Google Cloud Identity and Access Management (IAM) v1 API - Class IAMPolicyClient (3.1.0)

public abstract class IAMPolicyClient

Reference documentation and code samples for the Google Cloud Identity and Access Management (IAM) v1 API class IAMPolicyClient.

IAMPolicy client wrapper, for convenient use.

Inheritance

object > IAMPolicyClient

Derived Types

Namespace

Google.Cloud.Iam.V1

Assembly

Google.Cloud.Iam.V1.dll

Remarks

API Overview

Manages Identity and Access Management (IAM) policies.

Any implementation of an API that offers access control features implements the google.iam.v1.IAMPolicy interface.

Data model

Access control is applied when a principal (user or service account), takes some action on a resource exposed by a service. Resources, identified by URI-like names, are the unit of access control specification. Service implementations can choose the granularity of access control and the supported permissions for their resources. For example one database service may allow access control to be specified only at the Table level, whereas another might allow access control to also be specified at the Column level.

Policy Structure

See google.iam.v1.Policy

This is intentionally not a CRUD style API because access control policies are created and deleted implicitly with the resources to which they are attached.

Properties

DefaultEndpoint

public static string DefaultEndpoint { get; }

The default endpoint for the IAMPolicy service, which is a host of "iam-meta-api.googleapis.com" and a port of 443.

Property Value
TypeDescription
string

DefaultScopes

public static IReadOnlyList<string> DefaultScopes { get; }

The default IAMPolicy scopes.

Property Value
TypeDescription
IReadOnlyListstring
Remarks

The default IAMPolicy scopes are:

    GrpcClient

    public virtual IAMPolicy.IAMPolicyClient GrpcClient { get; }

    The underlying gRPC IAMPolicy client

    Property Value
    TypeDescription
    IAMPolicyIAMPolicyClient

    ServiceMetadata

    public static ServiceMetadata ServiceMetadata { get; }

    The service metadata associated with this client type.

    Property Value
    TypeDescription
    ServiceMetadata

    Methods

    Create()

    public static IAMPolicyClient Create()

    Synchronously creates a IAMPolicyClient using the default credentials, endpoint and settings. To specify custom credentials or other settings, use IAMPolicyClientBuilder.

    Returns
    TypeDescription
    IAMPolicyClient

    The created IAMPolicyClient.

    CreateAsync(CancellationToken)

    public static Task<IAMPolicyClient> CreateAsync(CancellationToken cancellationToken = default)

    Asynchronously creates a IAMPolicyClient using the default credentials, endpoint and settings. To specify custom credentials or other settings, use IAMPolicyClientBuilder.

    Parameter
    NameDescription
    cancellationTokenCancellationToken

    The CancellationToken to use while creating the client.

    Returns
    TypeDescription
    TaskIAMPolicyClient

    The task representing the created IAMPolicyClient.

    GetIamPolicy(GetIamPolicyRequest, CallSettings)

    public virtual Policy GetIamPolicy(GetIamPolicyRequest request, CallSettings callSettings = null)

    Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

    Parameters
    NameDescription
    requestGetIamPolicyRequest

    The request object containing all of the parameters for the API call.

    callSettingsCallSettings

    If not null, applies overrides to this RPC call.

    Returns
    TypeDescription
    Policy

    The RPC response.

    Example
    // Create client
    IAMPolicyClient iAMPolicyClient = IAMPolicyClient.Create();
    // Initialize request argument(s)
    GetIamPolicyRequest request = new GetIamPolicyRequest
    {
        ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
        Options = new GetPolicyOptions(),
    };
    // Make the request
    Policy response = iAMPolicyClient.GetIamPolicy(request);
    

    GetIamPolicyAsync(GetIamPolicyRequest, CallSettings)

    public virtual Task<Policy> GetIamPolicyAsync(GetIamPolicyRequest request, CallSettings callSettings = null)

    Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

    Parameters
    NameDescription
    requestGetIamPolicyRequest

    The request object containing all of the parameters for the API call.

    callSettingsCallSettings

    If not null, applies overrides to this RPC call.

    Returns
    TypeDescription
    TaskPolicy

    A Task containing the RPC response.

    Example
    // Create client
    IAMPolicyClient iAMPolicyClient = await IAMPolicyClient.CreateAsync();
    // Initialize request argument(s)
    GetIamPolicyRequest request = new GetIamPolicyRequest
    {
        ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
        Options = new GetPolicyOptions(),
    };
    // Make the request
    Policy response = await iAMPolicyClient.GetIamPolicyAsync(request);
    

    GetIamPolicyAsync(GetIamPolicyRequest, CancellationToken)

    public virtual Task<Policy> GetIamPolicyAsync(GetIamPolicyRequest request, CancellationToken cancellationToken)

    Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

    Parameters
    NameDescription
    requestGetIamPolicyRequest

    The request object containing all of the parameters for the API call.

    cancellationTokenCancellationToken

    A CancellationToken to use for this RPC.

    Returns
    TypeDescription
    TaskPolicy

    A Task containing the RPC response.

    Example
    // Create client
    IAMPolicyClient iAMPolicyClient = await IAMPolicyClient.CreateAsync();
    // Initialize request argument(s)
    GetIamPolicyRequest request = new GetIamPolicyRequest
    {
        ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
        Options = new GetPolicyOptions(),
    };
    // Make the request
    Policy response = await iAMPolicyClient.GetIamPolicyAsync(request);
    

    SetIamPolicy(SetIamPolicyRequest, CallSettings)

    public virtual Policy SetIamPolicy(SetIamPolicyRequest request, CallSettings callSettings = null)

    Sets the access control policy on the specified resource. Replaces any existing policy.

    Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED errors.

    Parameters
    NameDescription
    requestSetIamPolicyRequest

    The request object containing all of the parameters for the API call.

    callSettingsCallSettings

    If not null, applies overrides to this RPC call.

    Returns
    TypeDescription
    Policy

    The RPC response.

    Example
    // Create client
    IAMPolicyClient iAMPolicyClient = IAMPolicyClient.Create();
    // Initialize request argument(s)
    SetIamPolicyRequest request = new SetIamPolicyRequest
    {
        ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
        Policy = new Policy(),
        UpdateMask = new FieldMask(),
    };
    // Make the request
    Policy response = iAMPolicyClient.SetIamPolicy(request);
    

    SetIamPolicyAsync(SetIamPolicyRequest, CallSettings)

    public virtual Task<Policy> SetIamPolicyAsync(SetIamPolicyRequest request, CallSettings callSettings = null)

    Sets the access control policy on the specified resource. Replaces any existing policy.

    Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED errors.

    Parameters
    NameDescription
    requestSetIamPolicyRequest

    The request object containing all of the parameters for the API call.

    callSettingsCallSettings

    If not null, applies overrides to this RPC call.

    Returns
    TypeDescription
    TaskPolicy

    A Task containing the RPC response.

    Example
    // Create client
    IAMPolicyClient iAMPolicyClient = await IAMPolicyClient.CreateAsync();
    // Initialize request argument(s)
    SetIamPolicyRequest request = new SetIamPolicyRequest
    {
        ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
        Policy = new Policy(),
        UpdateMask = new FieldMask(),
    };
    // Make the request
    Policy response = await iAMPolicyClient.SetIamPolicyAsync(request);
    

    SetIamPolicyAsync(SetIamPolicyRequest, CancellationToken)

    public virtual Task<Policy> SetIamPolicyAsync(SetIamPolicyRequest request, CancellationToken cancellationToken)

    Sets the access control policy on the specified resource. Replaces any existing policy.

    Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED errors.

    Parameters
    NameDescription
    requestSetIamPolicyRequest

    The request object containing all of the parameters for the API call.

    cancellationTokenCancellationToken

    A CancellationToken to use for this RPC.

    Returns
    TypeDescription
    TaskPolicy

    A Task containing the RPC response.

    Example
    // Create client
    IAMPolicyClient iAMPolicyClient = await IAMPolicyClient.CreateAsync();
    // Initialize request argument(s)
    SetIamPolicyRequest request = new SetIamPolicyRequest
    {
        ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
        Policy = new Policy(),
        UpdateMask = new FieldMask(),
    };
    // Make the request
    Policy response = await iAMPolicyClient.SetIamPolicyAsync(request);
    

    ShutdownDefaultChannelsAsync()

    public static Task ShutdownDefaultChannelsAsync()

    Shuts down any channels automatically created by Create() and CreateAsync(CancellationToken). Channels which weren't automatically created are not affected.

    Returns
    TypeDescription
    Task

    A task representing the asynchronous shutdown operation.

    Remarks

    After calling this method, further calls to Create() and CreateAsync(CancellationToken) will create new channels, which could in turn be shut down by another call to this method.

    TestIamPermissions(TestIamPermissionsRequest, CallSettings)

    public virtual TestIamPermissionsResponse TestIamPermissions(TestIamPermissionsRequest request, CallSettings callSettings = null)

    Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.

    Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.

    Parameters
    NameDescription
    requestTestIamPermissionsRequest

    The request object containing all of the parameters for the API call.

    callSettingsCallSettings

    If not null, applies overrides to this RPC call.

    Returns
    TypeDescription
    TestIamPermissionsResponse

    The RPC response.

    Example
    // Create client
    IAMPolicyClient iAMPolicyClient = IAMPolicyClient.Create();
    // Initialize request argument(s)
    TestIamPermissionsRequest request = new TestIamPermissionsRequest
    {
        ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
        Permissions = { "", },
    };
    // Make the request
    TestIamPermissionsResponse response = iAMPolicyClient.TestIamPermissions(request);
    

    TestIamPermissionsAsync(TestIamPermissionsRequest, CallSettings)

    public virtual Task<TestIamPermissionsResponse> TestIamPermissionsAsync(TestIamPermissionsRequest request, CallSettings callSettings = null)

    Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.

    Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.

    Parameters
    NameDescription
    requestTestIamPermissionsRequest

    The request object containing all of the parameters for the API call.

    callSettingsCallSettings

    If not null, applies overrides to this RPC call.

    Returns
    TypeDescription
    TaskTestIamPermissionsResponse

    A Task containing the RPC response.

    Example
    // Create client
    IAMPolicyClient iAMPolicyClient = await IAMPolicyClient.CreateAsync();
    // Initialize request argument(s)
    TestIamPermissionsRequest request = new TestIamPermissionsRequest
    {
        ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
        Permissions = { "", },
    };
    // Make the request
    TestIamPermissionsResponse response = await iAMPolicyClient.TestIamPermissionsAsync(request);
    

    TestIamPermissionsAsync(TestIamPermissionsRequest, CancellationToken)

    public virtual Task<TestIamPermissionsResponse> TestIamPermissionsAsync(TestIamPermissionsRequest request, CancellationToken cancellationToken)

    Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.

    Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.

    Parameters
    NameDescription
    requestTestIamPermissionsRequest

    The request object containing all of the parameters for the API call.

    cancellationTokenCancellationToken

    A CancellationToken to use for this RPC.

    Returns
    TypeDescription
    TaskTestIamPermissionsResponse

    A Task containing the RPC response.

    Example
    // Create client
    IAMPolicyClient iAMPolicyClient = await IAMPolicyClient.CreateAsync();
    // Initialize request argument(s)
    TestIamPermissionsRequest request = new TestIamPermissionsRequest
    {
        ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
        Permissions = { "", },
    };
    // Make the request
    TestIamPermissionsResponse response = await iAMPolicyClient.TestIamPermissionsAsync(request);