1<html><body> 2<style> 3 4body, h1, h2, h3, div, span, p, pre, a { 5 margin: 0; 6 padding: 0; 7 border: 0; 8 font-weight: inherit; 9 font-style: inherit; 10 font-size: 100%; 11 font-family: inherit; 12 vertical-align: baseline; 13} 14 15body { 16 font-size: 13px; 17 padding: 1em; 18} 19 20h1 { 21 font-size: 26px; 22 margin-bottom: 1em; 23} 24 25h2 { 26 font-size: 24px; 27 margin-bottom: 1em; 28} 29 30h3 { 31 font-size: 20px; 32 margin-bottom: 1em; 33 margin-top: 1em; 34} 35 36pre, code { 37 line-height: 1.5; 38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; 39} 40 41pre { 42 margin-top: 0.5em; 43} 44 45h1, h2, h3, p { 46 font-family: Arial, sans serif; 47} 48 49h1, h2, h3 { 50 border-bottom: solid #CCC 1px; 51} 52 53.toc_element { 54 margin-top: 0.5em; 55} 56 57.firstline { 58 margin-left: 2 em; 59} 60 61.method { 62 margin-top: 1em; 63 border: solid 1px #CCC; 64 padding: 1em; 65 background: #EEE; 66} 67 68.details { 69 font-weight: bold; 70 font-size: 14px; 71} 72 73</style> 74 75<h1><a href="servicemanagement_v1.html">Service Management API</a> . <a href="servicemanagement_v1.services.html">services</a> . <a href="servicemanagement_v1.services.consumers.html">consumers</a></h1> 76<h2>Instance Methods</h2> 77<p class="toc_element"> 78 <code><a href="#getIamPolicy">getIamPolicy(resource, body=None, x__xgafv=None)</a></code></p> 79<p class="firstline">Gets the access control policy for a resource.</p> 80<p class="toc_element"> 81 <code><a href="#setIamPolicy">setIamPolicy(resource, body, x__xgafv=None)</a></code></p> 82<p class="firstline">Sets the access control policy on the specified resource. Replaces any</p> 83<p class="toc_element"> 84 <code><a href="#testIamPermissions">testIamPermissions(resource, body, x__xgafv=None)</a></code></p> 85<p class="firstline">Returns permissions that a caller has on the specified resource.</p> 86<h3>Method Details</h3> 87<div class="method"> 88 <code class="details" id="getIamPolicy">getIamPolicy(resource, body=None, x__xgafv=None)</code> 89 <pre>Gets the access control policy for a resource. 90Returns an empty policy if the resource exists and does not have a policy 91set. 92 93Args: 94 resource: string, REQUIRED: The resource for which the policy is being requested. 95See the operation documentation for the appropriate value for this field. (required) 96 body: object, The request body. 97 The object takes the form of: 98 99{ # Request message for `GetIamPolicy` method. 100 } 101 102 x__xgafv: string, V1 error format. 103 Allowed values 104 1 - v1 error format 105 2 - v2 error format 106 107Returns: 108 An object of the form: 109 110 { # Defines an Identity and Access Management (IAM) policy. It is used to 111 # specify access control policies for Cloud Platform resources. 112 # 113 # 114 # A `Policy` consists of a list of `bindings`. A `binding` binds a list of 115 # `members` to a `role`, where the members can be user accounts, Google groups, 116 # Google domains, and service accounts. A `role` is a named list of permissions 117 # defined by IAM. 118 # 119 # **JSON Example** 120 # 121 # { 122 # "bindings": [ 123 # { 124 # "role": "roles/owner", 125 # "members": [ 126 # "user:mike@example.com", 127 # "group:admins@example.com", 128 # "domain:google.com", 129 # "serviceAccount:my-other-app@appspot.gserviceaccount.com" 130 # ] 131 # }, 132 # { 133 # "role": "roles/viewer", 134 # "members": ["user:sean@example.com"] 135 # } 136 # ] 137 # } 138 # 139 # **YAML Example** 140 # 141 # bindings: 142 # - members: 143 # - user:mike@example.com 144 # - group:admins@example.com 145 # - domain:google.com 146 # - serviceAccount:my-other-app@appspot.gserviceaccount.com 147 # role: roles/owner 148 # - members: 149 # - user:sean@example.com 150 # role: roles/viewer 151 # 152 # 153 # For a description of IAM and its features, see the 154 # [IAM developer's guide](https://cloud.google.com/iam/docs). 155 "bindings": [ # Associates a list of `members` to a `role`. 156 # `bindings` with no members will result in an error. 157 { # Associates `members` with a `role`. 158 "role": "A String", # Role that is assigned to `members`. 159 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 160 "members": [ # Specifies the identities requesting access for a Cloud Platform resource. 161 # `members` can have the following values: 162 # 163 # * `allUsers`: A special identifier that represents anyone who is 164 # on the internet; with or without a Google account. 165 # 166 # * `allAuthenticatedUsers`: A special identifier that represents anyone 167 # who is authenticated with a Google account or a service account. 168 # 169 # * `user:{emailid}`: An email address that represents a specific Google 170 # account. For example, `alice@gmail.com` . 171 # 172 # 173 # * `serviceAccount:{emailid}`: An email address that represents a service 174 # account. For example, `my-other-app@appspot.gserviceaccount.com`. 175 # 176 # * `group:{emailid}`: An email address that represents a Google group. 177 # For example, `admins@example.com`. 178 # 179 # 180 # * `domain:{domain}`: The G Suite domain (primary) that represents all the 181 # users of that domain. For example, `google.com` or `example.com`. 182 # 183 "A String", 184 ], 185 "condition": { # Represents an expression text. Example: # The condition that is associated with this binding. 186 # NOTE: An unsatisfied condition will not allow user access via current 187 # binding. Different bindings, including their conditions, are examined 188 # independently. 189 # 190 # title: "User account presence" 191 # description: "Determines whether the request has a user account" 192 # expression: "size(request.user) > 0" 193 "location": "A String", # An optional string indicating the location of the expression for error 194 # reporting, e.g. a file name and a position in the file. 195 "expression": "A String", # Textual representation of an expression in 196 # Common Expression Language syntax. 197 # 198 # The application context of the containing message determines which 199 # well-known feature set of CEL is supported. 200 "description": "A String", # An optional description of the expression. This is a longer text which 201 # describes the expression, e.g. when hovered over it in a UI. 202 "title": "A String", # An optional title for the expression, i.e. a short string describing 203 # its purpose. This can be used e.g. in UIs which allow to enter the 204 # expression. 205 }, 206 }, 207 ], 208 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. 209 { # Specifies the audit configuration for a service. 210 # The configuration determines which permission types are logged, and what 211 # identities, if any, are exempted from logging. 212 # An AuditConfig must have one or more AuditLogConfigs. 213 # 214 # If there are AuditConfigs for both `allServices` and a specific service, 215 # the union of the two AuditConfigs is used for that service: the log_types 216 # specified in each AuditConfig are enabled, and the exempted_members in each 217 # AuditLogConfig are exempted. 218 # 219 # Example Policy with multiple AuditConfigs: 220 # 221 # { 222 # "audit_configs": [ 223 # { 224 # "service": "allServices" 225 # "audit_log_configs": [ 226 # { 227 # "log_type": "DATA_READ", 228 # "exempted_members": [ 229 # "user:foo@gmail.com" 230 # ] 231 # }, 232 # { 233 # "log_type": "DATA_WRITE", 234 # }, 235 # { 236 # "log_type": "ADMIN_READ", 237 # } 238 # ] 239 # }, 240 # { 241 # "service": "fooservice.googleapis.com" 242 # "audit_log_configs": [ 243 # { 244 # "log_type": "DATA_READ", 245 # }, 246 # { 247 # "log_type": "DATA_WRITE", 248 # "exempted_members": [ 249 # "user:bar@gmail.com" 250 # ] 251 # } 252 # ] 253 # } 254 # ] 255 # } 256 # 257 # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ 258 # logging. It also exempts foo@gmail.com from DATA_READ logging, and 259 # bar@gmail.com from DATA_WRITE logging. 260 "auditLogConfigs": [ # The configuration for logging of each type of permission. 261 { # Provides the configuration for logging a type of permissions. 262 # Example: 263 # 264 # { 265 # "audit_log_configs": [ 266 # { 267 # "log_type": "DATA_READ", 268 # "exempted_members": [ 269 # "user:foo@gmail.com" 270 # ] 271 # }, 272 # { 273 # "log_type": "DATA_WRITE", 274 # } 275 # ] 276 # } 277 # 278 # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting 279 # foo@gmail.com from DATA_READ logging. 280 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of 281 # permission. 282 # Follows the same format of Binding.members. 283 "A String", 284 ], 285 "logType": "A String", # The log type that this config enables. 286 }, 287 ], 288 "service": "A String", # Specifies a service that will be enabled for audit logging. 289 # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. 290 # `allServices` is a special value that covers all services. 291 }, 292 ], 293 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help 294 # prevent simultaneous updates of a policy from overwriting each other. 295 # It is strongly suggested that systems make use of the `etag` in the 296 # read-modify-write cycle to perform policy updates in order to avoid race 297 # conditions: An `etag` is returned in the response to `getIamPolicy`, and 298 # systems are expected to put that etag in the request to `setIamPolicy` to 299 # ensure that their change will be applied to the same version of the policy. 300 # 301 # If no `etag` is provided in the call to `setIamPolicy`, then the existing 302 # policy is overwritten blindly. 303 "version": 42, # Deprecated. 304 }</pre> 305</div> 306 307<div class="method"> 308 <code class="details" id="setIamPolicy">setIamPolicy(resource, body, x__xgafv=None)</code> 309 <pre>Sets the access control policy on the specified resource. Replaces any 310existing policy. 311 312Args: 313 resource: string, REQUIRED: The resource for which the policy is being specified. 314See the operation documentation for the appropriate value for this field. (required) 315 body: object, The request body. (required) 316 The object takes the form of: 317 318{ # Request message for `SetIamPolicy` method. 319 "policy": { # Defines an Identity and Access Management (IAM) policy. It is used to # REQUIRED: The complete policy to be applied to the `resource`. The size of 320 # the policy is limited to a few 10s of KB. An empty policy is a 321 # valid policy but certain Cloud Platform services (such as Projects) 322 # might reject them. 323 # specify access control policies for Cloud Platform resources. 324 # 325 # 326 # A `Policy` consists of a list of `bindings`. A `binding` binds a list of 327 # `members` to a `role`, where the members can be user accounts, Google groups, 328 # Google domains, and service accounts. A `role` is a named list of permissions 329 # defined by IAM. 330 # 331 # **JSON Example** 332 # 333 # { 334 # "bindings": [ 335 # { 336 # "role": "roles/owner", 337 # "members": [ 338 # "user:mike@example.com", 339 # "group:admins@example.com", 340 # "domain:google.com", 341 # "serviceAccount:my-other-app@appspot.gserviceaccount.com" 342 # ] 343 # }, 344 # { 345 # "role": "roles/viewer", 346 # "members": ["user:sean@example.com"] 347 # } 348 # ] 349 # } 350 # 351 # **YAML Example** 352 # 353 # bindings: 354 # - members: 355 # - user:mike@example.com 356 # - group:admins@example.com 357 # - domain:google.com 358 # - serviceAccount:my-other-app@appspot.gserviceaccount.com 359 # role: roles/owner 360 # - members: 361 # - user:sean@example.com 362 # role: roles/viewer 363 # 364 # 365 # For a description of IAM and its features, see the 366 # [IAM developer's guide](https://cloud.google.com/iam/docs). 367 "bindings": [ # Associates a list of `members` to a `role`. 368 # `bindings` with no members will result in an error. 369 { # Associates `members` with a `role`. 370 "role": "A String", # Role that is assigned to `members`. 371 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 372 "members": [ # Specifies the identities requesting access for a Cloud Platform resource. 373 # `members` can have the following values: 374 # 375 # * `allUsers`: A special identifier that represents anyone who is 376 # on the internet; with or without a Google account. 377 # 378 # * `allAuthenticatedUsers`: A special identifier that represents anyone 379 # who is authenticated with a Google account or a service account. 380 # 381 # * `user:{emailid}`: An email address that represents a specific Google 382 # account. For example, `alice@gmail.com` . 383 # 384 # 385 # * `serviceAccount:{emailid}`: An email address that represents a service 386 # account. For example, `my-other-app@appspot.gserviceaccount.com`. 387 # 388 # * `group:{emailid}`: An email address that represents a Google group. 389 # For example, `admins@example.com`. 390 # 391 # 392 # * `domain:{domain}`: The G Suite domain (primary) that represents all the 393 # users of that domain. For example, `google.com` or `example.com`. 394 # 395 "A String", 396 ], 397 "condition": { # Represents an expression text. Example: # The condition that is associated with this binding. 398 # NOTE: An unsatisfied condition will not allow user access via current 399 # binding. Different bindings, including their conditions, are examined 400 # independently. 401 # 402 # title: "User account presence" 403 # description: "Determines whether the request has a user account" 404 # expression: "size(request.user) > 0" 405 "location": "A String", # An optional string indicating the location of the expression for error 406 # reporting, e.g. a file name and a position in the file. 407 "expression": "A String", # Textual representation of an expression in 408 # Common Expression Language syntax. 409 # 410 # The application context of the containing message determines which 411 # well-known feature set of CEL is supported. 412 "description": "A String", # An optional description of the expression. This is a longer text which 413 # describes the expression, e.g. when hovered over it in a UI. 414 "title": "A String", # An optional title for the expression, i.e. a short string describing 415 # its purpose. This can be used e.g. in UIs which allow to enter the 416 # expression. 417 }, 418 }, 419 ], 420 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. 421 { # Specifies the audit configuration for a service. 422 # The configuration determines which permission types are logged, and what 423 # identities, if any, are exempted from logging. 424 # An AuditConfig must have one or more AuditLogConfigs. 425 # 426 # If there are AuditConfigs for both `allServices` and a specific service, 427 # the union of the two AuditConfigs is used for that service: the log_types 428 # specified in each AuditConfig are enabled, and the exempted_members in each 429 # AuditLogConfig are exempted. 430 # 431 # Example Policy with multiple AuditConfigs: 432 # 433 # { 434 # "audit_configs": [ 435 # { 436 # "service": "allServices" 437 # "audit_log_configs": [ 438 # { 439 # "log_type": "DATA_READ", 440 # "exempted_members": [ 441 # "user:foo@gmail.com" 442 # ] 443 # }, 444 # { 445 # "log_type": "DATA_WRITE", 446 # }, 447 # { 448 # "log_type": "ADMIN_READ", 449 # } 450 # ] 451 # }, 452 # { 453 # "service": "fooservice.googleapis.com" 454 # "audit_log_configs": [ 455 # { 456 # "log_type": "DATA_READ", 457 # }, 458 # { 459 # "log_type": "DATA_WRITE", 460 # "exempted_members": [ 461 # "user:bar@gmail.com" 462 # ] 463 # } 464 # ] 465 # } 466 # ] 467 # } 468 # 469 # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ 470 # logging. It also exempts foo@gmail.com from DATA_READ logging, and 471 # bar@gmail.com from DATA_WRITE logging. 472 "auditLogConfigs": [ # The configuration for logging of each type of permission. 473 { # Provides the configuration for logging a type of permissions. 474 # Example: 475 # 476 # { 477 # "audit_log_configs": [ 478 # { 479 # "log_type": "DATA_READ", 480 # "exempted_members": [ 481 # "user:foo@gmail.com" 482 # ] 483 # }, 484 # { 485 # "log_type": "DATA_WRITE", 486 # } 487 # ] 488 # } 489 # 490 # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting 491 # foo@gmail.com from DATA_READ logging. 492 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of 493 # permission. 494 # Follows the same format of Binding.members. 495 "A String", 496 ], 497 "logType": "A String", # The log type that this config enables. 498 }, 499 ], 500 "service": "A String", # Specifies a service that will be enabled for audit logging. 501 # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. 502 # `allServices` is a special value that covers all services. 503 }, 504 ], 505 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help 506 # prevent simultaneous updates of a policy from overwriting each other. 507 # It is strongly suggested that systems make use of the `etag` in the 508 # read-modify-write cycle to perform policy updates in order to avoid race 509 # conditions: An `etag` is returned in the response to `getIamPolicy`, and 510 # systems are expected to put that etag in the request to `setIamPolicy` to 511 # ensure that their change will be applied to the same version of the policy. 512 # 513 # If no `etag` is provided in the call to `setIamPolicy`, then the existing 514 # policy is overwritten blindly. 515 "version": 42, # Deprecated. 516 }, 517 "updateMask": "A String", # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only 518 # the fields in the mask will be modified. If no mask is provided, the 519 # following default mask is used: 520 # paths: "bindings, etag" 521 # This field is only used by Cloud IAM. 522 } 523 524 x__xgafv: string, V1 error format. 525 Allowed values 526 1 - v1 error format 527 2 - v2 error format 528 529Returns: 530 An object of the form: 531 532 { # Defines an Identity and Access Management (IAM) policy. It is used to 533 # specify access control policies for Cloud Platform resources. 534 # 535 # 536 # A `Policy` consists of a list of `bindings`. A `binding` binds a list of 537 # `members` to a `role`, where the members can be user accounts, Google groups, 538 # Google domains, and service accounts. A `role` is a named list of permissions 539 # defined by IAM. 540 # 541 # **JSON Example** 542 # 543 # { 544 # "bindings": [ 545 # { 546 # "role": "roles/owner", 547 # "members": [ 548 # "user:mike@example.com", 549 # "group:admins@example.com", 550 # "domain:google.com", 551 # "serviceAccount:my-other-app@appspot.gserviceaccount.com" 552 # ] 553 # }, 554 # { 555 # "role": "roles/viewer", 556 # "members": ["user:sean@example.com"] 557 # } 558 # ] 559 # } 560 # 561 # **YAML Example** 562 # 563 # bindings: 564 # - members: 565 # - user:mike@example.com 566 # - group:admins@example.com 567 # - domain:google.com 568 # - serviceAccount:my-other-app@appspot.gserviceaccount.com 569 # role: roles/owner 570 # - members: 571 # - user:sean@example.com 572 # role: roles/viewer 573 # 574 # 575 # For a description of IAM and its features, see the 576 # [IAM developer's guide](https://cloud.google.com/iam/docs). 577 "bindings": [ # Associates a list of `members` to a `role`. 578 # `bindings` with no members will result in an error. 579 { # Associates `members` with a `role`. 580 "role": "A String", # Role that is assigned to `members`. 581 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 582 "members": [ # Specifies the identities requesting access for a Cloud Platform resource. 583 # `members` can have the following values: 584 # 585 # * `allUsers`: A special identifier that represents anyone who is 586 # on the internet; with or without a Google account. 587 # 588 # * `allAuthenticatedUsers`: A special identifier that represents anyone 589 # who is authenticated with a Google account or a service account. 590 # 591 # * `user:{emailid}`: An email address that represents a specific Google 592 # account. For example, `alice@gmail.com` . 593 # 594 # 595 # * `serviceAccount:{emailid}`: An email address that represents a service 596 # account. For example, `my-other-app@appspot.gserviceaccount.com`. 597 # 598 # * `group:{emailid}`: An email address that represents a Google group. 599 # For example, `admins@example.com`. 600 # 601 # 602 # * `domain:{domain}`: The G Suite domain (primary) that represents all the 603 # users of that domain. For example, `google.com` or `example.com`. 604 # 605 "A String", 606 ], 607 "condition": { # Represents an expression text. Example: # The condition that is associated with this binding. 608 # NOTE: An unsatisfied condition will not allow user access via current 609 # binding. Different bindings, including their conditions, are examined 610 # independently. 611 # 612 # title: "User account presence" 613 # description: "Determines whether the request has a user account" 614 # expression: "size(request.user) > 0" 615 "location": "A String", # An optional string indicating the location of the expression for error 616 # reporting, e.g. a file name and a position in the file. 617 "expression": "A String", # Textual representation of an expression in 618 # Common Expression Language syntax. 619 # 620 # The application context of the containing message determines which 621 # well-known feature set of CEL is supported. 622 "description": "A String", # An optional description of the expression. This is a longer text which 623 # describes the expression, e.g. when hovered over it in a UI. 624 "title": "A String", # An optional title for the expression, i.e. a short string describing 625 # its purpose. This can be used e.g. in UIs which allow to enter the 626 # expression. 627 }, 628 }, 629 ], 630 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. 631 { # Specifies the audit configuration for a service. 632 # The configuration determines which permission types are logged, and what 633 # identities, if any, are exempted from logging. 634 # An AuditConfig must have one or more AuditLogConfigs. 635 # 636 # If there are AuditConfigs for both `allServices` and a specific service, 637 # the union of the two AuditConfigs is used for that service: the log_types 638 # specified in each AuditConfig are enabled, and the exempted_members in each 639 # AuditLogConfig are exempted. 640 # 641 # Example Policy with multiple AuditConfigs: 642 # 643 # { 644 # "audit_configs": [ 645 # { 646 # "service": "allServices" 647 # "audit_log_configs": [ 648 # { 649 # "log_type": "DATA_READ", 650 # "exempted_members": [ 651 # "user:foo@gmail.com" 652 # ] 653 # }, 654 # { 655 # "log_type": "DATA_WRITE", 656 # }, 657 # { 658 # "log_type": "ADMIN_READ", 659 # } 660 # ] 661 # }, 662 # { 663 # "service": "fooservice.googleapis.com" 664 # "audit_log_configs": [ 665 # { 666 # "log_type": "DATA_READ", 667 # }, 668 # { 669 # "log_type": "DATA_WRITE", 670 # "exempted_members": [ 671 # "user:bar@gmail.com" 672 # ] 673 # } 674 # ] 675 # } 676 # ] 677 # } 678 # 679 # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ 680 # logging. It also exempts foo@gmail.com from DATA_READ logging, and 681 # bar@gmail.com from DATA_WRITE logging. 682 "auditLogConfigs": [ # The configuration for logging of each type of permission. 683 { # Provides the configuration for logging a type of permissions. 684 # Example: 685 # 686 # { 687 # "audit_log_configs": [ 688 # { 689 # "log_type": "DATA_READ", 690 # "exempted_members": [ 691 # "user:foo@gmail.com" 692 # ] 693 # }, 694 # { 695 # "log_type": "DATA_WRITE", 696 # } 697 # ] 698 # } 699 # 700 # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting 701 # foo@gmail.com from DATA_READ logging. 702 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of 703 # permission. 704 # Follows the same format of Binding.members. 705 "A String", 706 ], 707 "logType": "A String", # The log type that this config enables. 708 }, 709 ], 710 "service": "A String", # Specifies a service that will be enabled for audit logging. 711 # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. 712 # `allServices` is a special value that covers all services. 713 }, 714 ], 715 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help 716 # prevent simultaneous updates of a policy from overwriting each other. 717 # It is strongly suggested that systems make use of the `etag` in the 718 # read-modify-write cycle to perform policy updates in order to avoid race 719 # conditions: An `etag` is returned in the response to `getIamPolicy`, and 720 # systems are expected to put that etag in the request to `setIamPolicy` to 721 # ensure that their change will be applied to the same version of the policy. 722 # 723 # If no `etag` is provided in the call to `setIamPolicy`, then the existing 724 # policy is overwritten blindly. 725 "version": 42, # Deprecated. 726 }</pre> 727</div> 728 729<div class="method"> 730 <code class="details" id="testIamPermissions">testIamPermissions(resource, body, x__xgafv=None)</code> 731 <pre>Returns permissions that a caller has on the specified resource. 732If the resource does not exist, this will return an empty set of 733permissions, not a NOT_FOUND error. 734 735Note: This operation is designed to be used for building permission-aware 736UIs and command-line tools, not for authorization checking. This operation 737may "fail open" without warning. 738 739Args: 740 resource: string, REQUIRED: The resource for which the policy detail is being requested. 741See the operation documentation for the appropriate value for this field. (required) 742 body: object, The request body. (required) 743 The object takes the form of: 744 745{ # Request message for `TestIamPermissions` method. 746 "permissions": [ # The set of permissions to check for the `resource`. Permissions with 747 # wildcards (such as '*' or 'storage.*') are not allowed. For more 748 # information see 749 # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). 750 "A String", 751 ], 752 } 753 754 x__xgafv: string, V1 error format. 755 Allowed values 756 1 - v1 error format 757 2 - v2 error format 758 759Returns: 760 An object of the form: 761 762 { # Response message for `TestIamPermissions` method. 763 "permissions": [ # A subset of `TestPermissionsRequest.permissions` that the caller is 764 # allowed. 765 "A String", 766 ], 767 }</pre> 768</div> 769 770</body></html>