REQUIRED: The complete policy to be applied to the resource. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Google Cloud services (such as Projects) might reject them.
OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used:
paths: "bindings, etag"
This is a comma-separated list of fully qualified names of fields. Example: "user.displayName,photo".
Response body
If successful, the response body contains an instance of Policy.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-06-13 UTC."],[[["\u003cp\u003eThis webpage details how to set the access control policy for a specified resource, replacing any existing policy with the provided one.\u003c/p\u003e\n"],["\u003cp\u003eThe HTTP request to set the policy is a \u003ccode\u003ePOST\u003c/code\u003e request to a specific URL structure using gRPC Transcoding syntax, with a required path parameter, \u003ccode\u003eresource\u003c/code\u003e, which refers to the target for which to set the policy.\u003c/p\u003e\n"],["\u003cp\u003eThe request body, which must be in JSON format, requires a \u003ccode\u003epolicy\u003c/code\u003e object to apply and an optional \u003ccode\u003eupdateMask\u003c/code\u003e string to specify which parts of the policy to modify, where not specifying it defaults to modifying the bindings and etag.\u003c/p\u003e\n"],["\u003cp\u003eThe response to a successful \u003ccode\u003ePOST\u003c/code\u003e request contains an instance of the Policy object, while the operation may result in \u003ccode\u003eNOT_FOUND\u003c/code\u003e, \u003ccode\u003eINVALID_ARGUMENT\u003c/code\u003e, or \u003ccode\u003ePERMISSION_DENIED\u003c/code\u003e errors.\u003c/p\u003e\n"],["\u003cp\u003eSetting the access policy requires the \u003ccode\u003ehttps://www.googleapis.com/auth/cloud-platform\u003c/code\u003e OAuth scope for authorization.\u003c/p\u003e\n"]]],[],null,["# Method: projects.locations.deployPolicies.setIamPolicy\n\n- [HTTP request](#body.HTTP_TEMPLATE)\n- [Path parameters](#body.PATH_PARAMETERS)\n- [Request body](#body.request_body)\n - [JSON representation](#body.request_body.SCHEMA_REPRESENTATION)\n- [Response body](#body.response_body)\n- [Authorization scopes](#body.aspect)\n- [Try it!](#try-it)\n\nSets the access control policy on the specified resource. Replaces any existing policy.\n\nCan return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.\n\n### HTTP request\n\n`POST https://clouddeploy.googleapis.com/v1/{resource=projects/*/locations/*/deployPolicies/*}:setIamPolicy`\n\nThe URL uses [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\n### Path parameters\n\n### Request body\n\nThe request body contains data with the following structure:\n\n### Response body\n\nIf successful, the response body contains an instance of [Policy](/deploy/docs/api/reference/rest/v1/Policy).\n\n### Authorization scopes\n\nRequires the following OAuth scope:\n\n- `https://www.googleapis.com/auth/cloud-platform`\n\nFor more information, see the [Authentication Overview](/docs/authentication#authorization-gcp)."]]