mixin

Iam

Source: iam.js:21

Get and set IAM policies for your Cloud Storage bucket.

Example 

const {Storage} = require('@google-cloud/storage');
const storage = new Storage();
const bucket = storage.bucket('my-bucket');
// bucket.iam

Methods

getPolicy([options][, callback])
setPolicy(policy[, options], callback)
testPermissions(permissions[, options][, callback])

Methods

getPolicy([options][, callback]) → Promise containing GetPolicyResponse

Get the IAM policy.

Examples 

const {Storage} = require('@google-cloud/storage');
const storage = new Storage();
const bucket = storage.bucket('my-bucket');
bucket.iam.getPolicy(function(err, policy, apiResponse) {});

//-
// If the callback is omitted, we'll return a Promise.
//-
bucket.iam.getPolicy().then(function(data) {
  const policy = data[0];
  const apiResponse = data[1];
});

include:samples/iam.js

region_tag:storage_view_bucket_iam_members
Example of retrieving a bucket's IAM policy:

Parameters

Name Type Optional Description

options

GetPolicyRequest

Yes

Request options.

callback

GetPolicyCallback

Yes

Callback function.
See also

Buckets: setIamPolicy API Documentation

Returns

Promise containing GetPolicyResponse 

setPolicy(policy[, options], callback) → Promise containing SetPolicyResponse

Set the IAM policy.

Examples 

const {Storage} = require('@google-cloud/storage');
const storage = new Storage();
const bucket = storage.bucket('my-bucket');

const myPolicy = {
  bindings: [
    {
      role: 'roles/storage.admin',
      members:
['serviceAccount:myotherproject@appspot.gserviceaccount.com']
    }
  ]
};

bucket.iam.setPolicy(myPolicy, function(err, policy, apiResponse) {});

//-
// If the callback is omitted, we'll return a Promise.
//-
bucket.iam.setPolicy(myPolicy).then(function(data) {
  const policy = data[0];
  const apiResponse = data[1];
});

include:samples/iam.js

region_tag:storage_add_bucket_iam_member
Example of adding to a bucket's IAM policy:

include:samples/iam.js

region_tag:storage_remove_bucket_iam_member
Example of removing from a bucket's IAM policy:

Parameters

Name Type Optional Description

policy

Policy

 

The policy.

options

SetPolicyOptions

Yes

Configuration opbject.

callback

SetPolicyCallback

 

Callback function.
See also

Buckets: setIamPolicy API Documentation

IAM Roles

Throws

Error 

If no policy is provided.

Returns

Promise containing SetPolicyResponse 

testPermissions(permissions[, options][, callback]) → Promise containing TestIamPermissionsResponse

Test a set of permissions for a resource.

Example 

const {Storage} = require('@google-cloud/storage');
const storage = new Storage();
const bucket = storage.bucket('my-bucket');

//-
// Test a single permission.
//-
const test = 'storage.buckets.delete';

bucket.iam.testPermissions(test, function(err, permissions, apiResponse) {
  console.log(permissions);
  // {
  //   "storage.buckets.delete": true
  // }
});

//-
// Test several permissions at once.
//-
const tests = [
  'storage.buckets.delete',
  'storage.buckets.get'
];

bucket.iam.testPermissions(tests, function(err, permissions) {
  console.log(permissions);
  // {
  //   "storage.buckets.delete": false,
  //   "storage.buckets.get": true
  // }
});

//-
// If the callback is omitted, we'll return a Promise.
//-
bucket.iam.testPermissions(test).then(function(data) {
  const permissions = data[0];
  const apiResponse = data[1];
});

Parameters

Name Type Optional Description

permissions

(string or Array of string)

 

The permission(s) to test for.

options

TestIamPermissionsOptions

Yes

Configuration object.

callback

TestIamPermissionsCallback

Yes

Callback function.
See also

Buckets: testIamPermissions API Documentation

Throws

Error 

If permissions are not provided.

Returns

Promise containing TestIamPermissionsResponse