AI-generated Key Takeaways
-
This operation returns the permissions a caller has on a specified resource, returning an empty set if the resource does not exist.
-
It is designed for building permission-aware UIs and command-line tools, not for authorization checking, and may "fail open" without warning.
-
The required path parameter is
resource, a string specifying the resource for which policy details are requested. -
The request body contains an array of strings called
permissionsto check for theresource, and wildcards are not allowed. -
Successful responses contain an instance of
TestIamPermissionsResponseand require one of the listed OAuth scopes.
Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
HTTP request
POST https://earthengine.googleapis.com/v1/{resource=projects/*/assets/**}:testIamPermissions
The URL uses gRPC Transcoding syntax.
Path parameters
| Parameters | |
|---|---|
resource |
REQUIRED: The resource for which the policy detail is being requested. See Resource names for the appropriate value for this field. |
Request body
The request body contains data with the following structure:
| JSON representation |
|---|
{ "permissions": [ string ] } |
| Fields | |
|---|---|
permissions[] |
The set of permissions to check for the |
Response body
If successful, the response body contains an instance of TestIamPermissionsResponse.
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/earthenginehttps://www.googleapis.com/auth/earthengine.readonlyhttps://www.googleapis.com/auth/cloud-platformhttps://www.googleapis.com/auth/cloud-platform.read-only
For more information, see the OAuth 2.0 Overview.