Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

API

Manages IoT core roles and permissions.

Methods

queryGrantableRoles

GET /api/v/4/webhook/execute/{adminSystemKey}/policy?method=queryGrantableRoles
List all grantable roles on a specified resource.

getIamPolicy

POST /api/v/4/webhook/execute/{adminSystemKey}/policy?method=getIamPolicy
Get the IAM policy for a specified resource.

setIamPolicy

POST /api/v/4/webhook/execute/{adminSystemKey}/policy?method=setIamPolicy
Set the IAM policy for a specified resource.

testIamPermissions

DELETE /api/v/4/webhook/execute/{adminSystemKey}/policy?method=testIamPermissions
Test whether a user has a list of permissions for a specified resource.

CbPolicy and CbBinding

type CbPolicy = CbBinding[]

type CbBinding = {
  role_id: string;
  members: {
    principal_type: "user" | "serviceAccount";
    principal: string;    
  }[]
}

Fields

role_id

The role to which the list of members are assigned.

members[]

A list of principals that are assigned to the role in the binding.

principal is the email of the principal.

principal_type indicates the kind of principal, such as a user or a service account.

IOTRole

interface IOTRole {
  id: string;
  name: string;
  permissions: string[];
  is_custom: boolean;
  description?: string;
  project_id: string;
}

Fields

id

The unique identifier of the role.

name

The user-readable label of the role.

permissions

A list of permissions that principals receive when assigned this role.

is_custom

Whether the role is built-in to IoT core or user-created. (User-created roles are not yet supported)

description

An optional description of the capabilities the role allows for principals.

project_id

The unique identifier for the project where this role is assignable.

  • No labels