Identity and Access Management (IAM) v1 API - Class IAMClient (2.3.0)

public abstract class IAMClient

Reference documentation and code samples for the Identity and Access Management (IAM) v1 API class IAMClient.

IAM client wrapper, for convenient use.

Inheritance

object > IAMClient

Inherited Members

object.GetHashCode()

object.GetType()

object.MemberwiseClone()

object.ToString()

Derived Types

IAMClientImpl

Namespace

Google.Cloud.Iam.Admin.V1

Assembly

Google.Cloud.Iam.Admin.V1.dll

Remarks

Creates and manages Identity and Access Management (IAM) resources.

You can use this service to work with all of the following resources:

Service accounts, which identify an application or a virtual machine (VM) instance rather than a person
Service account keys, which service accounts use to authenticate with Google APIs
IAM policies for service accounts, which specify the roles that a principal has for the service account
IAM custom roles, which help you limit the number of permissions that you grant to principals

In addition, you can use this service to complete the following tasks, among others:

Test whether a service account can use specific permissions
Check which roles you can grant for a specific resource
Lint, or validate, condition expressions in an IAM policy

When you read data from the IAM API, each read is eventually consistent. In other words, if you write data with the IAM API, then immediately read that data, the read operation might return an older version of the data. To deal with this behavior, your application can retry the request with truncated exponential backoff.

In contrast, writing data to the IAM API is sequentially consistent. In other words, write operations are always processed in the order in which they were received.

Properties

DefaultEndpoint

public static string DefaultEndpoint { get; }

The default endpoint for the IAM service, which is a host of "iam.googleapis.com" and a port of 443.

Property Value
Type	Description
`string`

DefaultScopes

public static IReadOnlyList<string> DefaultScopes { get; }

The default IAM scopes.

Property Value
Type	Description
`IReadOnlyListstring`

Remarks

The default IAM scopes are:

https://www.googleapis.com/auth/cloud-platform

GrpcClient

public virtual IAM.IAMClient GrpcClient { get; }

The underlying gRPC IAM client

Property Value
Type	Description
`IAMIAMClient`

ServiceMetadata

public static ServiceMetadata ServiceMetadata { get; }

The service metadata associated with this client type.

Property Value
Type	Description
`ServiceMetadata`

Methods

Create()

public static IAMClient Create()

Synchronously creates a IAMClient using the default credentials, endpoint and settings. To specify custom credentials or other settings, use IAMClientBuilder.

Returns
Type	Description
`IAMClient`	The created IAMClient.

CreateAsync(CancellationToken)

public static Task<IAMClient> CreateAsync(CancellationToken cancellationToken = default)

Asynchronously creates a IAMClient using the default credentials, endpoint and settings. To specify custom credentials or other settings, use IAMClientBuilder.

Parameter
Name	Description
`cancellationToken`	`CancellationToken` The CancellationToken to use while creating the client.

Returns
Type	Description
`TaskIAMClient`	The task representing the created IAMClient.

CreateRole(CreateRoleRequest, CallSettings)

public virtual Role CreateRole(CreateRoleRequest request, CallSettings callSettings = null)

Creates a new custom [Role][google.iam.admin.v1.Role].

Parameters
Name	Description
`request`	`CreateRoleRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Role`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
CreateRoleRequest request = new CreateRoleRequest
{
    ParentAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
    RoleId = "",
    Role = new Role(),
};
// Make the request
Role response = iAMClient.CreateRole(request);

CreateRoleAsync(CreateRoleRequest, CallSettings)

public virtual Task<Role> CreateRoleAsync(CreateRoleRequest request, CallSettings callSettings = null)

Creates a new custom [Role][google.iam.admin.v1.Role].

Parameters
Name	Description
`request`	`CreateRoleRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskRole`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
CreateRoleRequest request = new CreateRoleRequest
{
    ParentAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
    RoleId = "",
    Role = new Role(),
};
// Make the request
Role response = await iAMClient.CreateRoleAsync(request);

CreateRoleAsync(CreateRoleRequest, CancellationToken)

public virtual Task<Role> CreateRoleAsync(CreateRoleRequest request, CancellationToken cancellationToken)

Creates a new custom [Role][google.iam.admin.v1.Role].

Parameters
Name	Description
`request`	`CreateRoleRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskRole`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
CreateRoleRequest request = new CreateRoleRequest
{
    ParentAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
    RoleId = "",
    Role = new Role(),
};
// Make the request
Role response = await iAMClient.CreateRoleAsync(request);

CreateServiceAccount(ProjectName, string, ServiceAccount, CallSettings)

public virtual ServiceAccount CreateServiceAccount(ProjectName name, string accountId, ServiceAccount serviceAccount, CallSettings callSettings = null)

Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`ProjectName` Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.
`accountId`	`string` Required. The account id that is used to generate the service account email address and a stable unique id. It is unique within a project, must be 6-30 characters long, and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035.
`serviceAccount`	`ServiceAccount` The [ServiceAccount][google.iam.admin.v1.ServiceAccount] resource to create. Currently, only the following values are user assignable: `display_name` and `description`.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ServiceAccount`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
ProjectName name = ProjectName.FromProject("[PROJECT]");
string accountId = "";
ServiceAccount serviceAccount = new ServiceAccount();
// Make the request
ServiceAccount response = iAMClient.CreateServiceAccount(name, accountId, serviceAccount);

CreateServiceAccount(CreateServiceAccountRequest, CallSettings)

public virtual ServiceAccount CreateServiceAccount(CreateServiceAccountRequest request, CallSettings callSettings = null)

Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`CreateServiceAccountRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ServiceAccount`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
CreateServiceAccountRequest request = new CreateServiceAccountRequest
{
    ProjectName = ProjectName.FromProject("[PROJECT]"),
    AccountId = "",
    ServiceAccount = new ServiceAccount(),
};
// Make the request
ServiceAccount response = iAMClient.CreateServiceAccount(request);

CreateServiceAccount(string, string, ServiceAccount, CallSettings)

public virtual ServiceAccount CreateServiceAccount(string name, string accountId, ServiceAccount serviceAccount, CallSettings callSettings = null)

Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`string` Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.
`accountId`	`string` Required. The account id that is used to generate the service account email address and a stable unique id. It is unique within a project, must be 6-30 characters long, and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035.
`serviceAccount`	`ServiceAccount` The [ServiceAccount][google.iam.admin.v1.ServiceAccount] resource to create. Currently, only the following values are user assignable: `display_name` and `description`.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ServiceAccount`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
string name = "projects/[PROJECT]";
string accountId = "";
ServiceAccount serviceAccount = new ServiceAccount();
// Make the request
ServiceAccount response = iAMClient.CreateServiceAccount(name, accountId, serviceAccount);

CreateServiceAccountAsync(ProjectName, string, ServiceAccount, CallSettings)

public virtual Task<ServiceAccount> CreateServiceAccountAsync(ProjectName name, string accountId, ServiceAccount serviceAccount, CallSettings callSettings = null)

Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`ProjectName` Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.
`accountId`	`string` Required. The account id that is used to generate the service account email address and a stable unique id. It is unique within a project, must be 6-30 characters long, and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035.
`serviceAccount`	`ServiceAccount` The [ServiceAccount][google.iam.admin.v1.ServiceAccount] resource to create. Currently, only the following values are user assignable: `display_name` and `description`.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ProjectName name = ProjectName.FromProject("[PROJECT]");
string accountId = "";
ServiceAccount serviceAccount = new ServiceAccount();
// Make the request
ServiceAccount response = await iAMClient.CreateServiceAccountAsync(name, accountId, serviceAccount);

CreateServiceAccountAsync(ProjectName, string, ServiceAccount, CancellationToken)

public virtual Task<ServiceAccount> CreateServiceAccountAsync(ProjectName name, string accountId, ServiceAccount serviceAccount, CancellationToken cancellationToken)

Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`ProjectName` Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.
`accountId`	`string` Required. The account id that is used to generate the service account email address and a stable unique id. It is unique within a project, must be 6-30 characters long, and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035.
`serviceAccount`	`ServiceAccount` The [ServiceAccount][google.iam.admin.v1.ServiceAccount] resource to create. Currently, only the following values are user assignable: `display_name` and `description`.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ProjectName name = ProjectName.FromProject("[PROJECT]");
string accountId = "";
ServiceAccount serviceAccount = new ServiceAccount();
// Make the request
ServiceAccount response = await iAMClient.CreateServiceAccountAsync(name, accountId, serviceAccount);

CreateServiceAccountAsync(CreateServiceAccountRequest, CallSettings)

public virtual Task<ServiceAccount> CreateServiceAccountAsync(CreateServiceAccountRequest request, CallSettings callSettings = null)

Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`CreateServiceAccountRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
CreateServiceAccountRequest request = new CreateServiceAccountRequest
{
    ProjectName = ProjectName.FromProject("[PROJECT]"),
    AccountId = "",
    ServiceAccount = new ServiceAccount(),
};
// Make the request
ServiceAccount response = await iAMClient.CreateServiceAccountAsync(request);

CreateServiceAccountAsync(CreateServiceAccountRequest, CancellationToken)

public virtual Task<ServiceAccount> CreateServiceAccountAsync(CreateServiceAccountRequest request, CancellationToken cancellationToken)

Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`CreateServiceAccountRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
CreateServiceAccountRequest request = new CreateServiceAccountRequest
{
    ProjectName = ProjectName.FromProject("[PROJECT]"),
    AccountId = "",
    ServiceAccount = new ServiceAccount(),
};
// Make the request
ServiceAccount response = await iAMClient.CreateServiceAccountAsync(request);

CreateServiceAccountAsync(string, string, ServiceAccount, CallSettings)

public virtual Task<ServiceAccount> CreateServiceAccountAsync(string name, string accountId, ServiceAccount serviceAccount, CallSettings callSettings = null)

Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`string` Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.
`accountId`	`string` Required. The account id that is used to generate the service account email address and a stable unique id. It is unique within a project, must be 6-30 characters long, and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035.
`serviceAccount`	`ServiceAccount` The [ServiceAccount][google.iam.admin.v1.ServiceAccount] resource to create. Currently, only the following values are user assignable: `display_name` and `description`.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]";
string accountId = "";
ServiceAccount serviceAccount = new ServiceAccount();
// Make the request
ServiceAccount response = await iAMClient.CreateServiceAccountAsync(name, accountId, serviceAccount);

CreateServiceAccountAsync(string, string, ServiceAccount, CancellationToken)

public virtual Task<ServiceAccount> CreateServiceAccountAsync(string name, string accountId, ServiceAccount serviceAccount, CancellationToken cancellationToken)

Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`string` Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.
`accountId`	`string` Required. The account id that is used to generate the service account email address and a stable unique id. It is unique within a project, must be 6-30 characters long, and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035.
`serviceAccount`	`ServiceAccount` The [ServiceAccount][google.iam.admin.v1.ServiceAccount] resource to create. Currently, only the following values are user assignable: `display_name` and `description`.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]";
string accountId = "";
ServiceAccount serviceAccount = new ServiceAccount();
// Make the request
ServiceAccount response = await iAMClient.CreateServiceAccountAsync(name, accountId, serviceAccount);

CreateServiceAccountKey(CreateServiceAccountKeyRequest, CallSettings)

public virtual ServiceAccountKey CreateServiceAccountKey(CreateServiceAccountKeyRequest request, CallSettings callSettings = null)

Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`request`	`CreateServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ServiceAccountKey`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
CreateServiceAccountKeyRequest request = new CreateServiceAccountKeyRequest
{
    ServiceAccountName = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]"),
    PrivateKeyType = ServiceAccountPrivateKeyType.TypeUnspecified,
    KeyAlgorithm = ServiceAccountKeyAlgorithm.KeyAlgUnspecified,
};
// Make the request
ServiceAccountKey response = iAMClient.CreateServiceAccountKey(request);

CreateServiceAccountKey(ServiceAccountName, ServiceAccountPrivateKeyType, ServiceAccountKeyAlgorithm, CallSettings)

public virtual ServiceAccountKey CreateServiceAccountKey(ServiceAccountName name, ServiceAccountPrivateKeyType privateKeyType, ServiceAccountKeyAlgorithm keyAlgorithm, CallSettings callSettings = null)

Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`name`	`ServiceAccountName` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`privateKeyType`	`ServiceAccountPrivateKeyType` The output format of the private key. The default value is `TYPE_GOOGLE_CREDENTIALS_FILE`, which is the Google Credentials File format.
`keyAlgorithm`	`ServiceAccountKeyAlgorithm` Which type of key and algorithm to use for the key. The default is currently a 2K RSA key. However this may change in the future.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ServiceAccountKey`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
ServiceAccountPrivateKeyType privateKeyType = ServiceAccountPrivateKeyType.TypeUnspecified;
ServiceAccountKeyAlgorithm keyAlgorithm = ServiceAccountKeyAlgorithm.KeyAlgUnspecified;
// Make the request
ServiceAccountKey response = iAMClient.CreateServiceAccountKey(name, privateKeyType, keyAlgorithm);

CreateServiceAccountKey(string, ServiceAccountPrivateKeyType, ServiceAccountKeyAlgorithm, CallSettings)

public virtual ServiceAccountKey CreateServiceAccountKey(string name, ServiceAccountPrivateKeyType privateKeyType, ServiceAccountKeyAlgorithm keyAlgorithm, CallSettings callSettings = null)

Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`privateKeyType`	`ServiceAccountPrivateKeyType` The output format of the private key. The default value is `TYPE_GOOGLE_CREDENTIALS_FILE`, which is the Google Credentials File format.
`keyAlgorithm`	`ServiceAccountKeyAlgorithm` Which type of key and algorithm to use for the key. The default is currently a 2K RSA key. However this may change in the future.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ServiceAccountKey`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
ServiceAccountPrivateKeyType privateKeyType = ServiceAccountPrivateKeyType.TypeUnspecified;
ServiceAccountKeyAlgorithm keyAlgorithm = ServiceAccountKeyAlgorithm.KeyAlgUnspecified;
// Make the request
ServiceAccountKey response = iAMClient.CreateServiceAccountKey(name, privateKeyType, keyAlgorithm);

CreateServiceAccountKeyAsync(CreateServiceAccountKeyRequest, CallSettings)

public virtual Task<ServiceAccountKey> CreateServiceAccountKeyAsync(CreateServiceAccountKeyRequest request, CallSettings callSettings = null)

Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`request`	`CreateServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskServiceAccountKey`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
CreateServiceAccountKeyRequest request = new CreateServiceAccountKeyRequest
{
    ServiceAccountName = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]"),
    PrivateKeyType = ServiceAccountPrivateKeyType.TypeUnspecified,
    KeyAlgorithm = ServiceAccountKeyAlgorithm.KeyAlgUnspecified,
};
// Make the request
ServiceAccountKey response = await iAMClient.CreateServiceAccountKeyAsync(request);

CreateServiceAccountKeyAsync(CreateServiceAccountKeyRequest, CancellationToken)

public virtual Task<ServiceAccountKey> CreateServiceAccountKeyAsync(CreateServiceAccountKeyRequest request, CancellationToken cancellationToken)

Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`request`	`CreateServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskServiceAccountKey`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
CreateServiceAccountKeyRequest request = new CreateServiceAccountKeyRequest
{
    ServiceAccountName = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]"),
    PrivateKeyType = ServiceAccountPrivateKeyType.TypeUnspecified,
    KeyAlgorithm = ServiceAccountKeyAlgorithm.KeyAlgUnspecified,
};
// Make the request
ServiceAccountKey response = await iAMClient.CreateServiceAccountKeyAsync(request);

CreateServiceAccountKeyAsync(ServiceAccountName, ServiceAccountPrivateKeyType, ServiceAccountKeyAlgorithm, CallSettings)

public virtual Task<ServiceAccountKey> CreateServiceAccountKeyAsync(ServiceAccountName name, ServiceAccountPrivateKeyType privateKeyType, ServiceAccountKeyAlgorithm keyAlgorithm, CallSettings callSettings = null)

Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`name`	`ServiceAccountName` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`privateKeyType`	`ServiceAccountPrivateKeyType` The output format of the private key. The default value is `TYPE_GOOGLE_CREDENTIALS_FILE`, which is the Google Credentials File format.
`keyAlgorithm`	`ServiceAccountKeyAlgorithm` Which type of key and algorithm to use for the key. The default is currently a 2K RSA key. However this may change in the future.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskServiceAccountKey`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
ServiceAccountPrivateKeyType privateKeyType = ServiceAccountPrivateKeyType.TypeUnspecified;
ServiceAccountKeyAlgorithm keyAlgorithm = ServiceAccountKeyAlgorithm.KeyAlgUnspecified;
// Make the request
ServiceAccountKey response = await iAMClient.CreateServiceAccountKeyAsync(name, privateKeyType, keyAlgorithm);

CreateServiceAccountKeyAsync(ServiceAccountName, ServiceAccountPrivateKeyType, ServiceAccountKeyAlgorithm, CancellationToken)

public virtual Task<ServiceAccountKey> CreateServiceAccountKeyAsync(ServiceAccountName name, ServiceAccountPrivateKeyType privateKeyType, ServiceAccountKeyAlgorithm keyAlgorithm, CancellationToken cancellationToken)

Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`name`	`ServiceAccountName` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`privateKeyType`	`ServiceAccountPrivateKeyType` The output format of the private key. The default value is `TYPE_GOOGLE_CREDENTIALS_FILE`, which is the Google Credentials File format.
`keyAlgorithm`	`ServiceAccountKeyAlgorithm` Which type of key and algorithm to use for the key. The default is currently a 2K RSA key. However this may change in the future.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskServiceAccountKey`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
ServiceAccountPrivateKeyType privateKeyType = ServiceAccountPrivateKeyType.TypeUnspecified;
ServiceAccountKeyAlgorithm keyAlgorithm = ServiceAccountKeyAlgorithm.KeyAlgUnspecified;
// Make the request
ServiceAccountKey response = await iAMClient.CreateServiceAccountKeyAsync(name, privateKeyType, keyAlgorithm);

CreateServiceAccountKeyAsync(string, ServiceAccountPrivateKeyType, ServiceAccountKeyAlgorithm, CallSettings)

public virtual Task<ServiceAccountKey> CreateServiceAccountKeyAsync(string name, ServiceAccountPrivateKeyType privateKeyType, ServiceAccountKeyAlgorithm keyAlgorithm, CallSettings callSettings = null)

Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`privateKeyType`	`ServiceAccountPrivateKeyType` The output format of the private key. The default value is `TYPE_GOOGLE_CREDENTIALS_FILE`, which is the Google Credentials File format.
`keyAlgorithm`	`ServiceAccountKeyAlgorithm` Which type of key and algorithm to use for the key. The default is currently a 2K RSA key. However this may change in the future.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskServiceAccountKey`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
ServiceAccountPrivateKeyType privateKeyType = ServiceAccountPrivateKeyType.TypeUnspecified;
ServiceAccountKeyAlgorithm keyAlgorithm = ServiceAccountKeyAlgorithm.KeyAlgUnspecified;
// Make the request
ServiceAccountKey response = await iAMClient.CreateServiceAccountKeyAsync(name, privateKeyType, keyAlgorithm);

CreateServiceAccountKeyAsync(string, ServiceAccountPrivateKeyType, ServiceAccountKeyAlgorithm, CancellationToken)

public virtual Task<ServiceAccountKey> CreateServiceAccountKeyAsync(string name, ServiceAccountPrivateKeyType privateKeyType, ServiceAccountKeyAlgorithm keyAlgorithm, CancellationToken cancellationToken)

Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`privateKeyType`	`ServiceAccountPrivateKeyType` The output format of the private key. The default value is `TYPE_GOOGLE_CREDENTIALS_FILE`, which is the Google Credentials File format.
`keyAlgorithm`	`ServiceAccountKeyAlgorithm` Which type of key and algorithm to use for the key. The default is currently a 2K RSA key. However this may change in the future.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskServiceAccountKey`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
ServiceAccountPrivateKeyType privateKeyType = ServiceAccountPrivateKeyType.TypeUnspecified;
ServiceAccountKeyAlgorithm keyAlgorithm = ServiceAccountKeyAlgorithm.KeyAlgUnspecified;
// Make the request
ServiceAccountKey response = await iAMClient.CreateServiceAccountKeyAsync(name, privateKeyType, keyAlgorithm);

DeleteRole(DeleteRoleRequest, CallSettings)

public virtual Role DeleteRole(DeleteRoleRequest request, CallSettings callSettings = null)

Deletes a custom [Role][google.iam.admin.v1.Role].

When you delete a custom role, the following changes occur immediately:

You cannot bind a principal to the custom role in an IAM [Policy][google.iam.v1.Policy].
Existing bindings to the custom role are not changed, but they have no effect.
By default, the response from [ListRoles][google.iam.admin.v1.IAM.ListRoles] does not include the custom role.

You have 7 days to undelete the custom role. After 7 days, the following changes occur:

The custom role is permanently deleted and cannot be recovered.
If an IAM policy contains a binding to the custom role, the binding is permanently removed.

Parameters
Name	Description
`request`	`DeleteRoleRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Role`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
DeleteRoleRequest request = new DeleteRoleRequest
{
    ResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Etag = ByteString.Empty,
};
// Make the request
Role response = iAMClient.DeleteRole(request);

DeleteRoleAsync(DeleteRoleRequest, CallSettings)

public virtual Task<Role> DeleteRoleAsync(DeleteRoleRequest request, CallSettings callSettings = null)

Deletes a custom [Role][google.iam.admin.v1.Role].

When you delete a custom role, the following changes occur immediately:

You cannot bind a principal to the custom role in an IAM [Policy][google.iam.v1.Policy].
Existing bindings to the custom role are not changed, but they have no effect.
By default, the response from [ListRoles][google.iam.admin.v1.IAM.ListRoles] does not include the custom role.

You have 7 days to undelete the custom role. After 7 days, the following changes occur:

The custom role is permanently deleted and cannot be recovered.
If an IAM policy contains a binding to the custom role, the binding is permanently removed.

Parameters
Name	Description
`request`	`DeleteRoleRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskRole`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
DeleteRoleRequest request = new DeleteRoleRequest
{
    ResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Etag = ByteString.Empty,
};
// Make the request
Role response = await iAMClient.DeleteRoleAsync(request);

DeleteRoleAsync(DeleteRoleRequest, CancellationToken)

public virtual Task<Role> DeleteRoleAsync(DeleteRoleRequest request, CancellationToken cancellationToken)

Deletes a custom [Role][google.iam.admin.v1.Role].

When you delete a custom role, the following changes occur immediately:

You cannot bind a principal to the custom role in an IAM [Policy][google.iam.v1.Policy].
Existing bindings to the custom role are not changed, but they have no effect.
By default, the response from [ListRoles][google.iam.admin.v1.IAM.ListRoles] does not include the custom role.

You have 7 days to undelete the custom role. After 7 days, the following changes occur:

The custom role is permanently deleted and cannot be recovered.
If an IAM policy contains a binding to the custom role, the binding is permanently removed.

Parameters
Name	Description
`request`	`DeleteRoleRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskRole`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
DeleteRoleRequest request = new DeleteRoleRequest
{
    ResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Etag = ByteString.Empty,
};
// Make the request
Role response = await iAMClient.DeleteRoleAsync(request);

DeleteServiceAccount(DeleteServiceAccountRequest, CallSettings)

public virtual void DeleteServiceAccount(DeleteServiceAccountRequest request, CallSettings callSettings = null)

Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Warning: After you delete a service account, you might not be able to undelete it. If you know that you need to re-enable the service account in the future, use [DisableServiceAccount][google.iam.admin.v1.IAM.DisableServiceAccount] instead.

If you delete a service account, IAM permanently removes the service account 30 days later. Google Cloud cannot recover the service account after it is permanently removed, even if you file a support request.

To help avoid unplanned outages, we recommend that you disable the service account before you delete it. Use [DisableServiceAccount][google.iam.admin.v1.IAM.DisableServiceAccount] to disable the service account, then wait at least 24 hours and watch for unintended consequences. If there are no unintended consequences, you can delete the service account.

Parameters
Name	Description
`request`	`DeleteServiceAccountRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
DeleteServiceAccountRequest request = new DeleteServiceAccountRequest
{
    ServiceAccountName = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]"),
};
// Make the request
iAMClient.DeleteServiceAccount(request);

DeleteServiceAccount(ServiceAccountName, CallSettings)

public virtual void DeleteServiceAccount(ServiceAccountName name, CallSettings callSettings = null)

Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`ServiceAccountName` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
// Make the request
iAMClient.DeleteServiceAccount(name);

DeleteServiceAccount(string, CallSettings)

public virtual void DeleteServiceAccount(string name, CallSettings callSettings = null)

Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
// Make the request
iAMClient.DeleteServiceAccount(name);

DeleteServiceAccountAsync(DeleteServiceAccountRequest, CallSettings)

public virtual Task DeleteServiceAccountAsync(DeleteServiceAccountRequest request, CallSettings callSettings = null)

Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`DeleteServiceAccountRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
DeleteServiceAccountRequest request = new DeleteServiceAccountRequest
{
    ServiceAccountName = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]"),
};
// Make the request
await iAMClient.DeleteServiceAccountAsync(request);

DeleteServiceAccountAsync(DeleteServiceAccountRequest, CancellationToken)

public virtual Task DeleteServiceAccountAsync(DeleteServiceAccountRequest request, CancellationToken cancellationToken)

Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`DeleteServiceAccountRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
DeleteServiceAccountRequest request = new DeleteServiceAccountRequest
{
    ServiceAccountName = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]"),
};
// Make the request
await iAMClient.DeleteServiceAccountAsync(request);

DeleteServiceAccountAsync(ServiceAccountName, CallSettings)

public virtual Task DeleteServiceAccountAsync(ServiceAccountName name, CallSettings callSettings = null)

Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`ServiceAccountName` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
// Make the request
await iAMClient.DeleteServiceAccountAsync(name);

DeleteServiceAccountAsync(ServiceAccountName, CancellationToken)

public virtual Task DeleteServiceAccountAsync(ServiceAccountName name, CancellationToken cancellationToken)

Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`ServiceAccountName` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
// Make the request
await iAMClient.DeleteServiceAccountAsync(name);

DeleteServiceAccountAsync(string, CallSettings)

public virtual Task DeleteServiceAccountAsync(string name, CallSettings callSettings = null)

Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
// Make the request
await iAMClient.DeleteServiceAccountAsync(name);

DeleteServiceAccountAsync(string, CancellationToken)

public virtual Task DeleteServiceAccountAsync(string name, CancellationToken cancellationToken)

Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
// Make the request
await iAMClient.DeleteServiceAccountAsync(name);

DeleteServiceAccountKey(DeleteServiceAccountKeyRequest, CallSettings)

public virtual void DeleteServiceAccountKey(DeleteServiceAccountKeyRequest request, CallSettings callSettings = null)

Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. Deleting a service account key does not revoke short-lived credentials that have been issued based on the service account key.

Parameters
Name	Description
`request`	`DeleteServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
DeleteServiceAccountKeyRequest request = new DeleteServiceAccountKeyRequest
{
    KeyName = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]"),
};
// Make the request
iAMClient.DeleteServiceAccountKey(request);

DeleteServiceAccountKey(KeyName, CallSettings)

public virtual void DeleteServiceAccountKey(KeyName name, CallSettings callSettings = null)

Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. Deleting a service account key does not revoke short-lived credentials that have been issued based on the service account key.

Parameters
Name	Description
`name`	`KeyName` Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
KeyName name = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]");
// Make the request
iAMClient.DeleteServiceAccountKey(name);

DeleteServiceAccountKey(string, CallSettings)

public virtual void DeleteServiceAccountKey(string name, CallSettings callSettings = null)

Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. Deleting a service account key does not revoke short-lived credentials that have been issued based on the service account key.

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]/keys/[KEY]";
// Make the request
iAMClient.DeleteServiceAccountKey(name);

DeleteServiceAccountKeyAsync(DeleteServiceAccountKeyRequest, CallSettings)

public virtual Task DeleteServiceAccountKeyAsync(DeleteServiceAccountKeyRequest request, CallSettings callSettings = null)

Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. Deleting a service account key does not revoke short-lived credentials that have been issued based on the service account key.

Parameters
Name	Description
`request`	`DeleteServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
DeleteServiceAccountKeyRequest request = new DeleteServiceAccountKeyRequest
{
    KeyName = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]"),
};
// Make the request
await iAMClient.DeleteServiceAccountKeyAsync(request);

DeleteServiceAccountKeyAsync(DeleteServiceAccountKeyRequest, CancellationToken)

public virtual Task DeleteServiceAccountKeyAsync(DeleteServiceAccountKeyRequest request, CancellationToken cancellationToken)

Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. Deleting a service account key does not revoke short-lived credentials that have been issued based on the service account key.

Parameters
Name	Description
`request`	`DeleteServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
DeleteServiceAccountKeyRequest request = new DeleteServiceAccountKeyRequest
{
    KeyName = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]"),
};
// Make the request
await iAMClient.DeleteServiceAccountKeyAsync(request);

DeleteServiceAccountKeyAsync(KeyName, CallSettings)

public virtual Task DeleteServiceAccountKeyAsync(KeyName name, CallSettings callSettings = null)

Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. Deleting a service account key does not revoke short-lived credentials that have been issued based on the service account key.

Parameters
Name	Description
`name`	`KeyName` Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
KeyName name = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]");
// Make the request
await iAMClient.DeleteServiceAccountKeyAsync(name);

DeleteServiceAccountKeyAsync(KeyName, CancellationToken)

public virtual Task DeleteServiceAccountKeyAsync(KeyName name, CancellationToken cancellationToken)

Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. Deleting a service account key does not revoke short-lived credentials that have been issued based on the service account key.

Parameters
Name	Description
`name`	`KeyName` Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
KeyName name = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]");
// Make the request
await iAMClient.DeleteServiceAccountKeyAsync(name);

DeleteServiceAccountKeyAsync(string, CallSettings)

public virtual Task DeleteServiceAccountKeyAsync(string name, CallSettings callSettings = null)

Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. Deleting a service account key does not revoke short-lived credentials that have been issued based on the service account key.

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]/keys/[KEY]";
// Make the request
await iAMClient.DeleteServiceAccountKeyAsync(name);

DeleteServiceAccountKeyAsync(string, CancellationToken)

public virtual Task DeleteServiceAccountKeyAsync(string name, CancellationToken cancellationToken)

Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. Deleting a service account key does not revoke short-lived credentials that have been issued based on the service account key.

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]/keys/[KEY]";
// Make the request
await iAMClient.DeleteServiceAccountKeyAsync(name);

DisableServiceAccount(DisableServiceAccountRequest, CallSettings)

public virtual void DisableServiceAccount(DisableServiceAccountRequest request, CallSettings callSettings = null)

Disables a [ServiceAccount][google.iam.admin.v1.ServiceAccount] immediately.

If an application uses the service account to authenticate, that application can no longer call Google APIs or access Google Cloud resources. Existing access tokens for the service account are rejected, and requests for new access tokens will fail.

To re-enable the service account, use [EnableServiceAccount][google.iam.admin.v1.IAM.EnableServiceAccount]. After you re-enable the service account, its existing access tokens will be accepted, and you can request new access tokens.

To help avoid unplanned outages, we recommend that you disable the service account before you delete it. Use this method to disable the service account, then wait at least 24 hours and watch for unintended consequences. If there are no unintended consequences, you can delete the service account with [DeleteServiceAccount][google.iam.admin.v1.IAM.DeleteServiceAccount].

Parameters
Name	Description
`request`	`DisableServiceAccountRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
DisableServiceAccountRequest request = new DisableServiceAccountRequest { Name = "", };
// Make the request
iAMClient.DisableServiceAccount(request);

DisableServiceAccountAsync(DisableServiceAccountRequest, CallSettings)

public virtual Task DisableServiceAccountAsync(DisableServiceAccountRequest request, CallSettings callSettings = null)

Disables a [ServiceAccount][google.iam.admin.v1.ServiceAccount] immediately.

Parameters
Name	Description
`request`	`DisableServiceAccountRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
DisableServiceAccountRequest request = new DisableServiceAccountRequest { Name = "", };
// Make the request
await iAMClient.DisableServiceAccountAsync(request);

DisableServiceAccountAsync(DisableServiceAccountRequest, CancellationToken)

public virtual Task DisableServiceAccountAsync(DisableServiceAccountRequest request, CancellationToken cancellationToken)

Disables a [ServiceAccount][google.iam.admin.v1.ServiceAccount] immediately.

Parameters
Name	Description
`request`	`DisableServiceAccountRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
DisableServiceAccountRequest request = new DisableServiceAccountRequest { Name = "", };
// Make the request
await iAMClient.DisableServiceAccountAsync(request);

DisableServiceAccountKey(DisableServiceAccountKeyRequest, CallSettings)

public virtual void DisableServiceAccountKey(DisableServiceAccountKeyRequest request, CallSettings callSettings = null)

Disable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. A disabled service account key can be re-enabled with [EnableServiceAccountKey][google.iam.admin.v1.IAM.EnableServiceAccountKey].

Parameters
Name	Description
`request`	`DisableServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
DisableServiceAccountKeyRequest request = new DisableServiceAccountKeyRequest
{
    KeyName = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]"),
};
// Make the request
iAMClient.DisableServiceAccountKey(request);

DisableServiceAccountKey(KeyName, CallSettings)

public virtual void DisableServiceAccountKey(KeyName name, CallSettings callSettings = null)

Disable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. A disabled service account key can be re-enabled with [EnableServiceAccountKey][google.iam.admin.v1.IAM.EnableServiceAccountKey].

Parameters

Name Description

name

KeyName

Required. The resource name of the service account key in the following format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}.

Using - as a wildcard for the PROJECT_ID will infer the project from the account. The ACCOUNT value can be the email address or the unique_id of the service account.

callSettings

CallSettings

If not null, applies overrides to this RPC call.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
KeyName name = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]");
// Make the request
iAMClient.DisableServiceAccountKey(name);

DisableServiceAccountKey(string, CallSettings)

public virtual void DisableServiceAccountKey(string name, CallSettings callSettings = null)

Disable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. A disabled service account key can be re-enabled with [EnableServiceAccountKey][google.iam.admin.v1.IAM.EnableServiceAccountKey].

Parameters

Name Description

name

string

Required. The resource name of the service account key in the following format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}.

Using - as a wildcard for the PROJECT_ID will infer the project from the account. The ACCOUNT value can be the email address or the unique_id of the service account.

callSettings

CallSettings

If not null, applies overrides to this RPC call.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]/keys/[KEY]";
// Make the request
iAMClient.DisableServiceAccountKey(name);

DisableServiceAccountKeyAsync(DisableServiceAccountKeyRequest, CallSettings)

public virtual Task DisableServiceAccountKeyAsync(DisableServiceAccountKeyRequest request, CallSettings callSettings = null)

Disable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. A disabled service account key can be re-enabled with [EnableServiceAccountKey][google.iam.admin.v1.IAM.EnableServiceAccountKey].

Parameters
Name	Description
`request`	`DisableServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
DisableServiceAccountKeyRequest request = new DisableServiceAccountKeyRequest
{
    KeyName = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]"),
};
// Make the request
await iAMClient.DisableServiceAccountKeyAsync(request);

DisableServiceAccountKeyAsync(DisableServiceAccountKeyRequest, CancellationToken)

public virtual Task DisableServiceAccountKeyAsync(DisableServiceAccountKeyRequest request, CancellationToken cancellationToken)

Disable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. A disabled service account key can be re-enabled with [EnableServiceAccountKey][google.iam.admin.v1.IAM.EnableServiceAccountKey].

Parameters
Name	Description
`request`	`DisableServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
DisableServiceAccountKeyRequest request = new DisableServiceAccountKeyRequest
{
    KeyName = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]"),
};
// Make the request
await iAMClient.DisableServiceAccountKeyAsync(request);

DisableServiceAccountKeyAsync(KeyName, CallSettings)

public virtual Task DisableServiceAccountKeyAsync(KeyName name, CallSettings callSettings = null)

Disable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. A disabled service account key can be re-enabled with [EnableServiceAccountKey][google.iam.admin.v1.IAM.EnableServiceAccountKey].

Parameters

Name Description

name

KeyName

Required. The resource name of the service account key in the following format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}.

Using - as a wildcard for the PROJECT_ID will infer the project from the account. The ACCOUNT value can be the email address or the unique_id of the service account.

callSettings

CallSettings

If not null, applies overrides to this RPC call.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
KeyName name = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]");
// Make the request
await iAMClient.DisableServiceAccountKeyAsync(name);

DisableServiceAccountKeyAsync(KeyName, CancellationToken)

public virtual Task DisableServiceAccountKeyAsync(KeyName name, CancellationToken cancellationToken)

Disable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. A disabled service account key can be re-enabled with [EnableServiceAccountKey][google.iam.admin.v1.IAM.EnableServiceAccountKey].

Parameters

Name Description

name

KeyName

Required. The resource name of the service account key in the following format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}.

Using - as a wildcard for the PROJECT_ID will infer the project from the account. The ACCOUNT value can be the email address or the unique_id of the service account.

cancellationToken

CancellationToken

A CancellationToken to use for this RPC.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
KeyName name = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]");
// Make the request
await iAMClient.DisableServiceAccountKeyAsync(name);

DisableServiceAccountKeyAsync(string, CallSettings)

public virtual Task DisableServiceAccountKeyAsync(string name, CallSettings callSettings = null)

Disable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. A disabled service account key can be re-enabled with [EnableServiceAccountKey][google.iam.admin.v1.IAM.EnableServiceAccountKey].

Parameters

Name Description

name

string

Required. The resource name of the service account key in the following format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}.

Using - as a wildcard for the PROJECT_ID will infer the project from the account. The ACCOUNT value can be the email address or the unique_id of the service account.

callSettings

CallSettings

If not null, applies overrides to this RPC call.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]/keys/[KEY]";
// Make the request
await iAMClient.DisableServiceAccountKeyAsync(name);

DisableServiceAccountKeyAsync(string, CancellationToken)

public virtual Task DisableServiceAccountKeyAsync(string name, CancellationToken cancellationToken)

Disable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. A disabled service account key can be re-enabled with [EnableServiceAccountKey][google.iam.admin.v1.IAM.EnableServiceAccountKey].

Parameters

Name Description

name

string

Required. The resource name of the service account key in the following format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}.

Using - as a wildcard for the PROJECT_ID will infer the project from the account. The ACCOUNT value can be the email address or the unique_id of the service account.

cancellationToken

CancellationToken

A CancellationToken to use for this RPC.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]/keys/[KEY]";
// Make the request
await iAMClient.DisableServiceAccountKeyAsync(name);

EnableServiceAccount(EnableServiceAccountRequest, CallSettings)

public virtual void EnableServiceAccount(EnableServiceAccountRequest request, CallSettings callSettings = null)

Enables a [ServiceAccount][google.iam.admin.v1.ServiceAccount] that was disabled by [DisableServiceAccount][google.iam.admin.v1.IAM.DisableServiceAccount].

If the service account is already enabled, then this method has no effect.

If the service account was disabled by other means—for example, if Google disabled the service account because it was compromised—you cannot use this method to enable the service account.

Parameters
Name	Description
`request`	`EnableServiceAccountRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
EnableServiceAccountRequest request = new EnableServiceAccountRequest { Name = "", };
// Make the request
iAMClient.EnableServiceAccount(request);

EnableServiceAccountAsync(EnableServiceAccountRequest, CallSettings)

public virtual Task EnableServiceAccountAsync(EnableServiceAccountRequest request, CallSettings callSettings = null)

Enables a [ServiceAccount][google.iam.admin.v1.ServiceAccount] that was disabled by [DisableServiceAccount][google.iam.admin.v1.IAM.DisableServiceAccount].

If the service account is already enabled, then this method has no effect.

If the service account was disabled by other means—for example, if Google disabled the service account because it was compromised—you cannot use this method to enable the service account.

Parameters
Name	Description
`request`	`EnableServiceAccountRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
EnableServiceAccountRequest request = new EnableServiceAccountRequest { Name = "", };
// Make the request
await iAMClient.EnableServiceAccountAsync(request);

EnableServiceAccountAsync(EnableServiceAccountRequest, CancellationToken)

public virtual Task EnableServiceAccountAsync(EnableServiceAccountRequest request, CancellationToken cancellationToken)

Enables a [ServiceAccount][google.iam.admin.v1.ServiceAccount] that was disabled by [DisableServiceAccount][google.iam.admin.v1.IAM.DisableServiceAccount].

If the service account is already enabled, then this method has no effect.

If the service account was disabled by other means—for example, if Google disabled the service account because it was compromised—you cannot use this method to enable the service account.

Parameters
Name	Description
`request`	`EnableServiceAccountRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
EnableServiceAccountRequest request = new EnableServiceAccountRequest { Name = "", };
// Make the request
await iAMClient.EnableServiceAccountAsync(request);

EnableServiceAccountKey(EnableServiceAccountKeyRequest, CallSettings)

public virtual void EnableServiceAccountKey(EnableServiceAccountKeyRequest request, CallSettings callSettings = null)

Enable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`request`	`EnableServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
EnableServiceAccountKeyRequest request = new EnableServiceAccountKeyRequest
{
    KeyName = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]"),
};
// Make the request
iAMClient.EnableServiceAccountKey(request);

EnableServiceAccountKey(KeyName, CallSettings)

public virtual void EnableServiceAccountKey(KeyName name, CallSettings callSettings = null)

Enable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters

Name Description

name

KeyName

Required. The resource name of the service account key in the following format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}.

Using - as a wildcard for the PROJECT_ID will infer the project from the account. The ACCOUNT value can be the email address or the unique_id of the service account.

callSettings

CallSettings

If not null, applies overrides to this RPC call.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
KeyName name = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]");
// Make the request
iAMClient.EnableServiceAccountKey(name);

EnableServiceAccountKey(string, CallSettings)

public virtual void EnableServiceAccountKey(string name, CallSettings callSettings = null)

Enable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters

Name Description

name

string

Required. The resource name of the service account key in the following format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}.

Using - as a wildcard for the PROJECT_ID will infer the project from the account. The ACCOUNT value can be the email address or the unique_id of the service account.

callSettings

CallSettings

If not null, applies overrides to this RPC call.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]/keys/[KEY]";
// Make the request
iAMClient.EnableServiceAccountKey(name);

EnableServiceAccountKeyAsync(EnableServiceAccountKeyRequest, CallSettings)

public virtual Task EnableServiceAccountKeyAsync(EnableServiceAccountKeyRequest request, CallSettings callSettings = null)

Enable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`request`	`EnableServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
EnableServiceAccountKeyRequest request = new EnableServiceAccountKeyRequest
{
    KeyName = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]"),
};
// Make the request
await iAMClient.EnableServiceAccountKeyAsync(request);

EnableServiceAccountKeyAsync(EnableServiceAccountKeyRequest, CancellationToken)

public virtual Task EnableServiceAccountKeyAsync(EnableServiceAccountKeyRequest request, CancellationToken cancellationToken)

Enable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`request`	`EnableServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
EnableServiceAccountKeyRequest request = new EnableServiceAccountKeyRequest
{
    KeyName = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]"),
};
// Make the request
await iAMClient.EnableServiceAccountKeyAsync(request);

EnableServiceAccountKeyAsync(KeyName, CallSettings)

public virtual Task EnableServiceAccountKeyAsync(KeyName name, CallSettings callSettings = null)

Enable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters

Name Description

name

KeyName

Required. The resource name of the service account key in the following format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}.

Using - as a wildcard for the PROJECT_ID will infer the project from the account. The ACCOUNT value can be the email address or the unique_id of the service account.

callSettings

CallSettings

If not null, applies overrides to this RPC call.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
KeyName name = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]");
// Make the request
await iAMClient.EnableServiceAccountKeyAsync(name);

EnableServiceAccountKeyAsync(KeyName, CancellationToken)

public virtual Task EnableServiceAccountKeyAsync(KeyName name, CancellationToken cancellationToken)

Enable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters

Name Description

name

KeyName

Required. The resource name of the service account key in the following format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}.

Using - as a wildcard for the PROJECT_ID will infer the project from the account. The ACCOUNT value can be the email address or the unique_id of the service account.

cancellationToken

CancellationToken

A CancellationToken to use for this RPC.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
KeyName name = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]");
// Make the request
await iAMClient.EnableServiceAccountKeyAsync(name);

EnableServiceAccountKeyAsync(string, CallSettings)

public virtual Task EnableServiceAccountKeyAsync(string name, CallSettings callSettings = null)

Enable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters

Name Description

name

string

Required. The resource name of the service account key in the following format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}.

Using - as a wildcard for the PROJECT_ID will infer the project from the account. The ACCOUNT value can be the email address or the unique_id of the service account.

callSettings

CallSettings

If not null, applies overrides to this RPC call.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]/keys/[KEY]";
// Make the request
await iAMClient.EnableServiceAccountKeyAsync(name);

EnableServiceAccountKeyAsync(string, CancellationToken)

public virtual Task EnableServiceAccountKeyAsync(string name, CancellationToken cancellationToken)

Enable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters

Name Description

name

string

Required. The resource name of the service account key in the following format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}.

Using - as a wildcard for the PROJECT_ID will infer the project from the account. The ACCOUNT value can be the email address or the unique_id of the service account.

cancellationToken

CancellationToken

A CancellationToken to use for this RPC.

Returns
Type	Description
`Task`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]/keys/[KEY]";
// Make the request
await iAMClient.EnableServiceAccountKeyAsync(name);

GetIamPolicy(IResourceName, CallSettings)

public virtual Policy GetIamPolicy(IResourceName resource, CallSettings callSettings = null)

Gets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. This IAM policy specifies which principals have access to the service account.

This method does not tell you whether the service account has been granted any roles on other resources. To check whether a service account has role grants on a resource, use the getIamPolicy method for that resource. For example, to view the role grants for a project, call the Resource Manager API's projects.getIamPolicy method.

Parameters
Name	Description
`resource`	`IResourceName` REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Policy`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
IResourceName resource = new UnparsedResourceName("a/wildcard/resource");
// Make the request
Policy response = iAMClient.GetIamPolicy(resource);

GetIamPolicy(GetIamPolicyRequest, CallSettings)

public virtual Policy GetIamPolicy(GetIamPolicyRequest request, CallSettings callSettings = null)

Gets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. This IAM policy specifies which principals have access to the service account.

Parameters
Name	Description
`request`	`GetIamPolicyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Policy`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
GetIamPolicyRequest request = new GetIamPolicyRequest
{
    ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Options = new GetPolicyOptions(),
};
// Make the request
Policy response = iAMClient.GetIamPolicy(request);

GetIamPolicy(string, CallSettings)

public virtual Policy GetIamPolicy(string resource, CallSettings callSettings = null)

Gets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. This IAM policy specifies which principals have access to the service account.

Parameters
Name	Description
`resource`	`string` REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Policy`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
string resource = "a/wildcard/resource";
// Make the request
Policy response = iAMClient.GetIamPolicy(resource);

GetIamPolicyAsync(IResourceName, CallSettings)

public virtual Task<Policy> GetIamPolicyAsync(IResourceName resource, CallSettings callSettings = null)

Gets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. This IAM policy specifies which principals have access to the service account.

Parameters
Name	Description
`resource`	`IResourceName` REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskPolicy`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
IResourceName resource = new UnparsedResourceName("a/wildcard/resource");
// Make the request
Policy response = await iAMClient.GetIamPolicyAsync(resource);

GetIamPolicyAsync(IResourceName, CancellationToken)

public virtual Task<Policy> GetIamPolicyAsync(IResourceName resource, CancellationToken cancellationToken)

Gets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. This IAM policy specifies which principals have access to the service account.

Parameters
Name	Description
`resource`	`IResourceName` REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskPolicy`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
IResourceName resource = new UnparsedResourceName("a/wildcard/resource");
// Make the request
Policy response = await iAMClient.GetIamPolicyAsync(resource);

GetIamPolicyAsync(GetIamPolicyRequest, CallSettings)

public virtual Task<Policy> GetIamPolicyAsync(GetIamPolicyRequest request, CallSettings callSettings = null)

Gets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. This IAM policy specifies which principals have access to the service account.

Parameters
Name	Description
`request`	`GetIamPolicyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskPolicy`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
GetIamPolicyRequest request = new GetIamPolicyRequest
{
    ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Options = new GetPolicyOptions(),
};
// Make the request
Policy response = await iAMClient.GetIamPolicyAsync(request);

GetIamPolicyAsync(GetIamPolicyRequest, CancellationToken)

public virtual Task<Policy> GetIamPolicyAsync(GetIamPolicyRequest request, CancellationToken cancellationToken)

Gets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. This IAM policy specifies which principals have access to the service account.

Parameters
Name	Description
`request`	`GetIamPolicyRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskPolicy`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
GetIamPolicyRequest request = new GetIamPolicyRequest
{
    ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Options = new GetPolicyOptions(),
};
// Make the request
Policy response = await iAMClient.GetIamPolicyAsync(request);

GetIamPolicyAsync(string, CallSettings)

public virtual Task<Policy> GetIamPolicyAsync(string resource, CallSettings callSettings = null)

Gets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. This IAM policy specifies which principals have access to the service account.

Parameters
Name	Description
`resource`	`string` REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskPolicy`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string resource = "a/wildcard/resource";
// Make the request
Policy response = await iAMClient.GetIamPolicyAsync(resource);

GetIamPolicyAsync(string, CancellationToken)

public virtual Task<Policy> GetIamPolicyAsync(string resource, CancellationToken cancellationToken)

Gets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. This IAM policy specifies which principals have access to the service account.

Parameters
Name	Description
`resource`	`string` REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskPolicy`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string resource = "a/wildcard/resource";
// Make the request
Policy response = await iAMClient.GetIamPolicyAsync(resource);

GetRole(GetRoleRequest, CallSettings)

public virtual Role GetRole(GetRoleRequest request, CallSettings callSettings = null)

Gets the definition of a [Role][google.iam.admin.v1.Role].

Parameters
Name	Description
`request`	`GetRoleRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Role`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
GetRoleRequest request = new GetRoleRequest
{
    ResourceName = new UnparsedResourceName("a/wildcard/resource"),
};
// Make the request
Role response = iAMClient.GetRole(request);

GetRoleAsync(GetRoleRequest, CallSettings)

public virtual Task<Role> GetRoleAsync(GetRoleRequest request, CallSettings callSettings = null)

Gets the definition of a [Role][google.iam.admin.v1.Role].

Parameters
Name	Description
`request`	`GetRoleRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskRole`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
GetRoleRequest request = new GetRoleRequest
{
    ResourceName = new UnparsedResourceName("a/wildcard/resource"),
};
// Make the request
Role response = await iAMClient.GetRoleAsync(request);

GetRoleAsync(GetRoleRequest, CancellationToken)

public virtual Task<Role> GetRoleAsync(GetRoleRequest request, CancellationToken cancellationToken)

Gets the definition of a [Role][google.iam.admin.v1.Role].

Parameters
Name	Description
`request`	`GetRoleRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskRole`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
GetRoleRequest request = new GetRoleRequest
{
    ResourceName = new UnparsedResourceName("a/wildcard/resource"),
};
// Make the request
Role response = await iAMClient.GetRoleAsync(request);

GetServiceAccount(GetServiceAccountRequest, CallSettings)

public virtual ServiceAccount GetServiceAccount(GetServiceAccountRequest request, CallSettings callSettings = null)

Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`GetServiceAccountRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ServiceAccount`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
GetServiceAccountRequest request = new GetServiceAccountRequest
{
    ServiceAccountName = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]"),
};
// Make the request
ServiceAccount response = iAMClient.GetServiceAccount(request);

GetServiceAccount(ServiceAccountName, CallSettings)

public virtual ServiceAccount GetServiceAccount(ServiceAccountName name, CallSettings callSettings = null)

Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`ServiceAccountName` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ServiceAccount`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
// Make the request
ServiceAccount response = iAMClient.GetServiceAccount(name);

GetServiceAccount(string, CallSettings)

public virtual ServiceAccount GetServiceAccount(string name, CallSettings callSettings = null)

Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ServiceAccount`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
// Make the request
ServiceAccount response = iAMClient.GetServiceAccount(name);

GetServiceAccountAsync(GetServiceAccountRequest, CallSettings)

public virtual Task<ServiceAccount> GetServiceAccountAsync(GetServiceAccountRequest request, CallSettings callSettings = null)

Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`GetServiceAccountRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
GetServiceAccountRequest request = new GetServiceAccountRequest
{
    ServiceAccountName = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]"),
};
// Make the request
ServiceAccount response = await iAMClient.GetServiceAccountAsync(request);

GetServiceAccountAsync(GetServiceAccountRequest, CancellationToken)

public virtual Task<ServiceAccount> GetServiceAccountAsync(GetServiceAccountRequest request, CancellationToken cancellationToken)

Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`GetServiceAccountRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
GetServiceAccountRequest request = new GetServiceAccountRequest
{
    ServiceAccountName = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]"),
};
// Make the request
ServiceAccount response = await iAMClient.GetServiceAccountAsync(request);

GetServiceAccountAsync(ServiceAccountName, CallSettings)

public virtual Task<ServiceAccount> GetServiceAccountAsync(ServiceAccountName name, CallSettings callSettings = null)

Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`ServiceAccountName` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
// Make the request
ServiceAccount response = await iAMClient.GetServiceAccountAsync(name);

GetServiceAccountAsync(ServiceAccountName, CancellationToken)

public virtual Task<ServiceAccount> GetServiceAccountAsync(ServiceAccountName name, CancellationToken cancellationToken)

Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`ServiceAccountName` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
// Make the request
ServiceAccount response = await iAMClient.GetServiceAccountAsync(name);

GetServiceAccountAsync(string, CallSettings)

public virtual Task<ServiceAccount> GetServiceAccountAsync(string name, CallSettings callSettings = null)

Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
// Make the request
ServiceAccount response = await iAMClient.GetServiceAccountAsync(name);

GetServiceAccountAsync(string, CancellationToken)

public virtual Task<ServiceAccount> GetServiceAccountAsync(string name, CancellationToken cancellationToken)

Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
// Make the request
ServiceAccount response = await iAMClient.GetServiceAccountAsync(name);

GetServiceAccountKey(GetServiceAccountKeyRequest, CallSettings)

public virtual ServiceAccountKey GetServiceAccountKey(GetServiceAccountKeyRequest request, CallSettings callSettings = null)

Gets a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`request`	`GetServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ServiceAccountKey`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
GetServiceAccountKeyRequest request = new GetServiceAccountKeyRequest
{
    KeyName = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]"),
    PublicKeyType = ServiceAccountPublicKeyType.TypeNone,
};
// Make the request
ServiceAccountKey response = iAMClient.GetServiceAccountKey(request);

GetServiceAccountKey(KeyName, ServiceAccountPublicKeyType, CallSettings)

public virtual ServiceAccountKey GetServiceAccountKey(KeyName name, ServiceAccountPublicKeyType publicKeyType, CallSettings callSettings = null)

Gets a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`name`	`KeyName` Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`publicKeyType`	`ServiceAccountPublicKeyType` Optional. The output format of the public key. The default is `TYPE_NONE`, which means that the public key is not returned.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ServiceAccountKey`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
KeyName name = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]");
ServiceAccountPublicKeyType publicKeyType = ServiceAccountPublicKeyType.TypeNone;
// Make the request
ServiceAccountKey response = iAMClient.GetServiceAccountKey(name, publicKeyType);

GetServiceAccountKey(string, ServiceAccountPublicKeyType, CallSettings)

public virtual ServiceAccountKey GetServiceAccountKey(string name, ServiceAccountPublicKeyType publicKeyType, CallSettings callSettings = null)

Gets a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`publicKeyType`	`ServiceAccountPublicKeyType` Optional. The output format of the public key. The default is `TYPE_NONE`, which means that the public key is not returned.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ServiceAccountKey`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]/keys/[KEY]";
ServiceAccountPublicKeyType publicKeyType = ServiceAccountPublicKeyType.TypeNone;
// Make the request
ServiceAccountKey response = iAMClient.GetServiceAccountKey(name, publicKeyType);

GetServiceAccountKeyAsync(GetServiceAccountKeyRequest, CallSettings)

public virtual Task<ServiceAccountKey> GetServiceAccountKeyAsync(GetServiceAccountKeyRequest request, CallSettings callSettings = null)

Gets a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`request`	`GetServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskServiceAccountKey`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
GetServiceAccountKeyRequest request = new GetServiceAccountKeyRequest
{
    KeyName = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]"),
    PublicKeyType = ServiceAccountPublicKeyType.TypeNone,
};
// Make the request
ServiceAccountKey response = await iAMClient.GetServiceAccountKeyAsync(request);

GetServiceAccountKeyAsync(GetServiceAccountKeyRequest, CancellationToken)

public virtual Task<ServiceAccountKey> GetServiceAccountKeyAsync(GetServiceAccountKeyRequest request, CancellationToken cancellationToken)

Gets a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`request`	`GetServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskServiceAccountKey`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
GetServiceAccountKeyRequest request = new GetServiceAccountKeyRequest
{
    KeyName = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]"),
    PublicKeyType = ServiceAccountPublicKeyType.TypeNone,
};
// Make the request
ServiceAccountKey response = await iAMClient.GetServiceAccountKeyAsync(request);

GetServiceAccountKeyAsync(KeyName, ServiceAccountPublicKeyType, CallSettings)

public virtual Task<ServiceAccountKey> GetServiceAccountKeyAsync(KeyName name, ServiceAccountPublicKeyType publicKeyType, CallSettings callSettings = null)

Gets a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`name`	`KeyName` Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`publicKeyType`	`ServiceAccountPublicKeyType` Optional. The output format of the public key. The default is `TYPE_NONE`, which means that the public key is not returned.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskServiceAccountKey`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
KeyName name = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]");
ServiceAccountPublicKeyType publicKeyType = ServiceAccountPublicKeyType.TypeNone;
// Make the request
ServiceAccountKey response = await iAMClient.GetServiceAccountKeyAsync(name, publicKeyType);

GetServiceAccountKeyAsync(KeyName, ServiceAccountPublicKeyType, CancellationToken)

public virtual Task<ServiceAccountKey> GetServiceAccountKeyAsync(KeyName name, ServiceAccountPublicKeyType publicKeyType, CancellationToken cancellationToken)

Gets a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`name`	`KeyName` Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`publicKeyType`	`ServiceAccountPublicKeyType` Optional. The output format of the public key. The default is `TYPE_NONE`, which means that the public key is not returned.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskServiceAccountKey`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
KeyName name = KeyName.FromProjectServiceAccountKey("[PROJECT]", "[SERVICE_ACCOUNT]", "[KEY]");
ServiceAccountPublicKeyType publicKeyType = ServiceAccountPublicKeyType.TypeNone;
// Make the request
ServiceAccountKey response = await iAMClient.GetServiceAccountKeyAsync(name, publicKeyType);

GetServiceAccountKeyAsync(string, ServiceAccountPublicKeyType, CallSettings)

public virtual Task<ServiceAccountKey> GetServiceAccountKeyAsync(string name, ServiceAccountPublicKeyType publicKeyType, CallSettings callSettings = null)

Gets a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`publicKeyType`	`ServiceAccountPublicKeyType` Optional. The output format of the public key. The default is `TYPE_NONE`, which means that the public key is not returned.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskServiceAccountKey`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]/keys/[KEY]";
ServiceAccountPublicKeyType publicKeyType = ServiceAccountPublicKeyType.TypeNone;
// Make the request
ServiceAccountKey response = await iAMClient.GetServiceAccountKeyAsync(name, publicKeyType);

GetServiceAccountKeyAsync(string, ServiceAccountPublicKeyType, CancellationToken)

public virtual Task<ServiceAccountKey> GetServiceAccountKeyAsync(string name, ServiceAccountPublicKeyType publicKeyType, CancellationToken cancellationToken)

Gets a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`publicKeyType`	`ServiceAccountPublicKeyType` Optional. The output format of the public key. The default is `TYPE_NONE`, which means that the public key is not returned.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskServiceAccountKey`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]/keys/[KEY]";
ServiceAccountPublicKeyType publicKeyType = ServiceAccountPublicKeyType.TypeNone;
// Make the request
ServiceAccountKey response = await iAMClient.GetServiceAccountKeyAsync(name, publicKeyType);

LintPolicy(LintPolicyRequest, CallSettings)

public virtual LintPolicyResponse LintPolicy(LintPolicyRequest request, CallSettings callSettings = null)

Lints, or validates, an IAM policy. Currently checks the [google.iam.v1.Binding.condition][google.iam.v1.Binding.condition] field, which contains a condition expression for a role binding.

Successful calls to this method always return an HTTP 200 OK status code, even if the linter detects an issue in the IAM policy.

Parameters
Name	Description
`request`	`LintPolicyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`LintPolicyResponse`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
LintPolicyRequest request = new LintPolicyRequest
{
    FullResourceName = "",
    Condition = new Expr(),
};
// Make the request
LintPolicyResponse response = iAMClient.LintPolicy(request);

LintPolicyAsync(LintPolicyRequest, CallSettings)

public virtual Task<LintPolicyResponse> LintPolicyAsync(LintPolicyRequest request, CallSettings callSettings = null)

Lints, or validates, an IAM policy. Currently checks the [google.iam.v1.Binding.condition][google.iam.v1.Binding.condition] field, which contains a condition expression for a role binding.

Successful calls to this method always return an HTTP 200 OK status code, even if the linter detects an issue in the IAM policy.

Parameters
Name	Description
`request`	`LintPolicyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskLintPolicyResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
LintPolicyRequest request = new LintPolicyRequest
{
    FullResourceName = "",
    Condition = new Expr(),
};
// Make the request
LintPolicyResponse response = await iAMClient.LintPolicyAsync(request);

LintPolicyAsync(LintPolicyRequest, CancellationToken)

public virtual Task<LintPolicyResponse> LintPolicyAsync(LintPolicyRequest request, CancellationToken cancellationToken)

Lints, or validates, an IAM policy. Currently checks the [google.iam.v1.Binding.condition][google.iam.v1.Binding.condition] field, which contains a condition expression for a role binding.

Successful calls to this method always return an HTTP 200 OK status code, even if the linter detects an issue in the IAM policy.

Parameters
Name	Description
`request`	`LintPolicyRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskLintPolicyResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
LintPolicyRequest request = new LintPolicyRequest
{
    FullResourceName = "",
    Condition = new Expr(),
};
// Make the request
LintPolicyResponse response = await iAMClient.LintPolicyAsync(request);

ListRoles(ListRolesRequest, CallSettings)

public virtual PagedEnumerable<ListRolesResponse, Role> ListRoles(ListRolesRequest request, CallSettings callSettings = null)

Lists every predefined [Role][google.iam.admin.v1.Role] that IAM supports, or every custom role that is defined for an organization or project.

Parameters
Name	Description
`request`	`ListRolesRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`PagedEnumerableListRolesResponseRole`	A pageable sequence of Role resources.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
ListRolesRequest request = new ListRolesRequest
{
    ParentAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
    View = RoleView.Basic,
    ShowDeleted = false,
};
// Make the request
PagedEnumerable<ListRolesResponse, Role> response = iAMClient.ListRoles(request);

// Iterate over all response items, lazily performing RPCs as required
foreach (Role item in response)
{
    // Do something with each item
    Console.WriteLine(item);
}

// Or iterate over pages (of server-defined size), performing one RPC per page
foreach (ListRolesResponse page in response.AsRawResponses())
{
    // Do something with each page of items
    Console.WriteLine("A page of results:");
    foreach (Role item in page)
    {
        // Do something with each item
        Console.WriteLine(item);
    }
}

// Or retrieve a single page of known size (unless it's the final page), performing as many RPCs as required
int pageSize = 10;
Page<Role> singlePage = response.ReadPage(pageSize);
// Do something with the page of items
Console.WriteLine($"A page of {pageSize} results (unless it's the final page):");
foreach (Role item in singlePage)
{
    // Do something with each item
    Console.WriteLine(item);
}
// Store the pageToken, for when the next page is required.
string nextPageToken = singlePage.NextPageToken;

ListRolesAsync(ListRolesRequest, CallSettings)

public virtual PagedAsyncEnumerable<ListRolesResponse, Role> ListRolesAsync(ListRolesRequest request, CallSettings callSettings = null)

Lists every predefined [Role][google.iam.admin.v1.Role] that IAM supports, or every custom role that is defined for an organization or project.

Parameters
Name	Description
`request`	`ListRolesRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`PagedAsyncEnumerableListRolesResponseRole`	A pageable asynchronous sequence of Role resources.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ListRolesRequest request = new ListRolesRequest
{
    ParentAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
    View = RoleView.Basic,
    ShowDeleted = false,
};
// Make the request
PagedAsyncEnumerable<ListRolesResponse, Role> response = iAMClient.ListRolesAsync(request);

// Iterate over all response items, lazily performing RPCs as required
await response.ForEachAsync((Role item) =>
{
    // Do something with each item
    Console.WriteLine(item);
});

// Or iterate over pages (of server-defined size), performing one RPC per page
await response.AsRawResponses().ForEachAsync((ListRolesResponse page) =>
{
    // Do something with each page of items
    Console.WriteLine("A page of results:");
    foreach (Role item in page)
    {
        // Do something with each item
        Console.WriteLine(item);
    }
});

// Or retrieve a single page of known size (unless it's the final page), performing as many RPCs as required
int pageSize = 10;
Page<Role> singlePage = await response.ReadPageAsync(pageSize);
// Do something with the page of items
Console.WriteLine($"A page of {pageSize} results (unless it's the final page):");
foreach (Role item in singlePage)
{
    // Do something with each item
    Console.WriteLine(item);
}
// Store the pageToken, for when the next page is required.
string nextPageToken = singlePage.NextPageToken;

ListServiceAccountKeys(ListServiceAccountKeysRequest, CallSettings)

public virtual ListServiceAccountKeysResponse ListServiceAccountKeys(ListServiceAccountKeysRequest request, CallSettings callSettings = null)

Lists every [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey] for a service account.

Parameters
Name	Description
`request`	`ListServiceAccountKeysRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ListServiceAccountKeysResponse`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
ListServiceAccountKeysRequest request = new ListServiceAccountKeysRequest
{
    ServiceAccountName = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]"),
    KeyTypes =
    {
        ListServiceAccountKeysRequest.Types.KeyType.Unspecified,
    },
};
// Make the request
ListServiceAccountKeysResponse response = iAMClient.ListServiceAccountKeys(request);

ListServiceAccountKeys(ServiceAccountName, IEnumerable<KeyType>, CallSettings)

public virtual ListServiceAccountKeysResponse ListServiceAccountKeys(ServiceAccountName name, IEnumerable<ListServiceAccountKeysRequest.Types.KeyType> keyTypes, CallSettings callSettings = null)

Lists every [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey] for a service account.

Parameters
Name	Description
`name`	`ServiceAccountName` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID`, will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`keyTypes`	`IEnumerableListServiceAccountKeysRequestTypesKeyType` Filters the types of keys the user wants to include in the list response. Duplicate key types are not allowed. If no key type is provided, all keys are returned.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ListServiceAccountKeysResponse`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
IEnumerable<ListServiceAccountKeysRequest.Types.KeyType> keyTypes = new ListServiceAccountKeysRequest.Types.KeyType[]
{
    ListServiceAccountKeysRequest.Types.KeyType.Unspecified,
};
// Make the request
ListServiceAccountKeysResponse response = iAMClient.ListServiceAccountKeys(name, keyTypes);

ListServiceAccountKeys(string, IEnumerable<KeyType>, CallSettings)

public virtual ListServiceAccountKeysResponse ListServiceAccountKeys(string name, IEnumerable<ListServiceAccountKeysRequest.Types.KeyType> keyTypes, CallSettings callSettings = null)

Lists every [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey] for a service account.

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID`, will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`keyTypes`	`IEnumerableListServiceAccountKeysRequestTypesKeyType` Filters the types of keys the user wants to include in the list response. Duplicate key types are not allowed. If no key type is provided, all keys are returned.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ListServiceAccountKeysResponse`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
IEnumerable<ListServiceAccountKeysRequest.Types.KeyType> keyTypes = new ListServiceAccountKeysRequest.Types.KeyType[]
{
    ListServiceAccountKeysRequest.Types.KeyType.Unspecified,
};
// Make the request
ListServiceAccountKeysResponse response = iAMClient.ListServiceAccountKeys(name, keyTypes);

ListServiceAccountKeysAsync(ListServiceAccountKeysRequest, CallSettings)

public virtual Task<ListServiceAccountKeysResponse> ListServiceAccountKeysAsync(ListServiceAccountKeysRequest request, CallSettings callSettings = null)

Lists every [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey] for a service account.

Parameters
Name	Description
`request`	`ListServiceAccountKeysRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskListServiceAccountKeysResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ListServiceAccountKeysRequest request = new ListServiceAccountKeysRequest
{
    ServiceAccountName = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]"),
    KeyTypes =
    {
        ListServiceAccountKeysRequest.Types.KeyType.Unspecified,
    },
};
// Make the request
ListServiceAccountKeysResponse response = await iAMClient.ListServiceAccountKeysAsync(request);

ListServiceAccountKeysAsync(ListServiceAccountKeysRequest, CancellationToken)

public virtual Task<ListServiceAccountKeysResponse> ListServiceAccountKeysAsync(ListServiceAccountKeysRequest request, CancellationToken cancellationToken)

Lists every [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey] for a service account.

Parameters
Name	Description
`request`	`ListServiceAccountKeysRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskListServiceAccountKeysResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ListServiceAccountKeysRequest request = new ListServiceAccountKeysRequest
{
    ServiceAccountName = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]"),
    KeyTypes =
    {
        ListServiceAccountKeysRequest.Types.KeyType.Unspecified,
    },
};
// Make the request
ListServiceAccountKeysResponse response = await iAMClient.ListServiceAccountKeysAsync(request);

ListServiceAccountKeysAsync(ServiceAccountName, IEnumerable<KeyType>, CallSettings)

public virtual Task<ListServiceAccountKeysResponse> ListServiceAccountKeysAsync(ServiceAccountName name, IEnumerable<ListServiceAccountKeysRequest.Types.KeyType> keyTypes, CallSettings callSettings = null)

Lists every [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey] for a service account.

Parameters
Name	Description
`name`	`ServiceAccountName` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID`, will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`keyTypes`	`IEnumerableListServiceAccountKeysRequestTypesKeyType` Filters the types of keys the user wants to include in the list response. Duplicate key types are not allowed. If no key type is provided, all keys are returned.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskListServiceAccountKeysResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
IEnumerable<ListServiceAccountKeysRequest.Types.KeyType> keyTypes = new ListServiceAccountKeysRequest.Types.KeyType[]
{
    ListServiceAccountKeysRequest.Types.KeyType.Unspecified,
};
// Make the request
ListServiceAccountKeysResponse response = await iAMClient.ListServiceAccountKeysAsync(name, keyTypes);

ListServiceAccountKeysAsync(ServiceAccountName, IEnumerable<KeyType>, CancellationToken)

public virtual Task<ListServiceAccountKeysResponse> ListServiceAccountKeysAsync(ServiceAccountName name, IEnumerable<ListServiceAccountKeysRequest.Types.KeyType> keyTypes, CancellationToken cancellationToken)

Lists every [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey] for a service account.

Parameters
Name	Description
`name`	`ServiceAccountName` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID`, will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`keyTypes`	`IEnumerableListServiceAccountKeysRequestTypesKeyType` Filters the types of keys the user wants to include in the list response. Duplicate key types are not allowed. If no key type is provided, all keys are returned.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskListServiceAccountKeysResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
IEnumerable<ListServiceAccountKeysRequest.Types.KeyType> keyTypes = new ListServiceAccountKeysRequest.Types.KeyType[]
{
    ListServiceAccountKeysRequest.Types.KeyType.Unspecified,
};
// Make the request
ListServiceAccountKeysResponse response = await iAMClient.ListServiceAccountKeysAsync(name, keyTypes);

ListServiceAccountKeysAsync(string, IEnumerable<KeyType>, CallSettings)

public virtual Task<ListServiceAccountKeysResponse> ListServiceAccountKeysAsync(string name, IEnumerable<ListServiceAccountKeysRequest.Types.KeyType> keyTypes, CallSettings callSettings = null)

Lists every [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey] for a service account.

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID`, will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`keyTypes`	`IEnumerableListServiceAccountKeysRequestTypesKeyType` Filters the types of keys the user wants to include in the list response. Duplicate key types are not allowed. If no key type is provided, all keys are returned.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskListServiceAccountKeysResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
IEnumerable<ListServiceAccountKeysRequest.Types.KeyType> keyTypes = new ListServiceAccountKeysRequest.Types.KeyType[]
{
    ListServiceAccountKeysRequest.Types.KeyType.Unspecified,
};
// Make the request
ListServiceAccountKeysResponse response = await iAMClient.ListServiceAccountKeysAsync(name, keyTypes);

ListServiceAccountKeysAsync(string, IEnumerable<KeyType>, CancellationToken)

public virtual Task<ListServiceAccountKeysResponse> ListServiceAccountKeysAsync(string name, IEnumerable<ListServiceAccountKeysRequest.Types.KeyType> keyTypes, CancellationToken cancellationToken)

Lists every [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey] for a service account.

Parameters
Name	Description
`name`	`string` Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID`, will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`keyTypes`	`IEnumerableListServiceAccountKeysRequestTypesKeyType` Filters the types of keys the user wants to include in the list response. Duplicate key types are not allowed. If no key type is provided, all keys are returned.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskListServiceAccountKeysResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
IEnumerable<ListServiceAccountKeysRequest.Types.KeyType> keyTypes = new ListServiceAccountKeysRequest.Types.KeyType[]
{
    ListServiceAccountKeysRequest.Types.KeyType.Unspecified,
};
// Make the request
ListServiceAccountKeysResponse response = await iAMClient.ListServiceAccountKeysAsync(name, keyTypes);

ListServiceAccounts(ProjectName, string, int?, CallSettings)

public virtual PagedEnumerable<ListServiceAccountsResponse, ServiceAccount> ListServiceAccounts(ProjectName name, string pageToken = null, int? pageSize = null, CallSettings callSettings = null)

Lists every [ServiceAccount][google.iam.admin.v1.ServiceAccount] that belongs to a specific project.

Parameters
Name	Description
`name`	`ProjectName` Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.
`pageToken`	`string` The token returned from the previous request. A value of `null` or an empty string retrieves the first page.
`pageSize`	`int` The size of page to request. The response will not be larger than this, but may be smaller. A value of `null` or `0` uses a server-defined page size.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`PagedEnumerableListServiceAccountsResponseServiceAccount`	A pageable sequence of ServiceAccount resources.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
ProjectName name = ProjectName.FromProject("[PROJECT]");
// Make the request
PagedEnumerable<ListServiceAccountsResponse, ServiceAccount> response = iAMClient.ListServiceAccounts(name);

// Iterate over all response items, lazily performing RPCs as required
foreach (ServiceAccount item in response)
{
    // Do something with each item
    Console.WriteLine(item);
}

// Or iterate over pages (of server-defined size), performing one RPC per page
foreach (ListServiceAccountsResponse page in response.AsRawResponses())
{
    // Do something with each page of items
    Console.WriteLine("A page of results:");
    foreach (ServiceAccount item in page)
    {
        // Do something with each item
        Console.WriteLine(item);
    }
}

// Or retrieve a single page of known size (unless it's the final page), performing as many RPCs as required
int pageSize = 10;
Page<ServiceAccount> singlePage = response.ReadPage(pageSize);
// Do something with the page of items
Console.WriteLine($"A page of {pageSize} results (unless it's the final page):");
foreach (ServiceAccount item in singlePage)
{
    // Do something with each item
    Console.WriteLine(item);
}
// Store the pageToken, for when the next page is required.
string nextPageToken = singlePage.NextPageToken;

ListServiceAccounts(ListServiceAccountsRequest, CallSettings)

public virtual PagedEnumerable<ListServiceAccountsResponse, ServiceAccount> ListServiceAccounts(ListServiceAccountsRequest request, CallSettings callSettings = null)

Lists every [ServiceAccount][google.iam.admin.v1.ServiceAccount] that belongs to a specific project.

Parameters
Name	Description
`request`	`ListServiceAccountsRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`PagedEnumerableListServiceAccountsResponseServiceAccount`	A pageable sequence of ServiceAccount resources.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
ListServiceAccountsRequest request = new ListServiceAccountsRequest
{
    ProjectName = ProjectName.FromProject("[PROJECT]"),
};
// Make the request
PagedEnumerable<ListServiceAccountsResponse, ServiceAccount> response = iAMClient.ListServiceAccounts(request);

// Iterate over all response items, lazily performing RPCs as required
foreach (ServiceAccount item in response)
{
    // Do something with each item
    Console.WriteLine(item);
}

// Or iterate over pages (of server-defined size), performing one RPC per page
foreach (ListServiceAccountsResponse page in response.AsRawResponses())
{
    // Do something with each page of items
    Console.WriteLine("A page of results:");
    foreach (ServiceAccount item in page)
    {
        // Do something with each item
        Console.WriteLine(item);
    }
}

// Or retrieve a single page of known size (unless it's the final page), performing as many RPCs as required
int pageSize = 10;
Page<ServiceAccount> singlePage = response.ReadPage(pageSize);
// Do something with the page of items
Console.WriteLine($"A page of {pageSize} results (unless it's the final page):");
foreach (ServiceAccount item in singlePage)
{
    // Do something with each item
    Console.WriteLine(item);
}
// Store the pageToken, for when the next page is required.
string nextPageToken = singlePage.NextPageToken;

ListServiceAccounts(string, string, int?, CallSettings)

public virtual PagedEnumerable<ListServiceAccountsResponse, ServiceAccount> ListServiceAccounts(string name, string pageToken = null, int? pageSize = null, CallSettings callSettings = null)

Lists every [ServiceAccount][google.iam.admin.v1.ServiceAccount] that belongs to a specific project.

Parameters
Name	Description
`name`	`string` Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.
`pageToken`	`string` The token returned from the previous request. A value of `null` or an empty string retrieves the first page.
`pageSize`	`int` The size of page to request. The response will not be larger than this, but may be smaller. A value of `null` or `0` uses a server-defined page size.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`PagedEnumerableListServiceAccountsResponseServiceAccount`	A pageable sequence of ServiceAccount resources.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
string name = "projects/[PROJECT]";
// Make the request
PagedEnumerable<ListServiceAccountsResponse, ServiceAccount> response = iAMClient.ListServiceAccounts(name);

// Iterate over all response items, lazily performing RPCs as required
foreach (ServiceAccount item in response)
{
    // Do something with each item
    Console.WriteLine(item);
}

// Or iterate over pages (of server-defined size), performing one RPC per page
foreach (ListServiceAccountsResponse page in response.AsRawResponses())
{
    // Do something with each page of items
    Console.WriteLine("A page of results:");
    foreach (ServiceAccount item in page)
    {
        // Do something with each item
        Console.WriteLine(item);
    }
}

// Or retrieve a single page of known size (unless it's the final page), performing as many RPCs as required
int pageSize = 10;
Page<ServiceAccount> singlePage = response.ReadPage(pageSize);
// Do something with the page of items
Console.WriteLine($"A page of {pageSize} results (unless it's the final page):");
foreach (ServiceAccount item in singlePage)
{
    // Do something with each item
    Console.WriteLine(item);
}
// Store the pageToken, for when the next page is required.
string nextPageToken = singlePage.NextPageToken;

ListServiceAccountsAsync(ProjectName, string, int?, CallSettings)

public virtual PagedAsyncEnumerable<ListServiceAccountsResponse, ServiceAccount> ListServiceAccountsAsync(ProjectName name, string pageToken = null, int? pageSize = null, CallSettings callSettings = null)

Lists every [ServiceAccount][google.iam.admin.v1.ServiceAccount] that belongs to a specific project.

Parameters
Name	Description
`name`	`ProjectName` Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.
`pageToken`	`string` The token returned from the previous request. A value of `null` or an empty string retrieves the first page.
`pageSize`	`int` The size of page to request. The response will not be larger than this, but may be smaller. A value of `null` or `0` uses a server-defined page size.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`PagedAsyncEnumerableListServiceAccountsResponseServiceAccount`	A pageable asynchronous sequence of ServiceAccount resources.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ProjectName name = ProjectName.FromProject("[PROJECT]");
// Make the request
PagedAsyncEnumerable<ListServiceAccountsResponse, ServiceAccount> response = iAMClient.ListServiceAccountsAsync(name);

// Iterate over all response items, lazily performing RPCs as required
await response.ForEachAsync((ServiceAccount item) =>
{
    // Do something with each item
    Console.WriteLine(item);
});

// Or iterate over pages (of server-defined size), performing one RPC per page
await response.AsRawResponses().ForEachAsync((ListServiceAccountsResponse page) =>
{
    // Do something with each page of items
    Console.WriteLine("A page of results:");
    foreach (ServiceAccount item in page)
    {
        // Do something with each item
        Console.WriteLine(item);
    }
});

// Or retrieve a single page of known size (unless it's the final page), performing as many RPCs as required
int pageSize = 10;
Page<ServiceAccount> singlePage = await response.ReadPageAsync(pageSize);
// Do something with the page of items
Console.WriteLine($"A page of {pageSize} results (unless it's the final page):");
foreach (ServiceAccount item in singlePage)
{
    // Do something with each item
    Console.WriteLine(item);
}
// Store the pageToken, for when the next page is required.
string nextPageToken = singlePage.NextPageToken;

ListServiceAccountsAsync(ListServiceAccountsRequest, CallSettings)

public virtual PagedAsyncEnumerable<ListServiceAccountsResponse, ServiceAccount> ListServiceAccountsAsync(ListServiceAccountsRequest request, CallSettings callSettings = null)

Lists every [ServiceAccount][google.iam.admin.v1.ServiceAccount] that belongs to a specific project.

Parameters
Name	Description
`request`	`ListServiceAccountsRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`PagedAsyncEnumerableListServiceAccountsResponseServiceAccount`	A pageable asynchronous sequence of ServiceAccount resources.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ListServiceAccountsRequest request = new ListServiceAccountsRequest
{
    ProjectName = ProjectName.FromProject("[PROJECT]"),
};
// Make the request
PagedAsyncEnumerable<ListServiceAccountsResponse, ServiceAccount> response = iAMClient.ListServiceAccountsAsync(request);

// Iterate over all response items, lazily performing RPCs as required
await response.ForEachAsync((ServiceAccount item) =>
{
    // Do something with each item
    Console.WriteLine(item);
});

// Or iterate over pages (of server-defined size), performing one RPC per page
await response.AsRawResponses().ForEachAsync((ListServiceAccountsResponse page) =>
{
    // Do something with each page of items
    Console.WriteLine("A page of results:");
    foreach (ServiceAccount item in page)
    {
        // Do something with each item
        Console.WriteLine(item);
    }
});

// Or retrieve a single page of known size (unless it's the final page), performing as many RPCs as required
int pageSize = 10;
Page<ServiceAccount> singlePage = await response.ReadPageAsync(pageSize);
// Do something with the page of items
Console.WriteLine($"A page of {pageSize} results (unless it's the final page):");
foreach (ServiceAccount item in singlePage)
{
    // Do something with each item
    Console.WriteLine(item);
}
// Store the pageToken, for when the next page is required.
string nextPageToken = singlePage.NextPageToken;

ListServiceAccountsAsync(string, string, int?, CallSettings)

public virtual PagedAsyncEnumerable<ListServiceAccountsResponse, ServiceAccount> ListServiceAccountsAsync(string name, string pageToken = null, int? pageSize = null, CallSettings callSettings = null)

Lists every [ServiceAccount][google.iam.admin.v1.ServiceAccount] that belongs to a specific project.

Parameters
Name	Description
`name`	`string` Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.
`pageToken`	`string` The token returned from the previous request. A value of `null` or an empty string retrieves the first page.
`pageSize`	`int` The size of page to request. The response will not be larger than this, but may be smaller. A value of `null` or `0` uses a server-defined page size.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`PagedAsyncEnumerableListServiceAccountsResponseServiceAccount`	A pageable asynchronous sequence of ServiceAccount resources.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string name = "projects/[PROJECT]";
// Make the request
PagedAsyncEnumerable<ListServiceAccountsResponse, ServiceAccount> response = iAMClient.ListServiceAccountsAsync(name);

// Iterate over all response items, lazily performing RPCs as required
await response.ForEachAsync((ServiceAccount item) =>
{
    // Do something with each item
    Console.WriteLine(item);
});

// Or iterate over pages (of server-defined size), performing one RPC per page
await response.AsRawResponses().ForEachAsync((ListServiceAccountsResponse page) =>
{
    // Do something with each page of items
    Console.WriteLine("A page of results:");
    foreach (ServiceAccount item in page)
    {
        // Do something with each item
        Console.WriteLine(item);
    }
});

// Or retrieve a single page of known size (unless it's the final page), performing as many RPCs as required
int pageSize = 10;
Page<ServiceAccount> singlePage = await response.ReadPageAsync(pageSize);
// Do something with the page of items
Console.WriteLine($"A page of {pageSize} results (unless it's the final page):");
foreach (ServiceAccount item in singlePage)
{
    // Do something with each item
    Console.WriteLine(item);
}
// Store the pageToken, for when the next page is required.
string nextPageToken = singlePage.NextPageToken;

PatchServiceAccount(PatchServiceAccountRequest, CallSettings)

public virtual ServiceAccount PatchServiceAccount(PatchServiceAccountRequest request, CallSettings callSettings = null)

Patches a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`PatchServiceAccountRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ServiceAccount`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
PatchServiceAccountRequest request = new PatchServiceAccountRequest
{
    ServiceAccount = new ServiceAccount(),
    UpdateMask = new FieldMask(),
};
// Make the request
ServiceAccount response = iAMClient.PatchServiceAccount(request);

PatchServiceAccountAsync(PatchServiceAccountRequest, CallSettings)

public virtual Task<ServiceAccount> PatchServiceAccountAsync(PatchServiceAccountRequest request, CallSettings callSettings = null)

Patches a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`PatchServiceAccountRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
PatchServiceAccountRequest request = new PatchServiceAccountRequest
{
    ServiceAccount = new ServiceAccount(),
    UpdateMask = new FieldMask(),
};
// Make the request
ServiceAccount response = await iAMClient.PatchServiceAccountAsync(request);

PatchServiceAccountAsync(PatchServiceAccountRequest, CancellationToken)

public virtual Task<ServiceAccount> PatchServiceAccountAsync(PatchServiceAccountRequest request, CancellationToken cancellationToken)

Patches a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`PatchServiceAccountRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
PatchServiceAccountRequest request = new PatchServiceAccountRequest
{
    ServiceAccount = new ServiceAccount(),
    UpdateMask = new FieldMask(),
};
// Make the request
ServiceAccount response = await iAMClient.PatchServiceAccountAsync(request);

QueryAuditableServices(QueryAuditableServicesRequest, CallSettings)

public virtual QueryAuditableServicesResponse QueryAuditableServices(QueryAuditableServicesRequest request, CallSettings callSettings = null)

Returns a list of services that allow you to opt into audit logs that are not generated by default.

To learn more about audit logs, see the Logging documentation.

Parameters
Name	Description
`request`	`QueryAuditableServicesRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`QueryAuditableServicesResponse`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
QueryAuditableServicesRequest request = new QueryAuditableServicesRequest
{
    FullResourceName = "",
};
// Make the request
QueryAuditableServicesResponse response = iAMClient.QueryAuditableServices(request);

QueryAuditableServicesAsync(QueryAuditableServicesRequest, CallSettings)

public virtual Task<QueryAuditableServicesResponse> QueryAuditableServicesAsync(QueryAuditableServicesRequest request, CallSettings callSettings = null)

Returns a list of services that allow you to opt into audit logs that are not generated by default.

To learn more about audit logs, see the Logging documentation.

Parameters
Name	Description
`request`	`QueryAuditableServicesRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskQueryAuditableServicesResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
QueryAuditableServicesRequest request = new QueryAuditableServicesRequest
{
    FullResourceName = "",
};
// Make the request
QueryAuditableServicesResponse response = await iAMClient.QueryAuditableServicesAsync(request);

QueryAuditableServicesAsync(QueryAuditableServicesRequest, CancellationToken)

public virtual Task<QueryAuditableServicesResponse> QueryAuditableServicesAsync(QueryAuditableServicesRequest request, CancellationToken cancellationToken)

Returns a list of services that allow you to opt into audit logs that are not generated by default.

To learn more about audit logs, see the Logging documentation.

Parameters
Name	Description
`request`	`QueryAuditableServicesRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskQueryAuditableServicesResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
QueryAuditableServicesRequest request = new QueryAuditableServicesRequest
{
    FullResourceName = "",
};
// Make the request
QueryAuditableServicesResponse response = await iAMClient.QueryAuditableServicesAsync(request);

QueryGrantableRoles(QueryGrantableRolesRequest, CallSettings)

public virtual PagedEnumerable<QueryGrantableRolesResponse, Role> QueryGrantableRoles(QueryGrantableRolesRequest request, CallSettings callSettings = null)

Lists roles that can be granted on a Google Cloud resource. A role is grantable if the IAM policy for the resource can contain bindings to the role.

Parameters
Name	Description
`request`	`QueryGrantableRolesRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`PagedEnumerableQueryGrantableRolesResponseRole`	A pageable sequence of Role resources.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
QueryGrantableRolesRequest request = new QueryGrantableRolesRequest
{
    FullResourceName = "",
    View = RoleView.Basic,
};
// Make the request
PagedEnumerable<QueryGrantableRolesResponse, Role> response = iAMClient.QueryGrantableRoles(request);

// Iterate over all response items, lazily performing RPCs as required
foreach (Role item in response)
{
    // Do something with each item
    Console.WriteLine(item);
}

// Or iterate over pages (of server-defined size), performing one RPC per page
foreach (QueryGrantableRolesResponse page in response.AsRawResponses())
{
    // Do something with each page of items
    Console.WriteLine("A page of results:");
    foreach (Role item in page)
    {
        // Do something with each item
        Console.WriteLine(item);
    }
}

// Or retrieve a single page of known size (unless it's the final page), performing as many RPCs as required
int pageSize = 10;
Page<Role> singlePage = response.ReadPage(pageSize);
// Do something with the page of items
Console.WriteLine($"A page of {pageSize} results (unless it's the final page):");
foreach (Role item in singlePage)
{
    // Do something with each item
    Console.WriteLine(item);
}
// Store the pageToken, for when the next page is required.
string nextPageToken = singlePage.NextPageToken;

QueryGrantableRoles(string, string, int?, CallSettings)

public virtual PagedEnumerable<QueryGrantableRolesResponse, Role> QueryGrantableRoles(string fullResourceName, string pageToken = null, int? pageSize = null, CallSettings callSettings = null)

Lists roles that can be granted on a Google Cloud resource. A role is grantable if the IAM policy for the resource can contain bindings to the role.

Parameters
Name	Description
`fullResourceName`	`string` Required. The full resource name to query from the list of grantable roles. The name follows the Google Cloud Platform resource format. For example, a Cloud Platform project with id `my-project` will be named `//cloudresourcemanager.googleapis.com/projects/my-project`.
`pageToken`	`string` The token returned from the previous request. A value of `null` or an empty string retrieves the first page.
`pageSize`	`int` The size of page to request. The response will not be larger than this, but may be smaller. A value of `null` or `0` uses a server-defined page size.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`PagedEnumerableQueryGrantableRolesResponseRole`	A pageable sequence of Role resources.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
string fullResourceName = "";
// Make the request
PagedEnumerable<QueryGrantableRolesResponse, Role> response = iAMClient.QueryGrantableRoles(fullResourceName);

// Iterate over all response items, lazily performing RPCs as required
foreach (Role item in response)
{
    // Do something with each item
    Console.WriteLine(item);
}

// Or iterate over pages (of server-defined size), performing one RPC per page
foreach (QueryGrantableRolesResponse page in response.AsRawResponses())
{
    // Do something with each page of items
    Console.WriteLine("A page of results:");
    foreach (Role item in page)
    {
        // Do something with each item
        Console.WriteLine(item);
    }
}

// Or retrieve a single page of known size (unless it's the final page), performing as many RPCs as required
int pageSize = 10;
Page<Role> singlePage = response.ReadPage(pageSize);
// Do something with the page of items
Console.WriteLine($"A page of {pageSize} results (unless it's the final page):");
foreach (Role item in singlePage)
{
    // Do something with each item
    Console.WriteLine(item);
}
// Store the pageToken, for when the next page is required.
string nextPageToken = singlePage.NextPageToken;

QueryGrantableRolesAsync(QueryGrantableRolesRequest, CallSettings)

public virtual PagedAsyncEnumerable<QueryGrantableRolesResponse, Role> QueryGrantableRolesAsync(QueryGrantableRolesRequest request, CallSettings callSettings = null)

Lists roles that can be granted on a Google Cloud resource. A role is grantable if the IAM policy for the resource can contain bindings to the role.

Parameters
Name	Description
`request`	`QueryGrantableRolesRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`PagedAsyncEnumerableQueryGrantableRolesResponseRole`	A pageable asynchronous sequence of Role resources.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
QueryGrantableRolesRequest request = new QueryGrantableRolesRequest
{
    FullResourceName = "",
    View = RoleView.Basic,
};
// Make the request
PagedAsyncEnumerable<QueryGrantableRolesResponse, Role> response = iAMClient.QueryGrantableRolesAsync(request);

// Iterate over all response items, lazily performing RPCs as required
await response.ForEachAsync((Role item) =>
{
    // Do something with each item
    Console.WriteLine(item);
});

// Or iterate over pages (of server-defined size), performing one RPC per page
await response.AsRawResponses().ForEachAsync((QueryGrantableRolesResponse page) =>
{
    // Do something with each page of items
    Console.WriteLine("A page of results:");
    foreach (Role item in page)
    {
        // Do something with each item
        Console.WriteLine(item);
    }
});

// Or retrieve a single page of known size (unless it's the final page), performing as many RPCs as required
int pageSize = 10;
Page<Role> singlePage = await response.ReadPageAsync(pageSize);
// Do something with the page of items
Console.WriteLine($"A page of {pageSize} results (unless it's the final page):");
foreach (Role item in singlePage)
{
    // Do something with each item
    Console.WriteLine(item);
}
// Store the pageToken, for when the next page is required.
string nextPageToken = singlePage.NextPageToken;

QueryGrantableRolesAsync(string, string, int?, CallSettings)

public virtual PagedAsyncEnumerable<QueryGrantableRolesResponse, Role> QueryGrantableRolesAsync(string fullResourceName, string pageToken = null, int? pageSize = null, CallSettings callSettings = null)

Lists roles that can be granted on a Google Cloud resource. A role is grantable if the IAM policy for the resource can contain bindings to the role.

Parameters
Name	Description
`fullResourceName`	`string` Required. The full resource name to query from the list of grantable roles. The name follows the Google Cloud Platform resource format. For example, a Cloud Platform project with id `my-project` will be named `//cloudresourcemanager.googleapis.com/projects/my-project`.
`pageToken`	`string` The token returned from the previous request. A value of `null` or an empty string retrieves the first page.
`pageSize`	`int` The size of page to request. The response will not be larger than this, but may be smaller. A value of `null` or `0` uses a server-defined page size.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`PagedAsyncEnumerableQueryGrantableRolesResponseRole`	A pageable asynchronous sequence of Role resources.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string fullResourceName = "";
// Make the request
PagedAsyncEnumerable<QueryGrantableRolesResponse, Role> response = iAMClient.QueryGrantableRolesAsync(fullResourceName);

// Iterate over all response items, lazily performing RPCs as required
await response.ForEachAsync((Role item) =>
{
    // Do something with each item
    Console.WriteLine(item);
});

// Or iterate over pages (of server-defined size), performing one RPC per page
await response.AsRawResponses().ForEachAsync((QueryGrantableRolesResponse page) =>
{
    // Do something with each page of items
    Console.WriteLine("A page of results:");
    foreach (Role item in page)
    {
        // Do something with each item
        Console.WriteLine(item);
    }
});

// Or retrieve a single page of known size (unless it's the final page), performing as many RPCs as required
int pageSize = 10;
Page<Role> singlePage = await response.ReadPageAsync(pageSize);
// Do something with the page of items
Console.WriteLine($"A page of {pageSize} results (unless it's the final page):");
foreach (Role item in singlePage)
{
    // Do something with each item
    Console.WriteLine(item);
}
// Store the pageToken, for when the next page is required.
string nextPageToken = singlePage.NextPageToken;

QueryTestablePermissions(QueryTestablePermissionsRequest, CallSettings)

public virtual PagedEnumerable<QueryTestablePermissionsResponse, Permission> QueryTestablePermissions(QueryTestablePermissionsRequest request, CallSettings callSettings = null)

Lists every permission that you can test on a resource. A permission is testable if you can check whether a principal has that permission on the resource.

Parameters
Name	Description
`request`	`QueryTestablePermissionsRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`PagedEnumerableQueryTestablePermissionsResponsePermission`	A pageable sequence of Permission resources.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
QueryTestablePermissionsRequest request = new QueryTestablePermissionsRequest
{
    FullResourceName = "",
};
// Make the request
PagedEnumerable<QueryTestablePermissionsResponse, Permission> response = iAMClient.QueryTestablePermissions(request);

// Iterate over all response items, lazily performing RPCs as required
foreach (Permission item in response)
{
    // Do something with each item
    Console.WriteLine(item);
}

// Or iterate over pages (of server-defined size), performing one RPC per page
foreach (QueryTestablePermissionsResponse page in response.AsRawResponses())
{
    // Do something with each page of items
    Console.WriteLine("A page of results:");
    foreach (Permission item in page)
    {
        // Do something with each item
        Console.WriteLine(item);
    }
}

// Or retrieve a single page of known size (unless it's the final page), performing as many RPCs as required
int pageSize = 10;
Page<Permission> singlePage = response.ReadPage(pageSize);
// Do something with the page of items
Console.WriteLine($"A page of {pageSize} results (unless it's the final page):");
foreach (Permission item in singlePage)
{
    // Do something with each item
    Console.WriteLine(item);
}
// Store the pageToken, for when the next page is required.
string nextPageToken = singlePage.NextPageToken;

QueryTestablePermissionsAsync(QueryTestablePermissionsRequest, CallSettings)

public virtual PagedAsyncEnumerable<QueryTestablePermissionsResponse, Permission> QueryTestablePermissionsAsync(QueryTestablePermissionsRequest request, CallSettings callSettings = null)

Lists every permission that you can test on a resource. A permission is testable if you can check whether a principal has that permission on the resource.

Parameters
Name	Description
`request`	`QueryTestablePermissionsRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`PagedAsyncEnumerableQueryTestablePermissionsResponsePermission`	A pageable asynchronous sequence of Permission resources.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
QueryTestablePermissionsRequest request = new QueryTestablePermissionsRequest
{
    FullResourceName = "",
};
// Make the request
PagedAsyncEnumerable<QueryTestablePermissionsResponse, Permission> response = iAMClient.QueryTestablePermissionsAsync(request);

// Iterate over all response items, lazily performing RPCs as required
await response.ForEachAsync((Permission item) =>
{
    // Do something with each item
    Console.WriteLine(item);
});

// Or iterate over pages (of server-defined size), performing one RPC per page
await response.AsRawResponses().ForEachAsync((QueryTestablePermissionsResponse page) =>
{
    // Do something with each page of items
    Console.WriteLine("A page of results:");
    foreach (Permission item in page)
    {
        // Do something with each item
        Console.WriteLine(item);
    }
});

// Or retrieve a single page of known size (unless it's the final page), performing as many RPCs as required
int pageSize = 10;
Page<Permission> singlePage = await response.ReadPageAsync(pageSize);
// Do something with the page of items
Console.WriteLine($"A page of {pageSize} results (unless it's the final page):");
foreach (Permission item in singlePage)
{
    // Do something with each item
    Console.WriteLine(item);
}
// Store the pageToken, for when the next page is required.
string nextPageToken = singlePage.NextPageToken;

SetIamPolicy(IResourceName, Policy, CallSettings)

public virtual Policy SetIamPolicy(IResourceName resource, Policy policy, CallSettings callSettings = null)

Sets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Use this method to grant or revoke access to the service account. For example, you could grant a principal the ability to impersonate the service account.

This method does not enable the service account to access other resources. To grant roles to a service account on a resource, follow these steps:

Call the resource's getIamPolicy method to get its current IAM policy.
Edit the policy so that it binds the service account to an IAM role for the resource.
Call the resource's setIamPolicy method to update its IAM policy.

For detailed instructions, see Manage access to project, folders, and organizations or Manage access to other resources.

Parameters
Name	Description
`resource`	`IResourceName` REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
`policy`	`Policy` REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Policy`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
IResourceName resource = new UnparsedResourceName("a/wildcard/resource");
Policy policy = new Policy();
// Make the request
Policy response = iAMClient.SetIamPolicy(resource, policy);

SetIamPolicy(SetIamPolicyRequest, CallSettings)

public virtual Policy SetIamPolicy(SetIamPolicyRequest request, CallSettings callSettings = null)

Sets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Use this method to grant or revoke access to the service account. For example, you could grant a principal the ability to impersonate the service account.

This method does not enable the service account to access other resources. To grant roles to a service account on a resource, follow these steps:

Call the resource's getIamPolicy method to get its current IAM policy.
Edit the policy so that it binds the service account to an IAM role for the resource.
Call the resource's setIamPolicy method to update its IAM policy.

For detailed instructions, see Manage access to project, folders, and organizations or Manage access to other resources.

Parameters
Name	Description
`request`	`SetIamPolicyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Policy`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
SetIamPolicyRequest request = new SetIamPolicyRequest
{
    ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Policy = new Policy(),
    UpdateMask = new FieldMask(),
};
// Make the request
Policy response = iAMClient.SetIamPolicy(request);

SetIamPolicy(string, Policy, CallSettings)

public virtual Policy SetIamPolicy(string resource, Policy policy, CallSettings callSettings = null)

Sets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Use this method to grant or revoke access to the service account. For example, you could grant a principal the ability to impersonate the service account.

This method does not enable the service account to access other resources. To grant roles to a service account on a resource, follow these steps:

Call the resource's getIamPolicy method to get its current IAM policy.
Edit the policy so that it binds the service account to an IAM role for the resource.
Call the resource's setIamPolicy method to update its IAM policy.

For detailed instructions, see Manage access to project, folders, and organizations or Manage access to other resources.

Parameters
Name	Description
`resource`	`string` REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
`policy`	`Policy` REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Policy`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
string resource = "a/wildcard/resource";
Policy policy = new Policy();
// Make the request
Policy response = iAMClient.SetIamPolicy(resource, policy);

SetIamPolicyAsync(IResourceName, Policy, CallSettings)

public virtual Task<Policy> SetIamPolicyAsync(IResourceName resource, Policy policy, CallSettings callSettings = null)

Sets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Use this method to grant or revoke access to the service account. For example, you could grant a principal the ability to impersonate the service account.

This method does not enable the service account to access other resources. To grant roles to a service account on a resource, follow these steps:

Call the resource's getIamPolicy method to get its current IAM policy.
Edit the policy so that it binds the service account to an IAM role for the resource.
Call the resource's setIamPolicy method to update its IAM policy.

For detailed instructions, see Manage access to project, folders, and organizations or Manage access to other resources.

Parameters
Name	Description
`resource`	`IResourceName` REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
`policy`	`Policy` REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskPolicy`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
IResourceName resource = new UnparsedResourceName("a/wildcard/resource");
Policy policy = new Policy();
// Make the request
Policy response = await iAMClient.SetIamPolicyAsync(resource, policy);

SetIamPolicyAsync(IResourceName, Policy, CancellationToken)

public virtual Task<Policy> SetIamPolicyAsync(IResourceName resource, Policy policy, CancellationToken cancellationToken)

Sets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Use this method to grant or revoke access to the service account. For example, you could grant a principal the ability to impersonate the service account.

This method does not enable the service account to access other resources. To grant roles to a service account on a resource, follow these steps:

Call the resource's getIamPolicy method to get its current IAM policy.
Edit the policy so that it binds the service account to an IAM role for the resource.
Call the resource's setIamPolicy method to update its IAM policy.

For detailed instructions, see Manage access to project, folders, and organizations or Manage access to other resources.

Parameters
Name	Description
`resource`	`IResourceName` REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
`policy`	`Policy` REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskPolicy`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
IResourceName resource = new UnparsedResourceName("a/wildcard/resource");
Policy policy = new Policy();
// Make the request
Policy response = await iAMClient.SetIamPolicyAsync(resource, policy);

SetIamPolicyAsync(SetIamPolicyRequest, CallSettings)

public virtual Task<Policy> SetIamPolicyAsync(SetIamPolicyRequest request, CallSettings callSettings = null)

Sets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Use this method to grant or revoke access to the service account. For example, you could grant a principal the ability to impersonate the service account.

This method does not enable the service account to access other resources. To grant roles to a service account on a resource, follow these steps:

Call the resource's getIamPolicy method to get its current IAM policy.
Edit the policy so that it binds the service account to an IAM role for the resource.
Call the resource's setIamPolicy method to update its IAM policy.

For detailed instructions, see Manage access to project, folders, and organizations or Manage access to other resources.

Parameters
Name	Description
`request`	`SetIamPolicyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskPolicy`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
SetIamPolicyRequest request = new SetIamPolicyRequest
{
    ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Policy = new Policy(),
    UpdateMask = new FieldMask(),
};
// Make the request
Policy response = await iAMClient.SetIamPolicyAsync(request);

SetIamPolicyAsync(SetIamPolicyRequest, CancellationToken)

public virtual Task<Policy> SetIamPolicyAsync(SetIamPolicyRequest request, CancellationToken cancellationToken)

Sets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Use this method to grant or revoke access to the service account. For example, you could grant a principal the ability to impersonate the service account.

This method does not enable the service account to access other resources. To grant roles to a service account on a resource, follow these steps:

Call the resource's getIamPolicy method to get its current IAM policy.
Edit the policy so that it binds the service account to an IAM role for the resource.
Call the resource's setIamPolicy method to update its IAM policy.

For detailed instructions, see Manage access to project, folders, and organizations or Manage access to other resources.

Parameters
Name	Description
`request`	`SetIamPolicyRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskPolicy`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
SetIamPolicyRequest request = new SetIamPolicyRequest
{
    ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Policy = new Policy(),
    UpdateMask = new FieldMask(),
};
// Make the request
Policy response = await iAMClient.SetIamPolicyAsync(request);

SetIamPolicyAsync(string, Policy, CallSettings)

public virtual Task<Policy> SetIamPolicyAsync(string resource, Policy policy, CallSettings callSettings = null)

Sets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Use this method to grant or revoke access to the service account. For example, you could grant a principal the ability to impersonate the service account.

This method does not enable the service account to access other resources. To grant roles to a service account on a resource, follow these steps:

Call the resource's getIamPolicy method to get its current IAM policy.
Edit the policy so that it binds the service account to an IAM role for the resource.
Call the resource's setIamPolicy method to update its IAM policy.

For detailed instructions, see Manage access to project, folders, and organizations or Manage access to other resources.

Parameters
Name	Description
`resource`	`string` REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
`policy`	`Policy` REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskPolicy`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string resource = "a/wildcard/resource";
Policy policy = new Policy();
// Make the request
Policy response = await iAMClient.SetIamPolicyAsync(resource, policy);

SetIamPolicyAsync(string, Policy, CancellationToken)

public virtual Task<Policy> SetIamPolicyAsync(string resource, Policy policy, CancellationToken cancellationToken)

Sets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Use this method to grant or revoke access to the service account. For example, you could grant a principal the ability to impersonate the service account.

This method does not enable the service account to access other resources. To grant roles to a service account on a resource, follow these steps:

Call the resource's getIamPolicy method to get its current IAM policy.
Edit the policy so that it binds the service account to an IAM role for the resource.
Call the resource's setIamPolicy method to update its IAM policy.

For detailed instructions, see Manage access to project, folders, and organizations or Manage access to other resources.

Parameters
Name	Description
`resource`	`string` REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
`policy`	`Policy` REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskPolicy`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string resource = "a/wildcard/resource";
Policy policy = new Policy();
// Make the request
Policy response = await iAMClient.SetIamPolicyAsync(resource, policy);

ShutdownDefaultChannelsAsync()

public static Task ShutdownDefaultChannelsAsync()

Shuts down any channels automatically created by Create() and CreateAsync(CancellationToken). Channels which weren't automatically created are not affected.

Returns
Type	Description
`Task`	A task representing the asynchronous shutdown operation.

Remarks

After calling this method, further calls to Create() and CreateAsync(CancellationToken) will create new channels, which could in turn be shut down by another call to this method.

SignBlob(ServiceAccountName, ByteString, CallSettings)

[Obsolete]
public virtual SignBlobResponse SignBlob(ServiceAccountName name, ByteString bytesToSign, CallSettings callSettings = null)

Note: This method is deprecated. Use the signBlob method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a blob using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`ServiceAccountName` Required. Deprecated. Migrate to Service Account Credentials API. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`bytesToSign`	`ByteString` Required. Deprecated. Migrate to Service Account Credentials API. The bytes to sign.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`SignBlobResponse`	The RPC response.

Example

            // Create client
            IAMClient iAMClient = IAMClient.Create();
            // Initialize request argument(s)
            ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
            ByteString bytesToSign = ByteString.Empty;
            // Make the request
#pragma warning disable CS0612
            SignBlobResponse response = iAMClient.SignBlob(name, bytesToSign);
#pragma warning restore CS0612

SignBlob(SignBlobRequest, CallSettings)

[Obsolete]
public virtual SignBlobResponse SignBlob(SignBlobRequest request, CallSettings callSettings = null)

Note: This method is deprecated. Use the signBlob method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a blob using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`SignBlobRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`SignBlobResponse`	The RPC response.

Example

            // Create client
            IAMClient iAMClient = IAMClient.Create();
            // Initialize request argument(s)
            SignBlobRequest request = new SignBlobRequest { };
            // Make the request
#pragma warning disable CS0612
            SignBlobResponse response = iAMClient.SignBlob(request);
#pragma warning restore CS0612

SignBlob(string, ByteString, CallSettings)

[Obsolete]
public virtual SignBlobResponse SignBlob(string name, ByteString bytesToSign, CallSettings callSettings = null)

Note: This method is deprecated. Use the signBlob method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a blob using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`string` Required. Deprecated. Migrate to Service Account Credentials API. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`bytesToSign`	`ByteString` Required. Deprecated. Migrate to Service Account Credentials API. The bytes to sign.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`SignBlobResponse`	The RPC response.

Example

            // Create client
            IAMClient iAMClient = IAMClient.Create();
            // Initialize request argument(s)
            string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
            ByteString bytesToSign = ByteString.Empty;
            // Make the request
#pragma warning disable CS0612
            SignBlobResponse response = iAMClient.SignBlob(name, bytesToSign);
#pragma warning restore CS0612

SignBlobAsync(ServiceAccountName, ByteString, CallSettings)

[Obsolete]
public virtual Task<SignBlobResponse> SignBlobAsync(ServiceAccountName name, ByteString bytesToSign, CallSettings callSettings = null)

Note: This method is deprecated. Use the signBlob method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a blob using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`ServiceAccountName` Required. Deprecated. Migrate to Service Account Credentials API. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`bytesToSign`	`ByteString` Required. Deprecated. Migrate to Service Account Credentials API. The bytes to sign.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskSignBlobResponse`	A Task containing the RPC response.

Example

            // Create client
            IAMClient iAMClient = await IAMClient.CreateAsync();
            // Initialize request argument(s)
            ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
            ByteString bytesToSign = ByteString.Empty;
            // Make the request
#pragma warning disable CS0612
            SignBlobResponse response = await iAMClient.SignBlobAsync(name, bytesToSign);
#pragma warning restore CS0612

SignBlobAsync(ServiceAccountName, ByteString, CancellationToken)

[Obsolete]
public virtual Task<SignBlobResponse> SignBlobAsync(ServiceAccountName name, ByteString bytesToSign, CancellationToken cancellationToken)

Note: This method is deprecated. Use the signBlob method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a blob using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`ServiceAccountName` Required. Deprecated. Migrate to Service Account Credentials API. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`bytesToSign`	`ByteString` Required. Deprecated. Migrate to Service Account Credentials API. The bytes to sign.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskSignBlobResponse`	A Task containing the RPC response.

Example

            // Create client
            IAMClient iAMClient = await IAMClient.CreateAsync();
            // Initialize request argument(s)
            ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
            ByteString bytesToSign = ByteString.Empty;
            // Make the request
#pragma warning disable CS0612
            SignBlobResponse response = await iAMClient.SignBlobAsync(name, bytesToSign);
#pragma warning restore CS0612

SignBlobAsync(SignBlobRequest, CallSettings)

[Obsolete]
public virtual Task<SignBlobResponse> SignBlobAsync(SignBlobRequest request, CallSettings callSettings = null)

Note: This method is deprecated. Use the signBlob method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a blob using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`SignBlobRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskSignBlobResponse`	A Task containing the RPC response.

Example

            // Create client
            IAMClient iAMClient = await IAMClient.CreateAsync();
            // Initialize request argument(s)
            SignBlobRequest request = new SignBlobRequest { };
            // Make the request
#pragma warning disable CS0612
            SignBlobResponse response = await iAMClient.SignBlobAsync(request);
#pragma warning restore CS0612

SignBlobAsync(SignBlobRequest, CancellationToken)

[Obsolete]
public virtual Task<SignBlobResponse> SignBlobAsync(SignBlobRequest request, CancellationToken cancellationToken)

Note: This method is deprecated. Use the signBlob method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a blob using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`SignBlobRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskSignBlobResponse`	A Task containing the RPC response.

Example

            // Create client
            IAMClient iAMClient = await IAMClient.CreateAsync();
            // Initialize request argument(s)
            SignBlobRequest request = new SignBlobRequest { };
            // Make the request
#pragma warning disable CS0612
            SignBlobResponse response = await iAMClient.SignBlobAsync(request);
#pragma warning restore CS0612

SignBlobAsync(string, ByteString, CallSettings)

[Obsolete]
public virtual Task<SignBlobResponse> SignBlobAsync(string name, ByteString bytesToSign, CallSettings callSettings = null)

Note: This method is deprecated. Use the signBlob method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a blob using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`string` Required. Deprecated. Migrate to Service Account Credentials API. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`bytesToSign`	`ByteString` Required. Deprecated. Migrate to Service Account Credentials API. The bytes to sign.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskSignBlobResponse`	A Task containing the RPC response.

Example

            // Create client
            IAMClient iAMClient = await IAMClient.CreateAsync();
            // Initialize request argument(s)
            string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
            ByteString bytesToSign = ByteString.Empty;
            // Make the request
#pragma warning disable CS0612
            SignBlobResponse response = await iAMClient.SignBlobAsync(name, bytesToSign);
#pragma warning restore CS0612

SignBlobAsync(string, ByteString, CancellationToken)

[Obsolete]
public virtual Task<SignBlobResponse> SignBlobAsync(string name, ByteString bytesToSign, CancellationToken cancellationToken)

Note: This method is deprecated. Use the signBlob method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a blob using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`string` Required. Deprecated. Migrate to Service Account Credentials API. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`bytesToSign`	`ByteString` Required. Deprecated. Migrate to Service Account Credentials API. The bytes to sign.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskSignBlobResponse`	A Task containing the RPC response.

Example

            // Create client
            IAMClient iAMClient = await IAMClient.CreateAsync();
            // Initialize request argument(s)
            string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
            ByteString bytesToSign = ByteString.Empty;
            // Make the request
#pragma warning disable CS0612
            SignBlobResponse response = await iAMClient.SignBlobAsync(name, bytesToSign);
#pragma warning restore CS0612

SignJwt(ServiceAccountName, string, CallSettings)

[Obsolete]
public virtual SignJwtResponse SignJwt(ServiceAccountName name, string payload, CallSettings callSettings = null)

Note: This method is deprecated. Use the signJwt method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a JSON Web Token (JWT) using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`ServiceAccountName` Required. Deprecated. Migrate to Service Account Credentials API. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`payload`	`string` Required. Deprecated. Migrate to Service Account Credentials API. The JWT payload to sign. Must be a serialized JSON object that contains a JWT Claims Set. For example: `{"sub": "user@example.com", "iat": 313435}` If the JWT Claims Set contains an expiration time (`exp`) claim, it must be an integer timestamp that is not in the past and no more than 12 hours in the future. If the JWT Claims Set does not contain an expiration time (`exp`) claim, this claim is added automatically, with a timestamp that is 1 hour in the future.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`SignJwtResponse`	The RPC response.

Example

            // Create client
            IAMClient iAMClient = IAMClient.Create();
            // Initialize request argument(s)
            ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
            string payload = "";
            // Make the request
#pragma warning disable CS0612
            SignJwtResponse response = iAMClient.SignJwt(name, payload);
#pragma warning restore CS0612

SignJwt(SignJwtRequest, CallSettings)

[Obsolete]
public virtual SignJwtResponse SignJwt(SignJwtRequest request, CallSettings callSettings = null)

Note: This method is deprecated. Use the signJwt method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a JSON Web Token (JWT) using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`SignJwtRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`SignJwtResponse`	The RPC response.

Example

            // Create client
            IAMClient iAMClient = IAMClient.Create();
            // Initialize request argument(s)
            SignJwtRequest request = new SignJwtRequest { };
            // Make the request
#pragma warning disable CS0612
            SignJwtResponse response = iAMClient.SignJwt(request);
#pragma warning restore CS0612

SignJwt(string, string, CallSettings)

[Obsolete]
public virtual SignJwtResponse SignJwt(string name, string payload, CallSettings callSettings = null)

Note: This method is deprecated. Use the signJwt method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a JSON Web Token (JWT) using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`string` Required. Deprecated. Migrate to Service Account Credentials API. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`payload`	`string` Required. Deprecated. Migrate to Service Account Credentials API. The JWT payload to sign. Must be a serialized JSON object that contains a JWT Claims Set. For example: `{"sub": "user@example.com", "iat": 313435}` If the JWT Claims Set contains an expiration time (`exp`) claim, it must be an integer timestamp that is not in the past and no more than 12 hours in the future. If the JWT Claims Set does not contain an expiration time (`exp`) claim, this claim is added automatically, with a timestamp that is 1 hour in the future.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`SignJwtResponse`	The RPC response.

Example

            // Create client
            IAMClient iAMClient = IAMClient.Create();
            // Initialize request argument(s)
            string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
            string payload = "";
            // Make the request
#pragma warning disable CS0612
            SignJwtResponse response = iAMClient.SignJwt(name, payload);
#pragma warning restore CS0612

SignJwtAsync(ServiceAccountName, string, CallSettings)

[Obsolete]
public virtual Task<SignJwtResponse> SignJwtAsync(ServiceAccountName name, string payload, CallSettings callSettings = null)

Note: This method is deprecated. Use the signJwt method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a JSON Web Token (JWT) using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`ServiceAccountName` Required. Deprecated. Migrate to Service Account Credentials API. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`payload`	`string` Required. Deprecated. Migrate to Service Account Credentials API. The JWT payload to sign. Must be a serialized JSON object that contains a JWT Claims Set. For example: `{"sub": "user@example.com", "iat": 313435}` If the JWT Claims Set contains an expiration time (`exp`) claim, it must be an integer timestamp that is not in the past and no more than 12 hours in the future. If the JWT Claims Set does not contain an expiration time (`exp`) claim, this claim is added automatically, with a timestamp that is 1 hour in the future.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskSignJwtResponse`	A Task containing the RPC response.

Example

            // Create client
            IAMClient iAMClient = await IAMClient.CreateAsync();
            // Initialize request argument(s)
            ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
            string payload = "";
            // Make the request
#pragma warning disable CS0612
            SignJwtResponse response = await iAMClient.SignJwtAsync(name, payload);
#pragma warning restore CS0612

SignJwtAsync(ServiceAccountName, string, CancellationToken)

[Obsolete]
public virtual Task<SignJwtResponse> SignJwtAsync(ServiceAccountName name, string payload, CancellationToken cancellationToken)

Note: This method is deprecated. Use the signJwt method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a JSON Web Token (JWT) using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`ServiceAccountName` Required. Deprecated. Migrate to Service Account Credentials API. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`payload`	`string` Required. Deprecated. Migrate to Service Account Credentials API. The JWT payload to sign. Must be a serialized JSON object that contains a JWT Claims Set. For example: `{"sub": "user@example.com", "iat": 313435}` If the JWT Claims Set contains an expiration time (`exp`) claim, it must be an integer timestamp that is not in the past and no more than 12 hours in the future. If the JWT Claims Set does not contain an expiration time (`exp`) claim, this claim is added automatically, with a timestamp that is 1 hour in the future.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskSignJwtResponse`	A Task containing the RPC response.

Example

            // Create client
            IAMClient iAMClient = await IAMClient.CreateAsync();
            // Initialize request argument(s)
            ServiceAccountName name = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]");
            string payload = "";
            // Make the request
#pragma warning disable CS0612
            SignJwtResponse response = await iAMClient.SignJwtAsync(name, payload);
#pragma warning restore CS0612

SignJwtAsync(SignJwtRequest, CallSettings)

[Obsolete]
public virtual Task<SignJwtResponse> SignJwtAsync(SignJwtRequest request, CallSettings callSettings = null)

Note: This method is deprecated. Use the signJwt method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a JSON Web Token (JWT) using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`SignJwtRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskSignJwtResponse`	A Task containing the RPC response.

Example

            // Create client
            IAMClient iAMClient = await IAMClient.CreateAsync();
            // Initialize request argument(s)
            SignJwtRequest request = new SignJwtRequest { };
            // Make the request
#pragma warning disable CS0612
            SignJwtResponse response = await iAMClient.SignJwtAsync(request);
#pragma warning restore CS0612

SignJwtAsync(SignJwtRequest, CancellationToken)

[Obsolete]
public virtual Task<SignJwtResponse> SignJwtAsync(SignJwtRequest request, CancellationToken cancellationToken)

Note: This method is deprecated. Use the signJwt method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a JSON Web Token (JWT) using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`SignJwtRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskSignJwtResponse`	A Task containing the RPC response.

Example

            // Create client
            IAMClient iAMClient = await IAMClient.CreateAsync();
            // Initialize request argument(s)
            SignJwtRequest request = new SignJwtRequest { };
            // Make the request
#pragma warning disable CS0612
            SignJwtResponse response = await iAMClient.SignJwtAsync(request);
#pragma warning restore CS0612

SignJwtAsync(string, string, CallSettings)

[Obsolete]
public virtual Task<SignJwtResponse> SignJwtAsync(string name, string payload, CallSettings callSettings = null)

Note: This method is deprecated. Use the signJwt method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a JSON Web Token (JWT) using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`string` Required. Deprecated. Migrate to Service Account Credentials API. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`payload`	`string` Required. Deprecated. Migrate to Service Account Credentials API. The JWT payload to sign. Must be a serialized JSON object that contains a JWT Claims Set. For example: `{"sub": "user@example.com", "iat": 313435}` If the JWT Claims Set contains an expiration time (`exp`) claim, it must be an integer timestamp that is not in the past and no more than 12 hours in the future. If the JWT Claims Set does not contain an expiration time (`exp`) claim, this claim is added automatically, with a timestamp that is 1 hour in the future.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskSignJwtResponse`	A Task containing the RPC response.

Example

            // Create client
            IAMClient iAMClient = await IAMClient.CreateAsync();
            // Initialize request argument(s)
            string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
            string payload = "";
            // Make the request
#pragma warning disable CS0612
            SignJwtResponse response = await iAMClient.SignJwtAsync(name, payload);
#pragma warning restore CS0612

SignJwtAsync(string, string, CancellationToken)

[Obsolete]
public virtual Task<SignJwtResponse> SignJwtAsync(string name, string payload, CancellationToken cancellationToken)

Note: This method is deprecated. Use the signJwt method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.

Signs a JSON Web Token (JWT) using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`name`	`string` Required. Deprecated. Migrate to Service Account Credentials API. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.
`payload`	`string` Required. Deprecated. Migrate to Service Account Credentials API. The JWT payload to sign. Must be a serialized JSON object that contains a JWT Claims Set. For example: `{"sub": "user@example.com", "iat": 313435}` If the JWT Claims Set contains an expiration time (`exp`) claim, it must be an integer timestamp that is not in the past and no more than 12 hours in the future. If the JWT Claims Set does not contain an expiration time (`exp`) claim, this claim is added automatically, with a timestamp that is 1 hour in the future.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskSignJwtResponse`	A Task containing the RPC response.

Example

            // Create client
            IAMClient iAMClient = await IAMClient.CreateAsync();
            // Initialize request argument(s)
            string name = "projects/[PROJECT]/serviceAccounts/[SERVICE_ACCOUNT]";
            string payload = "";
            // Make the request
#pragma warning disable CS0612
            SignJwtResponse response = await iAMClient.SignJwtAsync(name, payload);
#pragma warning restore CS0612

TestIamPermissions(IResourceName, IEnumerable<string>, CallSettings)

public virtual TestIamPermissionsResponse TestIamPermissions(IResourceName resource, IEnumerable<string> permissions, CallSettings callSettings = null)

Tests whether the caller has the specified permissions on a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`resource`	`IResourceName` REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
`permissions`	`IEnumerablestring` The set of permissions to check for the `resource`. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see IAM Overview.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TestIamPermissionsResponse`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
IResourceName resource = new UnparsedResourceName("a/wildcard/resource");
IEnumerable<string> permissions = new string[] { "", };
// Make the request
TestIamPermissionsResponse response = iAMClient.TestIamPermissions(resource, permissions);

TestIamPermissions(TestIamPermissionsRequest, CallSettings)

public virtual TestIamPermissionsResponse TestIamPermissions(TestIamPermissionsRequest request, CallSettings callSettings = null)

Tests whether the caller has the specified permissions on a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`TestIamPermissionsRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TestIamPermissionsResponse`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
TestIamPermissionsRequest request = new TestIamPermissionsRequest
{
    ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Permissions = { "", },
};
// Make the request
TestIamPermissionsResponse response = iAMClient.TestIamPermissions(request);

TestIamPermissions(string, IEnumerable<string>, CallSettings)

public virtual TestIamPermissionsResponse TestIamPermissions(string resource, IEnumerable<string> permissions, CallSettings callSettings = null)

Tests whether the caller has the specified permissions on a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`resource`	`string` REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
`permissions`	`IEnumerablestring` The set of permissions to check for the `resource`. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see IAM Overview.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TestIamPermissionsResponse`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
string resource = "a/wildcard/resource";
IEnumerable<string> permissions = new string[] { "", };
// Make the request
TestIamPermissionsResponse response = iAMClient.TestIamPermissions(resource, permissions);

TestIamPermissionsAsync(IResourceName, IEnumerable<string>, CallSettings)

public virtual Task<TestIamPermissionsResponse> TestIamPermissionsAsync(IResourceName resource, IEnumerable<string> permissions, CallSettings callSettings = null)

Tests whether the caller has the specified permissions on a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`resource`	`IResourceName` REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
`permissions`	`IEnumerablestring` The set of permissions to check for the `resource`. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see IAM Overview.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskTestIamPermissionsResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
IResourceName resource = new UnparsedResourceName("a/wildcard/resource");
IEnumerable<string> permissions = new string[] { "", };
// Make the request
TestIamPermissionsResponse response = await iAMClient.TestIamPermissionsAsync(resource, permissions);

TestIamPermissionsAsync(IResourceName, IEnumerable<string>, CancellationToken)

public virtual Task<TestIamPermissionsResponse> TestIamPermissionsAsync(IResourceName resource, IEnumerable<string> permissions, CancellationToken cancellationToken)

Tests whether the caller has the specified permissions on a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`resource`	`IResourceName` REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
`permissions`	`IEnumerablestring` The set of permissions to check for the `resource`. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see IAM Overview.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskTestIamPermissionsResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
IResourceName resource = new UnparsedResourceName("a/wildcard/resource");
IEnumerable<string> permissions = new string[] { "", };
// Make the request
TestIamPermissionsResponse response = await iAMClient.TestIamPermissionsAsync(resource, permissions);

TestIamPermissionsAsync(TestIamPermissionsRequest, CallSettings)

public virtual Task<TestIamPermissionsResponse> TestIamPermissionsAsync(TestIamPermissionsRequest request, CallSettings callSettings = null)

Tests whether the caller has the specified permissions on a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`TestIamPermissionsRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskTestIamPermissionsResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
TestIamPermissionsRequest request = new TestIamPermissionsRequest
{
    ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Permissions = { "", },
};
// Make the request
TestIamPermissionsResponse response = await iAMClient.TestIamPermissionsAsync(request);

TestIamPermissionsAsync(TestIamPermissionsRequest, CancellationToken)

public virtual Task<TestIamPermissionsResponse> TestIamPermissionsAsync(TestIamPermissionsRequest request, CancellationToken cancellationToken)

Tests whether the caller has the specified permissions on a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`request`	`TestIamPermissionsRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskTestIamPermissionsResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
TestIamPermissionsRequest request = new TestIamPermissionsRequest
{
    ResourceAsResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Permissions = { "", },
};
// Make the request
TestIamPermissionsResponse response = await iAMClient.TestIamPermissionsAsync(request);

TestIamPermissionsAsync(string, IEnumerable<string>, CallSettings)

public virtual Task<TestIamPermissionsResponse> TestIamPermissionsAsync(string resource, IEnumerable<string> permissions, CallSettings callSettings = null)

Tests whether the caller has the specified permissions on a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`resource`	`string` REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
`permissions`	`IEnumerablestring` The set of permissions to check for the `resource`. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see IAM Overview.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskTestIamPermissionsResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string resource = "a/wildcard/resource";
IEnumerable<string> permissions = new string[] { "", };
// Make the request
TestIamPermissionsResponse response = await iAMClient.TestIamPermissionsAsync(resource, permissions);

TestIamPermissionsAsync(string, IEnumerable<string>, CancellationToken)

public virtual Task<TestIamPermissionsResponse> TestIamPermissionsAsync(string resource, IEnumerable<string> permissions, CancellationToken cancellationToken)

Tests whether the caller has the specified permissions on a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Parameters
Name	Description
`resource`	`string` REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
`permissions`	`IEnumerablestring` The set of permissions to check for the `resource`. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see IAM Overview.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskTestIamPermissionsResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
string resource = "a/wildcard/resource";
IEnumerable<string> permissions = new string[] { "", };
// Make the request
TestIamPermissionsResponse response = await iAMClient.TestIamPermissionsAsync(resource, permissions);

UndeleteRole(UndeleteRoleRequest, CallSettings)

public virtual Role UndeleteRole(UndeleteRoleRequest request, CallSettings callSettings = null)

Undeletes a custom [Role][google.iam.admin.v1.Role].

Parameters
Name	Description
`request`	`UndeleteRoleRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Role`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
UndeleteRoleRequest request = new UndeleteRoleRequest
{
    ResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Etag = ByteString.Empty,
};
// Make the request
Role response = iAMClient.UndeleteRole(request);

UndeleteRoleAsync(UndeleteRoleRequest, CallSettings)

public virtual Task<Role> UndeleteRoleAsync(UndeleteRoleRequest request, CallSettings callSettings = null)

Undeletes a custom [Role][google.iam.admin.v1.Role].

Parameters
Name	Description
`request`	`UndeleteRoleRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskRole`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
UndeleteRoleRequest request = new UndeleteRoleRequest
{
    ResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Etag = ByteString.Empty,
};
// Make the request
Role response = await iAMClient.UndeleteRoleAsync(request);

UndeleteRoleAsync(UndeleteRoleRequest, CancellationToken)

public virtual Task<Role> UndeleteRoleAsync(UndeleteRoleRequest request, CancellationToken cancellationToken)

Undeletes a custom [Role][google.iam.admin.v1.Role].

Parameters
Name	Description
`request`	`UndeleteRoleRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskRole`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
UndeleteRoleRequest request = new UndeleteRoleRequest
{
    ResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Etag = ByteString.Empty,
};
// Make the request
Role response = await iAMClient.UndeleteRoleAsync(request);

UndeleteServiceAccount(UndeleteServiceAccountRequest, CallSettings)

public virtual UndeleteServiceAccountResponse UndeleteServiceAccount(UndeleteServiceAccountRequest request, CallSettings callSettings = null)

Restores a deleted [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Important: It is not always possible to restore a deleted service account. Use this method only as a last resort.

After you delete a service account, IAM permanently removes the service account 30 days later. There is no way to restore a deleted service account that has been permanently removed.

Parameters
Name	Description
`request`	`UndeleteServiceAccountRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`UndeleteServiceAccountResponse`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
UndeleteServiceAccountRequest request = new UndeleteServiceAccountRequest { Name = "", };
// Make the request
UndeleteServiceAccountResponse response = iAMClient.UndeleteServiceAccount(request);

UndeleteServiceAccountAsync(UndeleteServiceAccountRequest, CallSettings)

public virtual Task<UndeleteServiceAccountResponse> UndeleteServiceAccountAsync(UndeleteServiceAccountRequest request, CallSettings callSettings = null)

Restores a deleted [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Important: It is not always possible to restore a deleted service account. Use this method only as a last resort.

After you delete a service account, IAM permanently removes the service account 30 days later. There is no way to restore a deleted service account that has been permanently removed.

Parameters
Name	Description
`request`	`UndeleteServiceAccountRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskUndeleteServiceAccountResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
UndeleteServiceAccountRequest request = new UndeleteServiceAccountRequest { Name = "", };
// Make the request
UndeleteServiceAccountResponse response = await iAMClient.UndeleteServiceAccountAsync(request);

UndeleteServiceAccountAsync(UndeleteServiceAccountRequest, CancellationToken)

public virtual Task<UndeleteServiceAccountResponse> UndeleteServiceAccountAsync(UndeleteServiceAccountRequest request, CancellationToken cancellationToken)

Restores a deleted [ServiceAccount][google.iam.admin.v1.ServiceAccount].

Important: It is not always possible to restore a deleted service account. Use this method only as a last resort.

After you delete a service account, IAM permanently removes the service account 30 days later. There is no way to restore a deleted service account that has been permanently removed.

Parameters
Name	Description
`request`	`UndeleteServiceAccountRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskUndeleteServiceAccountResponse`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
UndeleteServiceAccountRequest request = new UndeleteServiceAccountRequest { Name = "", };
// Make the request
UndeleteServiceAccountResponse response = await iAMClient.UndeleteServiceAccountAsync(request);

UpdateRole(UpdateRoleRequest, CallSettings)

public virtual Role UpdateRole(UpdateRoleRequest request, CallSettings callSettings = null)

Updates the definition of a custom [Role][google.iam.admin.v1.Role].

Parameters
Name	Description
`request`	`UpdateRoleRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`Role`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
UpdateRoleRequest request = new UpdateRoleRequest
{
    ResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Role = new Role(),
    UpdateMask = new FieldMask(),
};
// Make the request
Role response = iAMClient.UpdateRole(request);

UpdateRoleAsync(UpdateRoleRequest, CallSettings)

public virtual Task<Role> UpdateRoleAsync(UpdateRoleRequest request, CallSettings callSettings = null)

Updates the definition of a custom [Role][google.iam.admin.v1.Role].

Parameters
Name	Description
`request`	`UpdateRoleRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskRole`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
UpdateRoleRequest request = new UpdateRoleRequest
{
    ResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Role = new Role(),
    UpdateMask = new FieldMask(),
};
// Make the request
Role response = await iAMClient.UpdateRoleAsync(request);

UpdateRoleAsync(UpdateRoleRequest, CancellationToken)

public virtual Task<Role> UpdateRoleAsync(UpdateRoleRequest request, CancellationToken cancellationToken)

Updates the definition of a custom [Role][google.iam.admin.v1.Role].

Parameters
Name	Description
`request`	`UpdateRoleRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskRole`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
UpdateRoleRequest request = new UpdateRoleRequest
{
    ResourceName = new UnparsedResourceName("a/wildcard/resource"),
    Role = new Role(),
    UpdateMask = new FieldMask(),
};
// Make the request
Role response = await iAMClient.UpdateRoleAsync(request);

UpdateServiceAccount(ServiceAccount, CallSettings)

public virtual ServiceAccount UpdateServiceAccount(ServiceAccount request, CallSettings callSettings = null)

Note: We are in the process of deprecating this method. Use [PatchServiceAccount][google.iam.admin.v1.IAM.PatchServiceAccount] instead.

Updates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

You can update only the display_name field.

Parameters
Name	Description
`request`	`ServiceAccount` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ServiceAccount`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
ServiceAccount request = new ServiceAccount
{
    ServiceAccountName = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]"),
    ProjectId = "",
    UniqueId = "",
    Email = "",
    DisplayName = "",
    Description = "",
    Oauth2ClientId = "",
    Disabled = false,
};
// Make the request
ServiceAccount response = iAMClient.UpdateServiceAccount(request);

UpdateServiceAccountAsync(ServiceAccount, CallSettings)

public virtual Task<ServiceAccount> UpdateServiceAccountAsync(ServiceAccount request, CallSettings callSettings = null)

Note: We are in the process of deprecating this method. Use [PatchServiceAccount][google.iam.admin.v1.IAM.PatchServiceAccount] instead.

Updates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

You can update only the display_name field.

Parameters
Name	Description
`request`	`ServiceAccount` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ServiceAccount request = new ServiceAccount
{
    ServiceAccountName = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]"),
    ProjectId = "",
    UniqueId = "",
    Email = "",
    DisplayName = "",
    Description = "",
    Oauth2ClientId = "",
    Disabled = false,
};
// Make the request
ServiceAccount response = await iAMClient.UpdateServiceAccountAsync(request);

UpdateServiceAccountAsync(ServiceAccount, CancellationToken)

public virtual Task<ServiceAccount> UpdateServiceAccountAsync(ServiceAccount request, CancellationToken cancellationToken)

Note: We are in the process of deprecating this method. Use [PatchServiceAccount][google.iam.admin.v1.IAM.PatchServiceAccount] instead.

Updates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

You can update only the display_name field.

Parameters
Name	Description
`request`	`ServiceAccount` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskServiceAccount`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
ServiceAccount request = new ServiceAccount
{
    ServiceAccountName = ServiceAccountName.FromProjectServiceAccount("[PROJECT]", "[SERVICE_ACCOUNT]"),
    ProjectId = "",
    UniqueId = "",
    Email = "",
    DisplayName = "",
    Description = "",
    Oauth2ClientId = "",
    Disabled = false,
};
// Make the request
ServiceAccount response = await iAMClient.UpdateServiceAccountAsync(request);

UploadServiceAccountKey(UploadServiceAccountKeyRequest, CallSettings)

public virtual ServiceAccountKey UploadServiceAccountKey(UploadServiceAccountKeyRequest request, CallSettings callSettings = null)

Uploads the public key portion of a key pair that you manage, and associates the public key with a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

After you upload the public key, you can use the private key from the key pair as a service account key.

Parameters
Name	Description
`request`	`UploadServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`ServiceAccountKey`	The RPC response.

Example

// Create client
IAMClient iAMClient = IAMClient.Create();
// Initialize request argument(s)
UploadServiceAccountKeyRequest request = new UploadServiceAccountKeyRequest
{
    Name = "",
    PublicKeyData = ByteString.Empty,
};
// Make the request
ServiceAccountKey response = iAMClient.UploadServiceAccountKey(request);

UploadServiceAccountKeyAsync(UploadServiceAccountKeyRequest, CallSettings)

public virtual Task<ServiceAccountKey> UploadServiceAccountKeyAsync(UploadServiceAccountKeyRequest request, CallSettings callSettings = null)

Uploads the public key portion of a key pair that you manage, and associates the public key with a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

After you upload the public key, you can use the private key from the key pair as a service account key.

Parameters
Name	Description
`request`	`UploadServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`callSettings`	`CallSettings` If not null, applies overrides to this RPC call.

Returns
Type	Description
`TaskServiceAccountKey`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
UploadServiceAccountKeyRequest request = new UploadServiceAccountKeyRequest
{
    Name = "",
    PublicKeyData = ByteString.Empty,
};
// Make the request
ServiceAccountKey response = await iAMClient.UploadServiceAccountKeyAsync(request);

UploadServiceAccountKeyAsync(UploadServiceAccountKeyRequest, CancellationToken)

public virtual Task<ServiceAccountKey> UploadServiceAccountKeyAsync(UploadServiceAccountKeyRequest request, CancellationToken cancellationToken)

Uploads the public key portion of a key pair that you manage, and associates the public key with a [ServiceAccount][google.iam.admin.v1.ServiceAccount].

After you upload the public key, you can use the private key from the key pair as a service account key.

Parameters
Name	Description
`request`	`UploadServiceAccountKeyRequest` The request object containing all of the parameters for the API call.
`cancellationToken`	`CancellationToken` A CancellationToken to use for this RPC.

Returns
Type	Description
`TaskServiceAccountKey`	A Task containing the RPC response.

Example

// Create client
IAMClient iAMClient = await IAMClient.CreateAsync();
// Initialize request argument(s)
UploadServiceAccountKeyRequest request = new UploadServiceAccountKeyRequest
{
    Name = "",
    PublicKeyData = ByteString.Empty,
};
// Make the request
ServiceAccountKey response = await iAMClient.UploadServiceAccountKeyAsync(request);