Versions Compared

Old Version 3

changes.mady.by.user Sasa Pettyjohn

Saved on

compared with

New Version Current

changes.mady.by.user Jeff Slavin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Child pages (Children Display)

API

Manages IoT core Core roles and permissions.

Methods

queryGrantableRoles

GET /api/v/4/webhook/execute/{adminSystemKey}/policy?method=queryGrantableRoles
List all grantable roles on a specified resource.

getIamPolicy

POST GET /api/v/4/webhook/execute/{adminSystemKey}/policy?method=getIamPolicy
Get the a specified resource’s IAM policy for a specified resource.

setIamPolicy

POST PUT /api/v/4/webhook/execute/{adminSystemKey}/policy?method=setIamPolicy
Set the a specified resource’s IAM policy for a specified resource.

testIamPermissions

DELETE POST /api/v/4/webhook/execute/{adminSystemKey}/policy?method=testIamPermissions
Test whether a user has a list of permissions for a specified resource.

CbPolicy

...

Anchor
CbPolicy
CbPolicy

Code Block
languagetypescript
type CbPolicy = CbBinding[]

type CbBinding = {
  role_id: string;
  members: {
    principal_type: "user" | "serviceAccount";
    principal: string;    
  }[]
}

Fields

role_id

The role to which the list of members are assigned.

members[]

A list of principals that are assigned to the role in the binding.

principal is the principal’s email of the principal.

principal_type indicates is the kind of principal, such as a user or a service account.

IOTRole
Anchor
IOTRole
IOTRole

Code Block
languagetypescript
interface IOTRole {
  id: string;
  name: string;
  permissions: string[];
  is_custom: boolean;
  description?: string;
  project_id: string;
}

Fields

id

The role’s unique identifier.

name

The role’s user-readable label.

permissions

A list of permissions that principals receive when assigned this role.

is_custom

Whether the role is built-in to IoT Core or user-created. User-created roles are not yet supported.

description

An optional description of the capabilities the role allows for principals.

project_id

The project’s unique identifier where this role is assignable.