如需向 Data Catalog 进行身份验证,请设置应用默认凭据。
如需了解详情,请参阅为本地开发环境设置身份验证。
importcom.google.cloud.datacatalog.v1.DataCatalogClient;importcom.google.cloud.datacatalog.v1.TagTemplateName;importcom.google.iam.v1.Binding;importcom.google.iam.v1.Policy;importcom.google.iam.v1.SetIamPolicyRequest;importjava.io.IOException;// Sample to grant tag access on templatepublicclassGrantTagTemplateUserRole{publicstaticvoidmain(String[]args)throwsIOException{// TODO(developer): Replace these variables before running the sample.StringprojectId="my-project";StringtagTemplateId="my_tag_template";grantTagTemplateUserRole(projectId,tagTemplateId);}publicstaticvoidgrantTagTemplateUserRole(StringprojectId,StringtemplateId)throwsIOException{// Currently, Data Catalog stores metadata in the us-central1 region.Stringlocation="us-central1";// Format the Template name.StringtemplateName=TagTemplateName.newBuilder().setProject(projectId).setLocation(location).setTagTemplate(templateId).build().toString();// Initialize client that will be used to send requests. This client only needs to be created// once, and can be reused for multiple requests. After completing all of your requests, call// the "close" method on the client to safely clean up any remaining background resources.try(DataCatalogClientdataCatalogClient=DataCatalogClient.create()){// Create a Binding to add the Tag Template User role and member to the policy.Bindingbinding=Binding.newBuilder().setRole("roles/datacatalog.tagTemplateUser").addMembers("group:example-analyst-group@google.com").build();// Create a Policy object to update Template's IAM policy by adding the new binding.PolicypolicyUpdate=Policy.newBuilder().addBindings(binding).build();SetIamPolicyRequestrequest=SetIamPolicyRequest.newBuilder().setPolicy(policyUpdate).setResource(templateName).build();// Update Template's policy.dataCatalogClient.setIamPolicy(request);System.out.println("Role successfully granted");}}}
如需向 Data Catalog 进行身份验证,请设置应用默认凭据。
如需了解详情,请参阅为本地开发环境设置身份验证。
// Import the Google Cloud client library.const{DataCatalogClient}=require('@google-cloud/datacatalog').v1;constdatacatalog=newDataCatalogClient();asyncfunctiongrantTagTemplateUserRole(){// Grant the tagTemplateUser role to a member of the project./** * TODO(developer): Uncomment the following lines before running the sample. */// const projectId = 'my_project'; // Google Cloud Platform project// const templateId = 'my_existing_template';// const memberId = 'my_member_id'constlocation='us-central1';// Format the Template name.consttemplateName=datacatalog.tagTemplatePath(projectId,location,templateId);// Retrieve Template's current IAM Policy.const[getPolicyResponse]=awaitdatacatalog.getIamPolicy({resource:templateName,});constpolicy=getPolicyResponse;// Add Tag Template User role and member to the policy.policy.bindings.push({role:'roles/datacatalog.tagTemplateUser',members:[memberId],});constrequest={resource:templateName,policy:policy,};// Update Template's policy.const[updatePolicyResponse]=awaitdatacatalog.setIamPolicy(request);updatePolicyResponse.bindings.forEach(binding=>{console.log(`Role: ${binding.role}, Members: ${binding.members}`);});}grantTagTemplateUserRole();
如需向 Data Catalog 进行身份验证,请设置应用默认凭据。
如需了解详情,请参阅为本地开发环境设置身份验证。
fromgoogle.cloudimportdatacatalog_v1fromgoogle.iam.v1importiam_policy_pb2asiam_policyfromgoogle.iam.v1importpolicy_pb2datacatalog=datacatalog_v1.DataCatalogClient()# TODO: Set these values before running the sample.project_id="project_id"tag_template_id="existing_tag_template_id"# For a full list of values a member can have, see:# https://cloud.google.com/iam/docs/reference/rest/v1/Policy?hl=en#bindingmember_id="user:super-cool.test-user@gmail.com"# For all regions available, see:# https://cloud.google.com/data-catalog/docs/concepts/regionslocation="us-central1"# Format the Template name.template_name=datacatalog_v1.DataCatalogClient.tag_template_path(project_id,location,tag_template_id)# Retrieve Template's current IAM Policy.policy=datacatalog.get_iam_policy(resource=template_name)# Add Tag Template User role and member to the policy.binding=policy_pb2.Binding()binding.role="roles/datacatalog.tagTemplateUser"binding.members.append(member_id)policy.bindings.append(binding)set_policy_request=iam_policy.SetIamPolicyRequest(resource=template_name,policy=policy)# Update Template's policy.policy=datacatalog.set_iam_policy(set_policy_request)forbindinginpolicy.bindings:formemberinbinding.members:print(f"Member: {member}, Role: {binding.role}")
REST 和命令行
REST
如果您无法使用针对您的语言的 Cloud 客户端库或者您想要使用 REST 请求来测试 API,请参阅以下示例并参阅 Data Catalog REST API 文档。
在使用任何请求数据之前,请先进行以下替换:
project-id: Google Cloud 项目 ID
template-id:标记模板 ID
HTTP 方法和网址:
POST https://datacatalog.googleapis.com/v1/projects/project-id/locations/region/tagTemplates/template-id:setIamPolicy
[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-02-01。"],[[["This document provides instructions on how to grant the Data Catalog `tagTemplateUser` role to principals, enabling them to use a tag template to tag data resources with metadata."],["Granting the `tagTemplateUser` role can be achieved through the Google Cloud console by adding the role to a principal's permissions."],["Principals may require additional roles to write metadata to resources they don't own, beyond just the `tagTemplateUser` role, such as roles for writing to BigQuery and Pub/Sub."],["Code samples are given for Java, Node.js, and Python to allow for programmatic assignment of this role, as well as REST API and CLI examples."],["The necessary authentication to the Data Catalog for programmatic assignment of this role requires the use of the Application Default Credentials."]]],[]]