a scope has allowed labels A and B and denied labels C and D, then the group of people attached to the scope will have permissions to see all events labeled with A or B (or both) and not labeled with either C or D.

HTTP request

POST https://chronicle.googleapis.com/v1alpha/{parent}/dataAccessScopes

Path parameters

Parameters

Parameters
`parent`	`string` Required. The parent resource where this Data Access Scope will be created. Format: projects/{project}/locations/{location}/instances/{instance}

parent

string

Required. The parent resource where this Data Access Scope will be created. Format: projects/{project}/locations/{location}/instances/{instance}

Query parameters

Parameters

Parameters
`dataAccessScopeId`	`string` Required. The user provided scope id which will become the last part of the name of the scope resource. Needs to be compliant with https://google.aip.dev/122

dataAccessScopeId

string

Required. The user provided scope id which will become the last part of the name of the scope resource. Needs to be compliant with https://google.aip.dev/122

Request body

The request body contains an instance of DataAccessScope.

Response body

If successful, the response body contains a newly created instance of DataAccessScope.

Authorization scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the parent resource:

chronicle.dataAccessScopes.create

For more information, see the IAM documentation.