You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
431 lines
18 KiB
431 lines
18 KiB
<html><body>
|
|
<style>
|
|
|
|
body, h1, h2, h3, div, span, p, pre, a {
|
|
margin: 0;
|
|
padding: 0;
|
|
border: 0;
|
|
font-weight: inherit;
|
|
font-style: inherit;
|
|
font-size: 100%;
|
|
font-family: inherit;
|
|
vertical-align: baseline;
|
|
}
|
|
|
|
body {
|
|
font-size: 13px;
|
|
padding: 1em;
|
|
}
|
|
|
|
h1 {
|
|
font-size: 26px;
|
|
margin-bottom: 1em;
|
|
}
|
|
|
|
h2 {
|
|
font-size: 24px;
|
|
margin-bottom: 1em;
|
|
}
|
|
|
|
h3 {
|
|
font-size: 20px;
|
|
margin-bottom: 1em;
|
|
margin-top: 1em;
|
|
}
|
|
|
|
pre, code {
|
|
line-height: 1.5;
|
|
font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
|
|
}
|
|
|
|
pre {
|
|
margin-top: 0.5em;
|
|
}
|
|
|
|
h1, h2, h3, p {
|
|
font-family: Arial, sans serif;
|
|
}
|
|
|
|
h1, h2, h3 {
|
|
border-bottom: solid #CCC 1px;
|
|
}
|
|
|
|
.toc_element {
|
|
margin-top: 0.5em;
|
|
}
|
|
|
|
.firstline {
|
|
margin-left: 2 em;
|
|
}
|
|
|
|
.method {
|
|
margin-top: 1em;
|
|
border: solid 1px #CCC;
|
|
padding: 1em;
|
|
background: #EEE;
|
|
}
|
|
|
|
.details {
|
|
font-weight: bold;
|
|
font-size: 14px;
|
|
}
|
|
|
|
</style>
|
|
|
|
<h1><a href="iam_v1.html">Identity and Access Management (IAM) API</a> . <a href="iam_v1.organizations.html">organizations</a> . <a href="iam_v1.organizations.roles.html">roles</a></h1>
|
|
<h2>Instance Methods</h2>
|
|
<p class="toc_element">
|
|
<code><a href="#create">create(parent, body, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Creates a new Role.</p>
|
|
<p class="toc_element">
|
|
<code><a href="#delete">delete(name, etag=None, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Soft deletes a role. The role is suspended and cannot be used to create new</p>
|
|
<p class="toc_element">
|
|
<code><a href="#get">get(name, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Gets a Role definition.</p>
|
|
<p class="toc_element">
|
|
<code><a href="#list">list(parent, pageSize=None, showDeleted=None, pageToken=None, x__xgafv=None, view=None)</a></code></p>
|
|
<p class="firstline">Lists the Roles defined on a resource.</p>
|
|
<p class="toc_element">
|
|
<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
|
|
<p class="firstline">Retrieves the next page of results.</p>
|
|
<p class="toc_element">
|
|
<code><a href="#patch">patch(name, body, updateMask=None, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Updates a Role definition.</p>
|
|
<p class="toc_element">
|
|
<code><a href="#undelete">undelete(name, body, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Undelete a Role, bringing it back in its previous state.</p>
|
|
<h3>Method Details</h3>
|
|
<div class="method">
|
|
<code class="details" id="create">create(parent, body, x__xgafv=None)</code>
|
|
<pre>Creates a new Role.
|
|
|
|
Args:
|
|
parent: string, The resource name of the parent resource in one of the following formats:
|
|
`organizations/{ORGANIZATION_ID}`
|
|
`projects/{PROJECT_ID}` (required)
|
|
body: object, The request body. (required)
|
|
The object takes the form of:
|
|
|
|
{ # The request to create a new role.
|
|
"roleId": "A String", # The role id to use for this role.
|
|
"role": { # A role in the Identity and Access Management API. # The Role resource to create.
|
|
"description": "A String", # Optional. A human-readable description for the role.
|
|
"title": "A String", # Optional. A human-readable title for the role. Typically this
|
|
# is limited to 100 UTF-8 bytes.
|
|
"deleted": True or False, # The current deleted state of the role. This field is read only.
|
|
# It will be ignored in calls to CreateRole and UpdateRole.
|
|
"etag": "A String", # Used to perform a consistent read-modify-write.
|
|
"includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy.
|
|
"A String",
|
|
],
|
|
"stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been
|
|
# selected for a role, the `stage` field will not be included in the
|
|
# returned definition for the role.
|
|
"name": "A String", # The name of the role.
|
|
#
|
|
# When Role is used in CreateRole, the role name must not be set.
|
|
#
|
|
# When Role is used in output and other input such as UpdateRole, the role
|
|
# name is the complete path, e.g., roles/logging.viewer for curated roles
|
|
# and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.
|
|
},
|
|
}
|
|
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # A role in the Identity and Access Management API.
|
|
"description": "A String", # Optional. A human-readable description for the role.
|
|
"title": "A String", # Optional. A human-readable title for the role. Typically this
|
|
# is limited to 100 UTF-8 bytes.
|
|
"deleted": True or False, # The current deleted state of the role. This field is read only.
|
|
# It will be ignored in calls to CreateRole and UpdateRole.
|
|
"etag": "A String", # Used to perform a consistent read-modify-write.
|
|
"includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy.
|
|
"A String",
|
|
],
|
|
"stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been
|
|
# selected for a role, the `stage` field will not be included in the
|
|
# returned definition for the role.
|
|
"name": "A String", # The name of the role.
|
|
#
|
|
# When Role is used in CreateRole, the role name must not be set.
|
|
#
|
|
# When Role is used in output and other input such as UpdateRole, the role
|
|
# name is the complete path, e.g., roles/logging.viewer for curated roles
|
|
# and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="delete">delete(name, etag=None, x__xgafv=None)</code>
|
|
<pre>Soft deletes a role. The role is suspended and cannot be used to create new
|
|
IAM Policy Bindings.
|
|
The Role will not be included in `ListRoles()` unless `show_deleted` is set
|
|
in the `ListRolesRequest`. The Role contains the deleted boolean set.
|
|
Existing Bindings remains, but are inactive. The Role can be undeleted
|
|
within 7 days. After 7 days the Role is deleted and all Bindings associated
|
|
with the role are removed.
|
|
|
|
Args:
|
|
name: string, The resource name of the role in one of the following formats:
|
|
`organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME}`
|
|
`projects/{PROJECT_ID}/roles/{ROLE_NAME}` (required)
|
|
etag: string, Used to perform a consistent read-modify-write.
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # A role in the Identity and Access Management API.
|
|
"description": "A String", # Optional. A human-readable description for the role.
|
|
"title": "A String", # Optional. A human-readable title for the role. Typically this
|
|
# is limited to 100 UTF-8 bytes.
|
|
"deleted": True or False, # The current deleted state of the role. This field is read only.
|
|
# It will be ignored in calls to CreateRole and UpdateRole.
|
|
"etag": "A String", # Used to perform a consistent read-modify-write.
|
|
"includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy.
|
|
"A String",
|
|
],
|
|
"stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been
|
|
# selected for a role, the `stage` field will not be included in the
|
|
# returned definition for the role.
|
|
"name": "A String", # The name of the role.
|
|
#
|
|
# When Role is used in CreateRole, the role name must not be set.
|
|
#
|
|
# When Role is used in output and other input such as UpdateRole, the role
|
|
# name is the complete path, e.g., roles/logging.viewer for curated roles
|
|
# and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="get">get(name, x__xgafv=None)</code>
|
|
<pre>Gets a Role definition.
|
|
|
|
Args:
|
|
name: string, The resource name of the role in one of the following formats:
|
|
`roles/{ROLE_NAME}`
|
|
`organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME}`
|
|
`projects/{PROJECT_ID}/roles/{ROLE_NAME}` (required)
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # A role in the Identity and Access Management API.
|
|
"description": "A String", # Optional. A human-readable description for the role.
|
|
"title": "A String", # Optional. A human-readable title for the role. Typically this
|
|
# is limited to 100 UTF-8 bytes.
|
|
"deleted": True or False, # The current deleted state of the role. This field is read only.
|
|
# It will be ignored in calls to CreateRole and UpdateRole.
|
|
"etag": "A String", # Used to perform a consistent read-modify-write.
|
|
"includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy.
|
|
"A String",
|
|
],
|
|
"stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been
|
|
# selected for a role, the `stage` field will not be included in the
|
|
# returned definition for the role.
|
|
"name": "A String", # The name of the role.
|
|
#
|
|
# When Role is used in CreateRole, the role name must not be set.
|
|
#
|
|
# When Role is used in output and other input such as UpdateRole, the role
|
|
# name is the complete path, e.g., roles/logging.viewer for curated roles
|
|
# and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="list">list(parent, pageSize=None, showDeleted=None, pageToken=None, x__xgafv=None, view=None)</code>
|
|
<pre>Lists the Roles defined on a resource.
|
|
|
|
Args:
|
|
parent: string, The resource name of the parent resource in one of the following formats:
|
|
`` (empty string) -- this refers to curated roles.
|
|
`organizations/{ORGANIZATION_ID}`
|
|
`projects/{PROJECT_ID}` (required)
|
|
pageSize: integer, Optional limit on the number of roles to include in the response.
|
|
showDeleted: boolean, Include Roles that have been deleted.
|
|
pageToken: string, Optional pagination token returned in an earlier ListRolesResponse.
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
view: string, Optional view for the returned Role objects. When `FULL` is specified,
|
|
the `includedPermissions` field is returned, which includes a list of all
|
|
permissions in the role. The default value is `BASIC`, which does not
|
|
return the `includedPermissions` field.
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # The response containing the roles defined under a resource.
|
|
"nextPageToken": "A String", # To retrieve the next page of results, set
|
|
# `ListRolesRequest.page_token` to this value.
|
|
"roles": [ # The Roles defined on this resource.
|
|
{ # A role in the Identity and Access Management API.
|
|
"description": "A String", # Optional. A human-readable description for the role.
|
|
"title": "A String", # Optional. A human-readable title for the role. Typically this
|
|
# is limited to 100 UTF-8 bytes.
|
|
"deleted": True or False, # The current deleted state of the role. This field is read only.
|
|
# It will be ignored in calls to CreateRole and UpdateRole.
|
|
"etag": "A String", # Used to perform a consistent read-modify-write.
|
|
"includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy.
|
|
"A String",
|
|
],
|
|
"stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been
|
|
# selected for a role, the `stage` field will not be included in the
|
|
# returned definition for the role.
|
|
"name": "A String", # The name of the role.
|
|
#
|
|
# When Role is used in CreateRole, the role name must not be set.
|
|
#
|
|
# When Role is used in output and other input such as UpdateRole, the role
|
|
# name is the complete path, e.g., roles/logging.viewer for curated roles
|
|
# and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.
|
|
},
|
|
],
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="list_next">list_next(previous_request, previous_response)</code>
|
|
<pre>Retrieves the next page of results.
|
|
|
|
Args:
|
|
previous_request: The request for the previous page. (required)
|
|
previous_response: The response from the request for the previous page. (required)
|
|
|
|
Returns:
|
|
A request object that you can call 'execute()' on to request the next
|
|
page. Returns None if there are no more items in the collection.
|
|
</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="patch">patch(name, body, updateMask=None, x__xgafv=None)</code>
|
|
<pre>Updates a Role definition.
|
|
|
|
Args:
|
|
name: string, The resource name of the role in one of the following formats:
|
|
`roles/{ROLE_NAME}`
|
|
`organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME}`
|
|
`projects/{PROJECT_ID}/roles/{ROLE_NAME}` (required)
|
|
body: object, The request body. (required)
|
|
The object takes the form of:
|
|
|
|
{ # A role in the Identity and Access Management API.
|
|
"description": "A String", # Optional. A human-readable description for the role.
|
|
"title": "A String", # Optional. A human-readable title for the role. Typically this
|
|
# is limited to 100 UTF-8 bytes.
|
|
"deleted": True or False, # The current deleted state of the role. This field is read only.
|
|
# It will be ignored in calls to CreateRole and UpdateRole.
|
|
"etag": "A String", # Used to perform a consistent read-modify-write.
|
|
"includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy.
|
|
"A String",
|
|
],
|
|
"stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been
|
|
# selected for a role, the `stage` field will not be included in the
|
|
# returned definition for the role.
|
|
"name": "A String", # The name of the role.
|
|
#
|
|
# When Role is used in CreateRole, the role name must not be set.
|
|
#
|
|
# When Role is used in output and other input such as UpdateRole, the role
|
|
# name is the complete path, e.g., roles/logging.viewer for curated roles
|
|
# and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.
|
|
}
|
|
|
|
updateMask: string, A mask describing which fields in the Role have changed.
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # A role in the Identity and Access Management API.
|
|
"description": "A String", # Optional. A human-readable description for the role.
|
|
"title": "A String", # Optional. A human-readable title for the role. Typically this
|
|
# is limited to 100 UTF-8 bytes.
|
|
"deleted": True or False, # The current deleted state of the role. This field is read only.
|
|
# It will be ignored in calls to CreateRole and UpdateRole.
|
|
"etag": "A String", # Used to perform a consistent read-modify-write.
|
|
"includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy.
|
|
"A String",
|
|
],
|
|
"stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been
|
|
# selected for a role, the `stage` field will not be included in the
|
|
# returned definition for the role.
|
|
"name": "A String", # The name of the role.
|
|
#
|
|
# When Role is used in CreateRole, the role name must not be set.
|
|
#
|
|
# When Role is used in output and other input such as UpdateRole, the role
|
|
# name is the complete path, e.g., roles/logging.viewer for curated roles
|
|
# and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="undelete">undelete(name, body, x__xgafv=None)</code>
|
|
<pre>Undelete a Role, bringing it back in its previous state.
|
|
|
|
Args:
|
|
name: string, The resource name of the role in one of the following formats:
|
|
`organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME}`
|
|
`projects/{PROJECT_ID}/roles/{ROLE_NAME}` (required)
|
|
body: object, The request body. (required)
|
|
The object takes the form of:
|
|
|
|
{ # The request to undelete an existing role.
|
|
"etag": "A String", # Used to perform a consistent read-modify-write.
|
|
}
|
|
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # A role in the Identity and Access Management API.
|
|
"description": "A String", # Optional. A human-readable description for the role.
|
|
"title": "A String", # Optional. A human-readable title for the role. Typically this
|
|
# is limited to 100 UTF-8 bytes.
|
|
"deleted": True or False, # The current deleted state of the role. This field is read only.
|
|
# It will be ignored in calls to CreateRole and UpdateRole.
|
|
"etag": "A String", # Used to perform a consistent read-modify-write.
|
|
"includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy.
|
|
"A String",
|
|
],
|
|
"stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been
|
|
# selected for a role, the `stage` field will not be included in the
|
|
# returned definition for the role.
|
|
"name": "A String", # The name of the role.
|
|
#
|
|
# When Role is used in CreateRole, the role name must not be set.
|
|
#
|
|
# When Role is used in output and other input such as UpdateRole, the role
|
|
# name is the complete path, e.g., roles/logging.viewer for curated roles
|
|
# and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.
|
|
}</pre>
|
|
</div>
|
|
|
|
</body></html> |