Get an IAM policy
Stay organized with collections
Save and categorize content based on your preferences.
Demonstrates retrieving an IAM policy.
Explore further
For detailed documentation that includes this code sample, see the following:
Code sample
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],[],[],[],null,["Demonstrates retrieving an IAM policy.\n\nExplore further\n\n\nFor detailed documentation that includes this code sample, see the following:\n\n- [Manage access to projects, folders, and organizations](/iam/docs/granting-changing-revoking-access)\n\nCode sample \n\nC++\n\n\nTo learn how to install and use the client library for IAM, see\n[IAM client libraries](/iam/docs/reference/libraries).\n\n\nFor more information, see the\n[IAM C++ API\nreference documentation](/cpp/docs/reference/iam/latest).\n\n\nTo authenticate to IAM, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n namespace iam = ::google::cloud::iam_admin_v1;\n [](std::string const& name) {\n iam::IAMClient client(iam::MakeIAMConnection());\n auto response = client.GetIamPolicy(name);\n if (!response) throw std::move(response).status();\n std::cout \u003c\u003c \"Policy successfully retrieved: \" \u003c\u003c response-\u003eDebugString()\n \u003c\u003c \"\\n\";\n }\n\nC#\n\n\nTo learn how to install and use the client library for IAM, see\n[IAM client libraries](/iam/docs/reference/libraries).\n\n\nFor more information, see the\n[IAM C# API\nreference documentation](https://developers.google.com/api-client-library/dotnet/apis/iam/v1).\n\n\nTo authenticate to IAM, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n\n using https://cloud.google.com/dotnet/docs/reference/Google.Apis/latest/Google.Apis.Auth.OAuth2.html;\n using Google.Apis.CloudResourceManager.v1;\n using Google.Apis.CloudResourceManager.v1.Data;\n\n public partial class AccessManager\n {\n public static Policy GetPolicy(string projectId)\n {\n var credential = https://cloud.google.com/dotnet/docs/reference/Google.Apis/latest/Google.Apis.Auth.OAuth2.GoogleCredential.html.https://cloud.google.com/dotnet/docs/reference/Google.Apis/latest/Google.Apis.Auth.OAuth2.GoogleCredential.html#Google_Apis_Auth_OAuth2_GoogleCredential_GetApplicationDefault()\n .https://cloud.google.com/dotnet/docs/reference/Google.Apis/latest/Google.Apis.Auth.OAuth2.GoogleCredential.html#Google_Apis_Auth_OAuth2_GoogleCredential_CreateScoped_System_Collections_Generic_IEnumerable_System_String__(CloudResourceManagerService.Scope.CloudPlatform);\n var service = new CloudResourceManagerService(\n new CloudResourceManagerService.Initializer\n {\n HttpClientInitializer = credential\n });\n\n var policy = service.Projects.GetIamPolicy(new GetIamPolicyRequest(),\n projectId).Execute();\n return policy;\n }\n }\n\nJava\n\n\nTo learn how to install and use the client library for IAM, see\n[IAM client libraries](/iam/docs/reference/libraries).\n\n\nFor more information, see the\n[IAM Java API\nreference documentation](https://developers.google.com/api-client-library/java/apis/iam/v1).\n\n\nTo authenticate to IAM, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n import com.google.cloud.resourcemanager.v3.https://cloud.google.com/java/docs/reference/google-cloud-resourcemanager/latest/com.google.cloud.resourcemanager.v3.ProjectsClient.html;\n import com.google.iam.admin.v1.https://cloud.google.com/java/docs/reference/google-cloud-resourcemanager/latest/com.google.cloud.resourcemanager.v3.ProjectName.html;\n import com.google.iam.v1.https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.GetIamPolicyRequest.html;\n import com.google.iam.v1.https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.Policy.html;\n import java.io.IOException;\n\n public class GetProjectPolicy {\n public static void main(String[] args) throws IOException {\n // TODO(developer): Replace the variables before running the sample.\n // TODO: Replace with your project ID.\n String projectId = \"your-project-id\";\n\n getProjectPolicy(projectId);\n }\n\n // Gets a project's policy.\n public static https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.Policy.html getProjectPolicy(String projectId) throws IOException {\n // Initialize client that will be used to send requests.\n // This client only needs to be created once, and can be reused for multiple requests.\n try (https://cloud.google.com/java/docs/reference/google-cloud-resourcemanager/latest/com.google.cloud.resourcemanager.v3.ProjectsClient.html projectsClient = https://cloud.google.com/java/docs/reference/google-cloud-resourcemanager/latest/com.google.cloud.resourcemanager.v3.ProjectsClient.html.create()) {\n https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.GetIamPolicyRequest.html request = https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.GetIamPolicyRequest.html.newBuilder()\n .setResource(https://cloud.google.com/java/docs/reference/google-cloud-resourcemanager/latest/com.google.cloud.resourcemanager.v3.ProjectName.html.of(projectId).toString())\n .build();\n return projectsClient.getIamPolicy(request);\n }\n }\n }\n\nPython\n\n\nTo learn how to install and use the client library for IAM, see\n[IAM client libraries](/iam/docs/reference/libraries).\n\n\nFor more information, see the\n[IAM Python API\nreference documentation](https://developers.google.com/api-client-library/python/apis/iam/v1).\n\n\nTo authenticate to IAM, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n from google.cloud import resourcemanager_v3\n from google.iam.v1 import iam_policy_pb2, policy_pb2\n\n\n def get_project_policy(project_id: str) -\u003e policy_pb2.Policy:\n \"\"\"Get policy for project.\n\n project_id: ID or number of the Google Cloud project you want to use.\n \"\"\"\n\n client = resourcemanager_v3.ProjectsClient()\n request = iam_policy_pb2.GetIamPolicyRequest()\n request.resource = f\"projects/{project_id}\"\n\n policy = client.get_iam_policy(request)\n print(f\"Policy retrieved: {policy}\")\n\n return policy\n\nWhat's next\n\n\nTo search and filter code samples for other Google Cloud products, see the\n[Google Cloud sample browser](/docs/samples?product=iam)."]]
