Returns permissions that a caller has on the specified resource. If the resource does not exist, this returns an empty set of permissions, not a NOT_FOUND
error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
HTTP request
POST https://dns.googleapis.com/dns/v1beta2/{resource=projects/*/managedZones/*}:testIamPermissions
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
resource |
REQUIRED: The resource for which the policy detail is being requested. See Resource names for the appropriate value for this field. It takes the form |
Request body
The request body contains data with the following structure:
JSON representation |
---|
{ "permissions": [ string ] } |
Fields | |
---|---|
permissions[] |
The set of permissions to check for the |
Response body
Response message for managedZones.testIamPermissions
method.
If successful, the response body contains data with the following structure:
JSON representation |
---|
{ "permissions": [ string ] } |
Fields | |
---|---|
permissions[] |
A subset of |
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/cloud-platform
https://www.googleapis.com/auth/cloud-platform.read-only
https://www.googleapis.com/auth/ndev.clouddns.readonly
https://www.googleapis.com/auth/ndev.clouddns.readwrite
For more information, see the Authentication Overview.