Version History (0.17.0)
Report an Issue

IAM Policy#

PubSub API IAM policy definitions

For allowed roles / permissions, see: https://cloud.google.com/pubsub/access_control#permissions

gcloud.pubsub.iam.OWNER_ROLE = 'roles/owner'#

Generic role implying all rights to an object.

gcloud.pubsub.iam.EDITOR_ROLE = 'roles/editor'#

Generic role implying rights to modify an object.

gcloud.pubsub.iam.VIEWER_ROLE = 'roles/viewer'#

Generic role implying rights to access an object.

gcloud.pubsub.iam.PUBSUB_ADMIN_ROLE = 'roles/pubsub.admin'#

Role implying all rights to an object.

gcloud.pubsub.iam.PUBSUB_EDITOR_ROLE = 'roles/pubsub.editor'#

Role implying rights to modify an object.

gcloud.pubsub.iam.PUBSUB_VIEWER_ROLE = 'roles/pubsub.viewer'#

Role implying rights to access an object.

gcloud.pubsub.iam.PUBSUB_PUBLISHER_ROLE = 'roles/pubsub.publisher'#

Role implying rights to publish to a topic.

gcloud.pubsub.iam.PUBSUB_SUBSCRIBER_ROLE = 'roles/pubsub.subscriber'#

Role implying rights to subscribe to a topic.

gcloud.pubsub.iam.PUBSUB_TOPICS_CONSUME = 'pubsub.topics.consume'#

Permission: consume events from a subscription.

gcloud.pubsub.iam.PUBSUB_TOPICS_CREATE = 'pubsub.topics.create'#

Permission: create topics.

gcloud.pubsub.iam.PUBSUB_TOPICS_DELETE = 'pubsub.topics.delete'#

Permission: delete topics.

gcloud.pubsub.iam.PUBSUB_TOPICS_GET = 'pubsub.topics.get'#

Permission: retrieve topics.

gcloud.pubsub.iam.PUBSUB_TOPICS_GET_IAM_POLICY = 'pubsub.topics.getIamPolicy'#

Permission: retrieve subscription IAM policies.

gcloud.pubsub.iam.PUBSUB_TOPICS_LIST = 'pubsub.topics.list'#

Permission: list topics.

gcloud.pubsub.iam.PUBSUB_TOPICS_SET_IAM_POLICY = 'pubsub.topics.setIamPolicy'#

Permission: update subscription IAM policies.

gcloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_CONSUME = 'pubsub.subscriptions.consume'#

Permission: consume events from a subscription.

gcloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_CREATE = 'pubsub.subscriptions.create'#

Permission: create subscriptions.

gcloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_DELETE = 'pubsub.subscriptions.delete'#

Permission: delete subscriptions.

gcloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_GET = 'pubsub.subscriptions.get'#

Permission: retrieve subscriptions.

gcloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_GET_IAM_POLICY = 'pubsub.subscriptions.getIamPolicy'#

Permission: retrieve subscription IAM policies.

gcloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_LIST = 'pubsub.subscriptions.list'#

Permission: list subscriptions.

gcloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_SET_IAM_POLICY = 'pubsub.subscriptions.setIamPolicy'#

Permission: update subscription IAM policies.

gcloud.pubsub.iam.PUBSUB_SUBSCRIPTIONS_UPDATE = 'pubsub.subscriptions.update'#

Permission: update subscriptions.

class gcloud.pubsub.iam.Policy(etag=None, version=None)[source]#

Bases: object

Combined IAM Policy / Bindings.

See: https://cloud.google.com/pubsub/reference/rest/Shared.Types/Policy https://cloud.google.com/pubsub/reference/rest/Shared.Types/Binding

Parameters:
  • etag (string) – ETag used to identify a unique of the policy
  • version (int) – unique version of the policy
static user(email)[source]#

Factory method for a user member.

Parameters:email (string) – E-mail for this particular user.
Return type:string
Returns:A member string corresponding to the given user.
static service_account(email)[source]#

Factory method for a service account member.

Parameters:email (string) – E-mail for this particular service account.
Return type:string
Returns:A member string corresponding to the given service account.
static group(email)[source]#

Factory method for a group member.

Parameters:email (string) – An id or e-mail for this particular group.
Return type:string
Returns:A member string corresponding to the given group.
static domain(domain)[source]#

Factory method for a domain member.

Parameters:domain (string) – The domain for this member.
Return type:string
Returns:A member string corresponding to the given domain.
static all_users()[source]#

Factory method for a member representing all users.

Return type:string
Returns:A member string representing all users.
static authenticated_users()[source]#

Factory method for a member representing all authenticated users.

Return type:string
Returns:A member string representing all authenticated users.
classmethod from_api_repr(resource)[source]#

Create a policy from the resource returned from the API.

Parameters:resource (dict) – resource returned from the getIamPolicy API.
Return type:Policy
Returns:the parsed policy
to_api_repr()[source]#

Construct a Policy resource.

Return type:dict
Returns:a resource to be passed to the setIamPolicy API.