Mantenha tudo organizado com as coleções
Salve e categorize o conteúdo com base nas suas preferências.
Esta página descreve as etapas básicas necessárias para configurar a API Service Control em sua máquina local e testá-la usando o comando curl.
Configuração inicial
A API Service Control funciona com serviços gerenciados. Para usar a API Service Control, você precisa primeiro criar um serviço gerenciado usando a API Service Management. Para obter mais informações, consulte Primeiros passos com a Service Management.
Depois de criar um serviço gerenciado, você precisa concluir as etapas a seguir antes de usar a API Service Control do seu serviço gerenciado.
Sign in to your Google Cloud account. If you're new to
Google Cloud,
create an account to evaluate how our products perform in
real-world scenarios. New customers also get $300 in free credits to
run, test, and deploy workloads.
Na sequência de comandos shell a seguir, veja as etapas incrementais para chamar a API Service Control.
# Call with invalid service name "invalid.com". For security and privacy
# reasons, the permission check typically happens before other checks.
$ gcurl -d '{}' https://servicecontrol.googleapis.com/v1/services/invalid.com:check
{
"error": {
"code": 403,
"message": "Permission 'servicemanagement.services.check' denied on service 'invalid.com'.",
"status": "PERMISSION_DENIED"
}
}
# Call without proper permission on a service.
$ gcurl -d '{}' https://servicecontrol.googleapis.com/v1/services/servicecontrol.googleapis.com:check
{
"error": {
"code": 403,
"message": "Permission 'servicemanagement.services.check' denied on service 'servicecontrol.googleapis.com'.",
"status": "PERMISSION_DENIED"
}
}
# Call with invalid request.
$ gcurl -d '{}' https://servicecontrol.googleapis.com/v1/services/endpointsapis.appspot.com:check
{
"error": {
"code": 400,
"message": "Request contains an invalid argument.",
"status": "INVALID_ARGUMENT"
}
}
# This and following call assume that the service, operation name and
# project being checked are "endpointsapis.appspot.com",
# "google.example.hello.v1.HelloService.GetHello" and
# "endpointsapis-consumer" correspondingly.
# Change to the name of your managed service, operation, and project.
# Call with invalid request.
$ gcurl -d '{
"operation": {
"operationId": "123e4567-e89b-12d3-a456-426655440000",
"consumerId": "project:endpointsapis-consumer",
"startTime": "2016-06-12T22:00:15Z",
"operationName": "google.example.hello.v1.HelloService.GetHello"
}
}' https://servicecontrol.googleapis.com/v1/services/endpointsapis.appspot.com:check
{
"checkErrors": [
{
"code": "SERVICE_NOT_ACTIVATED",
"detail": "Service 'endpointsapis.appspot.com' is not enabled for consumer 'project:endpointsapis-consumer'."
}
]
}
# Successful call to "services.check" method after the API is enabled for
# the project.
$ gcurl -d '{
"operation": {
"operationId": "123e4567-e89b-12d3-a456-426655440000",
"consumerId": "project:endpointsapis-consumer",
"startTime":"2016-07-31T05:20:00Z",
"operationName":"google.example.hello.v1.HelloService.GetHello"
}
}' https://servicecontrol.googleapis.com/v1/services/endpointsapis.appspot.com:check
{
"operationId": "123e4567-e89b-12d3-a456-426655440000"
}
Depois de concluir as etapas anteriores, você terá:
uma configuração funcional de teste local para chamar quaisquer APIs do Google Cloud Platform;
[[["Fácil de entender","easyToUnderstand","thumb-up"],["Meu problema foi resolvido","solvedMyProblem","thumb-up"],["Outro","otherUp","thumb-up"]],[["Difícil de entender","hardToUnderstand","thumb-down"],["Informações incorretas ou exemplo de código","incorrectInformationOrSampleCode","thumb-down"],["Não contém as informações/amostras de que eu preciso","missingTheInformationSamplesINeed","thumb-down"],["Problema na tradução","translationIssue","thumb-down"],["Outro","otherDown","thumb-down"]],["Última atualização 2025-08-11 UTC."],[],[],null,["# Getting Started with the Service Control API\n\nThis page describes the basic steps necessary to set up the Service Control API\non your local machine and test it using the `curl` command.\n\nInitial setup\n-------------\n\nThe Service Control API works with\n[managed services](/service-infrastructure/docs/glossary#managed). To use the\nService Control API, you need to first create a managed service using\nthe Service Management API. For more information, see\n[Service Management Getting Started](/service-infrastructure/docs/service-management/getting-started).\n\nAfter you have created a managed service, you need to complete the following\nsteps before using the Service Control API from your managed service.\n\n- Sign in to your Google Cloud account. If you're new to Google Cloud, [create an account](https://console.cloud.google.com/freetrial) to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.\n-\n [Install](/sdk/docs/install) the Google Cloud CLI.\n\n- If you're using an external identity provider (IdP), you must first\n [sign in to the gcloud CLI with your federated identity](/iam/docs/workforce-log-in-gcloud).\n\n-\n To [initialize](/sdk/docs/initializing) the gcloud CLI, run the following command:\n\n ```bash\n gcloud init\n ```\n- [Create or select a Google Cloud project](https://cloud.google.com/resource-manager/docs/creating-managing-projects).\n\n | **Note**: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.\n - Create a Google Cloud project:\n\n ```\n gcloud projects create PROJECT_ID\n ```\n\n Replace \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e with a name for the Google Cloud project you are creating.\n - Select the Google Cloud project that you created:\n\n ```\n gcloud config set project PROJECT_ID\n ```\n\n Replace \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e with your Google Cloud project name.\n-\n [Verify that billing is enabled for your Google Cloud project](/billing/docs/how-to/verify-billing-enabled#confirm_billing_is_enabled_on_a_project).\n\n-\n\n\n Enable the Service Control API:\n\n\n ```bash\n gcloud services enable servicecontrol.googleapis.com\n ```\n-\n Grant roles to your user account. Run the following command once for each of the following\n IAM roles:\n `roles/servicemanagement.serviceController`\n\n ```bash\n gcloud projects add-iam-policy-binding PROJECT_ID --member=\"user:\u003cvar translate=\"no\"\u003eUSER_IDENTIFIER\u003c/var\u003e\" --role=ROLE\n ```\n\n Replace the following:\n - \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: your project ID.\n - \u003cvar translate=\"no\"\u003eUSER_IDENTIFIER\u003c/var\u003e: the identifier for your user account---for example, `myemail@example.com`.\n - \u003cvar translate=\"no\"\u003eROLE\u003c/var\u003e: the IAM role that you grant to your user account.\n\n-\n [Install](/sdk/docs/install) the Google Cloud CLI.\n\n- If you're using an external identity provider (IdP), you must first\n [sign in to the gcloud CLI with your federated identity](/iam/docs/workforce-log-in-gcloud).\n\n-\n To [initialize](/sdk/docs/initializing) the gcloud CLI, run the following command:\n\n ```bash\n gcloud init\n ```\n- [Create or select a Google Cloud project](https://cloud.google.com/resource-manager/docs/creating-managing-projects).\n\n | **Note**: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.\n - Create a Google Cloud project:\n\n ```\n gcloud projects create PROJECT_ID\n ```\n\n Replace \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e with a name for the Google Cloud project you are creating.\n - Select the Google Cloud project that you created:\n\n ```\n gcloud config set project PROJECT_ID\n ```\n\n Replace \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e with your Google Cloud project name.\n-\n [Verify that billing is enabled for your Google Cloud project](/billing/docs/how-to/verify-billing-enabled#confirm_billing_is_enabled_on_a_project).\n\n-\n\n\n Enable the Service Control API:\n\n\n ```bash\n gcloud services enable servicecontrol.googleapis.com\n ```\n-\n Grant roles to your user account. Run the following command once for each of the following\n IAM roles:\n `roles/servicemanagement.serviceController`\n\n ```bash\n gcloud projects add-iam-policy-binding PROJECT_ID --member=\"user:\u003cvar translate=\"no\"\u003eUSER_IDENTIFIER\u003c/var\u003e\" --role=ROLE\n ```\n\n Replace the following:\n - \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: your project ID.\n - \u003cvar translate=\"no\"\u003eUSER_IDENTIFIER\u003c/var\u003e: the identifier for your user account---for example, `myemail@example.com`.\n - \u003cvar translate=\"no\"\u003eROLE\u003c/var\u003e: the IAM role that you grant to your user account.\n\n\u003cbr /\u003e\n\nTest with curl\n--------------\n\nFirst, define a convenient shell alias for calling Google REST APIs: \n\n```\nalias gcurl='curl -H \"Authorization: Bearer $(gcloud auth print-access-token)\" -H \"Content-Type: application/json\" '\n```\n\nThe following shell command sequence demonstrates the incremental steps to call\nthe Service Control API. \n\n```\n# Call with invalid service name \"invalid.com\". For security and privacy\n# reasons, the permission check typically happens before other checks.\n$ gcurl -d '{}' https://servicecontrol.googleapis.com/v1/services/invalid.com:check\n{\n \"error\": {\n \"code\": 403,\n \"message\": \"Permission 'servicemanagement.services.check' denied on service 'invalid.com'.\",\n \"status\": \"PERMISSION_DENIED\"\n }\n}\n\n# Call without proper permission on a service.\n$ gcurl -d '{}' https://servicecontrol.googleapis.com/v1/services/servicecontrol.googleapis.com:check\n{\n \"error\": {\n \"code\": 403,\n \"message\": \"Permission 'servicemanagement.services.check' denied on service 'servicecontrol.googleapis.com'.\",\n \"status\": \"PERMISSION_DENIED\"\n }\n}\n\n# Call with invalid request.\n$ gcurl -d '{}' https://servicecontrol.googleapis.com/v1/services/endpointsapis.appspot.com:check\n{\n \"error\": {\n \"code\": 400,\n \"message\": \"Request contains an invalid argument.\",\n \"status\": \"INVALID_ARGUMENT\"\n }\n}\n\n# This and following call assume that the service, operation name and\n# project being checked are \"endpointsapis.appspot.com\",\n# \"google.example.hello.v1.HelloService.GetHello\" and\n# \"endpointsapis-consumer\" correspondingly.\n# Change to the name of your managed service, operation, and project.\n# Call with invalid request.\n$ gcurl -d '{\n \"operation\": {\n \"operationId\": \"123e4567-e89b-12d3-a456-426655440000\",\n \"consumerId\": \"project:endpointsapis-consumer\",\n \"startTime\": \"2016-06-12T22:00:15Z\",\n \"operationName\": \"google.example.hello.v1.HelloService.GetHello\"\n }\n}' https://servicecontrol.googleapis.com/v1/services/endpointsapis.appspot.com:check\n{\n \"checkErrors\": [\n {\n \"code\": \"SERVICE_NOT_ACTIVATED\",\n \"detail\": \"Service 'endpointsapis.appspot.com' is not enabled for consumer 'project:endpointsapis-consumer'.\"\n }\n ]\n}\n\n# Successful call to \"services.check\" method after the API is enabled for\n# the project.\n$ gcurl -d '{\n \"operation\": {\n \"operationId\": \"123e4567-e89b-12d3-a456-426655440000\",\n \"consumerId\": \"project:endpointsapis-consumer\",\n \"startTime\":\"2016-07-31T05:20:00Z\",\n \"operationName\":\"google.example.hello.v1.HelloService.GetHello\"\n }\n}' https://servicecontrol.googleapis.com/v1/services/endpointsapis.appspot.com:check\n{\n \"operationId\": \"123e4567-e89b-12d3-a456-426655440000\"\n}\n```\n\nAfter you have completed the preceding steps:\n\n- You have a functional local test setup that you can use to call any Google Cloud Platform APIs.\n- You have a functional service that you can use with the [Service Management API](/service-infrastructure/docs/service-management/reference/rest) and the [Service Control API](/service-infrastructure/docs/service-control/reference/rest).\n- You have a service account with correct permissions that you can use to run your service."]]
