Identity and Access Management (IAM) API (iam:v2)

2023-01-31

6 new methods | New API

Additions

    Methods

  • iam.policies.operations.get

      HTTP Method: GET

      Path: v2/{+name}

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Parameter Order: name

      Parameters:

        name

          Required: Yes

          Location: path

          Pattern: ^policies/[^/]+/[^/]+/[^/]+/operations/[^/]+$

          Type: string

          Description: The name of the operation resource.

      Flat Path: v2/policies/{policiesId}/{policiesId1}/{policiesId2}/operations/{operationsId}

      Description: Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

  • iam.policies.update

      Flat Path: v2/policies/{policiesId}/{policiesId1}/{policiesId2}

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Path: v2/{+name}

      Parameters:

        name

          Required: Yes

          Description: Immutable. The resource name of the `Policy`, which must be unique. Format: `policies/{attachment_point}/denypolicies/{policy_id}` The attachment point is identified by its URL-encoded full resource name, which means that the forward-slash character, `/`, must be written as `%2F`. For example, `policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies/my-deny-policy`. For organizations and folders, use the numeric ID in the full resource name. For projects, requests can use the alphanumeric or the numeric ID. Responses always contain the numeric ID.

          Location: path

          Type: string

          Pattern: ^policies/[^/]+/[^/]+/[^/]+$

      Parameter Order: name

      HTTP Method: PUT

      Description: Updates the specified policy. You can update only the rules and the display name for the policy. To update a policy, you should use a read-modify-write loop: 1. Use GetPolicy to read the current version of the policy. 2. Modify the policy as needed. 3. Use `UpdatePolicy` to write the updated policy. This pattern helps prevent conflicts between concurrent updates.

  • iam.policies.listPolicies

      Flat Path: v2/policies/{policiesId}/{policiesId1}

      Parameter Order: parent

      Scopes: https://www.googleapis.com/auth/cloud-platform

      HTTP Method: GET

      Parameters:

        pageSize

          Type: integer

          Format: int32

          Location: query

          Description: The maximum number of policies to return. IAM ignores this value and uses the value 1000.

        pageToken

          Description: A page token received in a ListPoliciesResponse. Provide this token to retrieve the next page.

          Type: string

          Location: query

        parent

          Location: path

          Type: string

          Description: Required. The resource that the policy is attached to, along with the kind of policy to list. Format: `policies/{attachment_point}/denypolicies` The attachment point is identified by its URL-encoded full resource name, which means that the forward-slash character, `/`, must be written as `%2F`. For example, `policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies`. For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.

          Pattern: ^policies/[^/]+/[^/]+$

          Required: Yes

      Description: Retrieves the policies of the specified kind that are attached to a resource. The response lists only policy metadata. In particular, policy rules are omitted.

      Path: v2/{+parent}

  • iam.policies.delete

      Description: Deletes a policy. This action is permanent.

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Parameters:

        etag

          Type: string

          Description: Optional. The expected `etag` of the policy to delete. If the value does not match the value that is stored in IAM, the request fails with a `409` error code and `ABORTED` status. If you omit this field, the policy is deleted regardless of its current `etag`.

          Location: query

        name

          Description: Required. The resource name of the policy to delete. Format: `policies/{attachment_point}/denypolicies/{policy_id}` Use the URL-encoded full resource name, which means that the forward-slash character, `/`, must be written as `%2F`. For example, `policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies/my-policy`. For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.

          Pattern: ^policies/[^/]+/[^/]+/[^/]+$

          Location: path

          Required: Yes

          Type: string

      Path: v2/{+name}

      HTTP Method: DELETE

      Flat Path: v2/policies/{policiesId}/{policiesId1}/{policiesId2}

      Parameter Order: name

  • iam.policies.createPolicy

      HTTP Method: POST

      Parameters:

        policyId

          Location: query

          Description: The ID to use for this policy, which will become the final component of the policy's resource name. The ID must contain 3 to 63 characters. It can contain lowercase letters and numbers, as well as dashes (`-`) and periods (`.`). The first character must be a lowercase letter.

          Type: string

        parent

          Pattern: ^policies/[^/]+/[^/]+$

          Type: string

          Location: path

          Description: Required. The resource that the policy is attached to, along with the kind of policy to create. Format: `policies/{attachment_point}/denypolicies` The attachment point is identified by its URL-encoded full resource name, which means that the forward-slash character, `/`, must be written as `%2F`. For example, `policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies`. For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.

          Required: Yes

      Parameter Order: parent

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Description: Creates a policy.

      Path: v2/{+parent}

      Flat Path: v2/policies/{policiesId}/{policiesId1}

  • iam.policies.get

      Parameter Order: name

      Description: Gets a policy.

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Flat Path: v2/policies/{policiesId}/{policiesId1}/{policiesId2}

      Parameters:

        name

          Description: Required. The resource name of the policy to retrieve. Format: `policies/{attachment_point}/denypolicies/{policy_id}` Use the URL-encoded full resource name, which means that the forward-slash character, `/`, must be written as `%2F`. For example, `policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies/my-policy`. For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.

          Location: path

          Required: Yes

          Type: string

          Pattern: ^policies/[^/]+/[^/]+/[^/]+$

      Path: v2/{+name}

      HTTP Method: GET