Class IAMPolicyGrpc.IAMPolicyImplBase (1.6.22)

public abstract static class IAMPolicyGrpc.IAMPolicyImplBase implements BindableService

API Overview Manages Identity and Access Management (IAM) policies. Any implementation of an API that offers access control features implements the google.iam.v1.IAMPolicy interface.

Data model

Access control is applied when a principal (user or service account), takes some action on a resource exposed by a service. Resources, identified by URI-like names, are the unit of access control specification. Service implementations can choose the granularity of access control and the supported permissions for their resources. For example one database service may allow access control to be specified only at the Table level, whereas another might allow access control to also be specified at the Column level.

Policy Structure

See google.iam.v1.Policy This is intentionally not a CRUD style API because access control policies are created and deleted implicitly with the resources to which they are attached.

Inheritance

java.lang.Object > IAMPolicyGrpc.IAMPolicyImplBase

Implements

io.grpc.BindableService

Constructors

IAMPolicyImplBase()

public IAMPolicyImplBase()

Methods

bindService()

public final ServerServiceDefinition bindService()
Returns
TypeDescription
io.grpc.ServerServiceDefinition

getIamPolicy(GetIamPolicyRequest request, StreamObserver<Policy> responseObserver)

public void getIamPolicy(GetIamPolicyRequest request, StreamObserver<Policy> responseObserver)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

Parameters
NameDescription
requestGetIamPolicyRequest
responseObserverio.grpc.stub.StreamObserver<Policy>

setIamPolicy(SetIamPolicyRequest request, StreamObserver<Policy> responseObserver)

public void setIamPolicy(SetIamPolicyRequest request, StreamObserver<Policy> responseObserver)

Sets the access control policy on the specified resource. Replaces any existing policy. Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED errors.

Parameters
NameDescription
requestSetIamPolicyRequest
responseObserverio.grpc.stub.StreamObserver<Policy>

testIamPermissions(TestIamPermissionsRequest request, StreamObserver<TestIamPermissionsResponse> responseObserver)

public void testIamPermissions(TestIamPermissionsRequest request, StreamObserver<TestIamPermissionsResponse> responseObserver)

Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.

Parameters
NameDescription
requestTestIamPermissionsRequest
responseObserverio.grpc.stub.StreamObserver<TestIamPermissionsResponse>