class OrganizationsRoles extends Resource (View source)

The "roles" collection of methods.

Typical usage is:

 $iamService = new Google\Service\Iam(...);
 $roles = $iamService->organizations_roles;

Methods

create(string $parent, CreateRoleRequest $postBody, array $optParams = [])

Creates a new custom Role. (roles.create)

delete(string $name, array $optParams = [])

Deletes a custom Role. When you delete a custom role, the following changes occur immediately: You cannot bind a principal to the custom role in an IAM Policy. Existing bindings to the custom role are not changed, but they have no effect. By default, the response from ListRoles does not include the custom role. You have 7 days to undelete the custom role. After 7 days, the following changes occur: The custom role is permanently deleted and cannot be recovered. * If an IAM policy contains a binding to the custom role, the binding is permanently removed. (roles.delete)

get(string $name, array $optParams = [])

Gets the definition of a Role. (roles.get)

listOrganizationsRoles(string $parent, array $optParams = [])

Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project. (roles.listOrganizationsRoles)

patch(string $name, Role $postBody, array $optParams = [])

Updates the definition of a custom Role. (roles.patch)

undelete(string $name, UndeleteRoleRequest $postBody, array $optParams = [])

Undeletes a custom Role. (roles.undelete)

Details

Role create(string $parent, CreateRoleRequest $postBody, array $optParams = [])

Creates a new custom Role. (roles.create)

Parameters

string $parent

The parent parameter's value depends on the target resource for the request, namely projects or organizations. Each resource type's parent value format is described below: projects.roles.create(): projects/{PROJECT_ID}. This method creates project- level custom roles. Example request URL: https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles organizations .roles.create(): organizations/{ORGANIZATION_ID}. This method creates organization-level custom roles. Example request URL: https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

CreateRoleRequest $postBody
array $optParams

Optional parameters.

Return Value

Role

Role delete(string $name, array $optParams = [])

Deletes a custom Role. When you delete a custom role, the following changes occur immediately: You cannot bind a principal to the custom role in an IAM Policy. Existing bindings to the custom role are not changed, but they have no effect. By default, the response from ListRoles does not include the custom role. You have 7 days to undelete the custom role. After 7 days, the following changes occur: The custom role is permanently deleted and cannot be recovered. * If an IAM policy contains a binding to the custom role, the binding is permanently removed. (roles.delete)

Parameters

string $name

The name parameter's value depends on the target resource for the request, namely projects or organizations. Each resource type's name value format is described below: * projects.roles.delete(): projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}. This method deletes only custom roles that have been created at the project level. Example request URL: https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}

  • organizations.roles.delete(): organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}. This method deletes only custom roles that have been created at the organization level. Example request URL: https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ ROLE_ID} Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.
array $optParams

Optional parameters.

Return Value

Role

Role get(string $name, array $optParams = [])

Gets the definition of a Role. (roles.get)

Parameters

string $name

The name parameter's value depends on the target resource for the request, namely roles, projects, or organizations. Each resource type's name value format is described below: roles.get(): roles/{ROLE_NAME}. This method returns results from all predefined roles in Cloud IAM. Example request URL: https://iam.googleapis.com/v1/roles/{ROLE_NAME} projects.roles.get(): projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}. This method returns only custom roles that have been created at the project level. Example request URL: https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}

  • organizations.roles.get(): organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}. This method returns only custom roles that have been created at the organization level. Example request URL: https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ ROLE_ID} Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.
array $optParams

Optional parameters.

Return Value

Role

ListRolesResponse listOrganizationsRoles(string $parent, array $optParams = [])

Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project. (roles.listOrganizationsRoles)

Parameters

string $parent

The parent parameter's value depends on the target resource for the request, namely roles, projects, or organizations. Each resource type's parent value format is described below: roles.list(): An empty string. This method doesn't require a resource; it simply returns all predefined roles in Cloud IAM. Example request URL: https://iam.googleapis.com/v1/roles projects.roles.list(): projects/{PROJECT_ID}. This method lists all project-level custom roles. Example request URL: https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles organizations.roles.list(): organizations/{ORGANIZATION_ID}. This method lists all organization-level custom roles. Example request URL: https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles Note: Wildcard () values are invalid; you must specify a complete project ID or organization ID.

array $optParams

Optional parameters.

Return Value

ListRolesResponse

Role patch(string $name, Role $postBody, array $optParams = [])

Updates the definition of a custom Role. (roles.patch)

Parameters

string $name

The name parameter's value depends on the target resource for the request, namely projects or organizations. Each resource type's name value format is described below: * projects.roles.patch(): projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}. This method updates only custom roles that have been created at the project level. Example request URL: https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}

  • organizations.roles.patch(): organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}. This method updates only custom roles that have been created at the organization level. Example request URL: https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ ROLE_ID} Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.
Role $postBody
array $optParams

Optional parameters.

Return Value

Role

Role undelete(string $name, UndeleteRoleRequest $postBody, array $optParams = [])

Undeletes a custom Role. (roles.undelete)

Parameters

string $name

The name parameter's value depends on the target resource for the request, namely projects or organizations. Each resource type's name value format is described below: * projects.roles.undelete(): projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}. This method undeletes only custom roles that have been created at the project level. Example request URL: https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}

  • organizations.roles.undelete(): organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}. This method undeletes only custom roles that have been created at the organization level. Example request URL: https://iam.googleapis.com/v1/organizations/{ORG ANIZATION_ID}/roles/{CUSTOM_ROLE_ID} Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.
UndeleteRoleRequest $postBody
array $optParams

Optional parameters.

Return Value

Role