Set Iam Policy
|
|||||
|
|
Updates an IAM policy for the specified object
Authorization
To use this building block you will have to grant access to at least one of the following scopes:
- View and manage your data across Google Cloud Platform services
- Manage your data and permissions in Google Cloud Storage
- Manage your data in Google Cloud Storage
Input
This building block consumes 16 input parameters
Name | Format | Description |
---|---|---|
bucket Required |
STRING |
Name of the bucket in which the object resides |
object Required |
STRING |
Name of the object. For information about how to URL encode object names to be path safe, see Encoding URI Path Parts |
generation |
INTEGER |
If present, selects a specific revision of this object (as opposed to the latest version, the default) |
provisionalUserProject |
STRING |
The project to be billed for this request if the target bucket is requester-pays bucket |
userProject |
STRING |
The project to be billed for this request. Required for Requester Pays buckets |
bindings[] |
OBJECT |
|
bindings[].condition |
OBJECT |
Represents an expression text. Example: title: "User account presence" description: "Determines whether the request has a user account" expression: "size(request.user) > 0" |
bindings[].condition.description |
STRING |
An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI |
bindings[].condition.expression |
STRING |
Textual representation of an expression in Common Expression Language syntax. The application context of the containing message determines which well-known feature set of CEL is supported |
bindings[].condition.location |
STRING |
An optional string indicating the location of the expression for error reporting, e.g. a file name and a position in the file |
bindings[].condition.title |
STRING |
An optional title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression |
bindings[].members[] |
STRING |
|
bindings[].role |
STRING |
The role to which members belong. Two types of roles are supported: new IAM roles, which grant permissions that do not map directly to those provided by ACLs, and legacy IAM roles, which do map directly to ACL permissions. All roles are of the format roles/storage.specificRole. The new IAM roles are:
|
etag |
BINARY |
HTTP 1.1 Entity tag for the policy |
kind |
STRING |
The kind of item this is. For policies, this is always storage#policy. This field is ignored on input |
resourceId |
STRING |
The ID of the resource to which this policy belongs. Will be of the form projects//buckets/bucket for buckets, and projects//buckets/bucket/objects/object for objects. A specific generation may be specified by appending #generationNumber to the end of the object name, e.g. projects/_/buckets/my-bucket/objects/data.txt#17. The current generation can be denoted with #0. This field is ignored on input |
= Parameter name
= Format
bucket STRING Required Name of the bucket in which the object resides |
object STRING Required Name of the object. For information about how to URL encode object names to be path safe, see Encoding URI Path Parts |
generation INTEGER If present, selects a specific revision of this object (as opposed to the latest version, the default) |
provisionalUserProject STRING The project to be billed for this request if the target bucket is requester-pays bucket |
userProject STRING The project to be billed for this request. Required for Requester Pays buckets |
bindings[] OBJECT |
bindings[].condition OBJECT Represents an expression text. Example: title: "User account presence" description: "Determines whether the request has a user account" expression: "size(request.user) > 0" |
bindings[].condition.description STRING An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI |
bindings[].condition.expression STRING Textual representation of an expression in Common Expression Language syntax. The application context of the containing message determines which well-known feature set of CEL is supported |
bindings[].condition.location STRING An optional string indicating the location of the expression for error reporting, e.g. a file name and a position in the file |
bindings[].condition.title STRING An optional title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression |
bindings[].members[] STRING |
bindings[].role STRING The role to which members belong. Two types of roles are supported: new IAM roles, which grant permissions that do not map directly to those provided by ACLs, and legacy IAM roles, which do map directly to ACL permissions. All roles are of the format roles/storage.specificRole. The new IAM roles are:
|
etag BINARY HTTP 1.1 Entity tag for the policy |
kind STRING The kind of item this is. For policies, this is always storage#policy. This field is ignored on input |
resourceId STRING The ID of the resource to which this policy belongs. Will be of the form projects//buckets/bucket for buckets, and projects//buckets/bucket/objects/object for objects. A specific generation may be specified by appending #generationNumber to the end of the object name, e.g. projects/_/buckets/my-bucket/objects/data.txt#17. The current generation can be denoted with #0. This field is ignored on input |
Output
This building block provides 11 output parameters
Name | Format | Description |
---|---|---|
bindings[] |
OBJECT |
|
bindings[].condition |
OBJECT |
Represents an expression text. Example: title: "User account presence" description: "Determines whether the request has a user account" expression: "size(request.user) > 0" |
bindings[].condition.description |
STRING |
An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI |
bindings[].condition.expression |
STRING |
Textual representation of an expression in Common Expression Language syntax. The application context of the containing message determines which well-known feature set of CEL is supported |
bindings[].condition.location |
STRING |
An optional string indicating the location of the expression for error reporting, e.g. a file name and a position in the file |
bindings[].condition.title |
STRING |
An optional title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression |
bindings[].members[] |
STRING |
|
bindings[].role |
STRING |
The role to which members belong. Two types of roles are supported: new IAM roles, which grant permissions that do not map directly to those provided by ACLs, and legacy IAM roles, which do map directly to ACL permissions. All roles are of the format roles/storage.specificRole. The new IAM roles are:
|
etag |
BINARY |
HTTP 1.1 Entity tag for the policy |
kind |
STRING |
The kind of item this is. For policies, this is always storage#policy. This field is ignored on input |
resourceId |
STRING |
The ID of the resource to which this policy belongs. Will be of the form projects//buckets/bucket for buckets, and projects//buckets/bucket/objects/object for objects. A specific generation may be specified by appending #generationNumber to the end of the object name, e.g. projects/_/buckets/my-bucket/objects/data.txt#17. The current generation can be denoted with #0. This field is ignored on input |
= Parameter name
= Format
bindings[] OBJECT |
bindings[].condition OBJECT Represents an expression text. Example: title: "User account presence" description: "Determines whether the request has a user account" expression: "size(request.user) > 0" |
bindings[].condition.description STRING An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI |
bindings[].condition.expression STRING Textual representation of an expression in Common Expression Language syntax. The application context of the containing message determines which well-known feature set of CEL is supported |
bindings[].condition.location STRING An optional string indicating the location of the expression for error reporting, e.g. a file name and a position in the file |
bindings[].condition.title STRING An optional title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression |
bindings[].members[] STRING |
bindings[].role STRING The role to which members belong. Two types of roles are supported: new IAM roles, which grant permissions that do not map directly to those provided by ACLs, and legacy IAM roles, which do map directly to ACL permissions. All roles are of the format roles/storage.specificRole. The new IAM roles are:
|
etag BINARY HTTP 1.1 Entity tag for the policy |
kind STRING The kind of item this is. For policies, this is always storage#policy. This field is ignored on input |
resourceId STRING The ID of the resource to which this policy belongs. Will be of the form projects//buckets/bucket for buckets, and projects//buckets/bucket/objects/object for objects. A specific generation may be specified by appending #generationNumber to the end of the object name, e.g. projects/_/buckets/my-bucket/objects/data.txt#17. The current generation can be denoted with #0. This field is ignored on input |