public Policy IamRemoveMember( string projectId = "my-project", string locationId = "us-east1", string keyRingId = "my-key-ring", string keyId = "my-key", string member = "user:[email protected]") { // Create the client. KeyManagementServiceClient client = KeyManagementServiceClient.Create(); // Build the resource name. CryptoKeyName resourceName = new CryptoKeyName(projectId, locationId, keyRingId, keyId); // The resource name could also be a key ring. // var resourceName = new KeyRingName(projectId, locationId, keyRingId); // Get the current IAM policy. Policy policy = client.GetIamPolicy(resourceName); // Add the member to the policy. policy.RemoveRoleMember("roles/cloudkms.cryptoKeyEncrypterDecrypter", member); // Save the updated IAM policy. Policy result = client.SetIamPolicy(resourceName, policy); // Return the resulting policy. return(result); }
// [END kms_get_keyring_policy] // [START kms_add_member_to_keyring_policy] public static void AddMemberToKeyRingPolicy(string projectId, string locationId, string keyRingId, string role, string member) { KeyManagementServiceClient client = KeyManagementServiceClient.Create(); KeyRingName keyRingName = new KeyRingName(projectId, locationId, keyRingId); Policy policy = client.GetIamPolicy(KeyNameOneof.From(keyRingName)); policy.Bindings.Add(new Binding { Role = role, Members = { member } }); Policy updateResult = client.SetIamPolicy(KeyNameOneof.From(keyRingName), policy); foreach (Binding bindingResult in updateResult.Bindings) { Console.WriteLine($"Role: {bindingResult.Role}"); foreach (string memberResult in bindingResult.Members) { Console.WriteLine($" Member: {memberResult}"); } } }
// [END kms_add_member_to_cryptokey_policy] // [START kms_remove_member_from_cryptokey_policy] public static void RemoveMemberFromCryptoKeyPolicy(string projectId, string locationId, string keyRingId, string cryptoKeyId, string role, string member) { KeyManagementServiceClient client = KeyManagementServiceClient.Create(); CryptoKeyName cryptoKeyName = new CryptoKeyName(projectId, locationId, keyRingId, cryptoKeyId); Policy policy = client.GetIamPolicy(KeyNameOneof.From(cryptoKeyName)); foreach (Binding binding in policy.Bindings.Where(b => b.Role == role)) { binding.Members.Remove(member); } Policy updateResult = client.SetIamPolicy(KeyNameOneof.From(cryptoKeyName), policy); foreach (Binding bindingResult in updateResult.Bindings) { Console.WriteLine($"Role: {bindingResult.Role}"); foreach (string memberResult in bindingResult.Members) { Console.WriteLine($" Member: {memberResult}"); } } }
public Policy IamGetPolicy( string projectId = "my-project", string locationId = "us-east1", string keyRingId = "my-key-ring", string keyId = "my-key") { // Create the client. KeyManagementServiceClient client = KeyManagementServiceClient.Create(); // Build the resource name. CryptoKeyName resourceName = new CryptoKeyName(projectId, locationId, keyRingId, keyId); // The resource name could also be a key ring. // var resourceName = new KeyRingName(projectId, locationId, keyRingId); // Get the current IAM policy. Policy policy = client.GetIamPolicy(resourceName); // Print the policy. foreach (Binding b in policy.Bindings) { String role = b.Role; foreach (String member in b.Members) { // ... } } // Return the policy. return(policy); }
// [END kms_remove_member_from_cryptokey_policy] // [START kms_get_keyring_policy] public static void GetKeyRingIamPolicy(string projectId, string locationId, string keyRingId) { KeyManagementServiceClient client = KeyManagementServiceClient.Create(); KeyRingName keyRingName = new KeyRingName(projectId, locationId, keyRingId); Policy result = client.GetIamPolicy(KeyNameOneof.From(keyRingName)); foreach (Binding binding in result.Bindings) { Console.WriteLine($"Role: {binding.Role}"); foreach (String member in binding.Members) { Console.WriteLine($" Member: {member}"); } } }