Method: projects.locations.certificateAuthorities.certificateRevocationLists.testIamPermissions
Stay organized with collections
Save and categorize content based on your preferences.
Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND
error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
HTTP request
POST https://privateca.googleapis.com/v1beta1/{resource=projects/*/locations/*/certificateAuthorities/*/certificateRevocationLists/*}:testIamPermissions
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters |
resource |
string
REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
|
Request body
The request body contains data with the following structure:
JSON representation |
{
"permissions": [
string
]
} |
Fields |
permissions[] |
string
The set of permissions to check for the resource . Permissions with wildcards (such as '*' or 'storage.*') are not allowed. For more information see IAM Overview.
|
Response body
If successful, the response body contains an instance of TestIamPermissionsResponse
.
Authorization Scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-05-30 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-05-30 UTC."],[[["\u003cp\u003eThis API endpoint uses a POST request to the specified URL, \u003ccode\u003ehttps://privateca.googleapis.com/v1beta1/{resource=projects/*/locations/*/certificateAuthorities/*/certificateRevocationLists/*}:testIamPermissions\u003c/code\u003e, utilizing gRPC Transcoding syntax.\u003c/p\u003e\n"],["\u003cp\u003eThe request requires a \u003ccode\u003eresource\u003c/code\u003e path parameter, which is a string representing the target resource for which permissions are being requested.\u003c/p\u003e\n"],["\u003cp\u003eThe request body should be in JSON format and includes an array of strings under the \u003ccode\u003epermissions\u003c/code\u003e field, each string being a specific permission to check for, and wildcard permissions are not allowed.\u003c/p\u003e\n"],["\u003cp\u003eUpon success, the response body returns an instance of \u003ccode\u003eTestIamPermissionsResponse\u003c/code\u003e, which includes the set of permissions that a user has on a specific resource.\u003c/p\u003e\n"],["\u003cp\u003eThis API operation requires the OAuth scope \u003ccode\u003ehttps://www.googleapis.com/auth/cloud-platform\u003c/code\u003e for authorization, as detailed in the Authentication Overview documentation.\u003c/p\u003e\n"]]],[],null,["# Method: projects.locations.certificateAuthorities.certificateRevocationLists.testIamPermissions\n\n- [HTTP request](#body.HTTP_TEMPLATE)\n- [Path parameters](#body.PATH_PARAMETERS)\n- [Request body](#body.request_body)\n - [JSON representation](#body.request_body.SCHEMA_REPRESENTATION)\n- [Response body](#body.response_body)\n- [Authorization Scopes](#body.aspect)\n\nReturns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error.\n\nNote: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.\n\n### HTTP request\n\n`POST https://privateca.googleapis.com/v1beta1/{resource=projects/*/locations/*/certificateAuthorities/*/certificateRevocationLists/*}:testIamPermissions`\n\nThe URL uses [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\n### Path parameters\n\n### Request body\n\nThe request body contains data with the following structure:\n\n### Response body\n\nIf successful, the response body contains an instance of [TestIamPermissionsResponse](/certificate-authority-service/docs/reference/rest/Shared.Types/TestIamPermissionsResponse).\n\n### Authorization Scopes\n\nRequires the following OAuth scope:\n\n- `https://www.googleapis.com/auth/cloud-platform`\n\nFor more information, see the [Authentication Overview](https://cloud.google.com/docs/authentication/)."]]