Method: projects.instances.databases.testIamPermissions

Returns permissions that the caller has on the specified database or backup resource.

Attempting this RPC on a non-existent Cloud Spanner database will result in a NOT_FOUND error if the user has spanner.databases.list permission on the containing Cloud Spanner instance. Otherwise returns an empty set of permissions. Calling this method on a backup that does not exist will result in a NOT_FOUND error if the user has spanner.backups.list permission on the containing instance. Calling this method on a backup schedule that does not exist will result in a NOT_FOUND error if the user has spanner.backupSchedules.list permission on the containing database.

HTTP request


The URLs use gRPC Transcoding syntax.

Path parameters

Parameters
resource

string

REQUIRED: The Cloud Spanner resource for which permissions are being tested. The format is projects/<project ID>/instances/<instance ID> for instance resources and projects/<project ID>/instances/<instance ID>/databases/<database ID> for database resources.

Request body

The request body contains data with the following structure:

JSON representation 
{
 "permissions": [
 string
 ]
}
Fields
permissions[]

string

REQUIRED: The set of permissions to check for 'resource'. Permissions with wildcards (such as '*', 'spanner.*', 'spanner.instances.*') are not allowed.

Response body

If successful, the response body contains an instance of TestIamPermissionsResponse .

Authorization scopes

Requires one of the following OAuth scopes:

  • https://www.googleapis.com/auth/spanner.admin
  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025年06月18日 UTC.