1<html><body> 2<style> 3 4body, h1, h2, h3, div, span, p, pre, a { 5 margin: 0; 6 padding: 0; 7 border: 0; 8 font-weight: inherit; 9 font-style: inherit; 10 font-size: 100%; 11 font-family: inherit; 12 vertical-align: baseline; 13} 14 15body { 16 font-size: 13px; 17 padding: 1em; 18} 19 20h1 { 21 font-size: 26px; 22 margin-bottom: 1em; 23} 24 25h2 { 26 font-size: 24px; 27 margin-bottom: 1em; 28} 29 30h3 { 31 font-size: 20px; 32 margin-bottom: 1em; 33 margin-top: 1em; 34} 35 36pre, code { 37 line-height: 1.5; 38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; 39} 40 41pre { 42 margin-top: 0.5em; 43} 44 45h1, h2, h3, p { 46 font-family: Arial, sans serif; 47} 48 49h1, h2, h3 { 50 border-bottom: solid #CCC 1px; 51} 52 53.toc_element { 54 margin-top: 0.5em; 55} 56 57.firstline { 58 margin-left: 2 em; 59} 60 61.method { 62 margin-top: 1em; 63 border: solid 1px #CCC; 64 padding: 1em; 65 background: #EEE; 66} 67 68.details { 69 font-weight: bold; 70 font-size: 14px; 71} 72 73</style> 74 75<h1><a href="healthcare_v1alpha2.html">Cloud Healthcare API</a> . <a href="healthcare_v1alpha2.projects.html">projects</a> . <a href="healthcare_v1alpha2.projects.locations.html">locations</a> . <a href="healthcare_v1alpha2.projects.locations.datasets.html">datasets</a> . <a href="healthcare_v1alpha2.projects.locations.datasets.annotationStores.html">annotationStores</a></h1> 76<h2>Instance Methods</h2> 77<p class="toc_element"> 78 <code><a href="healthcare_v1alpha2.projects.locations.datasets.annotationStores.annotations.html">annotations()</a></code> 79</p> 80<p class="firstline">Returns the annotations Resource.</p> 81 82<p class="toc_element"> 83 <code><a href="#create">create(parent, body, annotationStoreId=None, x__xgafv=None)</a></code></p> 84<p class="firstline">Creates a new Annotation store within the parent dataset.</p> 85<p class="toc_element"> 86 <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p> 87<p class="firstline">Deletes the specified Annotation store and removes all annotations that are</p> 88<p class="toc_element"> 89 <code><a href="#get">get(name, x__xgafv=None)</a></code></p> 90<p class="firstline">Gets the specified Annotation store or returns NOT_FOUND if it does not</p> 91<p class="toc_element"> 92 <code><a href="#getIamPolicy">getIamPolicy(resource, body=None, x__xgafv=None)</a></code></p> 93<p class="firstline">Gets the access control policy for a resource. Returns NOT_FOUND error if</p> 94<p class="toc_element"> 95 <code><a href="#list">list(parent, pageToken=None, x__xgafv=None, pageSize=None, filter=None)</a></code></p> 96<p class="firstline">Lists the Annotation stores in the given dataset for a source store.</p> 97<p class="toc_element"> 98 <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p> 99<p class="firstline">Retrieves the next page of results.</p> 100<p class="toc_element"> 101 <code><a href="#patch">patch(name, body, updateMask=None, x__xgafv=None)</a></code></p> 102<p class="firstline">Updates the specified Annotation store.</p> 103<p class="toc_element"> 104 <code><a href="#setIamPolicy">setIamPolicy(resource, body, x__xgafv=None)</a></code></p> 105<p class="firstline">POLICIES</p> 106<p class="toc_element"> 107 <code><a href="#testIamPermissions">testIamPermissions(resource, body, x__xgafv=None)</a></code></p> 108<p class="firstline">Returns permissions that a caller has on the specified resource.</p> 109<h3>Method Details</h3> 110<div class="method"> 111 <code class="details" id="create">create(parent, body, annotationStoreId=None, x__xgafv=None)</code> 112 <pre>Creates a new Annotation store within the parent dataset. 113 114Args: 115 parent: string, The name of the dataset this Annotation store belongs to. (required) 116 body: object, The request body. (required) 117 The object takes the form of: 118 119{ # An Annotation store that can store annotation resources such as 120 # labels and tags for text, image and audio. 121 "labels": { # User-supplied key-value pairs used to organize Annotation stores. 122 # 123 # Label keys must be between 1 and 63 characters long, have a UTF-8 encoding 124 # of maximum 128 bytes, and must conform to the 125 # following PCRE regular expression: 126 # \p{Ll}\p{Lo}{0,62} 127 # 128 # Label values are optional, must be between 1 and 63 characters long, have 129 # a UTF-8 encoding of maximum 128 bytes, and must conform to the 130 # following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} 131 # 132 # No more than 64 labels can be associated with a given store. 133 "a_key": "A String", 134 }, 135 "name": "A String", # Output only. Resource name of the Annotation store, of the form 136 # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/annotationStores/{annotation_store_id}`. 137} 138 139 annotationStoreId: string, The ID of the Annotation store that is being created. 140The string must match the following regex: `[\p{L}\p{N}_\-\.]{1,256}`. 141 x__xgafv: string, V1 error format. 142 Allowed values 143 1 - v1 error format 144 2 - v2 error format 145 146Returns: 147 An object of the form: 148 149 { # An Annotation store that can store annotation resources such as 150 # labels and tags for text, image and audio. 151 "labels": { # User-supplied key-value pairs used to organize Annotation stores. 152 # 153 # Label keys must be between 1 and 63 characters long, have a UTF-8 encoding 154 # of maximum 128 bytes, and must conform to the 155 # following PCRE regular expression: 156 # \p{Ll}\p{Lo}{0,62} 157 # 158 # Label values are optional, must be between 1 and 63 characters long, have 159 # a UTF-8 encoding of maximum 128 bytes, and must conform to the 160 # following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} 161 # 162 # No more than 64 labels can be associated with a given store. 163 "a_key": "A String", 164 }, 165 "name": "A String", # Output only. Resource name of the Annotation store, of the form 166 # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/annotationStores/{annotation_store_id}`. 167 }</pre> 168</div> 169 170<div class="method"> 171 <code class="details" id="delete">delete(name, x__xgafv=None)</code> 172 <pre>Deletes the specified Annotation store and removes all annotations that are 173contained within it. 174 175Args: 176 name: string, The resource name of the Annotation store to delete. (required) 177 x__xgafv: string, V1 error format. 178 Allowed values 179 1 - v1 error format 180 2 - v2 error format 181 182Returns: 183 An object of the form: 184 185 { # A generic empty message that you can re-use to avoid defining duplicated 186 # empty messages in your APIs. A typical example is to use it as the request 187 # or the response type of an API method. For instance: 188 # 189 # service Foo { 190 # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); 191 # } 192 # 193 # The JSON representation for `Empty` is empty JSON object `{}`. 194 }</pre> 195</div> 196 197<div class="method"> 198 <code class="details" id="get">get(name, x__xgafv=None)</code> 199 <pre>Gets the specified Annotation store or returns NOT_FOUND if it does not 200exist. 201 202Args: 203 name: string, The resource name of the Annotation store to get. (required) 204 x__xgafv: string, V1 error format. 205 Allowed values 206 1 - v1 error format 207 2 - v2 error format 208 209Returns: 210 An object of the form: 211 212 { # An Annotation store that can store annotation resources such as 213 # labels and tags for text, image and audio. 214 "labels": { # User-supplied key-value pairs used to organize Annotation stores. 215 # 216 # Label keys must be between 1 and 63 characters long, have a UTF-8 encoding 217 # of maximum 128 bytes, and must conform to the 218 # following PCRE regular expression: 219 # \p{Ll}\p{Lo}{0,62} 220 # 221 # Label values are optional, must be between 1 and 63 characters long, have 222 # a UTF-8 encoding of maximum 128 bytes, and must conform to the 223 # following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} 224 # 225 # No more than 64 labels can be associated with a given store. 226 "a_key": "A String", 227 }, 228 "name": "A String", # Output only. Resource name of the Annotation store, of the form 229 # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/annotationStores/{annotation_store_id}`. 230 }</pre> 231</div> 232 233<div class="method"> 234 <code class="details" id="getIamPolicy">getIamPolicy(resource, body=None, x__xgafv=None)</code> 235 <pre>Gets the access control policy for a resource. Returns NOT_FOUND error if 236the resource does not exist. Returns an empty policy if the resource exists 237but does not have a policy set. 238 239Authorization requires the Google IAM permission 240`healthcare.AnnotationStores.getIamPolicy` on the specified resource 241 242Args: 243 resource: string, REQUIRED: The resource for which the policy is being requested. 244See the operation documentation for the appropriate value for this field. (required) 245 body: object, The request body. 246 The object takes the form of: 247 248{ # Request message for `GetIamPolicy` method. 249 } 250 251 x__xgafv: string, V1 error format. 252 Allowed values 253 1 - v1 error format 254 2 - v2 error format 255 256Returns: 257 An object of the form: 258 259 { # Defines an Identity and Access Management (IAM) policy. It is used to 260 # specify access control policies for Cloud Platform resources. 261 # 262 # 263 # A `Policy` consists of a list of `bindings`. A `binding` binds a list of 264 # `members` to a `role`, where the members can be user accounts, Google groups, 265 # Google domains, and service accounts. A `role` is a named list of permissions 266 # defined by IAM. 267 # 268 # **JSON Example** 269 # 270 # { 271 # "bindings": [ 272 # { 273 # "role": "roles/owner", 274 # "members": [ 275 # "user:mike@example.com", 276 # "group:admins@example.com", 277 # "domain:google.com", 278 # "serviceAccount:my-other-app@appspot.gserviceaccount.com" 279 # ] 280 # }, 281 # { 282 # "role": "roles/viewer", 283 # "members": ["user:sean@example.com"] 284 # } 285 # ] 286 # } 287 # 288 # **YAML Example** 289 # 290 # bindings: 291 # - members: 292 # - user:mike@example.com 293 # - group:admins@example.com 294 # - domain:google.com 295 # - serviceAccount:my-other-app@appspot.gserviceaccount.com 296 # role: roles/owner 297 # - members: 298 # - user:sean@example.com 299 # role: roles/viewer 300 # 301 # 302 # For a description of IAM and its features, see the 303 # [IAM developer's guide](https://cloud.google.com/iam/docs). 304 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. 305 { # Specifies the audit configuration for a service. 306 # The configuration determines which permission types are logged, and what 307 # identities, if any, are exempted from logging. 308 # An AuditConfig must have one or more AuditLogConfigs. 309 # 310 # If there are AuditConfigs for both `allServices` and a specific service, 311 # the union of the two AuditConfigs is used for that service: the log_types 312 # specified in each AuditConfig are enabled, and the exempted_members in each 313 # AuditLogConfig are exempted. 314 # 315 # Example Policy with multiple AuditConfigs: 316 # 317 # { 318 # "audit_configs": [ 319 # { 320 # "service": "allServices" 321 # "audit_log_configs": [ 322 # { 323 # "log_type": "DATA_READ", 324 # "exempted_members": [ 325 # "user:foo@gmail.com" 326 # ] 327 # }, 328 # { 329 # "log_type": "DATA_WRITE", 330 # }, 331 # { 332 # "log_type": "ADMIN_READ", 333 # } 334 # ] 335 # }, 336 # { 337 # "service": "fooservice.googleapis.com" 338 # "audit_log_configs": [ 339 # { 340 # "log_type": "DATA_READ", 341 # }, 342 # { 343 # "log_type": "DATA_WRITE", 344 # "exempted_members": [ 345 # "user:bar@gmail.com" 346 # ] 347 # } 348 # ] 349 # } 350 # ] 351 # } 352 # 353 # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ 354 # logging. It also exempts foo@gmail.com from DATA_READ logging, and 355 # bar@gmail.com from DATA_WRITE logging. 356 "auditLogConfigs": [ # The configuration for logging of each type of permission. 357 { # Provides the configuration for logging a type of permissions. 358 # Example: 359 # 360 # { 361 # "audit_log_configs": [ 362 # { 363 # "log_type": "DATA_READ", 364 # "exempted_members": [ 365 # "user:foo@gmail.com" 366 # ] 367 # }, 368 # { 369 # "log_type": "DATA_WRITE", 370 # } 371 # ] 372 # } 373 # 374 # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting 375 # foo@gmail.com from DATA_READ logging. 376 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of 377 # permission. 378 # Follows the same format of Binding.members. 379 "A String", 380 ], 381 "logType": "A String", # The log type that this config enables. 382 }, 383 ], 384 "service": "A String", # Specifies a service that will be enabled for audit logging. 385 # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. 386 # `allServices` is a special value that covers all services. 387 }, 388 ], 389 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help 390 # prevent simultaneous updates of a policy from overwriting each other. 391 # It is strongly suggested that systems make use of the `etag` in the 392 # read-modify-write cycle to perform policy updates in order to avoid race 393 # conditions: An `etag` is returned in the response to `getIamPolicy`, and 394 # systems are expected to put that etag in the request to `setIamPolicy` to 395 # ensure that their change will be applied to the same version of the policy. 396 # 397 # If no `etag` is provided in the call to `setIamPolicy`, then the existing 398 # policy is overwritten blindly. 399 "bindings": [ # Associates a list of `members` to a `role`. 400 # `bindings` with no members will result in an error. 401 { # Associates `members` with a `role`. 402 "role": "A String", # Role that is assigned to `members`. 403 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 404 "condition": { # Represents an expression text. Example: # The condition that is associated with this binding. 405 # NOTE: An unsatisfied condition will not allow user access via current 406 # binding. Different bindings, including their conditions, are examined 407 # independently. 408 # 409 # title: "User account presence" 410 # description: "Determines whether the request has a user account" 411 # expression: "size(request.user) > 0" 412 "description": "A String", # An optional description of the expression. This is a longer text which 413 # describes the expression, e.g. when hovered over it in a UI. 414 "expression": "A String", # Textual representation of an expression in 415 # Common Expression Language syntax. 416 # 417 # The application context of the containing message determines which 418 # well-known feature set of CEL is supported. 419 "location": "A String", # An optional string indicating the location of the expression for error 420 # reporting, e.g. a file name and a position in the file. 421 "title": "A String", # An optional title for the expression, i.e. a short string describing 422 # its purpose. This can be used e.g. in UIs which allow to enter the 423 # expression. 424 }, 425 "members": [ # Specifies the identities requesting access for a Cloud Platform resource. 426 # `members` can have the following values: 427 # 428 # * `allUsers`: A special identifier that represents anyone who is 429 # on the internet; with or without a Google account. 430 # 431 # * `allAuthenticatedUsers`: A special identifier that represents anyone 432 # who is authenticated with a Google account or a service account. 433 # 434 # * `user:{emailid}`: An email address that represents a specific Google 435 # account. For example, `alice@gmail.com` . 436 # 437 # 438 # * `serviceAccount:{emailid}`: An email address that represents a service 439 # account. For example, `my-other-app@appspot.gserviceaccount.com`. 440 # 441 # * `group:{emailid}`: An email address that represents a Google group. 442 # For example, `admins@example.com`. 443 # 444 # 445 # * `domain:{domain}`: The G Suite domain (primary) that represents all the 446 # users of that domain. For example, `google.com` or `example.com`. 447 # 448 "A String", 449 ], 450 }, 451 ], 452 "version": 42, # Deprecated. 453 }</pre> 454</div> 455 456<div class="method"> 457 <code class="details" id="list">list(parent, pageToken=None, x__xgafv=None, pageSize=None, filter=None)</code> 458 <pre>Lists the Annotation stores in the given dataset for a source store. 459 460Args: 461 parent: string, Name of the dataset. (required) 462 pageToken: string, The next_page_token value returned from the previous List request, if any. 463 x__xgafv: string, V1 error format. 464 Allowed values 465 1 - v1 error format 466 2 - v2 error format 467 pageSize: integer, Limit on the number of Annotation stores to return in a single response. 468If zero the default page size of 100 is used. 469 filter: string, Restricts stores returned to those matching a filter. Syntax: 470https://cloud.google.com/appengine/docs/standard/python/search/query_strings 471Only filtering on labels is supported, for example `labels.key=value`. 472 473Returns: 474 An object of the form: 475 476 { # Lists the Annotation stores 477 # in the given dataset. 478 "nextPageToken": "A String", # Token to retrieve the next page of results or empty if there are no more 479 # results in the list. 480 "annotationStores": [ # The returned Annotation stores. Won't be more Annotation stores than the 481 # value of page_size in the request. 482 { # An Annotation store that can store annotation resources such as 483 # labels and tags for text, image and audio. 484 "labels": { # User-supplied key-value pairs used to organize Annotation stores. 485 # 486 # Label keys must be between 1 and 63 characters long, have a UTF-8 encoding 487 # of maximum 128 bytes, and must conform to the 488 # following PCRE regular expression: 489 # \p{Ll}\p{Lo}{0,62} 490 # 491 # Label values are optional, must be between 1 and 63 characters long, have 492 # a UTF-8 encoding of maximum 128 bytes, and must conform to the 493 # following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} 494 # 495 # No more than 64 labels can be associated with a given store. 496 "a_key": "A String", 497 }, 498 "name": "A String", # Output only. Resource name of the Annotation store, of the form 499 # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/annotationStores/{annotation_store_id}`. 500 }, 501 ], 502 }</pre> 503</div> 504 505<div class="method"> 506 <code class="details" id="list_next">list_next(previous_request, previous_response)</code> 507 <pre>Retrieves the next page of results. 508 509Args: 510 previous_request: The request for the previous page. (required) 511 previous_response: The response from the request for the previous page. (required) 512 513Returns: 514 A request object that you can call 'execute()' on to request the next 515 page. Returns None if there are no more items in the collection. 516 </pre> 517</div> 518 519<div class="method"> 520 <code class="details" id="patch">patch(name, body, updateMask=None, x__xgafv=None)</code> 521 <pre>Updates the specified Annotation store. 522 523Args: 524 name: string, Output only. Resource name of the Annotation store, of the form 525`projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/annotationStores/{annotation_store_id}`. (required) 526 body: object, The request body. (required) 527 The object takes the form of: 528 529{ # An Annotation store that can store annotation resources such as 530 # labels and tags for text, image and audio. 531 "labels": { # User-supplied key-value pairs used to organize Annotation stores. 532 # 533 # Label keys must be between 1 and 63 characters long, have a UTF-8 encoding 534 # of maximum 128 bytes, and must conform to the 535 # following PCRE regular expression: 536 # \p{Ll}\p{Lo}{0,62} 537 # 538 # Label values are optional, must be between 1 and 63 characters long, have 539 # a UTF-8 encoding of maximum 128 bytes, and must conform to the 540 # following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} 541 # 542 # No more than 64 labels can be associated with a given store. 543 "a_key": "A String", 544 }, 545 "name": "A String", # Output only. Resource name of the Annotation store, of the form 546 # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/annotationStores/{annotation_store_id}`. 547} 548 549 updateMask: string, The update mask applies to the resource. For the `FieldMask` definition, 550see 551https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask 552 x__xgafv: string, V1 error format. 553 Allowed values 554 1 - v1 error format 555 2 - v2 error format 556 557Returns: 558 An object of the form: 559 560 { # An Annotation store that can store annotation resources such as 561 # labels and tags for text, image and audio. 562 "labels": { # User-supplied key-value pairs used to organize Annotation stores. 563 # 564 # Label keys must be between 1 and 63 characters long, have a UTF-8 encoding 565 # of maximum 128 bytes, and must conform to the 566 # following PCRE regular expression: 567 # \p{Ll}\p{Lo}{0,62} 568 # 569 # Label values are optional, must be between 1 and 63 characters long, have 570 # a UTF-8 encoding of maximum 128 bytes, and must conform to the 571 # following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} 572 # 573 # No more than 64 labels can be associated with a given store. 574 "a_key": "A String", 575 }, 576 "name": "A String", # Output only. Resource name of the Annotation store, of the form 577 # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/annotationStores/{annotation_store_id}`. 578 }</pre> 579</div> 580 581<div class="method"> 582 <code class="details" id="setIamPolicy">setIamPolicy(resource, body, x__xgafv=None)</code> 583 <pre>POLICIES 584Sets the access control policy for a resource. Replaces any existing 585policy. 586 587Authorization requires the Google IAM permission 588'healthcare.annotationStores.setIamPolicy' on the specified resource 589 590Args: 591 resource: string, REQUIRED: The resource for which the policy is being specified. 592See the operation documentation for the appropriate value for this field. (required) 593 body: object, The request body. (required) 594 The object takes the form of: 595 596{ # Request message for `SetIamPolicy` method. 597 "policy": { # Defines an Identity and Access Management (IAM) policy. It is used to # REQUIRED: The complete policy to be applied to the `resource`. The size of 598 # the policy is limited to a few 10s of KB. An empty policy is a 599 # valid policy but certain Cloud Platform services (such as Projects) 600 # might reject them. 601 # specify access control policies for Cloud Platform resources. 602 # 603 # 604 # A `Policy` consists of a list of `bindings`. A `binding` binds a list of 605 # `members` to a `role`, where the members can be user accounts, Google groups, 606 # Google domains, and service accounts. A `role` is a named list of permissions 607 # defined by IAM. 608 # 609 # **JSON Example** 610 # 611 # { 612 # "bindings": [ 613 # { 614 # "role": "roles/owner", 615 # "members": [ 616 # "user:mike@example.com", 617 # "group:admins@example.com", 618 # "domain:google.com", 619 # "serviceAccount:my-other-app@appspot.gserviceaccount.com" 620 # ] 621 # }, 622 # { 623 # "role": "roles/viewer", 624 # "members": ["user:sean@example.com"] 625 # } 626 # ] 627 # } 628 # 629 # **YAML Example** 630 # 631 # bindings: 632 # - members: 633 # - user:mike@example.com 634 # - group:admins@example.com 635 # - domain:google.com 636 # - serviceAccount:my-other-app@appspot.gserviceaccount.com 637 # role: roles/owner 638 # - members: 639 # - user:sean@example.com 640 # role: roles/viewer 641 # 642 # 643 # For a description of IAM and its features, see the 644 # [IAM developer's guide](https://cloud.google.com/iam/docs). 645 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. 646 { # Specifies the audit configuration for a service. 647 # The configuration determines which permission types are logged, and what 648 # identities, if any, are exempted from logging. 649 # An AuditConfig must have one or more AuditLogConfigs. 650 # 651 # If there are AuditConfigs for both `allServices` and a specific service, 652 # the union of the two AuditConfigs is used for that service: the log_types 653 # specified in each AuditConfig are enabled, and the exempted_members in each 654 # AuditLogConfig are exempted. 655 # 656 # Example Policy with multiple AuditConfigs: 657 # 658 # { 659 # "audit_configs": [ 660 # { 661 # "service": "allServices" 662 # "audit_log_configs": [ 663 # { 664 # "log_type": "DATA_READ", 665 # "exempted_members": [ 666 # "user:foo@gmail.com" 667 # ] 668 # }, 669 # { 670 # "log_type": "DATA_WRITE", 671 # }, 672 # { 673 # "log_type": "ADMIN_READ", 674 # } 675 # ] 676 # }, 677 # { 678 # "service": "fooservice.googleapis.com" 679 # "audit_log_configs": [ 680 # { 681 # "log_type": "DATA_READ", 682 # }, 683 # { 684 # "log_type": "DATA_WRITE", 685 # "exempted_members": [ 686 # "user:bar@gmail.com" 687 # ] 688 # } 689 # ] 690 # } 691 # ] 692 # } 693 # 694 # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ 695 # logging. It also exempts foo@gmail.com from DATA_READ logging, and 696 # bar@gmail.com from DATA_WRITE logging. 697 "auditLogConfigs": [ # The configuration for logging of each type of permission. 698 { # Provides the configuration for logging a type of permissions. 699 # Example: 700 # 701 # { 702 # "audit_log_configs": [ 703 # { 704 # "log_type": "DATA_READ", 705 # "exempted_members": [ 706 # "user:foo@gmail.com" 707 # ] 708 # }, 709 # { 710 # "log_type": "DATA_WRITE", 711 # } 712 # ] 713 # } 714 # 715 # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting 716 # foo@gmail.com from DATA_READ logging. 717 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of 718 # permission. 719 # Follows the same format of Binding.members. 720 "A String", 721 ], 722 "logType": "A String", # The log type that this config enables. 723 }, 724 ], 725 "service": "A String", # Specifies a service that will be enabled for audit logging. 726 # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. 727 # `allServices` is a special value that covers all services. 728 }, 729 ], 730 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help 731 # prevent simultaneous updates of a policy from overwriting each other. 732 # It is strongly suggested that systems make use of the `etag` in the 733 # read-modify-write cycle to perform policy updates in order to avoid race 734 # conditions: An `etag` is returned in the response to `getIamPolicy`, and 735 # systems are expected to put that etag in the request to `setIamPolicy` to 736 # ensure that their change will be applied to the same version of the policy. 737 # 738 # If no `etag` is provided in the call to `setIamPolicy`, then the existing 739 # policy is overwritten blindly. 740 "bindings": [ # Associates a list of `members` to a `role`. 741 # `bindings` with no members will result in an error. 742 { # Associates `members` with a `role`. 743 "role": "A String", # Role that is assigned to `members`. 744 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 745 "condition": { # Represents an expression text. Example: # The condition that is associated with this binding. 746 # NOTE: An unsatisfied condition will not allow user access via current 747 # binding. Different bindings, including their conditions, are examined 748 # independently. 749 # 750 # title: "User account presence" 751 # description: "Determines whether the request has a user account" 752 # expression: "size(request.user) > 0" 753 "description": "A String", # An optional description of the expression. This is a longer text which 754 # describes the expression, e.g. when hovered over it in a UI. 755 "expression": "A String", # Textual representation of an expression in 756 # Common Expression Language syntax. 757 # 758 # The application context of the containing message determines which 759 # well-known feature set of CEL is supported. 760 "location": "A String", # An optional string indicating the location of the expression for error 761 # reporting, e.g. a file name and a position in the file. 762 "title": "A String", # An optional title for the expression, i.e. a short string describing 763 # its purpose. This can be used e.g. in UIs which allow to enter the 764 # expression. 765 }, 766 "members": [ # Specifies the identities requesting access for a Cloud Platform resource. 767 # `members` can have the following values: 768 # 769 # * `allUsers`: A special identifier that represents anyone who is 770 # on the internet; with or without a Google account. 771 # 772 # * `allAuthenticatedUsers`: A special identifier that represents anyone 773 # who is authenticated with a Google account or a service account. 774 # 775 # * `user:{emailid}`: An email address that represents a specific Google 776 # account. For example, `alice@gmail.com` . 777 # 778 # 779 # * `serviceAccount:{emailid}`: An email address that represents a service 780 # account. For example, `my-other-app@appspot.gserviceaccount.com`. 781 # 782 # * `group:{emailid}`: An email address that represents a Google group. 783 # For example, `admins@example.com`. 784 # 785 # 786 # * `domain:{domain}`: The G Suite domain (primary) that represents all the 787 # users of that domain. For example, `google.com` or `example.com`. 788 # 789 "A String", 790 ], 791 }, 792 ], 793 "version": 42, # Deprecated. 794 }, 795 "updateMask": "A String", # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only 796 # the fields in the mask will be modified. If no mask is provided, the 797 # following default mask is used: 798 # paths: "bindings, etag" 799 # This field is only used by Cloud IAM. 800 } 801 802 x__xgafv: string, V1 error format. 803 Allowed values 804 1 - v1 error format 805 2 - v2 error format 806 807Returns: 808 An object of the form: 809 810 { # Defines an Identity and Access Management (IAM) policy. It is used to 811 # specify access control policies for Cloud Platform resources. 812 # 813 # 814 # A `Policy` consists of a list of `bindings`. A `binding` binds a list of 815 # `members` to a `role`, where the members can be user accounts, Google groups, 816 # Google domains, and service accounts. A `role` is a named list of permissions 817 # defined by IAM. 818 # 819 # **JSON Example** 820 # 821 # { 822 # "bindings": [ 823 # { 824 # "role": "roles/owner", 825 # "members": [ 826 # "user:mike@example.com", 827 # "group:admins@example.com", 828 # "domain:google.com", 829 # "serviceAccount:my-other-app@appspot.gserviceaccount.com" 830 # ] 831 # }, 832 # { 833 # "role": "roles/viewer", 834 # "members": ["user:sean@example.com"] 835 # } 836 # ] 837 # } 838 # 839 # **YAML Example** 840 # 841 # bindings: 842 # - members: 843 # - user:mike@example.com 844 # - group:admins@example.com 845 # - domain:google.com 846 # - serviceAccount:my-other-app@appspot.gserviceaccount.com 847 # role: roles/owner 848 # - members: 849 # - user:sean@example.com 850 # role: roles/viewer 851 # 852 # 853 # For a description of IAM and its features, see the 854 # [IAM developer's guide](https://cloud.google.com/iam/docs). 855 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. 856 { # Specifies the audit configuration for a service. 857 # The configuration determines which permission types are logged, and what 858 # identities, if any, are exempted from logging. 859 # An AuditConfig must have one or more AuditLogConfigs. 860 # 861 # If there are AuditConfigs for both `allServices` and a specific service, 862 # the union of the two AuditConfigs is used for that service: the log_types 863 # specified in each AuditConfig are enabled, and the exempted_members in each 864 # AuditLogConfig are exempted. 865 # 866 # Example Policy with multiple AuditConfigs: 867 # 868 # { 869 # "audit_configs": [ 870 # { 871 # "service": "allServices" 872 # "audit_log_configs": [ 873 # { 874 # "log_type": "DATA_READ", 875 # "exempted_members": [ 876 # "user:foo@gmail.com" 877 # ] 878 # }, 879 # { 880 # "log_type": "DATA_WRITE", 881 # }, 882 # { 883 # "log_type": "ADMIN_READ", 884 # } 885 # ] 886 # }, 887 # { 888 # "service": "fooservice.googleapis.com" 889 # "audit_log_configs": [ 890 # { 891 # "log_type": "DATA_READ", 892 # }, 893 # { 894 # "log_type": "DATA_WRITE", 895 # "exempted_members": [ 896 # "user:bar@gmail.com" 897 # ] 898 # } 899 # ] 900 # } 901 # ] 902 # } 903 # 904 # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ 905 # logging. It also exempts foo@gmail.com from DATA_READ logging, and 906 # bar@gmail.com from DATA_WRITE logging. 907 "auditLogConfigs": [ # The configuration for logging of each type of permission. 908 { # Provides the configuration for logging a type of permissions. 909 # Example: 910 # 911 # { 912 # "audit_log_configs": [ 913 # { 914 # "log_type": "DATA_READ", 915 # "exempted_members": [ 916 # "user:foo@gmail.com" 917 # ] 918 # }, 919 # { 920 # "log_type": "DATA_WRITE", 921 # } 922 # ] 923 # } 924 # 925 # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting 926 # foo@gmail.com from DATA_READ logging. 927 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of 928 # permission. 929 # Follows the same format of Binding.members. 930 "A String", 931 ], 932 "logType": "A String", # The log type that this config enables. 933 }, 934 ], 935 "service": "A String", # Specifies a service that will be enabled for audit logging. 936 # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. 937 # `allServices` is a special value that covers all services. 938 }, 939 ], 940 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help 941 # prevent simultaneous updates of a policy from overwriting each other. 942 # It is strongly suggested that systems make use of the `etag` in the 943 # read-modify-write cycle to perform policy updates in order to avoid race 944 # conditions: An `etag` is returned in the response to `getIamPolicy`, and 945 # systems are expected to put that etag in the request to `setIamPolicy` to 946 # ensure that their change will be applied to the same version of the policy. 947 # 948 # If no `etag` is provided in the call to `setIamPolicy`, then the existing 949 # policy is overwritten blindly. 950 "bindings": [ # Associates a list of `members` to a `role`. 951 # `bindings` with no members will result in an error. 952 { # Associates `members` with a `role`. 953 "role": "A String", # Role that is assigned to `members`. 954 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 955 "condition": { # Represents an expression text. Example: # The condition that is associated with this binding. 956 # NOTE: An unsatisfied condition will not allow user access via current 957 # binding. Different bindings, including their conditions, are examined 958 # independently. 959 # 960 # title: "User account presence" 961 # description: "Determines whether the request has a user account" 962 # expression: "size(request.user) > 0" 963 "description": "A String", # An optional description of the expression. This is a longer text which 964 # describes the expression, e.g. when hovered over it in a UI. 965 "expression": "A String", # Textual representation of an expression in 966 # Common Expression Language syntax. 967 # 968 # The application context of the containing message determines which 969 # well-known feature set of CEL is supported. 970 "location": "A String", # An optional string indicating the location of the expression for error 971 # reporting, e.g. a file name and a position in the file. 972 "title": "A String", # An optional title for the expression, i.e. a short string describing 973 # its purpose. This can be used e.g. in UIs which allow to enter the 974 # expression. 975 }, 976 "members": [ # Specifies the identities requesting access for a Cloud Platform resource. 977 # `members` can have the following values: 978 # 979 # * `allUsers`: A special identifier that represents anyone who is 980 # on the internet; with or without a Google account. 981 # 982 # * `allAuthenticatedUsers`: A special identifier that represents anyone 983 # who is authenticated with a Google account or a service account. 984 # 985 # * `user:{emailid}`: An email address that represents a specific Google 986 # account. For example, `alice@gmail.com` . 987 # 988 # 989 # * `serviceAccount:{emailid}`: An email address that represents a service 990 # account. For example, `my-other-app@appspot.gserviceaccount.com`. 991 # 992 # * `group:{emailid}`: An email address that represents a Google group. 993 # For example, `admins@example.com`. 994 # 995 # 996 # * `domain:{domain}`: The G Suite domain (primary) that represents all the 997 # users of that domain. For example, `google.com` or `example.com`. 998 # 999 "A String", 1000 ], 1001 }, 1002 ], 1003 "version": 42, # Deprecated. 1004 }</pre> 1005</div> 1006 1007<div class="method"> 1008 <code class="details" id="testIamPermissions">testIamPermissions(resource, body, x__xgafv=None)</code> 1009 <pre>Returns permissions that a caller has on the specified resource. 1010If the resource does not exist, this will return an empty set of 1011permissions, not a NOT_FOUND error. 1012 1013There is no permission required to make this API call. 1014 1015Args: 1016 resource: string, REQUIRED: The resource for which the policy detail is being requested. 1017See the operation documentation for the appropriate value for this field. (required) 1018 body: object, The request body. (required) 1019 The object takes the form of: 1020 1021{ # Request message for `TestIamPermissions` method. 1022 "permissions": [ # The set of permissions to check for the `resource`. Permissions with 1023 # wildcards (such as '*' or 'storage.*') are not allowed. For more 1024 # information see 1025 # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). 1026 "A String", 1027 ], 1028 } 1029 1030 x__xgafv: string, V1 error format. 1031 Allowed values 1032 1 - v1 error format 1033 2 - v2 error format 1034 1035Returns: 1036 An object of the form: 1037 1038 { # Response message for `TestIamPermissions` method. 1039 "permissions": [ # A subset of `TestPermissionsRequest.permissions` that the caller is 1040 # allowed. 1041 "A String", 1042 ], 1043 }</pre> 1044</div> 1045 1046</body></html>