Method: organizations.locations.policyBindings.patch

Updates a policy binding and returns a long-running operation. Callers will need the IAM permissions on the policy and target in the binding to update, and the IAM permission to remove the existing policy from the binding. Target is immutable and cannot be updated. Once the binding is updated, the new policy is applied to the target.

HTTP request

PATCH https://iam.googleapis.com/v3beta/{policyBinding.name=organizations/*/locations/*/policyBindings/*}

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters
policyBinding.name

string

Identifier. The name of the policy binding, in the format {binding_parent/locations/{location}/policyBindings/{policyBindingId}. The binding parent is the closest Resource Manager resource (i.e., Project, Folder or Organization) to the binding target.

Format:

  • projects/{projectId}/locations/{location}/policyBindings/{policyBindingId}
  • projects/{projectNumber}/locations/{location}/policyBindings/{policyBindingId}
  • folders/{folderId}/locations/{location}/policyBindings/{policyBindingId}
  • organizations/{organizationId}/locations/{location}/policyBindings/{policyBindingId}

Query parameters

Parameters
validateOnly

boolean

Optional. If set, validate the request and preview the update, but do not actually post it.
updateMask

string (FieldMask format)

Optional. The list of fields to update

This is a comma-separated list of fully qualified names of fields. Example: "user.displayName,photo".

Request body

The request body contains an instance of PolicyBinding.

Response body

If successful, the response body contains an instance of Operation.

Authorization scopes

Requires the following OAuth scope:

  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.