Skip to main content

IAM Go

Recommendation
Updated
Moved
USE
2021-09-07

What is it

IAM Go is a Go SDK for adding access controls to gRPC APIs using the GCP Access Control Model.

Example

  // Get a site.
// See: https://google.aip.dev/131 (Standard methods: Get).
rpc GetSite(GetSiteRequest) returns (Site) {
option (google.api.http) = {
get: "/v1/{name=shippers/*/sites/*}"
};
option (google.api.method_signature) = "name";
option (einride.iam.v1.method_authorization) = {
permission: "freight.sites.get"
before: {
expression: "test(caller, request.name)"
description: "The caller must have permission to get the site."
}
};
}

When to use it

Use for cloud microservices that require Customer IAM, in addition to the standard internal Cloud IAM.

How to learn it

Read up on the GCP Access Control Model.