import "cloud.google.com/go/iam"
Package iam supports the resource-specific operations of Google Cloud IAM (Identity and Access Management) for the Google Cloud Libraries. See https://cloud.google.com/iam for more about IAM.
Users of the Google Cloud Libraries will typically not use this package directly. Instead they will begin with some resource that supports IAM, like a pubsub topic, and call its IAM method to get a Handle for that resource.
const (
// AllUsers is a special member that denotes all users, even unauthenticated ones.
AllUsers = "allUsers"
// AllAuthenticatedUsers is a special member that denotes all authenticated users.
AllAuthenticatedUsers = "allAuthenticatedUsers"
)type Handle struct {
// contains filtered or unexported fields
}A Handle provides IAM operations for a resource.
func InternalNewHandle(conn *grpc.ClientConn, resource string) *Handle
InternalNewHandle is for use by the Google Cloud Libraries only.
InternalNewHandle returns a Handle for resource. The conn parameter refers to a server that must support the IAMPolicy service.
InternalNewHandleClient is for use by the Google Cloud Libraries only.
InternalNewHandleClient returns a Handle for resource using the given client implementation.
func InternalNewHandleGRPCClient(c pb.IAMPolicyClient, resource string) *Handle
InternalNewHandleGRPCClient is for use by the Google Cloud Libraries only.
InternalNewHandleClient returns a Handle for resource using the given grpc service that implements IAM as a mixin
Policy retrieves the IAM policy for the resource.
SetPolicy replaces the resource's current policy with the supplied Policy.
If policy was created from a prior call to Get, then the modification will only succeed if the policy has not changed since the Get.
TestPermissions returns the subset of permissions that the caller has on the resource.
type Policy struct {
// This field is exported for use by the Google Cloud Libraries only.
// It may become unexported in a future release.
InternalProto *pb.Policy
}A Policy is a list of Bindings representing roles granted to members.
The zero Policy is a valid policy with no bindings.
Add adds member member to role r if it is not already present. A new binding is created if there is no binding for the role.
HasRole reports whether member has role r.
Members returns the list of members with the supplied role. The return value should not be modified. Use Add and Remove to modify the members of a role.
Remove removes member from role r if it is present.
Roles returns the names of all the roles that appear in the Policy.
A RoleName is a name representing a collection of permissions.
const (
Owner RoleName = "roles/owner"
Editor RoleName = "roles/editor"
Viewer RoleName = "roles/viewer"
)Common role names.
| Path | Synopsis |
|---|---|
| admin/apiv1 | Package admin is an auto-generated package for the Google Identity and Access Management (IAM) API. |
| credentials/apiv1 | Package credentials is an auto-generated package for the IAM Service Account Credentials API. |
Package iam imports 8 packages (graph) and is imported by 13 packages. Updated 2019-08-17. Refresh now. Tools for package owners.