Policy
Stay organized with collections
Save and categorize content based on your preferences.
Defines an access control policy to the resources.
JSON representation |
{
"assignments": [
{
object (Assignment )
}
],
"etag": string
} |
Fields |
assignments[] |
object (Assignment )
|
etag |
string (bytes format)
The [etag] is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the [etag] in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An [etag] is returned in the response to [policies.get], and systems are expected to put that etag in the request to [policies.set] to ensure that their change will be applied to the same version of the policy. If no [etag] is provided in the call to [policies.set], then the existing policy is overwritten blindly. A base64-encoded string.
|
Assignment
Associates members
with a role
.
JSON representation |
{
"role": string,
"members": [
string
]
} |
Fields |
role |
string
Required. Role that is assigned to members .
|
members[] |
string
The identities the role is assigned to. It can have the following values:
{user_email} : An email address that represents a specific Google account. For example: alice@gmail.com .
{group_email} : An email address that represents a Google group. For example, viewers@gmail.com .
|
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2023-12-05 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2023-12-05 UTC."],[[["Defines an access control policy for resources, associating members with roles for resource access."],["Policies utilize an `etag` for optimistic concurrency control, preventing overwrites during updates."],["Assignments within a policy link `members` (users or groups) to specific `roles`."],["`members` can be individual Google accounts or Google groups, specified by their email addresses."]]],["The core content defines an access control policy using JSON. A policy contains `assignments` and an `etag` for concurrency control. `Assignments` associate `members` (users or groups identified by email) with a `role`. Systems are advised to use the `etag` from `policies.get` in `policies.set` requests to avoid overwriting changes; otherwise, the existing policy will be blindly overwritten. Policies can contain multiple assignments specifying different members and roles.\n"]]