Method: projects.locations.lakes.contentitems.testIamPermissions

Returns the caller's permissions on a resource. If the resource does not exist, an empty set of permissions is returned (a NOT_FOUND error is not returned).

A caller is not required to have Google IAM permission to make this request.

Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.

HTTP request


The URL uses gRPC Transcoding syntax.

Path parameters



REQUIRED: The resource for which the policy detail is being requested. See Resource names for the appropriate value for this field.

Request body

The request body contains data with the following structure:

JSON representation
  "permissions": [


The set of permissions to check for the resource. Permissions with wildcards (such as * or storage.*) are not allowed. For more information see IAM Overview.

Response body

If successful, the response body contains an instance of TestIamPermissionsResponse.

Authorization scopes

Requires the following OAuth scope:


For more information, see the Authentication Overview.