Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
HTTP request
POST https://cloudbuild.googleapis.com/v2/{resource=projects/*/locations/*/connections/*}:testIamPermissions
REQUIRED: The resource for which the policy detail is being requested. See Resource names for the appropriate value for this field.
Request body
The request body contains data with the following structure:
JSON representation
{"permissions": [string]}
Fields
permissions[]
string
The set of permissions to check for the resource. Permissions with wildcards (such as * or storage.*) are not allowed. For more information see IAM Overview.
Response body
Response message for connections.testIamPermissions method.
If successful, the response body contains data with the following structure:
JSON representation
{"permissions": [string]}
Fields
permissions[]
string
A subset of TestPermissionsRequest.permissions that the caller is allowed.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-07-17 UTC."],[[["\u003cp\u003eThis endpoint (\u003ccode\u003ePOST https://cloudbuild.googleapis.com/v2/{resource=projects/*/locations/*/connections/*}:testIamPermissions\u003c/code\u003e) determines the permissions a caller has on a specified resource, returning an empty set if the resource is not found.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eresource\u003c/code\u003e path parameter, a required string, identifies the target resource, following Google Cloud's resource naming conventions.\u003c/p\u003e\n"],["\u003cp\u003eThe request body includes a JSON structure with an array of \u003ccode\u003epermissions\u003c/code\u003e, specifying which permissions to check, excluding any wildcards.\u003c/p\u003e\n"],["\u003cp\u003eThe response body returns a JSON array of \u003ccode\u003epermissions\u003c/code\u003e, detailing the subset of requested permissions that the caller is authorized to use.\u003c/p\u003e\n"],["\u003cp\u003eAccessing this endpoint requires the \u003ccode\u003ehttps://www.googleapis.com/auth/cloud-platform\u003c/code\u003e OAuth scope for proper authorization.\u003c/p\u003e\n"]]],[],null,["# Method: projects.locations.connections.testIamPermissions\n\n- [HTTP request](#body.HTTP_TEMPLATE)\n- [Path parameters](#body.PATH_PARAMETERS)\n- [Request body](#body.request_body)\n - [JSON representation](#body.request_body.SCHEMA_REPRESENTATION)\n- [Response body](#body.response_body)\n - [JSON representation](#body.TestIamPermissionsResponse.SCHEMA_REPRESENTATION)\n- [Authorization scopes](#body.aspect)\n- [Try it!](#try-it)\n\nReturns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error.\n\nNote: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.\n\n### HTTP request\n\n`POST https://cloudbuild.googleapis.com/v2/{resource=projects/*/locations/*/connections/*}:testIamPermissions`\n\nThe URL uses [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\n### Path parameters\n\n### Request body\n\nThe request body contains data with the following structure:\n\n### Response body\n\nResponse message for `connections.testIamPermissions` method.\n\nIf successful, the response body contains data with the following structure:\n\n### Authorization scopes\n\nRequires the following OAuth scope:\n\n- `https://www.googleapis.com/auth/cloud-platform`\n\nFor more information, see the [Authentication Overview](https://cloud.google.com/docs/authentication/)."]]
