pub trait IAMPolicy:
Debug
+ Send
+ Sync {
// Provided methods
fn set_iam_policy(
&self,
_req: SetIamPolicyRequest,
_options: RequestOptions,
) -> impl Future<Output = Result<Policy>> + Send { ... }
fn get_iam_policy(
&self,
_req: GetIamPolicyRequest,
_options: RequestOptions,
) -> impl Future<Output = Result<Policy>> + Send { ... }
fn test_iam_permissions(
&self,
_req: TestIamPermissionsRequest,
_options: RequestOptions,
) -> impl Future<Output = Result<TestIamPermissionsResponse>> + Send { ... }
}Expand description
API Overview
Manages Identity and Access Management (IAM) policies.
Any implementation of an API that offers access control features implements the google.iam.v1.IAMPolicy interface.
§Data model
Access control is applied when a principal (user or service account), takes some action on a resource exposed by a service. Resources, identified by URI-like names, are the unit of access control specification. Service implementations can choose the granularity of access control and the supported permissions for their resources. For example one database service may allow access control to be specified only at the Table level, whereas another might allow access control to also be specified at the Column level.
§Policy Structure
See google.iam.v1.Policy
This is intentionally not a CRUD style API because access control policies are created and deleted implicitly with the resources to which they are attached.
§Mocking
Application developers may use this trait to mock the iam-meta-api clients.
Services gain new RPCs routinely. Consequently, this trait gains new methods too. To avoid breaking applications the trait provides a default implementation for each method. These implementations return an error.
Provided Methods§
Sourcefn set_iam_policy(
&self,
_req: SetIamPolicyRequest,
_options: RequestOptions,
) -> impl Future<Output = Result<Policy>> + Send
fn set_iam_policy( &self, _req: SetIamPolicyRequest, _options: RequestOptions, ) -> impl Future<Output = Result<Policy>> + Send
Sets the access control policy on the specified resource. Replaces any existing policy.
Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED
errors.
Sourcefn get_iam_policy(
&self,
_req: GetIamPolicyRequest,
_options: RequestOptions,
) -> impl Future<Output = Result<Policy>> + Send
fn get_iam_policy( &self, _req: GetIamPolicyRequest, _options: RequestOptions, ) -> impl Future<Output = Result<Policy>> + Send
Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
Sourcefn test_iam_permissions(
&self,
_req: TestIamPermissionsRequest,
_options: RequestOptions,
) -> impl Future<Output = Result<TestIamPermissionsResponse>> + Send
fn test_iam_permissions( &self, _req: TestIamPermissionsRequest, _options: RequestOptions, ) -> impl Future<Output = Result<TestIamPermissionsResponse>> + Send
Returns permissions that a caller has on the specified resource. If the
resource does not exist, this will return an empty set of
permissions, not a NOT_FOUND error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may “fail open” without warning.
Dyn Compatibility§
This trait is not dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.