Class Identity (2.3.5)

public final class Identity implements Serializable

An identity in a Policy. The following types of identities are permitted in IAM policies:

  • Google account
  • Service account
  • Google group
  • Google Apps domain

There are also two special identities that represent all users and all Google-authenticated accounts.

Inheritance

Object > Identity

Implements

Serializable

Methods

allAuthenticatedUsers()

public static Identity allAuthenticatedUsers()

Returns a new identity representing anyone who is authenticated with a Google account or a service account.

Returns
TypeDescription
Identity

allUsers()

public static Identity allUsers()

Returns a new identity representing anyone who is on the internet; with or without a Google account.

Returns
TypeDescription
Identity

domain(String domain)

public static Identity domain(String domain)

Returns a new domain identity.

Parameter
NameDescription
domainString

A Google Apps domain name that represents all the users of that domain. For example, google.com or example.com.

Returns
TypeDescription
Identity

equals(Object obj)

public boolean equals(Object obj)
Parameter
NameDescription
objObject
Returns
TypeDescription
boolean
Overrides

getType()

public Identity.Type getType()
Returns
TypeDescription
Identity.Type

getValue()

public String getValue()

Returns the string identifier for this identity. The value corresponds to:

  • email address (for identities of type USER, SERVICE_ACCOUNT, and GROUP)
  • domain (for identities of type DOMAIN)
  • null (for identities of type ALL_USERS and ALL_AUTHENTICATED_USERS)
Returns
TypeDescription
String

group(String email)

public static Identity group(String email)

Returns a new group identity.

Parameter
NameDescription
emailString

An email address that represents a Google group. For example, admins@example.com.

Returns
TypeDescription
Identity

hashCode()

public int hashCode()
Returns
TypeDescription
int
Overrides

projectEditor(String projectId)

public static Identity projectEditor(String projectId)

Returns a new project editor identity.

Parameter
NameDescription
projectIdString

A Google Cloud Platform project ID. For example, my-sample-project.

Returns
TypeDescription
Identity

projectOwner(String projectId)

public static Identity projectOwner(String projectId)

Returns a new project owner identity.

Parameter
NameDescription
projectIdString

A Google Cloud Platform project ID. For example, my-sample-project.

Returns
TypeDescription
Identity

projectViewer(String projectId)

public static Identity projectViewer(String projectId)

Returns a new project viewer identity.

Parameter
NameDescription
projectIdString

A Google Cloud Platform project ID. For example, my-sample-project.

Returns
TypeDescription
Identity

serviceAccount(String email)

public static Identity serviceAccount(String email)

Returns a new service account identity.

Parameter
NameDescription
emailString

An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.

Returns
TypeDescription
Identity

strValue()

public String strValue()

Returns the string value associated with the identity. Used primarily for converting from Identity objects to strings for protobuf-generated policies.

Returns
TypeDescription
String

toString()

public String toString()
Returns
TypeDescription
String
Overrides

user(String email)

public static Identity user(String email)

Returns a new user identity.

Parameter
NameDescription
emailString

An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.

Returns
TypeDescription
Identity

valueOf(String identityStr)

public static Identity valueOf(String identityStr)

Converts a string to an Identity. Used primarily for converting protobuf-generated policy identities to Identity objects.

Parameter
NameDescription
identityStrString
Returns
TypeDescription
Identity