blob: 8d00fad7d04de3dfa9d88f6e7326cb88071d082f [file] [log] [blame]
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001<html><body>
2<style>
3
4body, h1, h2, h3, div, span, p, pre, a {
5 margin: 0;
6 padding: 0;
7 border: 0;
8 font-weight: inherit;
9 font-style: inherit;
10 font-size: 100%;
11 font-family: inherit;
12 vertical-align: baseline;
13}
14
15body {
16 font-size: 13px;
17 padding: 1em;
18}
19
20h1 {
21 font-size: 26px;
22 margin-bottom: 1em;
23}
24
25h2 {
26 font-size: 24px;
27 margin-bottom: 1em;
28}
29
30h3 {
31 font-size: 20px;
32 margin-bottom: 1em;
33 margin-top: 1em;
34}
35
36pre, code {
37 line-height: 1.5;
38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
39}
40
41pre {
42 margin-top: 0.5em;
43}
44
45h1, h2, h3, p {
46 font-family: Arial, sans serif;
47}
48
49h1, h2, h3 {
50 border-bottom: solid #CCC 1px;
51}
52
53.toc_element {
54 margin-top: 0.5em;
55}
56
57.firstline {
58 margin-left: 2 em;
59}
60
61.method {
62 margin-top: 1em;
63 border: solid 1px #CCC;
64 padding: 1em;
65 background: #EEE;
66}
67
68.details {
69 font-weight: bold;
70 font-size: 14px;
71}
72
73</style>
74
75<h1><a href="servicebroker_v1.html">Service Broker API</a> . <a href="servicebroker_v1.v1.html">v1</a></h1>
76<h2>Instance Methods</h2>
77<p class="toc_element">
78 <code><a href="#getIamPolicy">getIamPolicy(resource, x__xgafv=None)</a></code></p>
79<p class="firstline">Gets the access control policy for a resource.</p>
80<p class="toc_element">
81 <code><a href="#setIamPolicy">setIamPolicy(resource, body, x__xgafv=None)</a></code></p>
82<p class="firstline">Sets the access control policy on the specified resource. Replaces any</p>
83<p class="toc_element">
84 <code><a href="#testIamPermissions">testIamPermissions(resource, body, x__xgafv=None)</a></code></p>
85<p class="firstline">Returns permissions that a caller has on the specified resource.</p>
86<h3>Method Details</h3>
87<div class="method">
88 <code class="details" id="getIamPolicy">getIamPolicy(resource, x__xgafv=None)</code>
89 <pre>Gets the access control policy for a resource.
90Returns an empty policy if the resource exists and does not have a policy
91set.
92
93Args:
94 resource: string, REQUIRED: The resource for which the policy is being requested.
95See the operation documentation for the appropriate value for this field. (required)
96 x__xgafv: string, V1 error format.
97 Allowed values
98 1 - v1 error format
99 2 - v2 error format
100
101Returns:
102 An object of the form:
103
104 { # Defines an Identity and Access Management (IAM) policy. It is used to
105 # specify access control policies for Cloud Platform resources.
106 #
107 #
108 # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
109 # `members` to a `role`, where the members can be user accounts, Google groups,
110 # Google domains, and service accounts. A `role` is a named list of permissions
111 # defined by IAM.
112 #
113 # **JSON Example**
114 #
115 # {
116 # "bindings": [
117 # {
118 # "role": "roles/owner",
119 # "members": [
120 # "user:mike@example.com",
121 # "group:admins@example.com",
122 # "domain:google.com",
123 # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
124 # ]
125 # },
126 # {
127 # "role": "roles/viewer",
128 # "members": ["user:sean@example.com"]
129 # }
130 # ]
131 # }
132 #
133 # **YAML Example**
134 #
135 # bindings:
136 # - members:
137 # - user:mike@example.com
138 # - group:admins@example.com
139 # - domain:google.com
140 # - serviceAccount:my-other-app@appspot.gserviceaccount.com
141 # role: roles/owner
142 # - members:
143 # - user:sean@example.com
144 # role: roles/viewer
145 #
146 #
147 # For a description of IAM and its features, see the
148 # [IAM developer's guide](https://cloud.google.com/iam/docs).
149 "bindings": [ # Associates a list of `members` to a `role`.
150 # `bindings` with no members will result in an error.
151 { # Associates `members` with a `role`.
152 "role": "A String", # Role that is assigned to `members`.
153 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
154 "members": [ # Specifies the identities requesting access for a Cloud Platform resource.
155 # `members` can have the following values:
156 #
157 # * `allUsers`: A special identifier that represents anyone who is
158 # on the internet; with or without a Google account.
159 #
160 # * `allAuthenticatedUsers`: A special identifier that represents anyone
161 # who is authenticated with a Google account or a service account.
162 #
163 # * `user:{emailid}`: An email address that represents a specific Google
164 # account. For example, `alice@gmail.com` .
165 #
166 #
167 # * `serviceAccount:{emailid}`: An email address that represents a service
168 # account. For example, `my-other-app@appspot.gserviceaccount.com`.
169 #
170 # * `group:{emailid}`: An email address that represents a Google group.
171 # For example, `admins@example.com`.
172 #
173 #
174 # * `domain:{domain}`: The G Suite domain (primary) that represents all the
175 # users of that domain. For example, `google.com` or `example.com`.
176 #
177 "A String",
178 ],
179 "condition": { # Represents an expression text. Example: # The condition that is associated with this binding.
180 # NOTE: An unsatisfied condition will not allow user access via current
181 # binding. Different bindings, including their conditions, are examined
182 # independently.
183 #
184 # title: "User account presence"
185 # description: "Determines whether the request has a user account"
186 # expression: "size(request.user) > 0"
187 "description": "A String", # An optional description of the expression. This is a longer text which
188 # describes the expression, e.g. when hovered over it in a UI.
189 "expression": "A String", # Textual representation of an expression in
190 # Common Expression Language syntax.
191 #
192 # The application context of the containing message determines which
193 # well-known feature set of CEL is supported.
194 "location": "A String", # An optional string indicating the location of the expression for error
195 # reporting, e.g. a file name and a position in the file.
196 "title": "A String", # An optional title for the expression, i.e. a short string describing
197 # its purpose. This can be used e.g. in UIs which allow to enter the
198 # expression.
199 },
200 },
201 ],
202 "version": 42, # Deprecated.
203 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
204 # prevent simultaneous updates of a policy from overwriting each other.
205 # It is strongly suggested that systems make use of the `etag` in the
206 # read-modify-write cycle to perform policy updates in order to avoid race
207 # conditions: An `etag` is returned in the response to `getIamPolicy`, and
208 # systems are expected to put that etag in the request to `setIamPolicy` to
209 # ensure that their change will be applied to the same version of the policy.
210 #
211 # If no `etag` is provided in the call to `setIamPolicy`, then the existing
212 # policy is overwritten blindly.
213 }</pre>
214</div>
215
216<div class="method">
217 <code class="details" id="setIamPolicy">setIamPolicy(resource, body, x__xgafv=None)</code>
218 <pre>Sets the access control policy on the specified resource. Replaces any
219existing policy.
220
221Args:
222 resource: string, REQUIRED: The resource for which the policy is being specified.
223See the operation documentation for the appropriate value for this field. (required)
224 body: object, The request body. (required)
225 The object takes the form of:
226
227{ # Request message for `SetIamPolicy` method.
228 "policy": { # Defines an Identity and Access Management (IAM) policy. It is used to # REQUIRED: The complete policy to be applied to the `resource`. The size of
229 # the policy is limited to a few 10s of KB. An empty policy is a
230 # valid policy but certain Cloud Platform services (such as Projects)
231 # might reject them.
232 # specify access control policies for Cloud Platform resources.
233 #
234 #
235 # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
236 # `members` to a `role`, where the members can be user accounts, Google groups,
237 # Google domains, and service accounts. A `role` is a named list of permissions
238 # defined by IAM.
239 #
240 # **JSON Example**
241 #
242 # {
243 # "bindings": [
244 # {
245 # "role": "roles/owner",
246 # "members": [
247 # "user:mike@example.com",
248 # "group:admins@example.com",
249 # "domain:google.com",
250 # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
251 # ]
252 # },
253 # {
254 # "role": "roles/viewer",
255 # "members": ["user:sean@example.com"]
256 # }
257 # ]
258 # }
259 #
260 # **YAML Example**
261 #
262 # bindings:
263 # - members:
264 # - user:mike@example.com
265 # - group:admins@example.com
266 # - domain:google.com
267 # - serviceAccount:my-other-app@appspot.gserviceaccount.com
268 # role: roles/owner
269 # - members:
270 # - user:sean@example.com
271 # role: roles/viewer
272 #
273 #
274 # For a description of IAM and its features, see the
275 # [IAM developer's guide](https://cloud.google.com/iam/docs).
276 "bindings": [ # Associates a list of `members` to a `role`.
277 # `bindings` with no members will result in an error.
278 { # Associates `members` with a `role`.
279 "role": "A String", # Role that is assigned to `members`.
280 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
281 "members": [ # Specifies the identities requesting access for a Cloud Platform resource.
282 # `members` can have the following values:
283 #
284 # * `allUsers`: A special identifier that represents anyone who is
285 # on the internet; with or without a Google account.
286 #
287 # * `allAuthenticatedUsers`: A special identifier that represents anyone
288 # who is authenticated with a Google account or a service account.
289 #
290 # * `user:{emailid}`: An email address that represents a specific Google
291 # account. For example, `alice@gmail.com` .
292 #
293 #
294 # * `serviceAccount:{emailid}`: An email address that represents a service
295 # account. For example, `my-other-app@appspot.gserviceaccount.com`.
296 #
297 # * `group:{emailid}`: An email address that represents a Google group.
298 # For example, `admins@example.com`.
299 #
300 #
301 # * `domain:{domain}`: The G Suite domain (primary) that represents all the
302 # users of that domain. For example, `google.com` or `example.com`.
303 #
304 "A String",
305 ],
306 "condition": { # Represents an expression text. Example: # The condition that is associated with this binding.
307 # NOTE: An unsatisfied condition will not allow user access via current
308 # binding. Different bindings, including their conditions, are examined
309 # independently.
310 #
311 # title: "User account presence"
312 # description: "Determines whether the request has a user account"
313 # expression: "size(request.user) > 0"
314 "description": "A String", # An optional description of the expression. This is a longer text which
315 # describes the expression, e.g. when hovered over it in a UI.
316 "expression": "A String", # Textual representation of an expression in
317 # Common Expression Language syntax.
318 #
319 # The application context of the containing message determines which
320 # well-known feature set of CEL is supported.
321 "location": "A String", # An optional string indicating the location of the expression for error
322 # reporting, e.g. a file name and a position in the file.
323 "title": "A String", # An optional title for the expression, i.e. a short string describing
324 # its purpose. This can be used e.g. in UIs which allow to enter the
325 # expression.
326 },
327 },
328 ],
329 "version": 42, # Deprecated.
330 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
331 # prevent simultaneous updates of a policy from overwriting each other.
332 # It is strongly suggested that systems make use of the `etag` in the
333 # read-modify-write cycle to perform policy updates in order to avoid race
334 # conditions: An `etag` is returned in the response to `getIamPolicy`, and
335 # systems are expected to put that etag in the request to `setIamPolicy` to
336 # ensure that their change will be applied to the same version of the policy.
337 #
338 # If no `etag` is provided in the call to `setIamPolicy`, then the existing
339 # policy is overwritten blindly.
340 },
341 }
342
343 x__xgafv: string, V1 error format.
344 Allowed values
345 1 - v1 error format
346 2 - v2 error format
347
348Returns:
349 An object of the form:
350
351 { # Defines an Identity and Access Management (IAM) policy. It is used to
352 # specify access control policies for Cloud Platform resources.
353 #
354 #
355 # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
356 # `members` to a `role`, where the members can be user accounts, Google groups,
357 # Google domains, and service accounts. A `role` is a named list of permissions
358 # defined by IAM.
359 #
360 # **JSON Example**
361 #
362 # {
363 # "bindings": [
364 # {
365 # "role": "roles/owner",
366 # "members": [
367 # "user:mike@example.com",
368 # "group:admins@example.com",
369 # "domain:google.com",
370 # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
371 # ]
372 # },
373 # {
374 # "role": "roles/viewer",
375 # "members": ["user:sean@example.com"]
376 # }
377 # ]
378 # }
379 #
380 # **YAML Example**
381 #
382 # bindings:
383 # - members:
384 # - user:mike@example.com
385 # - group:admins@example.com
386 # - domain:google.com
387 # - serviceAccount:my-other-app@appspot.gserviceaccount.com
388 # role: roles/owner
389 # - members:
390 # - user:sean@example.com
391 # role: roles/viewer
392 #
393 #
394 # For a description of IAM and its features, see the
395 # [IAM developer's guide](https://cloud.google.com/iam/docs).
396 "bindings": [ # Associates a list of `members` to a `role`.
397 # `bindings` with no members will result in an error.
398 { # Associates `members` with a `role`.
399 "role": "A String", # Role that is assigned to `members`.
400 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
401 "members": [ # Specifies the identities requesting access for a Cloud Platform resource.
402 # `members` can have the following values:
403 #
404 # * `allUsers`: A special identifier that represents anyone who is
405 # on the internet; with or without a Google account.
406 #
407 # * `allAuthenticatedUsers`: A special identifier that represents anyone
408 # who is authenticated with a Google account or a service account.
409 #
410 # * `user:{emailid}`: An email address that represents a specific Google
411 # account. For example, `alice@gmail.com` .
412 #
413 #
414 # * `serviceAccount:{emailid}`: An email address that represents a service
415 # account. For example, `my-other-app@appspot.gserviceaccount.com`.
416 #
417 # * `group:{emailid}`: An email address that represents a Google group.
418 # For example, `admins@example.com`.
419 #
420 #
421 # * `domain:{domain}`: The G Suite domain (primary) that represents all the
422 # users of that domain. For example, `google.com` or `example.com`.
423 #
424 "A String",
425 ],
426 "condition": { # Represents an expression text. Example: # The condition that is associated with this binding.
427 # NOTE: An unsatisfied condition will not allow user access via current
428 # binding. Different bindings, including their conditions, are examined
429 # independently.
430 #
431 # title: "User account presence"
432 # description: "Determines whether the request has a user account"
433 # expression: "size(request.user) > 0"
434 "description": "A String", # An optional description of the expression. This is a longer text which
435 # describes the expression, e.g. when hovered over it in a UI.
436 "expression": "A String", # Textual representation of an expression in
437 # Common Expression Language syntax.
438 #
439 # The application context of the containing message determines which
440 # well-known feature set of CEL is supported.
441 "location": "A String", # An optional string indicating the location of the expression for error
442 # reporting, e.g. a file name and a position in the file.
443 "title": "A String", # An optional title for the expression, i.e. a short string describing
444 # its purpose. This can be used e.g. in UIs which allow to enter the
445 # expression.
446 },
447 },
448 ],
449 "version": 42, # Deprecated.
450 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
451 # prevent simultaneous updates of a policy from overwriting each other.
452 # It is strongly suggested that systems make use of the `etag` in the
453 # read-modify-write cycle to perform policy updates in order to avoid race
454 # conditions: An `etag` is returned in the response to `getIamPolicy`, and
455 # systems are expected to put that etag in the request to `setIamPolicy` to
456 # ensure that their change will be applied to the same version of the policy.
457 #
458 # If no `etag` is provided in the call to `setIamPolicy`, then the existing
459 # policy is overwritten blindly.
460 }</pre>
461</div>
462
463<div class="method">
464 <code class="details" id="testIamPermissions">testIamPermissions(resource, body, x__xgafv=None)</code>
465 <pre>Returns permissions that a caller has on the specified resource.
466If the resource does not exist, this will return an empty set of
467permissions, not a NOT_FOUND error.
468
469Note: This operation is designed to be used for building permission-aware
470UIs and command-line tools, not for authorization checking. This operation
471may "fail open" without warning.
472
473Args:
474 resource: string, REQUIRED: The resource for which the policy detail is being requested.
475See the operation documentation for the appropriate value for this field. (required)
476 body: object, The request body. (required)
477 The object takes the form of:
478
479{ # Request message for `TestIamPermissions` method.
480 "permissions": [ # The set of permissions to check for the `resource`. Permissions with
481 # wildcards (such as '*' or 'storage.*') are not allowed. For more
482 # information see
483 # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
484 "A String",
485 ],
486 }
487
488 x__xgafv: string, V1 error format.
489 Allowed values
490 1 - v1 error format
491 2 - v2 error format
492
493Returns:
494 An object of the form:
495
496 { # Response message for `TestIamPermissions` method.
497 "permissions": [ # A subset of `TestPermissionsRequest.permissions` that the caller is
498 # allowed.
499 "A String",
500 ],
501 }</pre>
502</div>
503
504</body></html>