acknowledge(subscription, body, x__xgafv=None)
Acknowledges the messages associated with the `ack_ids` in the
create(name, body, x__xgafv=None)
Creates a subscription to a given topic.
delete(subscription, x__xgafv=None)
Deletes an existing subscription. All messages retained in the subscription
get(subscription, x__xgafv=None)
Gets the configuration details of a subscription.
getIamPolicy(resource, x__xgafv=None)
Gets the access control policy for a resource.
list(project, pageSize=None, pageToken=None, x__xgafv=None)
Lists matching subscriptions.
list_next(previous_request, previous_response)
Retrieves the next page of results.
modifyAckDeadline(subscription, body, x__xgafv=None)
Modifies the ack deadline for a specific message. This method is useful
modifyPushConfig(subscription, body, x__xgafv=None)
Modifies the `PushConfig` for a specified subscription.
pull(subscription, body, x__xgafv=None)
Pulls messages from the server. Returns an empty list if there are no
setIamPolicy(resource, body, x__xgafv=None)
Sets the access control policy on the specified resource. Replaces any
testIamPermissions(resource, body, x__xgafv=None)
Returns permissions that a caller has on the specified resource.
acknowledge(subscription, body, x__xgafv=None)
Acknowledges the messages associated with the `ack_ids` in the `AcknowledgeRequest`. The Pub/Sub system can remove the relevant messages from the subscription. Acknowledging a message whose ack deadline has expired may succeed, but such a message may be redelivered later. Acknowledging a message more than once will not result in an error. Args: subscription: string, The subscription whose message is being acknowledged. Format is `projects/{project}/subscriptions/{sub}`. (required) body: object, The request body. (required) The object takes the form of: { # Request for the Acknowledge method. "ackIds": [ # The acknowledgment ID for the messages being acknowledged that was returned # by the Pub/Sub system in the `Pull` response. Must not be empty. "A String", ], } x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # A generic empty message that you can re-use to avoid defining duplicated # empty messages in your APIs. A typical example is to use it as the request # or the response type of an API method. For instance: # # service Foo { # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); # } # # The JSON representation for `Empty` is empty JSON object `{}`. }
create(name, body, x__xgafv=None)
Creates a subscription to a given topic. If the subscription already exists, returns `ALREADY_EXISTS`. If the corresponding topic doesn't exist, returns `NOT_FOUND`. If the name is not provided in the request, the server will assign a random name for this subscription on the same project as the topic, conforming to the [resource name format](https://cloud.google.com/pubsub/docs/overview#names). The generated name is populated in the returned Subscription object. Note that for REST API requests, you must specify a name in the request. Args: name: string, The name of the subscription. It must have the format `"projects/{project}/subscriptions/{subscription}"`. `{subscription}` must start with a letter, and contain only letters (`[A-Za-z]`), numbers (`[0-9]`), dashes (`-`), underscores (`_`), periods (`.`), tildes (`~`), plus (`+`) or percent signs (`%`). It must be between 3 and 255 characters in length, and it must not start with `"goog"`. (required) body: object, The request body. (required) The object takes the form of: { # A subscription resource. "ackDeadlineSeconds": 42, # This value is the maximum time after a subscriber receives a message # before the subscriber should acknowledge the message. After message # delivery but before the ack deadline expires and before the message is # acknowledged, it is an outstanding message and will not be delivered # again during that time (on a best-effort basis). # # For pull subscriptions, this value is used as the initial value for the ack # deadline. To override this value for a given message, call # `ModifyAckDeadline` with the corresponding `ack_id` if using # pull. # The minimum custom deadline you can specify is 10 seconds. # The maximum custom deadline you can specify is 600 seconds (10 minutes). # If this parameter is 0, a default value of 10 seconds is used. # # For push delivery, this value is also used to set the request timeout for # the call to the push endpoint. # # If the subscriber never acknowledges the message, the Pub/Sub # system will eventually redeliver the message. "topic": "A String", # The name of the topic from which this subscription is receiving messages. # Format is `projects/{project}/topics/{topic}`. # The value of this field will be `_deleted-topic_` if the topic has been # deleted. "pushConfig": { # Configuration for a push delivery endpoint. # If push delivery is used with this subscription, this field is # used to configure it. An empty `pushConfig` signifies that the subscriber # will pull and ack messages using API methods. "attributes": { # Endpoint configuration attributes. # # Every endpoint has a set of API supported attributes that can be used to # control different aspects of the message delivery. # # The currently supported attribute is `x-goog-version`, which you can # use to change the format of the pushed message. This attribute # indicates the version of the data expected by the endpoint. This # controls the shape of the pushed message (i.e., its fields and metadata). # The endpoint version is based on the version of the Pub/Sub API. # # If not present during the `CreateSubscription` call, it will default to # the version of the API used to make such call. If not present during a # `ModifyPushConfig` call, its value will not be changed. `GetSubscription` # calls will always return a valid version, even if the subscription was # created without this attribute. # # The possible values for this attribute are: # # * `v1beta1`: uses the push format defined in the v1beta1 Pub/Sub API. # * `v1` or `v1beta2`: uses the push format defined in the v1 Pub/Sub API. "a_key": "A String", }, "pushEndpoint": "A String", # A URL locating the endpoint to which messages should be pushed. # For example, a Webhook endpoint might use "https://example.com/push". }, "name": "A String", # The name of the subscription. It must have the format # `"projects/{project}/subscriptions/{subscription}"`. `{subscription}` must # start with a letter, and contain only letters (`[A-Za-z]`), numbers # (`[0-9]`), dashes (`-`), underscores (`_`), periods (`.`), tildes (`~`), # plus (`+`) or percent signs (`%`). It must be between 3 and 255 characters # in length, and it must not start with `"goog"`. } x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # A subscription resource. "ackDeadlineSeconds": 42, # This value is the maximum time after a subscriber receives a message # before the subscriber should acknowledge the message. After message # delivery but before the ack deadline expires and before the message is # acknowledged, it is an outstanding message and will not be delivered # again during that time (on a best-effort basis). # # For pull subscriptions, this value is used as the initial value for the ack # deadline. To override this value for a given message, call # `ModifyAckDeadline` with the corresponding `ack_id` if using # pull. # The minimum custom deadline you can specify is 10 seconds. # The maximum custom deadline you can specify is 600 seconds (10 minutes). # If this parameter is 0, a default value of 10 seconds is used. # # For push delivery, this value is also used to set the request timeout for # the call to the push endpoint. # # If the subscriber never acknowledges the message, the Pub/Sub # system will eventually redeliver the message. "topic": "A String", # The name of the topic from which this subscription is receiving messages. # Format is `projects/{project}/topics/{topic}`. # The value of this field will be `_deleted-topic_` if the topic has been # deleted. "pushConfig": { # Configuration for a push delivery endpoint. # If push delivery is used with this subscription, this field is # used to configure it. An empty `pushConfig` signifies that the subscriber # will pull and ack messages using API methods. "attributes": { # Endpoint configuration attributes. # # Every endpoint has a set of API supported attributes that can be used to # control different aspects of the message delivery. # # The currently supported attribute is `x-goog-version`, which you can # use to change the format of the pushed message. This attribute # indicates the version of the data expected by the endpoint. This # controls the shape of the pushed message (i.e., its fields and metadata). # The endpoint version is based on the version of the Pub/Sub API. # # If not present during the `CreateSubscription` call, it will default to # the version of the API used to make such call. If not present during a # `ModifyPushConfig` call, its value will not be changed. `GetSubscription` # calls will always return a valid version, even if the subscription was # created without this attribute. # # The possible values for this attribute are: # # * `v1beta1`: uses the push format defined in the v1beta1 Pub/Sub API. # * `v1` or `v1beta2`: uses the push format defined in the v1 Pub/Sub API. "a_key": "A String", }, "pushEndpoint": "A String", # A URL locating the endpoint to which messages should be pushed. # For example, a Webhook endpoint might use "https://example.com/push". }, "name": "A String", # The name of the subscription. It must have the format # `"projects/{project}/subscriptions/{subscription}"`. `{subscription}` must # start with a letter, and contain only letters (`[A-Za-z]`), numbers # (`[0-9]`), dashes (`-`), underscores (`_`), periods (`.`), tildes (`~`), # plus (`+`) or percent signs (`%`). It must be between 3 and 255 characters # in length, and it must not start with `"goog"`. }
delete(subscription, x__xgafv=None)
Deletes an existing subscription. All messages retained in the subscription are immediately dropped. Calls to `Pull` after deletion will return `NOT_FOUND`. After a subscription is deleted, a new one may be created with the same name, but the new one has no association with the old subscription or its topic unless the same topic is specified. Args: subscription: string, The subscription to delete. Format is `projects/{project}/subscriptions/{sub}`. (required) x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # A generic empty message that you can re-use to avoid defining duplicated # empty messages in your APIs. A typical example is to use it as the request # or the response type of an API method. For instance: # # service Foo { # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); # } # # The JSON representation for `Empty` is empty JSON object `{}`. }
get(subscription, x__xgafv=None)
Gets the configuration details of a subscription. Args: subscription: string, The name of the subscription to get. Format is `projects/{project}/subscriptions/{sub}`. (required) x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # A subscription resource. "ackDeadlineSeconds": 42, # This value is the maximum time after a subscriber receives a message # before the subscriber should acknowledge the message. After message # delivery but before the ack deadline expires and before the message is # acknowledged, it is an outstanding message and will not be delivered # again during that time (on a best-effort basis). # # For pull subscriptions, this value is used as the initial value for the ack # deadline. To override this value for a given message, call # `ModifyAckDeadline` with the corresponding `ack_id` if using # pull. # The minimum custom deadline you can specify is 10 seconds. # The maximum custom deadline you can specify is 600 seconds (10 minutes). # If this parameter is 0, a default value of 10 seconds is used. # # For push delivery, this value is also used to set the request timeout for # the call to the push endpoint. # # If the subscriber never acknowledges the message, the Pub/Sub # system will eventually redeliver the message. "topic": "A String", # The name of the topic from which this subscription is receiving messages. # Format is `projects/{project}/topics/{topic}`. # The value of this field will be `_deleted-topic_` if the topic has been # deleted. "pushConfig": { # Configuration for a push delivery endpoint. # If push delivery is used with this subscription, this field is # used to configure it. An empty `pushConfig` signifies that the subscriber # will pull and ack messages using API methods. "attributes": { # Endpoint configuration attributes. # # Every endpoint has a set of API supported attributes that can be used to # control different aspects of the message delivery. # # The currently supported attribute is `x-goog-version`, which you can # use to change the format of the pushed message. This attribute # indicates the version of the data expected by the endpoint. This # controls the shape of the pushed message (i.e., its fields and metadata). # The endpoint version is based on the version of the Pub/Sub API. # # If not present during the `CreateSubscription` call, it will default to # the version of the API used to make such call. If not present during a # `ModifyPushConfig` call, its value will not be changed. `GetSubscription` # calls will always return a valid version, even if the subscription was # created without this attribute. # # The possible values for this attribute are: # # * `v1beta1`: uses the push format defined in the v1beta1 Pub/Sub API. # * `v1` or `v1beta2`: uses the push format defined in the v1 Pub/Sub API. "a_key": "A String", }, "pushEndpoint": "A String", # A URL locating the endpoint to which messages should be pushed. # For example, a Webhook endpoint might use "https://example.com/push". }, "name": "A String", # The name of the subscription. It must have the format # `"projects/{project}/subscriptions/{subscription}"`. `{subscription}` must # start with a letter, and contain only letters (`[A-Za-z]`), numbers # (`[0-9]`), dashes (`-`), underscores (`_`), periods (`.`), tildes (`~`), # plus (`+`) or percent signs (`%`). It must be between 3 and 255 characters # in length, and it must not start with `"goog"`. }
getIamPolicy(resource, x__xgafv=None)
Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. Args: resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required) x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # Defines an Identity and Access Management (IAM) policy. It is used to # specify access control policies for Cloud Platform resources. # # # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of # `members` to a `role`, where the members can be user accounts, Google groups, # Google domains, and service accounts. A `role` is a named list of permissions # defined by IAM. # # **Example** # # { # "bindings": [ # { # "role": "roles/owner", # "members": [ # "user:mike@example.com", # "group:admins@example.com", # "domain:google.com", # "serviceAccount:my-other-app@appspot.gserviceaccount.com", # ] # }, # { # "role": "roles/viewer", # "members": ["user:sean@example.com"] # } # ] # } # # For a description of IAM and its features, see the # [IAM developer's guide](https://cloud.google.com/iam). "bindings": [ # Associates a list of `members` to a `role`. # Multiple `bindings` must not be specified for the same `role`. # `bindings` with no members will result in an error. { # Associates `members` with a `role`. "role": "A String", # Role that is assigned to `members`. # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. # Required "members": [ # Specifies the identities requesting access for a Cloud Platform resource. # `members` can have the following values: # # * `allUsers`: A special identifier that represents anyone who is # on the internet; with or without a Google account. # # * `allAuthenticatedUsers`: A special identifier that represents anyone # who is authenticated with a Google account or a service account. # # * `user:{emailid}`: An email address that represents a specific Google # account. For example, `alice@gmail.com` or `joe@example.com`. # # # * `serviceAccount:{emailid}`: An email address that represents a service # account. For example, `my-other-app@appspot.gserviceaccount.com`. # # * `group:{emailid}`: An email address that represents a Google group. # For example, `admins@example.com`. # # * `domain:{domain}`: A Google Apps domain name that represents all the # users of that domain. For example, `google.com` or `example.com`. # "A String", ], }, ], "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help # prevent simultaneous updates of a policy from overwriting each other. # It is strongly suggested that systems make use of the `etag` in the # read-modify-write cycle to perform policy updates in order to avoid race # conditions: An `etag` is returned in the response to `getIamPolicy`, and # systems are expected to put that etag in the request to `setIamPolicy` to # ensure that their change will be applied to the same version of the policy. # # If no `etag` is provided in the call to `setIamPolicy`, then the existing # policy is overwritten blindly. "version": 42, # Version of the `Policy`. The default version is 0. }
list(project, pageSize=None, pageToken=None, x__xgafv=None)
Lists matching subscriptions. Args: project: string, The name of the cloud project that subscriptions belong to. Format is `projects/{project}`. (required) pageSize: integer, Maximum number of subscriptions to return. pageToken: string, The value returned by the last `ListSubscriptionsResponse`; indicates that this is a continuation of a prior `ListSubscriptions` call, and that the system should return the next page of data. x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # Response for the `ListSubscriptions` method. "nextPageToken": "A String", # If not empty, indicates that there may be more subscriptions that match # the request; this value should be passed in a new # `ListSubscriptionsRequest` to get more subscriptions. "subscriptions": [ # The subscriptions that match the request. { # A subscription resource. "ackDeadlineSeconds": 42, # This value is the maximum time after a subscriber receives a message # before the subscriber should acknowledge the message. After message # delivery but before the ack deadline expires and before the message is # acknowledged, it is an outstanding message and will not be delivered # again during that time (on a best-effort basis). # # For pull subscriptions, this value is used as the initial value for the ack # deadline. To override this value for a given message, call # `ModifyAckDeadline` with the corresponding `ack_id` if using # pull. # The minimum custom deadline you can specify is 10 seconds. # The maximum custom deadline you can specify is 600 seconds (10 minutes). # If this parameter is 0, a default value of 10 seconds is used. # # For push delivery, this value is also used to set the request timeout for # the call to the push endpoint. # # If the subscriber never acknowledges the message, the Pub/Sub # system will eventually redeliver the message. "topic": "A String", # The name of the topic from which this subscription is receiving messages. # Format is `projects/{project}/topics/{topic}`. # The value of this field will be `_deleted-topic_` if the topic has been # deleted. "pushConfig": { # Configuration for a push delivery endpoint. # If push delivery is used with this subscription, this field is # used to configure it. An empty `pushConfig` signifies that the subscriber # will pull and ack messages using API methods. "attributes": { # Endpoint configuration attributes. # # Every endpoint has a set of API supported attributes that can be used to # control different aspects of the message delivery. # # The currently supported attribute is `x-goog-version`, which you can # use to change the format of the pushed message. This attribute # indicates the version of the data expected by the endpoint. This # controls the shape of the pushed message (i.e., its fields and metadata). # The endpoint version is based on the version of the Pub/Sub API. # # If not present during the `CreateSubscription` call, it will default to # the version of the API used to make such call. If not present during a # `ModifyPushConfig` call, its value will not be changed. `GetSubscription` # calls will always return a valid version, even if the subscription was # created without this attribute. # # The possible values for this attribute are: # # * `v1beta1`: uses the push format defined in the v1beta1 Pub/Sub API. # * `v1` or `v1beta2`: uses the push format defined in the v1 Pub/Sub API. "a_key": "A String", }, "pushEndpoint": "A String", # A URL locating the endpoint to which messages should be pushed. # For example, a Webhook endpoint might use "https://example.com/push". }, "name": "A String", # The name of the subscription. It must have the format # `"projects/{project}/subscriptions/{subscription}"`. `{subscription}` must # start with a letter, and contain only letters (`[A-Za-z]`), numbers # (`[0-9]`), dashes (`-`), underscores (`_`), periods (`.`), tildes (`~`), # plus (`+`) or percent signs (`%`). It must be between 3 and 255 characters # in length, and it must not start with `"goog"`. }, ], }
list_next(previous_request, previous_response)
Retrieves the next page of results. Args: previous_request: The request for the previous page. (required) previous_response: The response from the request for the previous page. (required) Returns: A request object that you can call 'execute()' on to request the next page. Returns None if there are no more items in the collection.
modifyAckDeadline(subscription, body, x__xgafv=None)
Modifies the ack deadline for a specific message. This method is useful to indicate that more time is needed to process a message by the subscriber, or to make the message available for redelivery if the processing was interrupted. Note that this does not modify the subscription-level `ackDeadlineSeconds` used for subsequent messages. Args: subscription: string, The name of the subscription. Format is `projects/{project}/subscriptions/{sub}`. (required) body: object, The request body. (required) The object takes the form of: { # Request for the ModifyAckDeadline method. "ackDeadlineSeconds": 42, # The new ack deadline with respect to the time this request was sent to # the Pub/Sub system. For example, if the value is 10, the new # ack deadline will expire 10 seconds after the `ModifyAckDeadline` call # was made. Specifying zero may immediately make the message available for # another pull request. # The minimum deadline you can specify is 0 seconds. # The maximum deadline you can specify is 600 seconds (10 minutes). "ackIds": [ # List of acknowledgment IDs. "A String", ], } x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # A generic empty message that you can re-use to avoid defining duplicated # empty messages in your APIs. A typical example is to use it as the request # or the response type of an API method. For instance: # # service Foo { # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); # } # # The JSON representation for `Empty` is empty JSON object `{}`. }
modifyPushConfig(subscription, body, x__xgafv=None)
Modifies the `PushConfig` for a specified subscription. This may be used to change a push subscription to a pull one (signified by an empty `PushConfig`) or vice versa, or change the endpoint URL and other attributes of a push subscription. Messages will accumulate for delivery continuously through the call regardless of changes to the `PushConfig`. Args: subscription: string, The name of the subscription. Format is `projects/{project}/subscriptions/{sub}`. (required) body: object, The request body. (required) The object takes the form of: { # Request for the ModifyPushConfig method. "pushConfig": { # Configuration for a push delivery endpoint. # The push configuration for future deliveries. # # An empty `pushConfig` indicates that the Pub/Sub system should # stop pushing messages from the given subscription and allow # messages to be pulled and acknowledged - effectively pausing # the subscription if `Pull` is not called. "attributes": { # Endpoint configuration attributes. # # Every endpoint has a set of API supported attributes that can be used to # control different aspects of the message delivery. # # The currently supported attribute is `x-goog-version`, which you can # use to change the format of the pushed message. This attribute # indicates the version of the data expected by the endpoint. This # controls the shape of the pushed message (i.e., its fields and metadata). # The endpoint version is based on the version of the Pub/Sub API. # # If not present during the `CreateSubscription` call, it will default to # the version of the API used to make such call. If not present during a # `ModifyPushConfig` call, its value will not be changed. `GetSubscription` # calls will always return a valid version, even if the subscription was # created without this attribute. # # The possible values for this attribute are: # # * `v1beta1`: uses the push format defined in the v1beta1 Pub/Sub API. # * `v1` or `v1beta2`: uses the push format defined in the v1 Pub/Sub API. "a_key": "A String", }, "pushEndpoint": "A String", # A URL locating the endpoint to which messages should be pushed. # For example, a Webhook endpoint might use "https://example.com/push". }, } x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # A generic empty message that you can re-use to avoid defining duplicated # empty messages in your APIs. A typical example is to use it as the request # or the response type of an API method. For instance: # # service Foo { # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); # } # # The JSON representation for `Empty` is empty JSON object `{}`. }
pull(subscription, body, x__xgafv=None)
Pulls messages from the server. Returns an empty list if there are no messages available in the backlog. The server may return `UNAVAILABLE` if there are too many concurrent pull requests pending for the given subscription. Args: subscription: string, The subscription from which messages should be pulled. Format is `projects/{project}/subscriptions/{sub}`. (required) body: object, The request body. (required) The object takes the form of: { # Request for the `Pull` method. "returnImmediately": True or False, # If this field set to true, the system will respond immediately even if # it there are no messages available to return in the `Pull` response. # Otherwise, the system may wait (for a bounded amount of time) until at # least one message is available, rather than returning no messages. The # client may cancel the request if it does not wish to wait any longer for # the response. "maxMessages": 42, # The maximum number of messages returned for this request. The Pub/Sub # system may return fewer than the number specified. } x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # Response for the `Pull` method. "receivedMessages": [ # Received Pub/Sub messages. The Pub/Sub system will return zero messages if # there are no more available in the backlog. The Pub/Sub system may return # fewer than the `maxMessages` requested even if there are more messages # available in the backlog. { # A message and its corresponding acknowledgment ID. "ackId": "A String", # This ID can be used to acknowledge the received message. "message": { # A message data and its attributes. The message payload must not be empty; # The message. # it must contain either a non-empty data field, or at least one attribute. "attributes": { # Optional attributes for this message. "a_key": "A String", }, "data": "A String", # The message payload. "publishTime": "A String", # The time at which the message was published, populated by the server when # it receives the `Publish` call. It must not be populated by the # publisher in a `Publish` call. "messageId": "A String", # ID of this message, assigned by the server when the message is published. # Guaranteed to be unique within the topic. This value may be read by a # subscriber that receives a `PubsubMessage` via a `Pull` call or a push # delivery. It must not be populated by the publisher in a `Publish` call. }, }, ], }
setIamPolicy(resource, body, x__xgafv=None)
Sets the access control policy on the specified resource. Replaces any existing policy. Args: resource: string, REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field. (required) body: object, The request body. (required) The object takes the form of: { # Request message for `SetIamPolicy` method. "policy": { # Defines an Identity and Access Management (IAM) policy. It is used to # REQUIRED: The complete policy to be applied to the `resource`. The size of # the policy is limited to a few 10s of KB. An empty policy is a # valid policy but certain Cloud Platform services (such as Projects) # might reject them. # specify access control policies for Cloud Platform resources. # # # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of # `members` to a `role`, where the members can be user accounts, Google groups, # Google domains, and service accounts. A `role` is a named list of permissions # defined by IAM. # # **Example** # # { # "bindings": [ # { # "role": "roles/owner", # "members": [ # "user:mike@example.com", # "group:admins@example.com", # "domain:google.com", # "serviceAccount:my-other-app@appspot.gserviceaccount.com", # ] # }, # { # "role": "roles/viewer", # "members": ["user:sean@example.com"] # } # ] # } # # For a description of IAM and its features, see the # [IAM developer's guide](https://cloud.google.com/iam). "bindings": [ # Associates a list of `members` to a `role`. # Multiple `bindings` must not be specified for the same `role`. # `bindings` with no members will result in an error. { # Associates `members` with a `role`. "role": "A String", # Role that is assigned to `members`. # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. # Required "members": [ # Specifies the identities requesting access for a Cloud Platform resource. # `members` can have the following values: # # * `allUsers`: A special identifier that represents anyone who is # on the internet; with or without a Google account. # # * `allAuthenticatedUsers`: A special identifier that represents anyone # who is authenticated with a Google account or a service account. # # * `user:{emailid}`: An email address that represents a specific Google # account. For example, `alice@gmail.com` or `joe@example.com`. # # # * `serviceAccount:{emailid}`: An email address that represents a service # account. For example, `my-other-app@appspot.gserviceaccount.com`. # # * `group:{emailid}`: An email address that represents a Google group. # For example, `admins@example.com`. # # * `domain:{domain}`: A Google Apps domain name that represents all the # users of that domain. For example, `google.com` or `example.com`. # "A String", ], }, ], "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help # prevent simultaneous updates of a policy from overwriting each other. # It is strongly suggested that systems make use of the `etag` in the # read-modify-write cycle to perform policy updates in order to avoid race # conditions: An `etag` is returned in the response to `getIamPolicy`, and # systems are expected to put that etag in the request to `setIamPolicy` to # ensure that their change will be applied to the same version of the policy. # # If no `etag` is provided in the call to `setIamPolicy`, then the existing # policy is overwritten blindly. "version": 42, # Version of the `Policy`. The default version is 0. }, } x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # Defines an Identity and Access Management (IAM) policy. It is used to # specify access control policies for Cloud Platform resources. # # # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of # `members` to a `role`, where the members can be user accounts, Google groups, # Google domains, and service accounts. A `role` is a named list of permissions # defined by IAM. # # **Example** # # { # "bindings": [ # { # "role": "roles/owner", # "members": [ # "user:mike@example.com", # "group:admins@example.com", # "domain:google.com", # "serviceAccount:my-other-app@appspot.gserviceaccount.com", # ] # }, # { # "role": "roles/viewer", # "members": ["user:sean@example.com"] # } # ] # } # # For a description of IAM and its features, see the # [IAM developer's guide](https://cloud.google.com/iam). "bindings": [ # Associates a list of `members` to a `role`. # Multiple `bindings` must not be specified for the same `role`. # `bindings` with no members will result in an error. { # Associates `members` with a `role`. "role": "A String", # Role that is assigned to `members`. # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. # Required "members": [ # Specifies the identities requesting access for a Cloud Platform resource. # `members` can have the following values: # # * `allUsers`: A special identifier that represents anyone who is # on the internet; with or without a Google account. # # * `allAuthenticatedUsers`: A special identifier that represents anyone # who is authenticated with a Google account or a service account. # # * `user:{emailid}`: An email address that represents a specific Google # account. For example, `alice@gmail.com` or `joe@example.com`. # # # * `serviceAccount:{emailid}`: An email address that represents a service # account. For example, `my-other-app@appspot.gserviceaccount.com`. # # * `group:{emailid}`: An email address that represents a Google group. # For example, `admins@example.com`. # # * `domain:{domain}`: A Google Apps domain name that represents all the # users of that domain. For example, `google.com` or `example.com`. # "A String", ], }, ], "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help # prevent simultaneous updates of a policy from overwriting each other. # It is strongly suggested that systems make use of the `etag` in the # read-modify-write cycle to perform policy updates in order to avoid race # conditions: An `etag` is returned in the response to `getIamPolicy`, and # systems are expected to put that etag in the request to `setIamPolicy` to # ensure that their change will be applied to the same version of the policy. # # If no `etag` is provided in the call to `setIamPolicy`, then the existing # policy is overwritten blindly. "version": 42, # Version of the `Policy`. The default version is 0. }
testIamPermissions(resource, body, x__xgafv=None)
Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. Args: resource: string, REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field. (required) body: object, The request body. (required) The object takes the form of: { # Request message for `TestIamPermissions` method. "permissions": [ # The set of permissions to check for the `resource`. Permissions with # wildcards (such as '*' or 'storage.*') are not allowed. For more # information see # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). "A String", ], } x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # Response message for `TestIamPermissions` method. "permissions": [ # A subset of `TestPermissionsRequest.permissions` that the caller is # allowed. "A String", ], }