# Policies

## CreateProjectPolicy

`client.projects.policies.create(PolicyCreateParamsbody, RequestOptionsoptions?): PolicyCreateResponse`

**post** `/gitpod.v1.ProjectService/CreateProjectPolicy`

Creates a new policy for a project.

Use this method to:

- Set up access controls
- Define group permissions
- Configure role-based access

### Examples

- Create admin policy:

  Grants admin access to a group.

  ```yaml
  projectId: "b0e12f6c-4c67-429d-a4a6-d9838b5da047"
  groupId: "f53d2330-3795-4c5d-a1f3-453121af9c60"
  role: PROJECT_ROLE_ADMIN
  ```

### Parameters

- `body: PolicyCreateParams`

  - `groupId?: string`

    group_id specifies the group_id identifier

  - `projectId?: string`

    project_id specifies the project identifier

  - `role?: ProjectRole`

    - `"PROJECT_ROLE_UNSPECIFIED"`

    - `"PROJECT_ROLE_ADMIN"`

    - `"PROJECT_ROLE_USER"`

    - `"PROJECT_ROLE_EDITOR"`

### Returns

- `PolicyCreateResponse`

  - `policy?: ProjectPolicy`

    - `groupId?: string`

    - `role?: ProjectRole`

      role is the role assigned to the group

      - `"PROJECT_ROLE_UNSPECIFIED"`

      - `"PROJECT_ROLE_ADMIN"`

      - `"PROJECT_ROLE_USER"`

      - `"PROJECT_ROLE_EDITOR"`

### Example

```typescript
import Gitpod from '@gitpod/sdk';

const client = new Gitpod({
  bearerToken: process.env['GITPOD_API_KEY'], // This is the default and can be omitted
});

const policy = await client.projects.policies.create({
  groupId: 'f53d2330-3795-4c5d-a1f3-453121af9c60',
  projectId: 'b0e12f6c-4c67-429d-a4a6-d9838b5da047',
  role: 'PROJECT_ROLE_ADMIN',
});

console.log(policy.policy);
```

#### Response

```json
{
  "policy": {
    "groupId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
    "role": "PROJECT_ROLE_UNSPECIFIED"
  }
}
```

## DeleteProjectPolicy

`client.projects.policies.delete(PolicyDeleteParamsbody, RequestOptionsoptions?): PolicyDeleteResponse`

**post** `/gitpod.v1.ProjectService/DeleteProjectPolicy`

Deletes a project policy.

Use this method to:

- Remove access controls
- Revoke permissions
- Clean up policies

### Examples

- Delete policy:

  Removes a group's access policy.

  ```yaml
  projectId: "b0e12f6c-4c67-429d-a4a6-d9838b5da047"
  groupId: "f53d2330-3795-4c5d-a1f3-453121af9c60"
  ```

### Parameters

- `body: PolicyDeleteParams`

  - `groupId?: string`

    group_id specifies the group_id identifier

  - `projectId?: string`

    project_id specifies the project identifier

### Returns

- `PolicyDeleteResponse = unknown`

### Example

```typescript
import Gitpod from '@gitpod/sdk';

const client = new Gitpod({
  bearerToken: process.env['GITPOD_API_KEY'], // This is the default and can be omitted
});

const policy = await client.projects.policies.delete({
  groupId: 'f53d2330-3795-4c5d-a1f3-453121af9c60',
  projectId: 'b0e12f6c-4c67-429d-a4a6-d9838b5da047',
});

console.log(policy);
```

#### Response

```json
{}
```

## ListProjectPolicies

`client.projects.policies.list(PolicyListParamsparams, RequestOptionsoptions?): PoliciesPage<ProjectPolicy>`

**post** `/gitpod.v1.ProjectService/ListProjectPolicies`

Lists policies for a project.

Use this method to:

- View access controls
- Check policy configurations
- Audit permissions

### Examples

- List policies:

  Shows all policies for a project.

  ```yaml
  projectId: "b0e12f6c-4c67-429d-a4a6-d9838b5da047"
  pagination:
    pageSize: 20
  ```

### Parameters

- `params: PolicyListParams`

  - `token?: string`

    Query param

  - `pageSize?: number`

    Query param

  - `pagination?: Pagination`

    Body param: pagination contains the pagination options for listing project policies

    - `token?: string`

      Token for the next set of results that was returned as next_token of a
      PaginationResponse

    - `pageSize?: number`

      Page size is the maximum number of results to retrieve per page.
      Defaults to 25. Maximum 100.

  - `projectId?: string`

    Body param: project_id specifies the project identifier

### Returns

- `ProjectPolicy`

  - `groupId?: string`

  - `role?: ProjectRole`

    role is the role assigned to the group

    - `"PROJECT_ROLE_UNSPECIFIED"`

    - `"PROJECT_ROLE_ADMIN"`

    - `"PROJECT_ROLE_USER"`

    - `"PROJECT_ROLE_EDITOR"`

### Example

```typescript
import Gitpod from '@gitpod/sdk';

const client = new Gitpod({
  bearerToken: process.env['GITPOD_API_KEY'], // This is the default and can be omitted
});

// Automatically fetches more pages as needed.
for await (const projectPolicy of client.projects.policies.list({
  pagination: { pageSize: 20 },
  projectId: 'b0e12f6c-4c67-429d-a4a6-d9838b5da047',
})) {
  console.log(projectPolicy.groupId);
}
```

#### Response

```json
{
  "pagination": {
    "nextToken": "nextToken"
  },
  "policies": [
    {
      "groupId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
      "role": "PROJECT_ROLE_UNSPECIFIED"
    }
  ]
}
```

## UpdateProjectPolicy

`client.projects.policies.update(PolicyUpdateParamsbody, RequestOptionsoptions?): PolicyUpdateResponse`

**post** `/gitpod.v1.ProjectService/UpdateProjectPolicy`

Updates an existing project policy.

Use this method to:

- Modify access levels
- Change group roles
- Update permissions

### Examples

- Update policy role:

  Changes a group's access level.

  ```yaml
  projectId: "b0e12f6c-4c67-429d-a4a6-d9838b5da047"
  groupId: "f53d2330-3795-4c5d-a1f3-453121af9c60"
  role: PROJECT_ROLE_EDITOR
  ```

### Parameters

- `body: PolicyUpdateParams`

  - `groupId?: string`

    group_id specifies the group_id identifier

  - `projectId?: string`

    project_id specifies the project identifier

  - `role?: ProjectRole`

    - `"PROJECT_ROLE_UNSPECIFIED"`

    - `"PROJECT_ROLE_ADMIN"`

    - `"PROJECT_ROLE_USER"`

    - `"PROJECT_ROLE_EDITOR"`

### Returns

- `PolicyUpdateResponse`

  - `policy?: ProjectPolicy`

    - `groupId?: string`

    - `role?: ProjectRole`

      role is the role assigned to the group

      - `"PROJECT_ROLE_UNSPECIFIED"`

      - `"PROJECT_ROLE_ADMIN"`

      - `"PROJECT_ROLE_USER"`

      - `"PROJECT_ROLE_EDITOR"`

### Example

```typescript
import Gitpod from '@gitpod/sdk';

const client = new Gitpod({
  bearerToken: process.env['GITPOD_API_KEY'], // This is the default and can be omitted
});

const policy = await client.projects.policies.update({
  groupId: 'f53d2330-3795-4c5d-a1f3-453121af9c60',
  projectId: 'b0e12f6c-4c67-429d-a4a6-d9838b5da047',
  role: 'PROJECT_ROLE_EDITOR',
});

console.log(policy.policy);
```

#### Response

```json
{
  "policy": {
    "groupId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
    "role": "PROJECT_ROLE_UNSPECIFIED"
  }
}
```

## Domain Types

### Project Policy

- `ProjectPolicy`

  - `groupId?: string`

  - `role?: ProjectRole`

    role is the role assigned to the group

    - `"PROJECT_ROLE_UNSPECIFIED"`

    - `"PROJECT_ROLE_ADMIN"`

    - `"PROJECT_ROLE_USER"`

    - `"PROJECT_ROLE_EDITOR"`

### Project Role

- `ProjectRole = "PROJECT_ROLE_UNSPECIFIED" | "PROJECT_ROLE_ADMIN" | "PROJECT_ROLE_USER" | "PROJECT_ROLE_EDITOR"`

  - `"PROJECT_ROLE_UNSPECIFIED"`

  - `"PROJECT_ROLE_ADMIN"`

  - `"PROJECT_ROLE_USER"`

  - `"PROJECT_ROLE_EDITOR"`

### Policy Create Response

- `PolicyCreateResponse`

  - `policy?: ProjectPolicy`

    - `groupId?: string`

    - `role?: ProjectRole`

      role is the role assigned to the group

      - `"PROJECT_ROLE_UNSPECIFIED"`

      - `"PROJECT_ROLE_ADMIN"`

      - `"PROJECT_ROLE_USER"`

      - `"PROJECT_ROLE_EDITOR"`

### Policy Delete Response

- `PolicyDeleteResponse = unknown`

### Policy Update Response

- `PolicyUpdateResponse`

  - `policy?: ProjectPolicy`

    - `groupId?: string`

    - `role?: ProjectRole`

      role is the role assigned to the group

      - `"PROJECT_ROLE_UNSPECIFIED"`

      - `"PROJECT_ROLE_ADMIN"`

      - `"PROJECT_ROLE_USER"`

      - `"PROJECT_ROLE_EDITOR"`