Method: projects.instances.testIamPermissions

HTTP request
Path parameters
Request body
- JSON representation
Response body
Authorization scopes
Try it!

Returns permissions that the caller has on the specified instance resource.

Attempting this RPC on a non-existent Cloud Spanner instance resource will result in a NOT_FOUND error if the user has spanner.instances.list permission on the containing Google Cloud Project. Otherwise returns an empty set of permissions.

HTTP request

Choose a location:

The URLs use gRPC Transcoding syntax.

Path parameters

Parameters

Parameters
`resource`	`string` REQUIRED: The Cloud Spanner resource for which permissions are being tested. The format is `projects/<project ID>/instances/<instance ID>` for instance resources and `projects/<project ID>/instances/<instance ID>/databases/<database ID>` for database resources.

resource

string

REQUIRED: The Cloud Spanner resource for which permissions are being tested. The format is projects/<project ID>/instances/<instance ID> for instance resources and projects/<project ID>/instances/<instance ID>/databases/<database ID> for database resources.

Request body

The request body contains data with the following structure:

JSON representation
{ "permissions": [ string ] }

Fields

Fields
`permissions[]`	`string` REQUIRED: The set of permissions to check for 'resource'. Permissions with wildcards (such as '', 'spanner.', 'spanner.instances.*') are not allowed.

permissions[]

string

REQUIRED: The set of permissions to check for 'resource'. Permissions with wildcards (such as '*', 'spanner.*', 'spanner.instances.*') are not allowed.

Response body

If successful, the response body contains an instance of TestIamPermissionsResponse.

Authorization scopes

Requires one of the following OAuth scopes:

https://www.googleapis.com/auth/spanner.admin
https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.