An API for setting attribute based access control to requests to Google Cloud services.
- REST Resource: v1alpha.accessPolicies
- REST Resource: v1alpha.accessPolicies.accessLevels
- REST Resource: v1alpha.accessPolicies.authorizedOrgsDescs
- REST Resource: v1alpha.accessPolicies.servicePerimeters
- REST Resource: v1alpha.operations
- REST Resource: v1alpha.organizations.gcpUserAccessBindings
- REST Resource: v1alpha.services
- REST Resource: v1.accessPolicies
- REST Resource: v1.accessPolicies.accessLevels
- REST Resource: v1.accessPolicies.authorizedOrgsDescs
- REST Resource: v1.accessPolicies.servicePerimeters
- REST Resource: v1.operations
- REST Resource: v1.organizations.gcpUserAccessBindings
- REST Resource: v1.services
Service: accesscontextmanager.googleapis.com
To call this service, we recommend that you use the Google-provided client libraries . If your application needs to use your own libraries to call this service, use the following information when you make the API requests.
Discovery document
A Discovery Document is a machine-readable specification for describing and consuming REST APIs. It is used to build client libraries, IDE plugins, and other tools that interact with Google APIs. One service may provide multiple discovery documents. This service provides the following discovery documents:
Service endpoint
A service endpoint is a base URL that specifies the network address of an API service. One service might have multiple service endpoints. This service has the following service endpoint and all URIs below are relative to this service endpoint:
-
https://accesscontextmanager.googleapis.com
REST Resource: v1alpha.accessPolicies
| Methods | |
|---|---|
create
|
POST /v1alpha/accessPolicies
Creates an access policy. |
delete
|
DELETE /v1alpha/{name=accessPolicies/*}
Deletes an access policy
based on the resource name. |
get
|
GET /v1alpha/{name=accessPolicies/*}
Returns an access policy
based on the name. |
get
|
POST /v1alpha/{resource=accessPolicies/*}:getIamPolicy
Gets the IAM policy for the specified Access Context Manager access policy
. |
list
|
GET /v1alpha/accessPolicies
Lists all access policies
in an organization. |
patch
|
PATCH /v1alpha/{policy.name=accessPolicies/*}
Updates an access policy
. |
set
|
POST /v1alpha/{resource=accessPolicies/*}:setIamPolicy
Sets the IAM policy for the specified Access Context Manager access policy
. |
test
|
POST /v1alpha/{resource=accessPolicies/*}:testIamPermissions
Returns the IAM permissions that the caller has on the specified Access Context Manager resource. |
REST Resource: v1alpha.accessPolicies.accessLevels
| Methods | |
|---|---|
create
|
POST /v1alpha/{parent=accessPolicies/*}/accessLevels
Creates an access level
. |
delete
|
DELETE /v1alpha/{name=accessPolicies/*/accessLevels/*}
Deletes an access level
based on the resource name. |
get
|
GET /v1alpha/{name=accessPolicies/*/accessLevels/*}
Gets an access level
based on the resource name. |
list
|
GET /v1alpha/{parent=accessPolicies/*}/accessLevels
Lists all access levels
for an access policy. |
patch
|
PATCH /v1alpha/{accessLevel.name=accessPolicies/*/accessLevels/*}
Updates an access level
. |
replace
|
POST /v1alpha/{parent=accessPolicies/*}/accessLevels:replaceAll
Replaces all existing access levels
in an access policy
with the access levels
provided. |
test
|
POST /v1alpha/{resource=accessPolicies/*/accessLevels/*}:testIamPermissions
Returns the IAM permissions that the caller has on the specified Access Context Manager resource. |
REST Resource: v1alpha.accessPolicies.servicePerimeters
| Methods | |
|---|---|
commit
|
POST /v1alpha/{parent=accessPolicies/*}/servicePerimeters:commit
Commits the dry-run specification for all the service perimeters
in an access policy
. |
create
|
POST /v1alpha/{parent=accessPolicies/*}/servicePerimeters
Creates a service perimeter
. |
delete
|
DELETE /v1alpha/{name=accessPolicies/*/servicePerimeters/*}
Deletes a service perimeter
based on the resource name. |
get
|
GET /v1alpha/{name=accessPolicies/*/servicePerimeters/*}
Gets a service perimeter
based on the resource name. |
list
|
GET /v1alpha/{parent=accessPolicies/*}/servicePerimeters
Lists all service perimeters
for an access policy. |
patch
|
PATCH /v1alpha/{servicePerimeter.name=accessPolicies/*/servicePerimeters/*}
Updates a service perimeter
. |
replace
|
POST /v1alpha/{parent=accessPolicies/*}/servicePerimeters:replaceAll
Replace all existing service perimeters
in an access policy
with the service perimeters
provided. |
test
|
POST /v1alpha/{resource=accessPolicies/*/servicePerimeters/*}:testIamPermissions
Returns the IAM permissions that the caller has on the specified Access Context Manager resource. |
REST Resource: v1alpha.operations
| Methods | |
|---|---|
get
|
GET /v1alpha/{name=operations/**}
Gets the latest state of a long-running operation. |
REST Resource: v1alpha.organizations.gcpUserAccessBindings
| Methods | |
|---|---|
create
|
POST /v1alpha/{parent=organizations/*}/gcpUserAccessBindings
Creates a GcpUserAccessBinding
. |
delete
|
DELETE /v1alpha/{name=organizations/*/gcpUserAccessBindings/*}
Deletes a GcpUserAccessBinding
. |
get
|
GET /v1alpha/{name=organizations/*/gcpUserAccessBindings/*}
Gets the GcpUserAccessBinding
with the given name. |
list
|
GET /v1alpha/{parent=organizations/*}/gcpUserAccessBindings
Lists all GcpUserAccessBindings
for a Google Cloud organization. |
patch
|
PATCH /v1alpha/{gcpUserAccessBinding.name=organizations/*/gcpUserAccessBindings/*}
Updates a GcpUserAccessBinding
. |
REST Resource: v1alpha.services
| Methods | |
|---|---|
get
|
GET /v1alpha/services/{name}
Get a VPS-SC Supported Service
by name. |
list
|
GET /v1alpha/services
Lists all VPC-SC supported services
. |
REST Resource: v1.accessPolicies
| Methods | |
|---|---|
create
|
POST /v1/accessPolicies
Creates an access policy. |
delete
|
DELETE /v1/{name=accessPolicies/*}
Deletes an access policy
based on the resource name. |
get
|
GET /v1/{name=accessPolicies/*}
Returns an access policy
based on the name. |
get
|
POST /v1/{resource=accessPolicies/*}:getIamPolicy
Gets the IAM policy for the specified Access Context Manager access policy
. |
list
|
GET /v1/accessPolicies
Lists all access policies
in an organization. |
patch
|
PATCH /v1/{policy.name=accessPolicies/*}
Updates an access policy
. |
set
|
POST /v1/{resource=accessPolicies/*}:setIamPolicy
Sets the IAM policy for the specified Access Context Manager access policy
. |
test
|
POST /v1/{resource=accessPolicies/*}:testIamPermissions
Returns the IAM permissions that the caller has on the specified Access Context Manager resource. |
REST Resource: v1.accessPolicies.accessLevels
| Methods | |
|---|---|
create
|
POST /v1/{parent=accessPolicies/*}/accessLevels
Creates an access level
. |
delete
|
DELETE /v1/{name=accessPolicies/*/accessLevels/*}
Deletes an access level
based on the resource name. |
get
|
GET /v1/{name=accessPolicies/*/accessLevels/*}
Gets an access level
based on the resource name. |
list
|
GET /v1/{parent=accessPolicies/*}/accessLevels
Lists all access levels
for an access policy. |
patch
|
PATCH /v1/{accessLevel.name=accessPolicies/*/accessLevels/*}
Updates an access level
. |
replace
|
POST /v1/{parent=accessPolicies/*}/accessLevels:replaceAll
Replaces all existing access levels
in an access policy
with the access levels
provided. |
test
|
POST /v1/{resource=accessPolicies/*/accessLevels/*}:testIamPermissions
Returns the IAM permissions that the caller has on the specified Access Context Manager resource. |
REST Resource: v1.accessPolicies.servicePerimeters
| Methods | |
|---|---|
commit
|
POST /v1/{parent=accessPolicies/*}/servicePerimeters:commit
Commits the dry-run specification for all the service perimeters
in an access policy
. |
create
|
POST /v1/{parent=accessPolicies/*}/servicePerimeters
Creates a service perimeter
. |
delete
|
DELETE /v1/{name=accessPolicies/*/servicePerimeters/*}
Deletes a service perimeter
based on the resource name. |
get
|
GET /v1/{name=accessPolicies/*/servicePerimeters/*}
Gets a service perimeter
based on the resource name. |
list
|
GET /v1/{parent=accessPolicies/*}/servicePerimeters
Lists all service perimeters
for an access policy. |
patch
|
PATCH /v1/{servicePerimeter.name=accessPolicies/*/servicePerimeters/*}
Updates a service perimeter
. |
replace
|
POST /v1/{parent=accessPolicies/*}/servicePerimeters:replaceAll
Replace all existing service perimeters
in an access policy
with the service perimeters
provided. |
test
|
POST /v1/{resource=accessPolicies/*/servicePerimeters/*}:testIamPermissions
Returns the IAM permissions that the caller has on the specified Access Context Manager resource. |
REST Resource: v1.operations
| Methods | |
|---|---|
cancel
|
POST /v1/{name=operations/**}:cancel
Starts asynchronous cancellation on a long-running operation. |
delete
|
DELETE /v1/{name=operations/**}
Deletes a long-running operation. |
get
|
GET /v1/{name=operations/**}
Gets the latest state of a long-running operation. |
list
|
GET /v1/{name=operations}
Lists operations that match the specified filter in the request. |
REST Resource: v1.organizations.gcpUserAccessBindings
| Methods | |
|---|---|
create
|
POST /v1/{parent=organizations/*}/gcpUserAccessBindings
Creates a GcpUserAccessBinding
. |
delete
|
DELETE /v1/{name=organizations/*/gcpUserAccessBindings/*}
Deletes a GcpUserAccessBinding
. |
get
|
GET /v1/{name=organizations/*/gcpUserAccessBindings/*}
Gets the GcpUserAccessBinding
with the given name. |
list
|
GET /v1/{parent=organizations/*}/gcpUserAccessBindings
Lists all GcpUserAccessBindings
for a Google Cloud organization. |
patch
|
PATCH /v1/{gcpUserAccessBinding.name=organizations/*/gcpUserAccessBindings/*}
Updates a GcpUserAccessBinding
. |
REST Resource: v1.services
| Methods | |
|---|---|
get
|
GET /v1/services/{name}
Returns a VPC-SC supported service
based on the service name. |
list
|
GET /v1/services
Lists all VPC-SC supported services
. |
