Add a new role binding
Stay organized with collections
Save and categorize content based on your preferences.
Demonstrates adding a new role binding to an IAM policy.
Explore further
For detailed documentation that includes this code sample, see the following:
Code sample
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],[],[],[],null,["# Add a new role binding\n\nDemonstrates adding a new role binding to an IAM policy.\n\nExplore further\n---------------\n\n\nFor detailed documentation that includes this code sample, see the following:\n\n- [Manage access to projects, folders, and organizations](/iam/docs/granting-changing-revoking-access)\n\nCode sample\n-----------\n\n### C#\n\n\nTo learn how to install and use the client library for IAM, see\n[IAM client libraries](/iam/docs/reference/libraries).\n\n\nFor more information, see the\n[IAM C# API\nreference documentation](https://developers.google.com/api-client-library/dotnet/apis/iam/v1).\n\n\nTo authenticate to IAM, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n\n using System.Collections.Generic;\n using Google.Apis.CloudResourceManager.v1.Data;\n\n public partial class AccessManager\n {\n public static Policy AddBinding(Policy policy, string role, string member)\n {\n var binding = new Binding\n {\n Role = role,\n Members = new List\u003cstring\u003e { member }\n };\n policy.Bindings.Add(binding);\n return policy;\n }\n }\n\n### Java\n\n\nTo learn how to install and use the client library for IAM, see\n[IAM client libraries](/iam/docs/reference/libraries).\n\n\nFor more information, see the\n[IAM Java API\nreference documentation](https://developers.google.com/api-client-library/java/apis/iam/v1).\n\n\nTo authenticate to IAM, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n\n import com.google.iam.v1.https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.Binding.html;\n import com.google.iam.v1.https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.Policy.html;\n import java.util.Collections;\n import java.util.List;\n\n public class AddBinding {\n public static void main(String[] args) {\n // TODO(developer): Replace the variables before running the sample.\n // TODO: Replace with your policy: GetPolicy.getPolicy(projectId, serviceAccount).\n https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.Policy.html policy = https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.Policy.html.newBuilder().build();\n // TODO: Replace with your role.\n String role = \"roles/role-to-add\";\n // TODO: Replace with your principals.\n // For examples, see https://cloud.google.com/iam/docs/principal-identifiers\n List\u003cString\u003e members = Collections.singletonList(\"principal-id\");\n\n addBinding(policy, role, members);\n }\n\n // Adds a principals to a role.\n public static https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.Policy.html addBinding(https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.Policy.html policy, String role, List\u003cString\u003e members) {\n https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.Binding.html binding = https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.Binding.html.newBuilder()\n .setRole(role)\n .https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.Binding.Builder.html#com_google_iam_v1_Binding_Builder_addAllMembers_java_lang_Iterable_java_lang_String__(members)\n .build();\n\n // Update bindings for the policy.\n https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.Policy.html updatedPolicy = policy.https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.Policy.html#com_google_iam_v1_Policy_toBuilder__().https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.Policy.Builder.html#com_google_iam_v1_Policy_Builder_addBindings_com_google_iam_v1_Binding_(binding).build();\n\n System.out.println(\"Added binding: \" + updatedPolicy.https://cloud.google.com/java/docs/reference/proto-google-iam-v1/latest/com.google.iam.v1.Policy.html#com_google_iam_v1_Policy_getBindingsList__());\n\n return updatedPolicy;\n }\n }\n\n### Python\n\n\nTo learn how to install and use the client library for IAM, see\n[IAM client libraries](/iam/docs/reference/libraries).\n\n\nFor more information, see the\n[IAM Python API\nreference documentation](https://developers.google.com/api-client-library/python/apis/iam/v1).\n\n\nTo authenticate to IAM, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n def modify_policy_add_role(policy: dict, role: str, principal: str) -\u003e dict:\n \"\"\"Adds a new role binding to a policy.\"\"\"\n\n binding = {\"role\": role, \"members\": [principal]}\n policy[\"bindings\"].append(binding)\n print(policy)\n return policy\n\nWhat's next\n-----------\n\n\nTo search and filter code samples for other Google Cloud products, see the\n[Google Cloud sample browser](/docs/samples?product=iam)."]]
