1<html><body> 2<style> 3 4body, h1, h2, h3, div, span, p, pre, a { 5 margin: 0; 6 padding: 0; 7 border: 0; 8 font-weight: inherit; 9 font-style: inherit; 10 font-size: 100%; 11 font-family: inherit; 12 vertical-align: baseline; 13} 14 15body { 16 font-size: 13px; 17 padding: 1em; 18} 19 20h1 { 21 font-size: 26px; 22 margin-bottom: 1em; 23} 24 25h2 { 26 font-size: 24px; 27 margin-bottom: 1em; 28} 29 30h3 { 31 font-size: 20px; 32 margin-bottom: 1em; 33 margin-top: 1em; 34} 35 36pre, code { 37 line-height: 1.5; 38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; 39} 40 41pre { 42 margin-top: 0.5em; 43} 44 45h1, h2, h3, p { 46 font-family: Arial, sans serif; 47} 48 49h1, h2, h3 { 50 border-bottom: solid #CCC 1px; 51} 52 53.toc_element { 54 margin-top: 0.5em; 55} 56 57.firstline { 58 margin-left: 2 em; 59} 60 61.method { 62 margin-top: 1em; 63 border: solid 1px #CCC; 64 padding: 1em; 65 background: #EEE; 66} 67 68.details { 69 font-weight: bold; 70 font-size: 14px; 71} 72 73</style> 74 75<h1><a href="iam_v1.html">Identity and Access Management (IAM) API</a> . <a href="iam_v1.organizations.html">organizations</a> . <a href="iam_v1.organizations.roles.html">roles</a></h1> 76<h2>Instance Methods</h2> 77<p class="toc_element"> 78 <code><a href="#create">create(parent, body, x__xgafv=None)</a></code></p> 79<p class="firstline">Creates a new Role.</p> 80<p class="toc_element"> 81 <code><a href="#delete">delete(name, etag=None, x__xgafv=None)</a></code></p> 82<p class="firstline">Soft deletes a role. The role is suspended and cannot be used to create new</p> 83<p class="toc_element"> 84 <code><a href="#get">get(name, x__xgafv=None)</a></code></p> 85<p class="firstline">Gets a Role definition.</p> 86<p class="toc_element"> 87 <code><a href="#list">list(parent, pageSize=None, showDeleted=None, pageToken=None, x__xgafv=None, view=None)</a></code></p> 88<p class="firstline">Lists the Roles defined on a resource.</p> 89<p class="toc_element"> 90 <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p> 91<p class="firstline">Retrieves the next page of results.</p> 92<p class="toc_element"> 93 <code><a href="#patch">patch(name, body, updateMask=None, x__xgafv=None)</a></code></p> 94<p class="firstline">Updates a Role definition.</p> 95<p class="toc_element"> 96 <code><a href="#undelete">undelete(name, body, x__xgafv=None)</a></code></p> 97<p class="firstline">Undelete a Role, bringing it back in its previous state.</p> 98<h3>Method Details</h3> 99<div class="method"> 100 <code class="details" id="create">create(parent, body, x__xgafv=None)</code> 101 <pre>Creates a new Role. 102 103Args: 104 parent: string, The resource name of the parent resource in one of the following formats: 105`organizations/{ORGANIZATION_ID}` 106`projects/{PROJECT_ID}` (required) 107 body: object, The request body. (required) 108 The object takes the form of: 109 110{ # The request to create a new role. 111 "roleId": "A String", # The role id to use for this role. 112 "role": { # A role in the Identity and Access Management API. # The Role resource to create. 113 "description": "A String", # Optional. A human-readable description for the role. 114 "title": "A String", # Optional. A human-readable title for the role. Typically this 115 # is limited to 100 UTF-8 bytes. 116 "deleted": True or False, # The current deleted state of the role. This field is read only. 117 # It will be ignored in calls to CreateRole and UpdateRole. 118 "etag": "A String", # Used to perform a consistent read-modify-write. 119 "includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy. 120 "A String", 121 ], 122 "stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been 123 # selected for a role, the `stage` field will not be included in the 124 # returned definition for the role. 125 "name": "A String", # The name of the role. 126 # 127 # When Role is used in CreateRole, the role name must not be set. 128 # 129 # When Role is used in output and other input such as UpdateRole, the role 130 # name is the complete path, e.g., roles/logging.viewer for curated roles 131 # and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles. 132 }, 133 } 134 135 x__xgafv: string, V1 error format. 136 Allowed values 137 1 - v1 error format 138 2 - v2 error format 139 140Returns: 141 An object of the form: 142 143 { # A role in the Identity and Access Management API. 144 "description": "A String", # Optional. A human-readable description for the role. 145 "title": "A String", # Optional. A human-readable title for the role. Typically this 146 # is limited to 100 UTF-8 bytes. 147 "deleted": True or False, # The current deleted state of the role. This field is read only. 148 # It will be ignored in calls to CreateRole and UpdateRole. 149 "etag": "A String", # Used to perform a consistent read-modify-write. 150 "includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy. 151 "A String", 152 ], 153 "stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been 154 # selected for a role, the `stage` field will not be included in the 155 # returned definition for the role. 156 "name": "A String", # The name of the role. 157 # 158 # When Role is used in CreateRole, the role name must not be set. 159 # 160 # When Role is used in output and other input such as UpdateRole, the role 161 # name is the complete path, e.g., roles/logging.viewer for curated roles 162 # and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles. 163 }</pre> 164</div> 165 166<div class="method"> 167 <code class="details" id="delete">delete(name, etag=None, x__xgafv=None)</code> 168 <pre>Soft deletes a role. The role is suspended and cannot be used to create new 169IAM Policy Bindings. 170The Role will not be included in `ListRoles()` unless `show_deleted` is set 171in the `ListRolesRequest`. The Role contains the deleted boolean set. 172Existing Bindings remains, but are inactive. The Role can be undeleted 173within 7 days. After 7 days the Role is deleted and all Bindings associated 174with the role are removed. 175 176Args: 177 name: string, The resource name of the role in one of the following formats: 178`organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME}` 179`projects/{PROJECT_ID}/roles/{ROLE_NAME}` (required) 180 etag: string, Used to perform a consistent read-modify-write. 181 x__xgafv: string, V1 error format. 182 Allowed values 183 1 - v1 error format 184 2 - v2 error format 185 186Returns: 187 An object of the form: 188 189 { # A role in the Identity and Access Management API. 190 "description": "A String", # Optional. A human-readable description for the role. 191 "title": "A String", # Optional. A human-readable title for the role. Typically this 192 # is limited to 100 UTF-8 bytes. 193 "deleted": True or False, # The current deleted state of the role. This field is read only. 194 # It will be ignored in calls to CreateRole and UpdateRole. 195 "etag": "A String", # Used to perform a consistent read-modify-write. 196 "includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy. 197 "A String", 198 ], 199 "stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been 200 # selected for a role, the `stage` field will not be included in the 201 # returned definition for the role. 202 "name": "A String", # The name of the role. 203 # 204 # When Role is used in CreateRole, the role name must not be set. 205 # 206 # When Role is used in output and other input such as UpdateRole, the role 207 # name is the complete path, e.g., roles/logging.viewer for curated roles 208 # and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles. 209 }</pre> 210</div> 211 212<div class="method"> 213 <code class="details" id="get">get(name, x__xgafv=None)</code> 214 <pre>Gets a Role definition. 215 216Args: 217 name: string, The resource name of the role in one of the following formats: 218`roles/{ROLE_NAME}` 219`organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME}` 220`projects/{PROJECT_ID}/roles/{ROLE_NAME}` (required) 221 x__xgafv: string, V1 error format. 222 Allowed values 223 1 - v1 error format 224 2 - v2 error format 225 226Returns: 227 An object of the form: 228 229 { # A role in the Identity and Access Management API. 230 "description": "A String", # Optional. A human-readable description for the role. 231 "title": "A String", # Optional. A human-readable title for the role. Typically this 232 # is limited to 100 UTF-8 bytes. 233 "deleted": True or False, # The current deleted state of the role. This field is read only. 234 # It will be ignored in calls to CreateRole and UpdateRole. 235 "etag": "A String", # Used to perform a consistent read-modify-write. 236 "includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy. 237 "A String", 238 ], 239 "stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been 240 # selected for a role, the `stage` field will not be included in the 241 # returned definition for the role. 242 "name": "A String", # The name of the role. 243 # 244 # When Role is used in CreateRole, the role name must not be set. 245 # 246 # When Role is used in output and other input such as UpdateRole, the role 247 # name is the complete path, e.g., roles/logging.viewer for curated roles 248 # and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles. 249 }</pre> 250</div> 251 252<div class="method"> 253 <code class="details" id="list">list(parent, pageSize=None, showDeleted=None, pageToken=None, x__xgafv=None, view=None)</code> 254 <pre>Lists the Roles defined on a resource. 255 256Args: 257 parent: string, The resource name of the parent resource in one of the following formats: 258`` (empty string) -- this refers to curated roles. 259`organizations/{ORGANIZATION_ID}` 260`projects/{PROJECT_ID}` (required) 261 pageSize: integer, Optional limit on the number of roles to include in the response. 262 showDeleted: boolean, Include Roles that have been deleted. 263 pageToken: string, Optional pagination token returned in an earlier ListRolesResponse. 264 x__xgafv: string, V1 error format. 265 Allowed values 266 1 - v1 error format 267 2 - v2 error format 268 view: string, Optional view for the returned Role objects. When `FULL` is specified, 269the `includedPermissions` field is returned, which includes a list of all 270permissions in the role. The default value is `BASIC`, which does not 271return the `includedPermissions` field. 272 273Returns: 274 An object of the form: 275 276 { # The response containing the roles defined under a resource. 277 "nextPageToken": "A String", # To retrieve the next page of results, set 278 # `ListRolesRequest.page_token` to this value. 279 "roles": [ # The Roles defined on this resource. 280 { # A role in the Identity and Access Management API. 281 "description": "A String", # Optional. A human-readable description for the role. 282 "title": "A String", # Optional. A human-readable title for the role. Typically this 283 # is limited to 100 UTF-8 bytes. 284 "deleted": True or False, # The current deleted state of the role. This field is read only. 285 # It will be ignored in calls to CreateRole and UpdateRole. 286 "etag": "A String", # Used to perform a consistent read-modify-write. 287 "includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy. 288 "A String", 289 ], 290 "stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been 291 # selected for a role, the `stage` field will not be included in the 292 # returned definition for the role. 293 "name": "A String", # The name of the role. 294 # 295 # When Role is used in CreateRole, the role name must not be set. 296 # 297 # When Role is used in output and other input such as UpdateRole, the role 298 # name is the complete path, e.g., roles/logging.viewer for curated roles 299 # and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles. 300 }, 301 ], 302 }</pre> 303</div> 304 305<div class="method"> 306 <code class="details" id="list_next">list_next(previous_request, previous_response)</code> 307 <pre>Retrieves the next page of results. 308 309Args: 310 previous_request: The request for the previous page. (required) 311 previous_response: The response from the request for the previous page. (required) 312 313Returns: 314 A request object that you can call 'execute()' on to request the next 315 page. Returns None if there are no more items in the collection. 316 </pre> 317</div> 318 319<div class="method"> 320 <code class="details" id="patch">patch(name, body, updateMask=None, x__xgafv=None)</code> 321 <pre>Updates a Role definition. 322 323Args: 324 name: string, The resource name of the role in one of the following formats: 325`roles/{ROLE_NAME}` 326`organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME}` 327`projects/{PROJECT_ID}/roles/{ROLE_NAME}` (required) 328 body: object, The request body. (required) 329 The object takes the form of: 330 331{ # A role in the Identity and Access Management API. 332 "description": "A String", # Optional. A human-readable description for the role. 333 "title": "A String", # Optional. A human-readable title for the role. Typically this 334 # is limited to 100 UTF-8 bytes. 335 "deleted": True or False, # The current deleted state of the role. This field is read only. 336 # It will be ignored in calls to CreateRole and UpdateRole. 337 "etag": "A String", # Used to perform a consistent read-modify-write. 338 "includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy. 339 "A String", 340 ], 341 "stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been 342 # selected for a role, the `stage` field will not be included in the 343 # returned definition for the role. 344 "name": "A String", # The name of the role. 345 # 346 # When Role is used in CreateRole, the role name must not be set. 347 # 348 # When Role is used in output and other input such as UpdateRole, the role 349 # name is the complete path, e.g., roles/logging.viewer for curated roles 350 # and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles. 351} 352 353 updateMask: string, A mask describing which fields in the Role have changed. 354 x__xgafv: string, V1 error format. 355 Allowed values 356 1 - v1 error format 357 2 - v2 error format 358 359Returns: 360 An object of the form: 361 362 { # A role in the Identity and Access Management API. 363 "description": "A String", # Optional. A human-readable description for the role. 364 "title": "A String", # Optional. A human-readable title for the role. Typically this 365 # is limited to 100 UTF-8 bytes. 366 "deleted": True or False, # The current deleted state of the role. This field is read only. 367 # It will be ignored in calls to CreateRole and UpdateRole. 368 "etag": "A String", # Used to perform a consistent read-modify-write. 369 "includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy. 370 "A String", 371 ], 372 "stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been 373 # selected for a role, the `stage` field will not be included in the 374 # returned definition for the role. 375 "name": "A String", # The name of the role. 376 # 377 # When Role is used in CreateRole, the role name must not be set. 378 # 379 # When Role is used in output and other input such as UpdateRole, the role 380 # name is the complete path, e.g., roles/logging.viewer for curated roles 381 # and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles. 382 }</pre> 383</div> 384 385<div class="method"> 386 <code class="details" id="undelete">undelete(name, body, x__xgafv=None)</code> 387 <pre>Undelete a Role, bringing it back in its previous state. 388 389Args: 390 name: string, The resource name of the role in one of the following formats: 391`organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME}` 392`projects/{PROJECT_ID}/roles/{ROLE_NAME}` (required) 393 body: object, The request body. (required) 394 The object takes the form of: 395 396{ # The request to undelete an existing role. 397 "etag": "A String", # Used to perform a consistent read-modify-write. 398 } 399 400 x__xgafv: string, V1 error format. 401 Allowed values 402 1 - v1 error format 403 2 - v2 error format 404 405Returns: 406 An object of the form: 407 408 { # A role in the Identity and Access Management API. 409 "description": "A String", # Optional. A human-readable description for the role. 410 "title": "A String", # Optional. A human-readable title for the role. Typically this 411 # is limited to 100 UTF-8 bytes. 412 "deleted": True or False, # The current deleted state of the role. This field is read only. 413 # It will be ignored in calls to CreateRole and UpdateRole. 414 "etag": "A String", # Used to perform a consistent read-modify-write. 415 "includedPermissions": [ # The names of the permissions this role grants when bound in an IAM policy. 416 "A String", 417 ], 418 "stage": "A String", # The current launch stage of the role. If the `ALPHA` launch stage has been 419 # selected for a role, the `stage` field will not be included in the 420 # returned definition for the role. 421 "name": "A String", # The name of the role. 422 # 423 # When Role is used in CreateRole, the role name must not be set. 424 # 425 # When Role is used in output and other input such as UpdateRole, the role 426 # name is the complete path, e.g., roles/logging.viewer for curated roles 427 # and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles. 428 }</pre> 429</div> 430 431</body></html>