IAM Policy#

PubSub API IAM policy definitions

For allowed roles / permissions, see: https://cloud.google.com/pubsub/access_control#permissions

google.cloud.pubsub.iam.OWNER_ROLE = 'roles/owner'#: Generic role implying all rights to an object.

google.cloud.pubsub.iam.EDITOR_ROLE = 'roles/editor'#: Generic role implying rights to modify an object.

google.cloud.pubsub.iam.VIEWER_ROLE = 'roles/viewer'#: Generic role implying rights to access an object.

google.cloud.pubsub.iam.PUBSUB_ADMIN_ROLE = 'roles/pubsub.admin'#: Role implying all rights to an object.

google.cloud.pubsub.iam.PUBSUB_EDITOR_ROLE = 'roles/pubsub.editor'#: Role implying rights to modify an object.

google.cloud.pubsub.iam.PUBSUB_VIEWER_ROLE = 'roles/pubsub.viewer'#: Role implying rights to access an object.

google.cloud.pubsub.iam.PUBSUB_PUBLISHER_ROLE = 'roles/pubsub.publisher'#: Role implying rights to publish to a topic.

google.cloud.pubsub.iam.PUBSUB_SUBSCRIBER_ROLE = 'roles/pubsub.subscriber'#: Role implying rights to subscribe to a topic.

google.cloud.pubsub.iam.PUBSUB_TOPICS_CONSUME = 'pubsub.topics.consume'#: Permission: consume events from a subscription.

google.cloud.pubsub.iam.PUBSUB_TOPICS_CREATE = 'pubsub.topics.create'#: Permission: create topics.

google.cloud.pubsub.iam.PUBSUB_TOPICS_DELETE = 'pubsub.topics.delete'#: Permission: delete topics.

google.cloud.pubsub.iam.PUBSUB_TOPICS_GET = 'pubsub.topics.get'#: Permission: retrieve topics.

google.cloud.pubsub.iam.PUBSUB_TOPICS_GET_IAM_POLICY = 'pubsub.topics.getIamPolicy'#: Permission: retrieve subscription IAM policies.

google.cloud.pubsub.iam.PUBSUB_TOPICS_LIST = 'pubsub.topics.list'#: Permission: list topics.

google.cloud.pubsub.iam.PUBSUB_TOPICS_SET_IAM_POLICY = 'pubsub.topics.setIamPolicy'#: Permission: update subscription IAM policies.

google.cloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_CONSUME = 'pubsub.subscriptions.consume'#: Permission: consume events from a subscription.

google.cloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_CREATE = 'pubsub.subscriptions.create'#: Permission: create subscriptions.

google.cloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_DELETE = 'pubsub.subscriptions.delete'#: Permission: delete subscriptions.

google.cloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_GET = 'pubsub.subscriptions.get'#: Permission: retrieve subscriptions.

google.cloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_GET_IAM_POLICY = 'pubsub.subscriptions.getIamPolicy'#: Permission: retrieve subscription IAM policies.

google.cloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_LIST = 'pubsub.subscriptions.list'#: Permission: list subscriptions.

google.cloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_SET_IAM_POLICY = 'pubsub.subscriptions.setIamPolicy'#: Permission: update subscription IAM policies.

google.cloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_UPDATE = 'pubsub.subscriptions.update'#: Permission: update subscriptions.

class google.cloud.pubsub.iam.Policy(etag=None, version=None)[source]#

Bases: object

Combined IAM Policy / Bindings.

See: https://cloud.google.com/pubsub/reference/rest/Shared.Types/Policy https://cloud.google.com/pubsub/reference/rest/Shared.Types/Binding

Parameters:	etag (string) – ETag used to identify a unique of the policy version (int) – unique version of the policy

static user(email)[source]#

Factory method for a user member.

Parameters:	email (string) – E-mail for this particular user.
Return type:	string
Returns:	A member string corresponding to the given user.

static service_account(email)[source]#

Factory method for a service account member.

Parameters:	email (string) – E-mail for this particular service account.
Return type:	string
Returns:	A member string corresponding to the given service account.

static group(email)[source]#

Factory method for a group member.

Parameters:	email (string) – An id or e-mail for this particular group.
Return type:	string
Returns:	A member string corresponding to the given group.

static domain(domain)[source]#

Factory method for a domain member.

Parameters:	domain (string) – The domain for this member.
Return type:	string
Returns:	A member string corresponding to the given domain.

static all_users()[source]#

Factory method for a member representing all users.

Return type:	string
Returns:	A member string representing all users.

static authenticated_users()[source]#

Factory method for a member representing all authenticated users.

Return type:	string
Returns:	A member string representing all authenticated users.

classmethod from_api_repr(resource)[source]#

Create a policy from the resource returned from the API.

Parameters:	resource (dict) – resource returned from the `getIamPolicy` API.
Return type:	`Policy`
Returns:	the parsed policy

to_api_repr()[source]#

Construct a Policy resource.

Return type:	dict
Returns:	a resource to be passed to the `setIamPolicy` API.