Get Iam Policy
|
|||||
|
|
||||
Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set
Authorization
To use this building block you will have to grant access to at least one of the following scopes:
- View and manage your data across Google Cloud Platform services
Input
This building block consumes 1 input parameters
| Name | Format | Description |
|---|---|---|
resource Required |
STRING |
REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field |
= Parameter name
= Format
|
resource STRING Required REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field |
Output
This building block provides 10 output parameters
| Name | Format | Description |
|---|---|---|
bindings[] |
OBJECT |
Associates members with a role |
bindings[].condition |
OBJECT |
Represents an expression text. Example: title: "User account presence" description: "Determines whether the request has a user account" expression: "size(request.user) > 0" |
bindings[].condition.title |
STRING |
An optional title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression |
bindings[].condition.location |
STRING |
An optional string indicating the location of the expression for error reporting, e.g. a file name and a position in the file |
bindings[].condition.description |
STRING |
An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI |
bindings[].condition.expression |
STRING |
Textual representation of an expression in Common Expression Language syntax.The application context of the containing message determines which well-known feature set of CEL is supported |
bindings[].members[] |
STRING |
|
bindings[].role |
STRING |
Role that is assigned to members. For example, roles/viewer, roles/editor, or roles/owner |
etag |
BINARY |
etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the etag in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An etag is returned in the response to getIamPolicy, and systems are expected to put that etag in the request to setIamPolicy to ensure that their change will be applied to the same version of the policy.If no etag is provided in the call to setIamPolicy, then the existing policy is overwritten blindly |
version |
INTEGER |
Deprecated |
= Parameter name
= Format
|
bindings[] OBJECT Associates members with a role |
|
bindings[].condition OBJECT Represents an expression text. Example: title: "User account presence" description: "Determines whether the request has a user account" expression: "size(request.user) > 0" |
|
bindings[].condition.title STRING An optional title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression |
|
bindings[].condition.location STRING An optional string indicating the location of the expression for error reporting, e.g. a file name and a position in the file |
|
bindings[].condition.description STRING An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI |
|
bindings[].condition.expression STRING Textual representation of an expression in Common Expression Language syntax.The application context of the containing message determines which well-known feature set of CEL is supported |
|
bindings[].members[] STRING |
|
bindings[].role STRING Role that is assigned to members. For example, roles/viewer, roles/editor, or roles/owner |
|
etag BINARY etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the etag in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An etag is returned in the response to getIamPolicy, and systems are expected to put that etag in the request to setIamPolicy to ensure that their change will be applied to the same version of the policy.If no etag is provided in the call to setIamPolicy, then the existing policy is overwritten blindly |
|
version INTEGER Deprecated |