Подключиться
Yandex Identity and Access Management

Method listAccessBindings

Статья создана

Lists access bindings for the specified service account.

HTTP request

GET https://iam.api.cloud.yandex.net/iam/v1/serviceAccounts/{resourceId}:listAccessBindings

Path parameters

Parameter Description
resourceId Required. ID of the resource to list access bindings for. To get the resource ID, use a corresponding List request. For example, use the list request to get the Cloud resource ID. The maximum string length in characters is 50.

Query parameters

Parameter Description
pageSize The maximum number of results per page that should be returned. If the number of available results is larger than pageSize, the service returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Default value: 100. The maximum value is 1000.
pageToken Page token. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results. The maximum string length in characters is 100.

Response

HTTP Code: 200 - OK

{
  "accessBindings": [
    {
      "roleId": "string",
      "subject": {
        "id": "string",
        "type": "string"
      }
    }
  ],
  "nextPageToken": "string"
}
Field Description
accessBindings[] object

List of access bindings for the specified resource.
accessBindings[].
roleId		 string

Required. ID of the Role that is assigned to the subject.

The maximum string length in characters is 50.
accessBindings[].
subject		 object

Required. Identity for which access binding is being created. It can represent an account with a unique ID or several accounts with a system identifier.
accessBindings[].
subject.
id		 string

Required. ID of the subject.

It can contain one of the following values:

  • allAuthenticatedUsers: A special system identifier that represents anyone who is authenticated. It can be used only if the type is system.
  • allUsers: A special system identifier that represents anyone. No authentication is required. For example, you don't need to specify the IAM token in an API query.
  • <cloud generated id>: An identifier that represents a user account. It can be used only if the type is userAccount, federatedUser or serviceAccount.

The maximum string length in characters is 50.
accessBindings[].
subject.
type		 string

Required. Type of the subject.

It can contain one of the following values:

  • userAccount: An account on Yandex or Yandex.Connect, added to Yandex.Cloud.
  • serviceAccount: A service account. This type represents the ServiceAccount resource.
  • federatedUser: A federated account. This type represents a user from an identity federation, like Active Directory.
  • system: System group. This type represents several accounts with a common system identifier.

For more information, see Subject to which the role is assigned.

The maximum string length in characters is 100.
nextPageToken string

This token allows you to get the next page of results for list requests. If the number of results is larger than pageSize, use the nextPageToken as the value for the pageToken query parameter in the next list request. Each subsequent list request will have its own nextPageToken to continue paging through the results.
В этой статье: