AccessTuple(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Information about the principal, resource, and permission to check.
Attributes |
|
---|---|
Name | Description |
principal |
str
Required. The principal whose access you want to check, in the form of the email address that represents that principal. For example, alice@example.com or
my-service-account@my-project.iam.gserviceaccount.com .
The principal must be a Google Account or a service account.
Other types of principals are not supported.
|
full_resource_name |
str
Required. The full resource name that identifies the resource. For example, //compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance .
For examples of full resource names for Google Cloud
services, see
https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
|
permission |
str
Required. The IAM permission to check for the specified principal and resource. For a complete list of IAM permissions, see https://cloud.google.com/iam/help/permissions/reference. For a complete list of predefined IAM roles and the permissions in each role, see https://cloud.google.com/iam/help/roles/reference. |