public abstract class IAMPolicyClient
Reference documentation and code samples for the Google Cloud Identity and Access Management (IAM) v1 API class IAMPolicyClient.
IAMPolicy client wrapper, for convenient use.
Derived Types
Namespace
Google.Cloud.Iam.V1Assembly
Google.Cloud.Iam.V1.dll
Remarks
API Overview
Manages Identity and Access Management (IAM) policies.
Any implementation of an API that offers access control features implements the google.iam.v1.IAMPolicy interface.
Data model
Access control is applied when a principal (user or service account), takes some action on a resource exposed by a service. Resources, identified by URI-like names, are the unit of access control specification. Service implementations can choose the granularity of access control and the supported permissions for their resources. For example one database service may allow access control to be specified only at the Table level, whereas another might allow access control to also be specified at the Column level.
Policy Structure
See google.iam.v1.Policy
This is intentionally not a CRUD style API because access control policies are created and deleted implicitly with the resources to which they are attached.
Properties
DefaultEndpoint
public static string DefaultEndpoint { get; }
The default endpoint for the IAMPolicy service, which is a host of "iam-meta-api.googleapis.com" and a port of 443.
Property Value | |
---|---|
Type | Description |
string |
DefaultScopes
public static IReadOnlyList<string> DefaultScopes { get; }
The default IAMPolicy scopes.
Property Value | |
---|---|
Type | Description |
IReadOnlyListstring |
The default IAMPolicy scopes are:
GrpcClient
public virtual IAMPolicy.IAMPolicyClient GrpcClient { get; }
The underlying gRPC IAMPolicy client
Property Value | |
---|---|
Type | Description |
IAMPolicyIAMPolicyClient |
ServiceMetadata
public static ServiceMetadata ServiceMetadata { get; }
The service metadata associated with this client type.
Property Value | |
---|---|
Type | Description |
ServiceMetadata |
Methods
Create()
public static IAMPolicyClient Create()
Synchronously creates a IAMPolicyClient using the default credentials, endpoint and settings. To specify custom credentials or other settings, use IAMPolicyClientBuilder.
Returns | |
---|---|
Type | Description |
IAMPolicyClient | The created IAMPolicyClient. |
CreateAsync(CancellationToken)
public static Task<IAMPolicyClient> CreateAsync(CancellationToken cancellationToken = default)
Asynchronously creates a IAMPolicyClient using the default credentials, endpoint and settings. To specify custom credentials or other settings, use IAMPolicyClientBuilder.
Parameter | |
---|---|
Name | Description |
cancellationToken | CancellationToken The CancellationToken to use while creating the client. |
Returns | |
---|---|
Type | Description |
TaskIAMPolicyClient | The task representing the created IAMPolicyClient. |
GetIamPolicy(GetIamPolicyRequest, CallSettings)
public virtual Policy GetIamPolicy(GetIamPolicyRequest request, CallSettings callSettings = null)
Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
Parameters | |
---|---|
Name | Description |
request | GetIamPolicyRequest The request object containing all of the parameters for the API call. |
callSettings | CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
Policy | The RPC response. |
// Create client
IAMPolicyClient iAMPolicyClient = IAMPolicyClient.Create();
// Initialize request argument(s)
GetIamPolicyRequest request = new GetIamPolicyRequest
{
ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
Options = new GetPolicyOptions(),
};
// Make the request
Policy response = iAMPolicyClient.GetIamPolicy(request);
GetIamPolicyAsync(GetIamPolicyRequest, CallSettings)
public virtual Task<Policy> GetIamPolicyAsync(GetIamPolicyRequest request, CallSettings callSettings = null)
Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
Parameters | |
---|---|
Name | Description |
request | GetIamPolicyRequest The request object containing all of the parameters for the API call. |
callSettings | CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
TaskPolicy | A Task containing the RPC response. |
// Create client
IAMPolicyClient iAMPolicyClient = await IAMPolicyClient.CreateAsync();
// Initialize request argument(s)
GetIamPolicyRequest request = new GetIamPolicyRequest
{
ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
Options = new GetPolicyOptions(),
};
// Make the request
Policy response = await iAMPolicyClient.GetIamPolicyAsync(request);
GetIamPolicyAsync(GetIamPolicyRequest, CancellationToken)
public virtual Task<Policy> GetIamPolicyAsync(GetIamPolicyRequest request, CancellationToken cancellationToken)
Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
Parameters | |
---|---|
Name | Description |
request | GetIamPolicyRequest The request object containing all of the parameters for the API call. |
cancellationToken | CancellationToken A CancellationToken to use for this RPC. |
Returns | |
---|---|
Type | Description |
TaskPolicy | A Task containing the RPC response. |
// Create client
IAMPolicyClient iAMPolicyClient = await IAMPolicyClient.CreateAsync();
// Initialize request argument(s)
GetIamPolicyRequest request = new GetIamPolicyRequest
{
ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
Options = new GetPolicyOptions(),
};
// Make the request
Policy response = await iAMPolicyClient.GetIamPolicyAsync(request);
SetIamPolicy(SetIamPolicyRequest, CallSettings)
public virtual Policy SetIamPolicy(SetIamPolicyRequest request, CallSettings callSettings = null)
Sets the access control policy on the specified resource. Replaces any existing policy.
Can return NOT_FOUND
, INVALID_ARGUMENT
, and PERMISSION_DENIED
errors.
Parameters | |
---|---|
Name | Description |
request | SetIamPolicyRequest The request object containing all of the parameters for the API call. |
callSettings | CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
Policy | The RPC response. |
// Create client
IAMPolicyClient iAMPolicyClient = IAMPolicyClient.Create();
// Initialize request argument(s)
SetIamPolicyRequest request = new SetIamPolicyRequest
{
ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
Policy = new Policy(),
UpdateMask = new FieldMask(),
};
// Make the request
Policy response = iAMPolicyClient.SetIamPolicy(request);
SetIamPolicyAsync(SetIamPolicyRequest, CallSettings)
public virtual Task<Policy> SetIamPolicyAsync(SetIamPolicyRequest request, CallSettings callSettings = null)
Sets the access control policy on the specified resource. Replaces any existing policy.
Can return NOT_FOUND
, INVALID_ARGUMENT
, and PERMISSION_DENIED
errors.
Parameters | |
---|---|
Name | Description |
request | SetIamPolicyRequest The request object containing all of the parameters for the API call. |
callSettings | CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
TaskPolicy | A Task containing the RPC response. |
// Create client
IAMPolicyClient iAMPolicyClient = await IAMPolicyClient.CreateAsync();
// Initialize request argument(s)
SetIamPolicyRequest request = new SetIamPolicyRequest
{
ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
Policy = new Policy(),
UpdateMask = new FieldMask(),
};
// Make the request
Policy response = await iAMPolicyClient.SetIamPolicyAsync(request);
SetIamPolicyAsync(SetIamPolicyRequest, CancellationToken)
public virtual Task<Policy> SetIamPolicyAsync(SetIamPolicyRequest request, CancellationToken cancellationToken)
Sets the access control policy on the specified resource. Replaces any existing policy.
Can return NOT_FOUND
, INVALID_ARGUMENT
, and PERMISSION_DENIED
errors.
Parameters | |
---|---|
Name | Description |
request | SetIamPolicyRequest The request object containing all of the parameters for the API call. |
cancellationToken | CancellationToken A CancellationToken to use for this RPC. |
Returns | |
---|---|
Type | Description |
TaskPolicy | A Task containing the RPC response. |
// Create client
IAMPolicyClient iAMPolicyClient = await IAMPolicyClient.CreateAsync();
// Initialize request argument(s)
SetIamPolicyRequest request = new SetIamPolicyRequest
{
ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
Policy = new Policy(),
UpdateMask = new FieldMask(),
};
// Make the request
Policy response = await iAMPolicyClient.SetIamPolicyAsync(request);
ShutdownDefaultChannelsAsync()
public static Task ShutdownDefaultChannelsAsync()
Shuts down any channels automatically created by Create() and CreateAsync(CancellationToken). Channels which weren't automatically created are not affected.
Returns | |
---|---|
Type | Description |
Task | A task representing the asynchronous shutdown operation. |
After calling this method, further calls to Create() and CreateAsync(CancellationToken) will create new channels, which could in turn be shut down by another call to this method.
TestIamPermissions(TestIamPermissionsRequest, CallSettings)
public virtual TestIamPermissionsResponse TestIamPermissions(TestIamPermissionsRequest request, CallSettings callSettings = null)
Returns permissions that a caller has on the specified resource.
If the resource does not exist, this will return an empty set of
permissions, not a NOT_FOUND
error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
Parameters | |
---|---|
Name | Description |
request | TestIamPermissionsRequest The request object containing all of the parameters for the API call. |
callSettings | CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
TestIamPermissionsResponse | The RPC response. |
// Create client
IAMPolicyClient iAMPolicyClient = IAMPolicyClient.Create();
// Initialize request argument(s)
TestIamPermissionsRequest request = new TestIamPermissionsRequest
{
ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
Permissions = { "", },
};
// Make the request
TestIamPermissionsResponse response = iAMPolicyClient.TestIamPermissions(request);
TestIamPermissionsAsync(TestIamPermissionsRequest, CallSettings)
public virtual Task<TestIamPermissionsResponse> TestIamPermissionsAsync(TestIamPermissionsRequest request, CallSettings callSettings = null)
Returns permissions that a caller has on the specified resource.
If the resource does not exist, this will return an empty set of
permissions, not a NOT_FOUND
error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
Parameters | |
---|---|
Name | Description |
request | TestIamPermissionsRequest The request object containing all of the parameters for the API call. |
callSettings | CallSettings If not null, applies overrides to this RPC call. |
Returns | |
---|---|
Type | Description |
TaskTestIamPermissionsResponse | A Task containing the RPC response. |
// Create client
IAMPolicyClient iAMPolicyClient = await IAMPolicyClient.CreateAsync();
// Initialize request argument(s)
TestIamPermissionsRequest request = new TestIamPermissionsRequest
{
ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
Permissions = { "", },
};
// Make the request
TestIamPermissionsResponse response = await iAMPolicyClient.TestIamPermissionsAsync(request);
TestIamPermissionsAsync(TestIamPermissionsRequest, CancellationToken)
public virtual Task<TestIamPermissionsResponse> TestIamPermissionsAsync(TestIamPermissionsRequest request, CancellationToken cancellationToken)
Returns permissions that a caller has on the specified resource.
If the resource does not exist, this will return an empty set of
permissions, not a NOT_FOUND
error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
Parameters | |
---|---|
Name | Description |
request | TestIamPermissionsRequest The request object containing all of the parameters for the API call. |
cancellationToken | CancellationToken A CancellationToken to use for this RPC. |
Returns | |
---|---|
Type | Description |
TaskTestIamPermissionsResponse | A Task containing the RPC response. |
// Create client
IAMPolicyClient iAMPolicyClient = await IAMPolicyClient.CreateAsync();
// Initialize request argument(s)
TestIamPermissionsRequest request = new TestIamPermissionsRequest
{
ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
Permissions = { "", },
};
// Make the request
TestIamPermissionsResponse response = await iAMPolicyClient.TestIamPermissionsAsync(request);