An interface for managing Identity and Access Management (IAM) policies.
Equality
Instances of this class created via copy-construction or copy-assignment always compare equal. Instances created with equal std::shared_ptr<*Connection> objects compare equal. Objects that compare equal share the same underlying resources.
Performance
Creating a new instance of this class is a relatively expensive operation, new objects establish new connections to the service. In contrast, copy-construction, move-construction, and the corresponding assignment operations are relatively efficient as the copies share all underlying resources.
Thread Safety
Concurrent access to different instances of this class, even if they compare equal, is guaranteed to work. Two or more threads operating on the same instance of this class is not guaranteed to work. Since copy-construction and move-construction is a relatively efficient operation, consider using such a copy when using this class from multiple threads.
Retrieves the policies of the specified kind that are attached to a resource.
The response lists only policy metadata. In particular, policy rules are omitted.
Parameters
Name
Description
parent
std::string const &
Required. The resource that the policy is attached to, along with the kind of policy to list. Format: policies/{attachment_point}/denypolicies
The attachment point is identified by its URL-encoded full resource name, which means that the forward-slash character, /, must be written as %2F. For example, policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies.
For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.
opts
Options
Optional. Override the class-level options, such as retry and backoff policies.
Returns
Type
Description
StreamRange< google::iam::v2::Policy >
a StreamRange to iterate of the results. See the documentation of this type for details. In brief, this class has begin() and end() member functions returning a iterator class meeting the input iterator requirements. The value type for this iterator is a StatusOr as the iteration may fail even after some values are retrieved successfully, for example, if there is a network disconnect. An empty set of results does not indicate an error, it indicates that there are no resources meeting the request criteria. On a successful iteration the StatusOr<T> contains elements of type google.iam.v2.Policy, or rather, the C++ class generated by Protobuf from that type. Please consult the Protobuf documentation for details on the Protobuf mapping rules.
Retrieves the policies of the specified kind that are attached to a resource.
The response lists only policy metadata. In particular, policy rules are omitted.
Parameters
Name
Description
request
google::iam::v2::ListPoliciesRequest
Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.iam.v2.ListPoliciesRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.
opts
Options
Optional. Override the class-level options, such as retry and backoff policies.
Returns
Type
Description
StreamRange< google::iam::v2::Policy >
a StreamRange to iterate of the results. See the documentation of this type for details. In brief, this class has begin() and end() member functions returning a iterator class meeting the input iterator requirements. The value type for this iterator is a StatusOr as the iteration may fail even after some values are retrieved successfully, for example, if there is a network disconnect. An empty set of results does not indicate an error, it indicates that there are no resources meeting the request criteria. On a successful iteration the StatusOr<T> contains elements of type google.iam.v2.Policy, or rather, the C++ class generated by Protobuf from that type. Please consult the Protobuf documentation for details on the Protobuf mapping rules.
GetPolicy(std::string const &, Options)
Gets a policy.
Parameters
Name
Description
name
std::string const &
Required. The resource name of the policy to retrieve. Format: policies/{attachment_point}/denypolicies/{policy_id}
Use the URL-encoded full resource name, which means that the forward-slash character, /, must be written as %2F. For example, policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies/my-policy.
For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.
opts
Options
Optional. Override the class-level options, such as retry and backoff policies.
Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.iam.v2.GetPolicyRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.
opts
Options
Optional. Override the class-level options, such as retry and backoff policies.
Required. The resource that the policy is attached to, along with the kind of policy to create. Format: policies/{attachment_point}/denypolicies
The attachment point is identified by its URL-encoded full resource name, which means that the forward-slash character, /, must be written as %2F. For example, policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies.
For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.
policy
google::iam::v2::Policy const &
Required. The policy to create.
policy_id
std::string const &
The ID to use for this policy, which will become the final component of the policy's resource name. The ID must contain 3 to 63 characters. It can contain lowercase letters and numbers, as well as dashes (-) and periods (.). The first character must be a lowercase letter.
opts
Options
Optional. Override the class-level options, such as retry and backoff policies.
Returns
Type
Description
future< StatusOr< google::iam::v2::Policy > >
A future that becomes satisfied when the LRO (Long Running Operation) completes or the polling policy in effect for this call is exhausted. The future is satisfied with an error if the LRO completes with an error or the polling policy is exhausted. In this case the StatusOr returned by the future contains the error. If the LRO completes successfully the value of the future contains the LRO's result. For this RPC the result is a google.iam.v2.Policy proto message. The C++ class representing this message is created by Protobuf, using the Protobuf mapping rules.
Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.iam.v2.CreatePolicyRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.
opts
Options
Optional. Override the class-level options, such as retry and backoff policies.
Returns
Type
Description
future< StatusOr< google::iam::v2::Policy > >
A future that becomes satisfied when the LRO (Long Running Operation) completes or the polling policy in effect for this call is exhausted. The future is satisfied with an error if the LRO completes with an error or the polling policy is exhausted. In this case the StatusOr returned by the future contains the error. If the LRO completes successfully the value of the future contains the LRO's result. For this RPC the result is a google.iam.v2.Policy proto message. The C++ class representing this message is created by Protobuf, using the Protobuf mapping rules.
You can update only the rules and the display name for the policy.
To update a policy, you should use a read-modify-write loop:
Use GetPolicy to read the current version of the policy.
Modify the policy as needed.
Use UpdatePolicy to write the updated policy.
This pattern helps prevent conflicts between concurrent updates.
Parameters
Name
Description
request
google::iam::v2::UpdatePolicyRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.iam.v2.UpdatePolicyRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.
opts
Options
Optional. Override the class-level options, such as retry and backoff policies.
Returns
Type
Description
future< StatusOr< google::iam::v2::Policy > >
A future that becomes satisfied when the LRO (Long Running Operation) completes or the polling policy in effect for this call is exhausted. The future is satisfied with an error if the LRO completes with an error or the polling policy is exhausted. In this case the StatusOr returned by the future contains the error. If the LRO completes successfully the value of the future contains the LRO's result. For this RPC the result is a google.iam.v2.Policy proto message. The C++ class representing this message is created by Protobuf, using the Protobuf mapping rules.
DeletePolicy(std::string const &, Options)
Deletes a policy.
This action is permanent.
Parameters
Name
Description
name
std::string const &
Required. The resource name of the policy to delete. Format: policies/{attachment_point}/denypolicies/{policy_id}
Use the URL-encoded full resource name, which means that the forward-slash character, /, must be written as %2F. For example, policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies/my-policy.
For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.
opts
Options
Optional. Override the class-level options, such as retry and backoff policies.
Returns
Type
Description
future< StatusOr< google::iam::v2::Policy > >
A future that becomes satisfied when the LRO (Long Running Operation) completes or the polling policy in effect for this call is exhausted. The future is satisfied with an error if the LRO completes with an error or the polling policy is exhausted. In this case the StatusOr returned by the future contains the error. If the LRO completes successfully the value of the future contains the LRO's result. For this RPC the result is a google.iam.v2.Policy proto message. The C++ class representing this message is created by Protobuf, using the Protobuf mapping rules.
Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.iam.v2.DeletePolicyRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.
opts
Options
Optional. Override the class-level options, such as retry and backoff policies.
Returns
Type
Description
future< StatusOr< google::iam::v2::Policy > >
A future that becomes satisfied when the LRO (Long Running Operation) completes or the polling policy in effect for this call is exhausted. The future is satisfied with an error if the LRO completes with an error or the polling policy is exhausted. In this case the StatusOr returned by the future contains the error. If the LRO completes successfully the value of the future contains the LRO's result. For this RPC the result is a google.iam.v2.Policy proto message. The C++ class representing this message is created by Protobuf, using the Protobuf mapping rules.