Boundary Controller HTTP API

Role Service

List RolesGET/v1/roles

Lists all Roles.

Query Parameters

scope_id string

recursive boolean

filter string

Successful Response

items object[]

Role contains all fields related to a Role resource

id string

Output only. The ID of the Role.

scope_id string

The ID of the Scope containing this Role.

scope object

Output only. Scope information for this resource.

id string

Output only. The ID of the Scope.

type string

Output only. The type of the Scope.

name string

Output only. The name of the Scope, if any.

description string

Output only. The description of the Scope, if any.

parent_scope_id string

Output only. The ID of the parent Scope, if any. This field will be empty if this is the "global" scope.

name string

Optional name for identification purposes.

description string

Optional user-set description for identification purposes.

created_time string

Output only. The time this resource was created.

updated_time string

Output only. The time this resource was last updated.

version integer

Version is used in mutation requests, after the initial creation, to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

grant_scope_id string

The Scope the grants will apply to. If the Role is at the global scope, this can be an org or project. If the Role is at an org scope, this can be a project within the org. It is invalid for this to be anything other than the Role's scope when the Role's scope is a project.

principal_ids string[]

principals object[]

id string

Output only. The ID of the principal.

type string

Output only. The type of the principal.

scope_id string

Output only. The Scope of the principal.

grant_strings string[]

grants object[]

raw string

Output only. The original user-supplied string.

canonical string

Output only. The canonically-formatted string.

json object

Output only. The JSON representation of the grant.

id string

Output only. The ID, if set.

type string

Output only. The type, if set.

actions string[]

authorized_actions string[]

Create RolePOST/v1/roles

Creates a single Role.

Body Parameters

scope_id string

The ID of the Scope containing this Role.

name string

Optional name for identification purposes.

description string

Optional user-set description for identification purposes.

version integer

Version is used in mutation requests, after the initial creation, to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

grant_scope_id string

Successful Response

id string

Output only. The ID of the Role.

scope_id string

The ID of the Scope containing this Role.

scope object

Output only. Scope information for this resource.

id string

Output only. The ID of the Scope.

type string

Output only. The type of the Scope.

name string

Output only. The name of the Scope, if any.

description string

Output only. The description of the Scope, if any.

parent_scope_id string

Output only. The ID of the parent Scope, if any. This field will be empty if this is the "global" scope.

name string

Optional name for identification purposes.

description string

Optional user-set description for identification purposes.

created_time string

Output only. The time this resource was created.

updated_time string

Output only. The time this resource was last updated.

version integer

Version is used in mutation requests, after the initial creation, to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

grant_scope_id string

principal_ids string[]

principals object[]

id string

Output only. The ID of the principal.

type string

Output only. The type of the principal.

scope_id string

Output only. The Scope of the principal.

grant_strings string[]

grants object[]

raw string

Output only. The original user-supplied string.

canonical string

Output only. The canonically-formatted string.

json object

Output only. The JSON representation of the grant.

id string

Output only. The ID, if set.

type string

Output only. The type, if set.

actions string[]

authorized_actions string[]

Get RoleGET/v1/roles/{id}

Gets a single Role.

Path Parameters

id string

Successful Response

id string

Output only. The ID of the Role.

scope_id string

The ID of the Scope containing this Role.

scope object

Output only. Scope information for this resource.

id string

Output only. The ID of the Scope.

type string

Output only. The type of the Scope.

name string

Output only. The name of the Scope, if any.

description string

Output only. The description of the Scope, if any.

parent_scope_id string

Output only. The ID of the parent Scope, if any. This field will be empty if this is the "global" scope.

name string

Optional name for identification purposes.

description string

Optional user-set description for identification purposes.

created_time string

Output only. The time this resource was created.

updated_time string

Output only. The time this resource was last updated.

version integer

Version is used in mutation requests, after the initial creation, to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

grant_scope_id string

principal_ids string[]

principals object[]

id string

Output only. The ID of the principal.

type string

Output only. The type of the principal.

scope_id string

Output only. The Scope of the principal.

grant_strings string[]

grants object[]

raw string

Output only. The original user-supplied string.

canonical string

Output only. The canonically-formatted string.

json object

Output only. The JSON representation of the grant.

id string

Output only. The ID, if set.

type string

Output only. The type, if set.

actions string[]

authorized_actions string[]

Delete RoleDELETE/v1/roles/{id}

Deletes a Role.

Path Parameters

id string

Update RolePATCH/v1/roles/{id}

Updates a Role.

Path Parameters

id string

Query Parameters

update_mask string

Body Parameters

scope_id string

The ID of the Scope containing this Role.

name string

Optional name for identification purposes.

description string

Optional user-set description for identification purposes.

version integer

Version is used in mutation requests, after the initial creation, to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

grant_scope_id string

Successful Response

id string

Output only. The ID of the Role.

scope_id string

The ID of the Scope containing this Role.

scope object

Output only. Scope information for this resource.

id string

Output only. The ID of the Scope.

type string

Output only. The type of the Scope.

name string

Output only. The name of the Scope, if any.

description string

Output only. The description of the Scope, if any.

parent_scope_id string

Output only. The ID of the parent Scope, if any. This field will be empty if this is the "global" scope.

name string

Optional name for identification purposes.

description string

Optional user-set description for identification purposes.

created_time string

Output only. The time this resource was created.

updated_time string

Output only. The time this resource was last updated.

version integer

Version is used in mutation requests, after the initial creation, to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

grant_scope_id string

principal_ids string[]

principals object[]

id string

Output only. The ID of the principal.

type string

Output only. The type of the principal.

scope_id string

Output only. The Scope of the principal.

grant_strings string[]

grants object[]

raw string

Output only. The original user-supplied string.

canonical string

Output only. The canonically-formatted string.

json object

Output only. The JSON representation of the grant.

id string

Output only. The ID, if set.

type string

Output only. The type, if set.

actions string[]

authorized_actions string[]

Add Role GrantsPOST/v1/roles/{id}:add-grants

Adds grants to a Role

Path Parameters

id string

Body Parameters

version integer

Version is used to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

grant_strings string[]

Successful Response

id string

Output only. The ID of the Role.

scope_id string

The ID of the Scope containing this Role.

scope object

Output only. Scope information for this resource.

id string

Output only. The ID of the Scope.

type string

Output only. The type of the Scope.

name string

Output only. The name of the Scope, if any.

description string

Output only. The description of the Scope, if any.

parent_scope_id string

Output only. The ID of the parent Scope, if any. This field will be empty if this is the "global" scope.

name string

Optional name for identification purposes.

description string

Optional user-set description for identification purposes.

created_time string

Output only. The time this resource was created.

updated_time string

Output only. The time this resource was last updated.

version integer

Version is used in mutation requests, after the initial creation, to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

grant_scope_id string

principal_ids string[]

principals object[]

id string

Output only. The ID of the principal.

type string

Output only. The type of the principal.

scope_id string

Output only. The Scope of the principal.

grant_strings string[]

grants object[]

raw string

Output only. The original user-supplied string.

canonical string

Output only. The canonically-formatted string.

json object

Output only. The JSON representation of the grant.

id string

Output only. The ID, if set.

type string

Output only. The type, if set.

actions string[]

authorized_actions string[]

Add Role PrincipalsPOST/v1/roles/{id}:add-principals

Adds Users and/or Groups to a Role.

Path Parameters

id string

Body Parameters

version integer

Version is used to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

principal_ids string[]

Successful Response

id string

Output only. The ID of the Role.

scope_id string

The ID of the Scope containing this Role.

scope object

Output only. Scope information for this resource.

id string

Output only. The ID of the Scope.

type string

Output only. The type of the Scope.

name string

Output only. The name of the Scope, if any.

description string

Output only. The description of the Scope, if any.

parent_scope_id string

Output only. The ID of the parent Scope, if any. This field will be empty if this is the "global" scope.

name string

Optional name for identification purposes.

description string

Optional user-set description for identification purposes.

created_time string

Output only. The time this resource was created.

updated_time string

Output only. The time this resource was last updated.

version integer

Version is used in mutation requests, after the initial creation, to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

grant_scope_id string

principal_ids string[]

principals object[]

id string

Output only. The ID of the principal.

type string

Output only. The type of the principal.

scope_id string

Output only. The Scope of the principal.

grant_strings string[]

grants object[]

raw string

Output only. The original user-supplied string.

canonical string

Output only. The canonically-formatted string.

json object

Output only. The JSON representation of the grant.

id string

Output only. The ID, if set.

type string

Output only. The type, if set.

actions string[]

authorized_actions string[]

Remove Role GrantsPOST/v1/roles/{id}:remove-grants

Removes grants from a Role.

Path Parameters

id string

Body Parameters

version integer

Version is used to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

grant_strings string[]

Successful Response

id string

Output only. The ID of the Role.

scope_id string

The ID of the Scope containing this Role.

scope object

Output only. Scope information for this resource.

id string

Output only. The ID of the Scope.

type string

Output only. The type of the Scope.

name string

Output only. The name of the Scope, if any.

description string

Output only. The description of the Scope, if any.

parent_scope_id string

Output only. The ID of the parent Scope, if any. This field will be empty if this is the "global" scope.

name string

Optional name for identification purposes.

description string

Optional user-set description for identification purposes.

created_time string

Output only. The time this resource was created.

updated_time string

Output only. The time this resource was last updated.

version integer

Version is used in mutation requests, after the initial creation, to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

grant_scope_id string

principal_ids string[]

principals object[]

id string

Output only. The ID of the principal.

type string

Output only. The type of the principal.

scope_id string

Output only. The Scope of the principal.

grant_strings string[]

grants object[]

raw string

Output only. The original user-supplied string.

canonical string

Output only. The canonically-formatted string.

json object

Output only. The JSON representation of the grant.

id string

Output only. The ID, if set.

type string

Output only. The type, if set.

actions string[]

authorized_actions string[]

Remove Role PrincipalsPOST/v1/roles/{id}:remove-principals

Removes the specified Users and/or Groups from a Role.

Path Parameters

id string

Body Parameters

version integer

Version is used to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

principal_ids string[]

Successful Response

id string

Output only. The ID of the Role.

scope_id string

The ID of the Scope containing this Role.

scope object

Output only. Scope information for this resource.

id string

Output only. The ID of the Scope.

type string

Output only. The type of the Scope.

name string

Output only. The name of the Scope, if any.

description string

Output only. The description of the Scope, if any.

parent_scope_id string

Output only. The ID of the parent Scope, if any. This field will be empty if this is the "global" scope.

name string

Optional name for identification purposes.

description string

Optional user-set description for identification purposes.

created_time string

Output only. The time this resource was created.

updated_time string

Output only. The time this resource was last updated.

version integer

Version is used in mutation requests, after the initial creation, to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

grant_scope_id string

principal_ids string[]

principals object[]

id string

Output only. The ID of the principal.

type string

Output only. The type of the principal.

scope_id string

Output only. The Scope of the principal.

grant_strings string[]

grants object[]

raw string

Output only. The original user-supplied string.

canonical string

Output only. The canonically-formatted string.

json object

Output only. The JSON representation of the grant.

id string

Output only. The ID, if set.

type string

Output only. The type, if set.

actions string[]

authorized_actions string[]

Set Role GrantsPOST/v1/roles/{id}:set-grants

Set grants for a Role, removing any grants that are not specified in the request.

Path Parameters

id string

Body Parameters

version integer

Version is used to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

grant_strings string[]

Successful Response

id string

Output only. The ID of the Role.

scope_id string

The ID of the Scope containing this Role.

scope object

Output only. Scope information for this resource.

id string

Output only. The ID of the Scope.

type string

Output only. The type of the Scope.

name string

Output only. The name of the Scope, if any.

description string

Output only. The description of the Scope, if any.

parent_scope_id string

Output only. The ID of the parent Scope, if any. This field will be empty if this is the "global" scope.

name string

Optional name for identification purposes.

description string

Optional user-set description for identification purposes.

created_time string

Output only. The time this resource was created.

updated_time string

Output only. The time this resource was last updated.

version integer

Version is used in mutation requests, after the initial creation, to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

grant_scope_id string

principal_ids string[]

principals object[]

id string

Output only. The ID of the principal.

type string

Output only. The type of the principal.

scope_id string

Output only. The Scope of the principal.

grant_strings string[]

grants object[]

raw string

Output only. The original user-supplied string.

canonical string

Output only. The canonically-formatted string.

json object

Output only. The JSON representation of the grant.

id string

Output only. The ID, if set.

type string

Output only. The type, if set.

actions string[]

authorized_actions string[]

Set Role PrincipalsPOST/v1/roles/{id}:set-principals

Set Users and/or Groups to a Role, removing any principals that are not specified in the request.

Path Parameters

id string

Body Parameters

version integer

Version is used to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

principal_ids string[]

Successful Response

id string

Output only. The ID of the Role.

scope_id string

The ID of the Scope containing this Role.

scope object

Output only. Scope information for this resource.

id string

Output only. The ID of the Scope.

type string

Output only. The type of the Scope.

name string

Output only. The name of the Scope, if any.

description string

Output only. The description of the Scope, if any.

parent_scope_id string

Output only. The ID of the parent Scope, if any. This field will be empty if this is the "global" scope.

name string

Optional name for identification purposes.

description string

Optional user-set description for identification purposes.

created_time string

Output only. The time this resource was created.

updated_time string

Output only. The time this resource was last updated.

version integer

Version is used in mutation requests, after the initial creation, to ensure this resource has not changed. The mutation will fail if the version does not match the latest known good version.

grant_scope_id string

principal_ids string[]

principals object[]

id string

Output only. The ID of the principal.

type string

Output only. The type of the principal.

scope_id string

Output only. The Scope of the principal.

grant_strings string[]

grants object[]

raw string

Output only. The original user-supplied string.

canonical string

Output only. The canonically-formatted string.

json object

Output only. The JSON representation of the grant.

id string

Output only. The ID, if set.

type string

Output only. The type, if set.

actions string[]

authorized_actions string[]