向项目成员授予 tagTemplateUser 角色。
深入探索
如需查看包含此代码示例的详细文档,请参阅以下内容:
代码示例
Java
在尝试此示例之前,请按照《Data Catalog 快速入门:使用客户端库》中的 Java 设置说明进行操作。如需了解详情,请参阅 Data Catalog Java API 参考文档。
import com.google.cloud.datacatalog.v1.DataCatalogClient;
import com.google.cloud.datacatalog.v1.TagTemplateName;
import com.google.iam.v1.Binding;
import com.google.iam.v1.Policy;
import com.google.iam.v1.SetIamPolicyRequest;
import java.io.IOException;
// Sample to grant tag access on template
public class GrantTagTemplateUserRole {
public static void main(String[] args) throws IOException {
// TODO(developer): Replace these variables before running the sample.
String projectId = "my-project";
String tagTemplateId = "my_tag_template";
grantTagTemplateUserRole(projectId, tagTemplateId);
}
public static void grantTagTemplateUserRole(String projectId, String templateId)
throws IOException {
// Currently, Data Catalog stores metadata in the us-central1 region.
String location = "us-central1";
// Format the Template name.
String templateName =
TagTemplateName.newBuilder()
.setProject(projectId)
.setLocation(location)
.setTagTemplate(templateId)
.build()
.toString();
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try (DataCatalogClient dataCatalogClient = DataCatalogClient.create()) {
// Create a Binding to add the Tag Template User role and member to the policy.
Binding binding =
Binding.newBuilder()
.setRole("roles/datacatalog.tagTemplateUser")
.addMembers("group:example-analyst-group@google.com")
.build();
// Create a Policy object to update Template's IAM policy by adding the new binding.
Policy policyUpdate = Policy.newBuilder().addBindings(binding).build();
SetIamPolicyRequest request =
SetIamPolicyRequest.newBuilder()
.setPolicy(policyUpdate)
.setResource(templateName)
.build();
// Update Template's policy.
dataCatalogClient.setIamPolicy(request);
System.out.println("Role successfully granted");
}
}
}
Node.js
在尝试此示例之前,请按照《Data Catalog 快速入门:使用客户端库》中的 Node.js 设置说明进行操作。如需了解详情,请参阅 Data Catalog Node.js API 参考文档。
// Import the Google Cloud client library.
const {DataCatalogClient} = require('@google-cloud/datacatalog').v1;
const datacatalog = new DataCatalogClient();
async function grantTagTemplateUserRole() {
// Grant the tagTemplateUser role to a member of the project.
/**
* TODO(developer): Uncomment the following lines before running the sample.
*/
// const projectId = 'my_project'; // Google Cloud Platform project
// const templateId = 'my_existing_template';
// const memberId = 'my_member_id'
const location = 'us-central1';
// Format the Template name.
const templateName = datacatalog.tagTemplatePath(
projectId,
location,
templateId
);
// Retrieve Template's current IAM Policy.
const [getPolicyResponse] = await datacatalog.getIamPolicy({
resource: templateName,
});
const policy = getPolicyResponse;
// Add Tag Template User role and member to the policy.
policy.bindings.push({
role: 'roles/datacatalog.tagTemplateUser',
members: [memberId],
});
const request = {
resource: templateName,
policy: policy,
};
// Update Template's policy.
const [updatePolicyResponse] = await datacatalog.setIamPolicy(request);
updatePolicyResponse.bindings.forEach(binding => {
console.log(`Role: ${binding.role}, Members: ${binding.members}`);
});
}
grantTagTemplateUserRole();
Python
在尝试此示例之前,请按照《Data Catalog 快速入门:使用客户端库》中的 Python 设置说明进行操作。如需了解详情,请参阅 Data Catalog Python API 参考文档。
from google.cloud import datacatalog_v1
from google.iam.v1 import iam_policy_pb2 as iam_policy
from google.iam.v1 import policy_pb2
datacatalog = datacatalog_v1.DataCatalogClient()
# TODO: Set these values before running the sample.
project_id = "project_id"
tag_template_id = "existing_tag_template_id"
# For a full list of values a member can have, see:
# https://cloud.google.com/iam/docs/reference/rest/v1/Policy?hl=en#binding
member_id = "user:super-cool.test-user@gmail.com"
# For all regions available, see:
# https://cloud.google.com/data-catalog/docs/concepts/regions
location = "us-central1"
# Format the Template name.
template_name = datacatalog_v1.DataCatalogClient.tag_template_path(
project_id, location, tag_template_id
)
# Retrieve Template's current IAM Policy.
policy = datacatalog.get_iam_policy(resource=template_name)
# Add Tag Template User role and member to the policy.
binding = policy_pb2.Binding()
binding.role = "roles/datacatalog.tagTemplateUser"
binding.members.append(member_id)
policy.bindings.append(binding)
set_policy_request = iam_policy.SetIamPolicyRequest(
resource=template_name, policy=policy
)
# Update Template's policy.
policy = datacatalog.set_iam_policy(set_policy_request)
for binding in policy.bindings:
for member in binding.members:
print(f"Member: {member}, Role: {binding.role}")
后续步骤
如需搜索和过滤其他 Google Cloud 产品的代码示例,请参阅 Google Cloud 示例浏览器。