Package com.google.iam.v1 (1.2.12)

One delta entry for AuditConfig. Each individual change (only one exempted_member in each entry) to a AuditConfig will be a separate entry.

Protobuf type google.iam.v1.AuditConfigDelta

One delta entry for AuditConfig. Each individual change (only one exempted_member in each entry) to a AuditConfig will be a separate entry.

Protobuf type google.iam.v1.AuditConfigDelta

Associates members with a role.

Protobuf type google.iam.v1.Binding

Associates members with a role.

Protobuf type google.iam.v1.Binding

One delta entry for Binding. Each individual change (only one member in each entry) to a binding will be a separate entry.

Protobuf type google.iam.v1.BindingDelta

One delta entry for Binding. Each individual change (only one member in each entry) to a binding will be a separate entry.

Protobuf type google.iam.v1.BindingDelta

Request message for GetIamPolicy method.

Protobuf type google.iam.v1.GetIamPolicyRequest

Request message for GetIamPolicy method.

Protobuf type google.iam.v1.GetIamPolicyRequest

Encapsulates settings provided to GetIamPolicy.

Protobuf type google.iam.v1.GetPolicyOptions

Encapsulates settings provided to GetIamPolicy.

Protobuf type google.iam.v1.GetPolicyOptions

API Overview

Manages Identity and Access Management (IAM) policies. Any implementation of an API that offers access control features implements the google.iam.v1.IAMPolicy interface.

Data model

Access control is applied when a principal (user or service account), takes some action on a resource exposed by a service. Resources, identified by URI-like names, are the unit of access control specification. Service implementations can choose the granularity of access control and the supported permissions for their resources. For example one database service may allow access control to be specified only at the Table level, whereas another might allow access control to also be specified at the Column level.

Policy Structure

See google.iam.v1.Policy This is intentionally not a CRUD style API because access control policies are created and deleted implicitly with the resources to which they are attached.

API Overview

Manages Identity and Access Management (IAM) policies. Any implementation of an API that offers access control features implements the google.iam.v1.IAMPolicy interface.

Data model

Access control is applied when a principal (user or service account), takes some action on a resource exposed by a service. Resources, identified by URI-like names, are the unit of access control specification. Service implementations can choose the granularity of access control and the supported permissions for their resources. For example one database service may allow access control to be specified only at the Table level, whereas another might allow access control to also be specified at the Column level.

Policy Structure

See google.iam.v1.Policy This is intentionally not a CRUD style API because access control policies are created and deleted implicitly with the resources to which they are attached.

API Overview

Manages Identity and Access Management (IAM) policies. Any implementation of an API that offers access control features implements the google.iam.v1.IAMPolicy interface.

Data model

Access control is applied when a principal (user or service account), takes some action on a resource exposed by a service. Resources, identified by URI-like names, are the unit of access control specification. Service implementations can choose the granularity of access control and the supported permissions for their resources. For example one database service may allow access control to be specified only at the Table level, whereas another might allow access control to also be specified at the Column level.

Policy Structure

See google.iam.v1.Policy This is intentionally not a CRUD style API because access control policies are created and deleted implicitly with the resources to which they are attached.

API Overview

Manages Identity and Access Management (IAM) policies. Any implementation of an API that offers access control features implements the google.iam.v1.IAMPolicy interface.

Data model

Access control is applied when a principal (user or service account), takes some action on a resource exposed by a service. Resources, identified by URI-like names, are the unit of access control specification. Service implementations can choose the granularity of access control and the supported permissions for their resources. For example one database service may allow access control to be specified only at the Table level, whereas another might allow access control to also be specified at the Column level.

Policy Structure

See google.iam.v1.Policy This is intentionally not a CRUD style API because access control policies are created and deleted implicitly with the resources to which they are attached.

API Overview

Manages Identity and Access Management (IAM) policies. Any implementation of an API that offers access control features implements the google.iam.v1.IAMPolicy interface.

Data model

Access control is applied when a principal (user or service account), takes some action on a resource exposed by a service. Resources, identified by URI-like names, are the unit of access control specification. Service implementations can choose the granularity of access control and the supported permissions for their resources. For example one database service may allow access control to be specified only at the Table level, whereas another might allow access control to also be specified at the Column level.

Policy Structure

See google.iam.v1.Policy This is intentionally not a CRUD style API because access control policies are created and deleted implicitly with the resources to which they are attached.

Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources. A Policy is a collection of bindings. A binding binds one or more members to a single role. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions (defined by IAM or configured by users). A binding can optionally specify a condition, which is a logic expression that further constrains the role binding based on attributes about the request and/or target resource. JSON Example { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": ["user:eve@example.com"], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ] } YAML Example bindings:

• members:
  • user:mike@example.com
  • group:admins@example.com
  • domain:google.com
  • serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin
• members:
  • user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') For a description of IAM and its features, see the IAM developer's guide.

Protobuf type google.iam.v1.Policy

Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources. A Policy is a collection of bindings. A binding binds one or more members to a single role. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions (defined by IAM or configured by users). A binding can optionally specify a condition, which is a logic expression that further constrains the role binding based on attributes about the request and/or target resource. JSON Example { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": ["user:eve@example.com"], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ] } YAML Example bindings:

• members:
  • user:mike@example.com
  • group:admins@example.com
  • domain:google.com
  • serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin
• members:
  • user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') For a description of IAM and its features, see the IAM developer's guide.

Protobuf type google.iam.v1.Policy

The difference delta between two policies.

Protobuf type google.iam.v1.PolicyDelta

The difference delta between two policies.

Protobuf type google.iam.v1.PolicyDelta

Request message for SetIamPolicy method.

Protobuf type google.iam.v1.SetIamPolicyRequest

Request message for SetIamPolicy method.

Protobuf type google.iam.v1.SetIamPolicyRequest

Request message for TestIamPermissions method.

Protobuf type google.iam.v1.TestIamPermissionsRequest

Request message for TestIamPermissions method.

Protobuf type google.iam.v1.TestIamPermissionsRequest

Response message for TestIamPermissions method.

Protobuf type google.iam.v1.TestIamPermissionsResponse

Response message for TestIamPermissions method.

Protobuf type google.iam.v1.TestIamPermissionsResponse

The type of action performed on an audit configuration in a policy.

Protobuf enum google.iam.v1.AuditConfigDelta.Action

The type of action performed on a Binding in a policy.

Protobuf enum google.iam.v1.BindingDelta.Action