Close httplib2 connections.
Gets the definition of a Role.
list(pageSize=None, pageToken=None, parent=None, showDeleted=None, view=None, x__xgafv=None)
Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.
Retrieves the next page of results.
queryGrantableRoles(body=None, x__xgafv=None)
Lists roles that can be granted on a Google Cloud resource. A role is grantable if the IAM policy for the resource can contain bindings to the role.
Retrieves the next page of results.
close()
Close httplib2 connections.
get(name, x__xgafv=None)
Gets the definition of a Role. Args: name: string, The `name` parameter's value depends on the target resource for the request, namely [roles](https://cloud.google.com/iam/docs/reference/rest/v1/roles), [projects](https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles), or [organizations](https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [roles.get](https://cloud.google.com/iam/docs/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`. This method returns results from all [predefined roles](https://cloud.google.com/iam/docs/understanding-roles#predefined_roles) in IAM. Example request URL: `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * [projects.roles.get](https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/get): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](https://cloud.google.com/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [organizations.roles.get](https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/get): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](https://cloud.google.com/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID. (required) x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # A role in the Identity and Access Management API. "deleted": True or False, # The current deleted state of the role. This field is read only. It will be ignored in calls to CreateRole and UpdateRole. "description": "A String", # Optional. A human-readable description for the role. "etag": "A String", # Used to perform a consistent read-modify-write. "includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy. "A String", ], "name": "A String", # The name of the role. When `Role` is used in `CreateRole`, the role name must not be set. When `Role` is used in output and other input such as `UpdateRole`, the role name is the complete path. For example, `roles/logging.viewer` for predefined roles, `organizations/{ORGANIZATION_ID}/roles/myRole` for organization-level custom roles, and `projects/{PROJECT_ID}/roles/myRole` for project-level custom roles. "stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been selected for a role, the `stage` field will not be included in the returned definition for the role. "title": "A String", # Optional. A human-readable title for the role. Typically this is limited to 100 UTF-8 bytes. }
list(pageSize=None, pageToken=None, parent=None, showDeleted=None, view=None, x__xgafv=None)
Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project. Args: pageSize: integer, Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000. pageToken: string, Optional pagination token returned in an earlier ListRolesResponse. parent: string, The `parent` parameter's value depends on the target resource for the request, namely [roles](https://cloud.google.com/iam/docs/reference/rest/v1/roles), [projects](https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles), or [organizations](https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [roles.list](https://cloud.google.com/iam/docs/reference/rest/v1/roles/list): An empty string. This method doesn't require a resource; it simply returns all [predefined roles](https://cloud.google.com/iam/docs/understanding-roles#predefined_roles) in IAM. Example request URL: `https://iam.googleapis.com/v1/roles` * [projects.roles.list](https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/list): `projects/{PROJECT_ID}`. This method lists all project-level [custom roles](https://cloud.google.com/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [organizations.roles.list](https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/list): `organizations/{ORGANIZATION_ID}`. This method lists all organization-level [custom roles](https://cloud.google.com/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID. showDeleted: boolean, Include Roles that have been deleted. view: string, Optional view for the returned Role objects. When `FULL` is specified, the `includedPermissions` field is returned, which includes a list of all permissions in the role. The default value is `BASIC`, which does not return the `includedPermissions` field. Allowed values BASIC - Omits the `included_permissions` field. This is the default value. FULL - Returns all fields. x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # The response containing the roles defined under a resource. "nextPageToken": "A String", # To retrieve the next page of results, set `ListRolesRequest.page_token` to this value. "roles": [ # The Roles defined on this resource. { # A role in the Identity and Access Management API. "deleted": True or False, # The current deleted state of the role. This field is read only. It will be ignored in calls to CreateRole and UpdateRole. "description": "A String", # Optional. A human-readable description for the role. "etag": "A String", # Used to perform a consistent read-modify-write. "includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy. "A String", ], "name": "A String", # The name of the role. When `Role` is used in `CreateRole`, the role name must not be set. When `Role` is used in output and other input such as `UpdateRole`, the role name is the complete path. For example, `roles/logging.viewer` for predefined roles, `organizations/{ORGANIZATION_ID}/roles/myRole` for organization-level custom roles, and `projects/{PROJECT_ID}/roles/myRole` for project-level custom roles. "stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been selected for a role, the `stage` field will not be included in the returned definition for the role. "title": "A String", # Optional. A human-readable title for the role. Typically this is limited to 100 UTF-8 bytes. }, ], }
list_next()
Retrieves the next page of results. Args: previous_request: The request for the previous page. (required) previous_response: The response from the request for the previous page. (required) Returns: A request object that you can call 'execute()' on to request the next page. Returns None if there are no more items in the collection.
queryGrantableRoles(body=None, x__xgafv=None)
Lists roles that can be granted on a Google Cloud resource. A role is grantable if the IAM policy for the resource can contain bindings to the role. Args: body: object, The request body. The object takes the form of: { # The grantable role query request. "fullResourceName": "A String", # Required. The full resource name to query from the list of grantable roles. The name follows the Google Cloud Platform resource format. For example, a Cloud Platform project with id `my-project` will be named `//cloudresourcemanager.googleapis.com/projects/my-project`. "pageSize": 42, # Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 2,000. "pageToken": "A String", # Optional pagination token returned in an earlier QueryGrantableRolesResponse. "view": "A String", } x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # The grantable role query response. "nextPageToken": "A String", # To retrieve the next page of results, set `QueryGrantableRolesRequest.page_token` to this value. "roles": [ # The list of matching roles. { # A role in the Identity and Access Management API. "deleted": True or False, # The current deleted state of the role. This field is read only. It will be ignored in calls to CreateRole and UpdateRole. "description": "A String", # Optional. A human-readable description for the role. "etag": "A String", # Used to perform a consistent read-modify-write. "includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy. "A String", ], "name": "A String", # The name of the role. When `Role` is used in `CreateRole`, the role name must not be set. When `Role` is used in output and other input such as `UpdateRole`, the role name is the complete path. For example, `roles/logging.viewer` for predefined roles, `organizations/{ORGANIZATION_ID}/roles/myRole` for organization-level custom roles, and `projects/{PROJECT_ID}/roles/myRole` for project-level custom roles. "stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been selected for a role, the `stage` field will not be included in the returned definition for the role. "title": "A String", # Optional. A human-readable title for the role. Typically this is limited to 100 UTF-8 bytes. }, ], }
queryGrantableRoles_next()
Retrieves the next page of results. Args: previous_request: The request for the previous page. (required) previous_response: The response from the request for the previous page. (required) Returns: A request object that you can call 'execute()' on to request the next page. Returns None if there are no more items in the collection.