Buckets: testIamPermissions

Tests a set of permissions on the given bucket to see which, if any, are held by the caller. Try it now.


HTTP request

GET https://www.googleapis.com/storage/v1/b/bucket/iam/testPermissions


Parameter name Value Description
Path parameters
bucket string Name of a bucket.
Required query parameters
permissions string Permissions to test.
Optional query parameters
userProject string The project to be billed for this request. Required for Requester Pays buckets.

Request body

Do not supply a request body with this method.


If successful, this method returns a response body with the following structure:

  "kind": "storage#testIamPermissionsResponse",
  "permissions": [
Property name Value Description Notes
kind string The kind of item this is.
permissions[] list The permissions held by the caller. Permissions are always of the format storage.resource.capability, where resource is one of buckets or objects. The supported permissions are as follows:
  • storage.buckets.delete — Delete bucket.
  • storage.buckets.get — Read bucket metadata.
  • storage.buckets.getIamPolicy — Read bucket IAM policy.
  • storage.buckets.create — Create bucket.
  • storage.buckets.list — List buckets.
  • storage.buckets.setIamPolicy — Update bucket IAM policy.
  • storage.buckets.update — Update bucket metadata.
  • storage.objects.delete — Delete object.
  • storage.objects.get — Read object data and metadata.
  • storage.objects.getIamPolicy — Read object IAM policy.
  • storage.objects.create — Create object.
  • storage.objects.list — List objects.
  • storage.objects.setIamPolicy — Update object IAM policy.
  • storage.objects.update — Update object metadata.

Try it!

Use the APIs Explorer below to call this method on live data and see the response.

Send feedback about...

Cloud Storage Documentation