Defines an access control policy to the resources.
| JSON representation | |
|---|---|
{
"assignments"
:
[
{
object (
|
|
| Fields | |
|---|---|
assignments[]
|
|
etag
|
The [etag] is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the [etag] in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An [etag] is returned in the response to [policies.get], and systems are expected to put that etag in the request to [policies.set] to ensure that their change will be applied to the same version of the policy. If no [etag] is provided in the call to [policies.set], then the existing policy is overwritten blindly. A base64-encoded string. |
Assignment
Associates members
with a role
.
| JSON representation | |
|---|---|
{ "role" : string , "members" : [ string ] } |
|
role
string
Required. Role that is assigned to members
.
members[]
string
The identities the role is assigned to. It can have the following values:
-
{user_email}: An email address that represents a specific Google account. For example:alice@gmail.com. -
{group_email}: An email address that represents a Google group. For example,viewers@gmail.com.
