/** Example of removing a member from the Bucket-level IAM */ public Policy removeBucketIamMember(String bucketName, Role role, Identity identity) { // [START remove_bucket_iam_member] // Initialize a Cloud Storage client Storage storage = StorageOptions.getDefaultInstance().getService(); // Get IAM Policy for a bucket Policy policy = storage.getIamPolicy(bucketName); // Remove an identity from a Bucket-level IAM role Policy updatedPolicy = storage.setIamPolicy(bucketName, policy.toBuilder().removeIdentity(role, identity).build()); if (updatedPolicy.getBindings().get(role) == null || !updatedPolicy.getBindings().get(role).contains(identity)) { System.out.printf("Removed %s with role %s from %s\n", identity, role, bucketName); } // [END remove_bucket_iam_member] return updatedPolicy; } }
updatedPolicy .toBuilder() .removeIdentity(StorageRoles.legacyObjectReader(), Identity.allUsers()) .build(), bucketOptions);
policy .toBuilder() .removeIdentity(VIEWER, USER, ALL_USERS) .addIdentity(VIEWER, DOMAIN, GROUP) .build(); policy = Policy.newBuilder() .removeIdentity(VIEWER, USER) .addIdentity(OWNER, USER, SERVICE_ACCOUNT) .addIdentity(EDITOR, GROUP) .removeIdentity(EDITOR, GROUP) .build(); assertEquals(