IAM Go

Recommendation

Updated

Moved

USE

2021-09-07

What is it

IAM Go is a Go SDK for adding access controls to gRPC APIs using the GCP Access Control Model.

Example

  // Get a site.
  // See: https://google.aip.dev/131 (Standard methods: Get).
  rpc GetSite(GetSiteRequest) returns (Site) {
    option (google.api.http) = {
      get: "/v1/{name=shippers/*/sites/*}"
    };
    option (google.api.method_signature) = "name";
    option (einride.iam.v1.method_authorization) = {
      permission: "freight.sites.get"
      before: {
        expression: "test(caller, request.name)"
        description: "The caller must have permission to get the site."
      }
    };
  }

When to use it

Use for cloud microservices that require Customer IAM, in addition to the standard internal Cloud IAM.

How to learn it

Read up on the GCP Access Control Model and then do the backend onboarding guide.

What is it​

Example​

When to use it​

How to learn it​

What is it

Example

When to use it

How to learn it