Google Git
Sign in
android / platform / external / googleapis / 10af7d60b0fdec6f9b879dca32683d4e28a98c84 / . / google / iam
tree: f894dc8e19b706e4449c8677f972224365a65c1b [path history] [tgz]
  1. admin/
  2. credentials/
  3. v1/
  4. v1beta/
  5. v2/
  6. v2beta/
  7. BUILD.bazel
  8. README.md
google/iam/README.md

IAM (Identity and Access Management) Protos

This folder contains protocol buffer types which represent IAM (Identity and Access Management) concepts plus a mix-in service declaration (IAMPolicy) which can be inherited by APIs so that they follow a consistent pattern for IAM operations.

Key Concepts

  • Binding: Associates a list of identities with a particular role. An identity can match things like all users, all authenticated users, a single user, a single service account, a single group, or a single domain. A role is a permission defined by IAM, such as roles/viewer, roles/editor, or roles/owner.
  • Policy: A list of bindings where each role can only appear once. It also contains a version to track iterations of the bindings.

Key Service definitions

  • IAMPolicy: This is a mix-in service which defines three operations:
    • SetIamPolicy: Sets the access control policy on the specified resource.
    • GetIamPolicy: Gets the access control policy for a resource.
    • TestIamPermissions: Returns permissions that a caller has on the specified resource.