Method: projects.instances.testIamPermissions

Returns permissions that the caller has on the specified instance resource.

Attempting this RPC on a non-existent Cloud Spanner instance resource will result in a NOT_FOUND error if the user hasspanner.instances.list permission on the containing Google Cloud Project. Otherwise returns an empty set of permissions.

HTTP request


POST https://spanner.googleapis.com/v1/{resource=projects/*/instances/*}:testIamPermissions

The URLs usegRPC Transcoding syntax.

Path parameters

Parameters
resource

string

REQUIRED: The Cloud Spanner resource for which permissions are being tested. The format isprojects/<project ID>/instances/<instance ID> for instance resources andprojects/<project ID>/instances/<instance ID>/databases/<database ID> for database resources.

Request body

The request body contains data with the following structure:

JSON representation
{"permissions":[string]}
Fields
permissions[]

string

REQUIRED: The set of permissions to check for 'resource'. Permissions with wildcards (such as '*', 'spanner.*', 'spanner.instances.*') are not allowed.

Response body

If successful, the response body contains an instance ofTestIamPermissionsResponse.

Authorization scopes

Requires one of the following OAuth scopes:

  • https://www.googleapis.com/auth/spanner.admin
  • https://www.googleapis.com/auth/cloud-platform

For more information, see theAuthentication Overview.

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-12-12 UTC.