iam

package
v0.17.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 11, 2017 License: Apache-2.0 Imports: 3 Imported by: 0

Documentation

Overview

Package iam supports the resource-specific operations of Google Cloud IAM (Identity and Access Management) for the Google Cloud Libraries. See https://cloud.google.com/iam for more about IAM.

Users of the Google Cloud Libraries will typically not use this package directly. Instead they will begin with some resource that supports IAM, like a pubsub topic, and call its IAM method to get a Handle for that resource.

Index

Constants

View Source
const (
	// AllUsers is a special member that denotes all users, even unauthenticated ones.
	AllUsers = "allUsers"

	// AllAuthenticatedUsers is a special member that denotes all authenticated users.
	AllAuthenticatedUsers = "allAuthenticatedUsers"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Handle

type Handle struct {
	// contains filtered or unexported fields
}

A Handle provides IAM operations for a resource.

func InternalNewHandle

func InternalNewHandle(conn *grpc.ClientConn, resource string) *Handle

InternalNewHandle is for use by the Google Cloud Libraries only.

InternalNewHandle returns a Handle for resource. The conn parameter refers to a server that must support the IAMPolicy service.

func InternalNewHandleClient added in v0.8.0

func InternalNewHandleClient(c client, resource string) *Handle

InternalNewHandleClient is for use by the Google Cloud Libraries only.

InternalNewHandleClient returns a Handle for resource using the given client implementation.

func (*Handle) Policy

func (h *Handle) Policy(ctx context.Context) (*Policy, error)

Policy retrieves the IAM policy for the resource.

func (*Handle) SetPolicy

func (h *Handle) SetPolicy(ctx context.Context, policy *Policy) error

SetPolicy replaces the resource's current policy with the supplied Policy.

If policy was created from a prior call to Get, then the modification will only succeed if the policy has not changed since the Get.

func (*Handle) TestPermissions

func (h *Handle) TestPermissions(ctx context.Context, permissions []string) ([]string, error)

TestPermissions returns the subset of permissions that the caller has on the resource.

type Policy

type Policy struct {

	// This field is exported for use by the Google Cloud Libraries only.
	// It may become unexported in a future release.
	InternalProto *pb.Policy
}

A Policy is a list of Bindings representing roles granted to members.

The zero Policy is a valid policy with no bindings.

func (*Policy) Add

func (p *Policy) Add(member string, r RoleName)

Add adds member member to role r if it is not already present. A new binding is created if there is no binding for the role.

func (*Policy) HasRole

func (p *Policy) HasRole(member string, r RoleName) bool

HasRole reports whether member has role r.

func (*Policy) Members

func (p *Policy) Members(r RoleName) []string

Members returns the list of members with the supplied role. The return value should not be modified. Use Add and Remove to modify the members of a role.

func (*Policy) Remove

func (p *Policy) Remove(member string, r RoleName)

Remove removes member from role r if it is present.

func (*Policy) Roles

func (p *Policy) Roles() []RoleName

Roles returns the names of all the roles that appear in the Policy.

type RoleName

type RoleName string

A RoleName is a name representing a collection of permissions.

const (
	Owner  RoleName = "roles/owner"
	Editor RoleName = "roles/editor"
	Viewer RoleName = "roles/viewer"
)

Common role names.

Directories

Path Synopsis
admin
apiv1
Package admin is an experimental, auto-generated package for the Google Identity and Access Management (IAM) API.
Package admin is an experimental, auto-generated package for the Google Identity and Access Management (IAM) API.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL