Copyright | (c) 2015-2016 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay <brendan.g.hay@gmail.com> |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | None |
Language | Haskell2010 |
Sets the IAM access control policy for the specified Project. Replaces any existing policy. The following constraints apply when using `setIamPolicy()`: + Project does not support `allUsers` and `allAuthenticatedUsers` as `members` in a `Binding` of a `Policy`. + The owner role can be granted only to `user` and `serviceAccount`. + Service accounts can be made owners of a project directly without any restrictions. However, to be added as an owner, a user must be invited via Cloud Platform console and must accept the invitation. + A user cannot be granted the owner role using `setIamPolicy()`. The user must be granted the owner role using the Cloud Platform Console and must explicitly accept the invitation. + Invitations to grant the owner role cannot be sent using `setIamPolicy()`; they must be sent only using the Cloud Platform Console. + Membership changes that leave the project without any owners that have accepted the Terms of Service (ToS) will be rejected. + There must be at least one owner who has accepted the Terms of Service (ToS) agreement in the policy. Calling `setIamPolicy()` to to remove the last ToS-accepted owner from the policy will fail. This restriction also applies to legacy projects that no longer have owners who have accepted the ToS. Edits to IAM policies will be rejected until the lack of a ToS-accepting owner is rectified. + Calling this method requires enabling the App Engine Admin API. Note: Removing service accounts from policies or changing their roles can render services completely inoperable. It is important to understand how the service account is being used before removing or updating its roles.
See: Google Cloud Resource Manager API Reference for cloudresourcemanager.projects.setIamPolicy
.
- type ProjectsSetIAMPolicyResource = "v1" :> ("projects" :> (CaptureMode "resource" "setIamPolicy" Text :> (QueryParam "$.xgafv" Xgafv :> (QueryParam "upload_protocol" Text :> (QueryParam "pp" Bool :> (QueryParam "access_token" Text :> (QueryParam "uploadType" Text :> (QueryParam "bearer_token" Text :> (QueryParam "callback" Text :> (QueryParam "alt" AltJSON :> (ReqBody '[JSON] SetIAMPolicyRequest :> Post '[JSON] Policy)))))))))))
- projectsSetIAMPolicy :: SetIAMPolicyRequest -> Text -> ProjectsSetIAMPolicy
- data ProjectsSetIAMPolicy
- psipXgafv :: Lens' ProjectsSetIAMPolicy (Maybe Xgafv)
- psipUploadProtocol :: Lens' ProjectsSetIAMPolicy (Maybe Text)
- psipPp :: Lens' ProjectsSetIAMPolicy Bool
- psipAccessToken :: Lens' ProjectsSetIAMPolicy (Maybe Text)
- psipUploadType :: Lens' ProjectsSetIAMPolicy (Maybe Text)
- psipPayload :: Lens' ProjectsSetIAMPolicy SetIAMPolicyRequest
- psipBearerToken :: Lens' ProjectsSetIAMPolicy (Maybe Text)
- psipResource :: Lens' ProjectsSetIAMPolicy Text
- psipCallback :: Lens' ProjectsSetIAMPolicy (Maybe Text)
REST Resource
type ProjectsSetIAMPolicyResource = "v1" :> ("projects" :> (CaptureMode "resource" "setIamPolicy" Text :> (QueryParam "$.xgafv" Xgafv :> (QueryParam "upload_protocol" Text :> (QueryParam "pp" Bool :> (QueryParam "access_token" Text :> (QueryParam "uploadType" Text :> (QueryParam "bearer_token" Text :> (QueryParam "callback" Text :> (QueryParam "alt" AltJSON :> (ReqBody '[JSON] SetIAMPolicyRequest :> Post '[JSON] Policy))))))))))) Source #
A resource alias for cloudresourcemanager.projects.setIamPolicy
method which the
ProjectsSetIAMPolicy
request conforms to.
Creating a Request
Creates a value of ProjectsSetIAMPolicy
with the minimum fields required to make a request.
Use one of the following lenses to modify other fields as desired:
data ProjectsSetIAMPolicy Source #
Sets the IAM access control policy for the specified Project. Replaces any existing policy. The following constraints apply when using `setIamPolicy()`: + Project does not support `allUsers` and `allAuthenticatedUsers` as `members` in a `Binding` of a `Policy`. + The owner role can be granted only to `user` and `serviceAccount`. + Service accounts can be made owners of a project directly without any restrictions. However, to be added as an owner, a user must be invited via Cloud Platform console and must accept the invitation. + A user cannot be granted the owner role using `setIamPolicy()`. The user must be granted the owner role using the Cloud Platform Console and must explicitly accept the invitation. + Invitations to grant the owner role cannot be sent using `setIamPolicy()`; they must be sent only using the Cloud Platform Console. + Membership changes that leave the project without any owners that have accepted the Terms of Service (ToS) will be rejected. + There must be at least one owner who has accepted the Terms of Service (ToS) agreement in the policy. Calling `setIamPolicy()` to to remove the last ToS-accepted owner from the policy will fail. This restriction also applies to legacy projects that no longer have owners who have accepted the ToS. Edits to IAM policies will be rejected until the lack of a ToS-accepting owner is rectified. + Calling this method requires enabling the App Engine Admin API. Note: Removing service accounts from policies or changing their roles can render services completely inoperable. It is important to understand how the service account is being used before removing or updating its roles.
See: projectsSetIAMPolicy
smart constructor.
Request Lenses
psipUploadProtocol :: Lens' ProjectsSetIAMPolicy (Maybe Text) Source #
Upload protocol for media (e.g. "raw", "multipart").
psipAccessToken :: Lens' ProjectsSetIAMPolicy (Maybe Text) Source #
OAuth access token.
psipUploadType :: Lens' ProjectsSetIAMPolicy (Maybe Text) Source #
Legacy upload protocol for media (e.g. "media", "multipart").
psipPayload :: Lens' ProjectsSetIAMPolicy SetIAMPolicyRequest Source #
Multipart request metadata.
psipBearerToken :: Lens' ProjectsSetIAMPolicy (Maybe Text) Source #
OAuth bearer token.
psipResource :: Lens' ProjectsSetIAMPolicy Text Source #
REQUIRED: The resource for which the policy is being specified. `resource` is usually specified as a path. For example, a Project resource is specified as `projects/{project}`.
psipCallback :: Lens' ProjectsSetIAMPolicy (Maybe Text) Source #
JSONP