@maxim_mazurok/gapi.client.iam-v1
v0.0.20241114
Published
TypeScript typings for Identity and Access Management (IAM) API v1
Downloads
4,574
Readme
TypeScript typings for Identity and Access Management (IAM) API v1
Manages identity and access control for Google Cloud resources, including the creation of service accounts, which you can use to authenticate to Google and make API calls. Enabling this API also enables the IAM Service Account Credentials API (iamcredentials.googleapis.com). However, disabling this API doesn't disable the IAM Service Account Credentials API. For detailed description please check documentation.
Installing
Install typings for Identity and Access Management (IAM) API:
npm install @types/gapi.client.iam-v1 --save-dev
Usage
You need to initialize Google API client in your code:
gapi.load('client', () => {
// now we can use gapi.client
// ...
});
Then load api client wrapper:
gapi.client.load(
'https://iam.googleapis.com/$discovery/rest?version=v1',
() => {
// now we can use:
// gapi.client.iam
}
);
// Deprecated, use discovery document URL, see https://github.com/google/google-api-javascript-client/blob/master/docs/reference.md#----gapiclientloadname----version----callback--
gapi.client.load('iam', 'v1', () => {
// now we can use:
// gapi.client.iam
});
Don't forget to authenticate your client before sending any request to resources:
// declare client_id registered in Google Developers Console
var client_id = '',
scope = [
// See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.
'https://www.googleapis.com/auth/cloud-platform',
],
immediate = true;
// ...
gapi.auth.authorize(
{client_id: client_id, scope: scope, immediate: immediate},
authResult => {
if (authResult && !authResult.error) {
/* handle successful authorization */
} else {
/* handle authorization error */
}
}
);
After that you can use Identity and Access Management (IAM) API resources:
/*
Lints, or validates, an IAM policy. Currently checks the google.iam.v1.Binding.condition field, which contains a condition expression for a role binding. Successful calls to this method always return an HTTP `200 OK` status code, even if the linter detects an issue in the IAM policy.
*/
await gapi.client.iam.iamPolicies.lintPolicy({});
/*
Returns a list of services that allow you to opt into audit logs that are not generated by default. To learn more about audit logs, see the [Logging documentation](https://cloud.google.com/logging/docs/audit).
*/
await gapi.client.iam.iamPolicies.queryAuditableServices({});
/*
Lists every permission that you can test on a resource. A permission is testable if you can check whether a principal has that permission on the resource.
*/
await gapi.client.iam.permissions.queryTestablePermissions({});
/*
Gets the definition of a Role.
*/
await gapi.client.iam.roles.get({name: 'name'});
/*
Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.
*/
await gapi.client.iam.roles.list({});
/*
Lists roles that can be granted on a Google Cloud resource. A role is grantable if the IAM policy for the resource can contain bindings to the role.
*/
await gapi.client.iam.roles.queryGrantableRoles({});