iam
import { iam } from "https://googleapis.deno.dev/v1/iam:v2.ts";
Manages identity and access control for Google Cloud resources, including the creation of service accounts, which you can use to authenticate to Google and make API calls. Enabling this API also enables the IAM Service Account Credentials API (iamcredentials.googleapis.com). However, disabling this API doesn't disable the IAM Service Account Credentials API.
§Methods
Creates a policy.
Required. The resource that the policy is attached to, along with the kind of policy to create. Format: policies/{attachment_point}/denypolicies
The attachment point is identified by its URL-encoded full resource name, which means that the forward-slash character, /
, must be written as %2F
. For example, policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies
. For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.
Deletes a policy. This action is permanent.
Required. The resource name of the policy to delete. Format: policies/{attachment_point}/denypolicies/{policy_id}
Use the URL-encoded full resource name, which means that the forward-slash character, /
, must be written as %2F
. For example, policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies/my-policy
. For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.
Gets a policy.
Required. The resource name of the policy to retrieve. Format: policies/{attachment_point}/denypolicies/{policy_id}
Use the URL-encoded full resource name, which means that the forward-slash character, /
, must be written as %2F
. For example, policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies/my-policy
. For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.
Retrieves the policies of the specified kind that are attached to a resource. The response lists only policy metadata. In particular, policy rules are omitted.
Required. The resource that the policy is attached to, along with the kind of policy to list. Format: policies/{attachment_point}/denypolicies
The attachment point is identified by its URL-encoded full resource name, which means that the forward-slash character, /
, must be written as %2F
. For example, policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies
. For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.
Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.
The name of the operation resource.
Updates the specified policy. You can update only the rules and the
display name for the policy. To update a policy, you should use a
read-modify-write loop: 1. Use GetPolicy to read the current version of the
policy. 2. Modify the policy as needed. 3. Use UpdatePolicy
to write the
updated policy. This pattern helps prevent conflicts between concurrent
updates.
Immutable. The resource name of the Policy
, which must be unique. Format: policies/{attachment_point}/denypolicies/{policy_id}
The attachment point is identified by its URL-encoded full resource name, which means that the forward-slash character, /
, must be written as %2F
. For example, policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies/my-deny-policy
. For organizations and folders, use the numeric ID in the full resource name. For projects, requests can use the alphanumeric or the numeric ID. Responses always contain the numeric ID.