Manages Google Cloud Projects.
Equality
Instances of this class created via copy-construction or copy-assignment always compare equal. Instances created with equal std::shared_ptr<*Connection>
objects compare equal. Objects that compare equal share the same underlying resources.
Performance
Creating a new instance of this class is a relatively expensive operation, new objects establish new connections to the service. In contrast, copy-construction, move-construction, and the corresponding assignment operations are relatively efficient as the copies share all underlying resources.
Thread Safety
Concurrent access to different instances of this class, even if they compare equal, is guaranteed to work. Two or more threads operating on the same instance of this class is not guaranteed to work. Since copy-construction and move-construction is a relatively efficient operation, consider using such a copy when using this class from multiple threads.
Constructors
ProjectsClient(ProjectsClient const &)
Copy and move support
Parameter | |
---|---|
Name | Description |
|
ProjectsClient const &
|
ProjectsClient(ProjectsClient &&)
Copy and move support
Parameter | |
---|---|
Name | Description |
|
ProjectsClient &&
|
ProjectsClient(std::shared_ptr< ProjectsConnection >, Options)
Parameters | |
---|---|
Name | Description |
connection |
std::shared_ptr< ProjectsConnection >
|
opts |
Options
|
Operators
operator=(ProjectsClient const &)
Copy and move support
Parameter | |
---|---|
Name | Description |
|
ProjectsClient const &
|
Returns | |
---|---|
Type | Description |
ProjectsClient & |
operator=(ProjectsClient &&)
Copy and move support
Parameter | |
---|---|
Name | Description |
|
ProjectsClient &&
|
Returns | |
---|---|
Type | Description |
ProjectsClient & |
Functions
GetProject(std::string const &, Options)
Retrieves the project identified by the specified name
(for example, projects/415104041262
).
The caller must have resourcemanager.projects.get
permission for this project.
Parameters | |
---|---|
Name | Description |
name |
std::string const &
Required. The name of the project (for example, |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::cloud::resourcemanager::v3::Project > |
the result of the RPC. The response message type (google.cloud.resourcemanager.v3.Project) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
GetProject(google::cloud::resourcemanager::v3::GetProjectRequest const &, Options)
Retrieves the project identified by the specified name
(for example, projects/415104041262
).
The caller must have resourcemanager.projects.get
permission for this project.
Parameters | |
---|---|
Name | Description |
request |
google::cloud::resourcemanager::v3::GetProjectRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::cloud::resourcemanager::v3::Project > |
the result of the RPC. The response message type (google.cloud.resourcemanager.v3.Project) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
ListProjects(std::string const &, Options)
Lists projects that are direct children of the specified folder or organization resource.
list()
provides a strongly consistent view of the projects underneath the specified parent resource. list()
returns projects sorted based upon the (ascending) lexical ordering of their display_name
. The caller must have resourcemanager.projects.list
permission on the identified parent.
Parameters | |
---|---|
Name | Description |
parent |
std::string const &
Required. The name of the parent resource whose projects are being listed. Only children of this parent resource are listed; descendants are not listed. |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StreamRange< google::cloud::resourcemanager::v3::Project > |
a StreamRange to iterate of the results. See the documentation of this type for details. In brief, this class has |
ListProjects(google::cloud::resourcemanager::v3::ListProjectsRequest, Options)
Lists projects that are direct children of the specified folder or organization resource.
list()
provides a strongly consistent view of the projects underneath the specified parent resource. list()
returns projects sorted based upon the (ascending) lexical ordering of their display_name
. The caller must have resourcemanager.projects.list
permission on the identified parent.
Parameters | |
---|---|
Name | Description |
request |
google::cloud::resourcemanager::v3::ListProjectsRequest
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StreamRange< google::cloud::resourcemanager::v3::Project > |
a StreamRange to iterate of the results. See the documentation of this type for details. In brief, this class has |
SearchProjects(std::string const &, Options)
Search for projects that the caller has both resourcemanager.projects.get
permission on, and also satisfy the specified query.
This method returns projects in an unspecified order.
This method is eventually consistent with project mutations; this means that a newly created project may not appear in the results or recent updates to an existing project may not be reflected in the results. To retrieve the latest state of a project, use the GetProject method.
Parameters | |
---|---|
Name | Description |
query |
std::string const &
Optional. A query string for searching for projects that the caller has |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StreamRange< google::cloud::resourcemanager::v3::Project > |
a StreamRange to iterate of the results. See the documentation of this type for details. In brief, this class has |
SearchProjects(google::cloud::resourcemanager::v3::SearchProjectsRequest, Options)
Search for projects that the caller has both resourcemanager.projects.get
permission on, and also satisfy the specified query.
This method returns projects in an unspecified order.
This method is eventually consistent with project mutations; this means that a newly created project may not appear in the results or recent updates to an existing project may not be reflected in the results. To retrieve the latest state of a project, use the GetProject method.
Parameters | |
---|---|
Name | Description |
request |
google::cloud::resourcemanager::v3::SearchProjectsRequest
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StreamRange< google::cloud::resourcemanager::v3::Project > |
a StreamRange to iterate of the results. See the documentation of this type for details. In brief, this class has |
CreateProject(google::cloud::resourcemanager::v3::Project const &, Options)
Request that a new project be created.
The result is an Operation
which can be used to track the creation process. This process usually takes a few seconds, but can sometimes take much longer. The tracking Operation
is automatically deleted after a few hours, so there is no need to call DeleteOperation
.
Parameters | |
---|---|
Name | Description |
project |
google::cloud::resourcemanager::v3::Project const &
Required. The Project to create. |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
future< StatusOr< google::cloud::resourcemanager::v3::Project > > |
A |
CreateProject(ExperimentalTag, NoAwaitTag, google::cloud::resourcemanager::v3::Project const &, Options)
Request that a new project be created.
Specifying the NoAwaitTag
immediately returns the [google::longrunning::Operation
] that corresponds to the Long Running Operation that has been started. No polling for operation status occurs.
Parameters | |
---|---|
Name | Description |
|
ExperimentalTag
|
|
NoAwaitTag
|
project |
google::cloud::resourcemanager::v3::Project const &
|
opts |
Options
|
Returns | |
---|---|
Type | Description |
StatusOr< google::longrunning::Operation > |
CreateProject(google::cloud::resourcemanager::v3::CreateProjectRequest const &, Options)
Request that a new project be created.
The result is an Operation
which can be used to track the creation process. This process usually takes a few seconds, but can sometimes take much longer. The tracking Operation
is automatically deleted after a few hours, so there is no need to call DeleteOperation
.
Parameters | |
---|---|
Name | Description |
request |
google::cloud::resourcemanager::v3::CreateProjectRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
future< StatusOr< google::cloud::resourcemanager::v3::Project > > |
A |
CreateProject(ExperimentalTag, NoAwaitTag, google::cloud::resourcemanager::v3::CreateProjectRequest const &, Options)
Request that a new project be created.
Specifying the NoAwaitTag
immediately returns the [google::longrunning::Operation
] that corresponds to the Long Running Operation that has been started. No polling for operation status occurs.
Parameters | |
---|---|
Name | Description |
|
ExperimentalTag
|
|
NoAwaitTag
|
request |
google::cloud::resourcemanager::v3::CreateProjectRequest const &
|
opts |
Options
|
Returns | |
---|---|
Type | Description |
StatusOr< google::longrunning::Operation > |
CreateProject(ExperimentalTag, google::longrunning::Operation const &, Options)
Request that a new project be created.
This method accepts a google::longrunning::Operation
that corresponds to a previously started Long Running Operation (LRO) and polls the status of the LRO in the background.
Parameters | |
---|---|
Name | Description |
|
ExperimentalTag
|
operation |
google::longrunning::Operation const &
|
opts |
Options
|
Returns | |
---|---|
Type | Description |
future< StatusOr< google::cloud::resourcemanager::v3::Project > > |
UpdateProject(google::cloud::resourcemanager::v3::Project const &, google::protobuf::FieldMask const &, Options)
Updates the display_name
and labels of the project identified by the specified name
(for example, projects/415104041262
).
Deleting all labels requires an update mask for labels field.
The caller must have resourcemanager.projects.update
permission for this project.
Parameters | |
---|---|
Name | Description |
project |
google::cloud::resourcemanager::v3::Project const &
Required. The new definition of the project. |
update_mask |
google::protobuf::FieldMask const &
Optional. An update mask to selectively update fields. |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
future< StatusOr< google::cloud::resourcemanager::v3::Project > > |
A |
UpdateProject(ExperimentalTag, NoAwaitTag, google::cloud::resourcemanager::v3::Project const &, google::protobuf::FieldMask const &, Options)
Updates the display_name
and labels of the project identified by the specified name
(for example, projects/415104041262
).
Specifying the NoAwaitTag
immediately returns the [google::longrunning::Operation
] that corresponds to the Long Running Operation that has been started. No polling for operation status occurs.
Parameters | |
---|---|
Name | Description |
|
ExperimentalTag
|
|
NoAwaitTag
|
project |
google::cloud::resourcemanager::v3::Project const &
|
update_mask |
google::protobuf::FieldMask const &
|
opts |
Options
|
Returns | |
---|---|
Type | Description |
StatusOr< google::longrunning::Operation > |
UpdateProject(google::cloud::resourcemanager::v3::UpdateProjectRequest const &, Options)
Updates the display_name
and labels of the project identified by the specified name
(for example, projects/415104041262
).
Deleting all labels requires an update mask for labels field.
The caller must have resourcemanager.projects.update
permission for this project.
Parameters | |
---|---|
Name | Description |
request |
google::cloud::resourcemanager::v3::UpdateProjectRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
future< StatusOr< google::cloud::resourcemanager::v3::Project > > |
A |
UpdateProject(ExperimentalTag, NoAwaitTag, google::cloud::resourcemanager::v3::UpdateProjectRequest const &, Options)
Updates the display_name
and labels of the project identified by the specified name
(for example, projects/415104041262
).
Specifying the NoAwaitTag
immediately returns the [google::longrunning::Operation
] that corresponds to the Long Running Operation that has been started. No polling for operation status occurs.
Parameters | |
---|---|
Name | Description |
|
ExperimentalTag
|
|
NoAwaitTag
|
request |
google::cloud::resourcemanager::v3::UpdateProjectRequest const &
|
opts |
Options
|
Returns | |
---|---|
Type | Description |
StatusOr< google::longrunning::Operation > |
UpdateProject(ExperimentalTag, google::longrunning::Operation const &, Options)
Updates the display_name
and labels of the project identified by the specified name
(for example, projects/415104041262
).
This method accepts a google::longrunning::Operation
that corresponds to a previously started Long Running Operation (LRO) and polls the status of the LRO in the background.
Parameters | |
---|---|
Name | Description |
|
ExperimentalTag
|
operation |
google::longrunning::Operation const &
|
opts |
Options
|
Returns | |
---|---|
Type | Description |
future< StatusOr< google::cloud::resourcemanager::v3::Project > > |
MoveProject(std::string const &, std::string const &, Options)
Move a project to another place in your resource hierarchy, under a new resource parent.
Returns an operation which can be used to track the process of the project move workflow. Upon success, the Operation.response
field will be populated with the moved project.
The caller must have resourcemanager.projects.move
permission on the project, on the project's current and proposed new parent.
If project has no current parent, or it currently does not have an associated organization resource, you will also need the resourcemanager.projects.setIamPolicy
permission in the project.
Parameters | |
---|---|
Name | Description |
name |
std::string const &
Required. The name of the project to move. |
destination_parent |
std::string const &
Required. The new parent to move the Project under. |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
future< StatusOr< google::cloud::resourcemanager::v3::Project > > |
A |
MoveProject(ExperimentalTag, NoAwaitTag, std::string const &, std::string const &, Options)
Move a project to another place in your resource hierarchy, under a new resource parent.
Specifying the NoAwaitTag
immediately returns the [google::longrunning::Operation
] that corresponds to the Long Running Operation that has been started. No polling for operation status occurs.
Parameters | |
---|---|
Name | Description |
|
ExperimentalTag
|
|
NoAwaitTag
|
name |
std::string const &
|
destination_parent |
std::string const &
|
opts |
Options
|
Returns | |
---|---|
Type | Description |
StatusOr< google::longrunning::Operation > |
MoveProject(google::cloud::resourcemanager::v3::MoveProjectRequest const &, Options)
Move a project to another place in your resource hierarchy, under a new resource parent.
Returns an operation which can be used to track the process of the project move workflow. Upon success, the Operation.response
field will be populated with the moved project.
The caller must have resourcemanager.projects.move
permission on the project, on the project's current and proposed new parent.
If project has no current parent, or it currently does not have an associated organization resource, you will also need the resourcemanager.projects.setIamPolicy
permission in the project.
Parameters | |
---|---|
Name | Description |
request |
google::cloud::resourcemanager::v3::MoveProjectRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
future< StatusOr< google::cloud::resourcemanager::v3::Project > > |
A |
MoveProject(ExperimentalTag, NoAwaitTag, google::cloud::resourcemanager::v3::MoveProjectRequest const &, Options)
Move a project to another place in your resource hierarchy, under a new resource parent.
Specifying the NoAwaitTag
immediately returns the [google::longrunning::Operation
] that corresponds to the Long Running Operation that has been started. No polling for operation status occurs.
Parameters | |
---|---|
Name | Description |
|
ExperimentalTag
|
|
NoAwaitTag
|
request |
google::cloud::resourcemanager::v3::MoveProjectRequest const &
|
opts |
Options
|
Returns | |
---|---|
Type | Description |
StatusOr< google::longrunning::Operation > |
MoveProject(ExperimentalTag, google::longrunning::Operation const &, Options)
Move a project to another place in your resource hierarchy, under a new resource parent.
This method accepts a google::longrunning::Operation
that corresponds to a previously started Long Running Operation (LRO) and polls the status of the LRO in the background.
Parameters | |
---|---|
Name | Description |
|
ExperimentalTag
|
operation |
google::longrunning::Operation const &
|
opts |
Options
|
Returns | |
---|---|
Type | Description |
future< StatusOr< google::cloud::resourcemanager::v3::Project > > |
DeleteProject(std::string const &, Options)
Marks the project identified by the specified name
(for example, projects/415104041262
) for deletion.
This method will only affect the project if it has a lifecycle state of ACTIVE.
This method changes the Project's lifecycle state from ACTIVE to DELETE_REQUESTED. The deletion starts at an unspecified time, at which point the Project is no longer accessible.
Until the deletion completes, you can check the lifecycle state checked by retrieving the project with [GetProject] [google.cloud.resourcemanager.v3.Projects.GetProject], and the project remains visible to [ListProjects] [google.cloud.resourcemanager.v3.Projects.ListProjects]. However, you cannot update the project.
After the deletion completes, the project is not retrievable by the [GetProject] [google.cloud.resourcemanager.v3.Projects.GetProject], [ListProjects] [google.cloud.resourcemanager.v3.Projects.ListProjects], and SearchProjects methods.
This method behaves idempotently, such that deleting a DELETE_REQUESTED
project will not cause an error, but also won't do anything.
The caller must have resourcemanager.projects.delete
permissions for this project.
Parameters | |
---|---|
Name | Description |
name |
std::string const &
Required. The name of the Project (for example, |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
future< StatusOr< google::cloud::resourcemanager::v3::Project > > |
A |
DeleteProject(ExperimentalTag, NoAwaitTag, std::string const &, Options)
Marks the project identified by the specified name
(for example, projects/415104041262
) for deletion.
Specifying the NoAwaitTag
immediately returns the [google::longrunning::Operation
] that corresponds to the Long Running Operation that has been started. No polling for operation status occurs.
Parameters | |
---|---|
Name | Description |
|
ExperimentalTag
|
|
NoAwaitTag
|
name |
std::string const &
|
opts |
Options
|
Returns | |
---|---|
Type | Description |
StatusOr< google::longrunning::Operation > |
DeleteProject(google::cloud::resourcemanager::v3::DeleteProjectRequest const &, Options)
Marks the project identified by the specified name
(for example, projects/415104041262
) for deletion.
This method will only affect the project if it has a lifecycle state of ACTIVE.
This method changes the Project's lifecycle state from ACTIVE to DELETE_REQUESTED. The deletion starts at an unspecified time, at which point the Project is no longer accessible.
Until the deletion completes, you can check the lifecycle state checked by retrieving the project with [GetProject] [google.cloud.resourcemanager.v3.Projects.GetProject], and the project remains visible to [ListProjects] [google.cloud.resourcemanager.v3.Projects.ListProjects]. However, you cannot update the project.
After the deletion completes, the project is not retrievable by the [GetProject] [google.cloud.resourcemanager.v3.Projects.GetProject], [ListProjects] [google.cloud.resourcemanager.v3.Projects.ListProjects], and SearchProjects methods.
This method behaves idempotently, such that deleting a DELETE_REQUESTED
project will not cause an error, but also won't do anything.
The caller must have resourcemanager.projects.delete
permissions for this project.
Parameters | |
---|---|
Name | Description |
request |
google::cloud::resourcemanager::v3::DeleteProjectRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
future< StatusOr< google::cloud::resourcemanager::v3::Project > > |
A |
DeleteProject(ExperimentalTag, NoAwaitTag, google::cloud::resourcemanager::v3::DeleteProjectRequest const &, Options)
Marks the project identified by the specified name
(for example, projects/415104041262
) for deletion.
Specifying the NoAwaitTag
immediately returns the [google::longrunning::Operation
] that corresponds to the Long Running Operation that has been started. No polling for operation status occurs.
Parameters | |
---|---|
Name | Description |
|
ExperimentalTag
|
|
NoAwaitTag
|
request |
google::cloud::resourcemanager::v3::DeleteProjectRequest const &
|
opts |
Options
|
Returns | |
---|---|
Type | Description |
StatusOr< google::longrunning::Operation > |
DeleteProject(ExperimentalTag, google::longrunning::Operation const &, Options)
Marks the project identified by the specified name
(for example, projects/415104041262
) for deletion.
This method accepts a google::longrunning::Operation
that corresponds to a previously started Long Running Operation (LRO) and polls the status of the LRO in the background.
Parameters | |
---|---|
Name | Description |
|
ExperimentalTag
|
operation |
google::longrunning::Operation const &
|
opts |
Options
|
Returns | |
---|---|
Type | Description |
future< StatusOr< google::cloud::resourcemanager::v3::Project > > |
UndeleteProject(std::string const &, Options)
Restores the project identified by the specified name
(for example, projects/415104041262
).
You can only use this method for a project that has a lifecycle state of [DELETE_REQUESTED] [Projects.State.DELETE_REQUESTED]. After deletion starts, the project cannot be restored.
The caller must have resourcemanager.projects.undelete
permission for this project.
Parameters | |
---|---|
Name | Description |
name |
std::string const &
Required. The name of the project (for example, |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
future< StatusOr< google::cloud::resourcemanager::v3::Project > > |
A |
UndeleteProject(ExperimentalTag, NoAwaitTag, std::string const &, Options)
Restores the project identified by the specified name
(for example, projects/415104041262
).
Specifying the NoAwaitTag
immediately returns the [google::longrunning::Operation
] that corresponds to the Long Running Operation that has been started. No polling for operation status occurs.
Parameters | |
---|---|
Name | Description |
|
ExperimentalTag
|
|
NoAwaitTag
|
name |
std::string const &
|
opts |
Options
|
Returns | |
---|---|
Type | Description |
StatusOr< google::longrunning::Operation > |
UndeleteProject(google::cloud::resourcemanager::v3::UndeleteProjectRequest const &, Options)
Restores the project identified by the specified name
(for example, projects/415104041262
).
You can only use this method for a project that has a lifecycle state of [DELETE_REQUESTED] [Projects.State.DELETE_REQUESTED]. After deletion starts, the project cannot be restored.
The caller must have resourcemanager.projects.undelete
permission for this project.
Parameters | |
---|---|
Name | Description |
request |
google::cloud::resourcemanager::v3::UndeleteProjectRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
future< StatusOr< google::cloud::resourcemanager::v3::Project > > |
A |
UndeleteProject(ExperimentalTag, NoAwaitTag, google::cloud::resourcemanager::v3::UndeleteProjectRequest const &, Options)
Restores the project identified by the specified name
(for example, projects/415104041262
).
Specifying the NoAwaitTag
immediately returns the [google::longrunning::Operation
] that corresponds to the Long Running Operation that has been started. No polling for operation status occurs.
Parameters | |
---|---|
Name | Description |
|
ExperimentalTag
|
|
NoAwaitTag
|
request |
google::cloud::resourcemanager::v3::UndeleteProjectRequest const &
|
opts |
Options
|
Returns | |
---|---|
Type | Description |
StatusOr< google::longrunning::Operation > |
UndeleteProject(ExperimentalTag, google::longrunning::Operation const &, Options)
Restores the project identified by the specified name
(for example, projects/415104041262
).
This method accepts a google::longrunning::Operation
that corresponds to a previously started Long Running Operation (LRO) and polls the status of the LRO in the background.
Parameters | |
---|---|
Name | Description |
|
ExperimentalTag
|
operation |
google::longrunning::Operation const &
|
opts |
Options
|
Returns | |
---|---|
Type | Description |
future< StatusOr< google::cloud::resourcemanager::v3::Project > > |
GetIamPolicy(std::string const &, Options)
Returns the IAM access control policy for the specified project, in the format projects/{ProjectIdOrNumber}
e.g.
projects/123. Permission is denied if the policy or the resource do not exist.
Parameters | |
---|---|
Name | Description |
resource |
std::string const &
REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::iam::v1::Policy > |
the result of the RPC. The response message type (google.iam.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
GetIamPolicy(google::iam::v1::GetIamPolicyRequest const &, Options)
Returns the IAM access control policy for the specified project, in the format projects/{ProjectIdOrNumber}
e.g.
projects/123. Permission is denied if the policy or the resource do not exist.
Parameters | |
---|---|
Name | Description |
request |
google::iam::v1::GetIamPolicyRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::iam::v1::Policy > |
the result of the RPC. The response message type (google.iam.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
SetIamPolicy(std::string const &, google::iam::v1::Policy const &, Options)
Sets the IAM access control policy for the specified project, in the format projects/{ProjectIdOrNumber}
e.g.
projects/123.
CAUTION: This method will replace the existing policy, and cannot be used to append additional IAM settings.
Note: Removing service accounts from policies or changing their roles can render services completely inoperable. It is important to understand how the service account is being used before removing or updating its roles.
The following constraints apply when using setIamPolicy()
:
- Project does not support
allUsers
andallAuthenticatedUsers
asmembers
in aBinding
of aPolicy
. - The owner role can be granted to a
user
,serviceAccount
, or a group that is part of an organization. For example, group@myownpersonaldomain.com could be added as an owner to a project in the myownpersonaldomain.com organization, but not the examplepetstore.com organization. - Service accounts can be made owners of a project directly without any restrictions. However, to be added as an owner, a user must be invited using the Cloud Platform console and must accept the invitation.
- A user cannot be granted the owner role using
setIamPolicy()
. The user must be granted the owner role using the Cloud Platform Console and must explicitly accept the invitation. - Invitations to grant the owner role cannot be sent using
setIamPolicy()
; they must be sent only using the Cloud Platform Console. - If the project is not part of an organization, there must be at least one owner who has accepted the Terms of Service (ToS) agreement in the policy. Calling
setIamPolicy()
to remove the last ToS-accepted owner from the policy will fail. This restriction also applies to legacy projects that no longer have owners who have accepted the ToS. Edits to IAM policies will be rejected until the lack of a ToS-accepting owner is rectified. If the project is part of an organization, you can remove all owners, potentially making the organization inaccessible.
Parameters | |
---|---|
Name | Description |
resource |
std::string const &
REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field. |
policy |
google::iam::v1::Policy const &
REQUIRED: The complete policy to be applied to the |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::iam::v1::Policy > |
the result of the RPC. The response message type (google.iam.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
SetIamPolicy(google::iam::v1::SetIamPolicyRequest const &, Options)
Sets the IAM access control policy for the specified project, in the format projects/{ProjectIdOrNumber}
e.g.
projects/123.
CAUTION: This method will replace the existing policy, and cannot be used to append additional IAM settings.
Note: Removing service accounts from policies or changing their roles can render services completely inoperable. It is important to understand how the service account is being used before removing or updating its roles.
The following constraints apply when using setIamPolicy()
:
- Project does not support
allUsers
andallAuthenticatedUsers
asmembers
in aBinding
of aPolicy
. - The owner role can be granted to a
user
,serviceAccount
, or a group that is part of an organization. For example, group@myownpersonaldomain.com could be added as an owner to a project in the myownpersonaldomain.com organization, but not the examplepetstore.com organization. - Service accounts can be made owners of a project directly without any restrictions. However, to be added as an owner, a user must be invited using the Cloud Platform console and must accept the invitation.
- A user cannot be granted the owner role using
setIamPolicy()
. The user must be granted the owner role using the Cloud Platform Console and must explicitly accept the invitation. - Invitations to grant the owner role cannot be sent using
setIamPolicy()
; they must be sent only using the Cloud Platform Console. - If the project is not part of an organization, there must be at least one owner who has accepted the Terms of Service (ToS) agreement in the policy. Calling
setIamPolicy()
to remove the last ToS-accepted owner from the policy will fail. This restriction also applies to legacy projects that no longer have owners who have accepted the ToS. Edits to IAM policies will be rejected until the lack of a ToS-accepting owner is rectified. If the project is part of an organization, you can remove all owners, potentially making the organization inaccessible.
Parameters | |
---|---|
Name | Description |
request |
google::iam::v1::SetIamPolicyRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::iam::v1::Policy > |
the result of the RPC. The response message type (google.iam.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
TestIamPermissions(std::string const &, std::vector< std::string > const &, Options)
Returns permissions that a caller has on the specified project, in the format projects/{ProjectIdOrNumber}
e.g.
projects/123..
Parameters | |
---|---|
Name | Description |
resource |
std::string const &
REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field. |
permissions |
std::vector< std::string > const &
The set of permissions to check for the |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::iam::v1::TestIamPermissionsResponse > |
the result of the RPC. The response message type (google.iam.v1.TestIamPermissionsResponse) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
TestIamPermissions(google::iam::v1::TestIamPermissionsRequest const &, Options)
Returns permissions that a caller has on the specified project, in the format projects/{ProjectIdOrNumber}
e.g.
projects/123..
Parameters | |
---|---|
Name | Description |
request |
google::iam::v1::TestIamPermissionsRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::iam::v1::TestIamPermissionsResponse > |
the result of the RPC. The response message type (google.iam.v1.TestIamPermissionsResponse) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |