- HTTP request
- Path parameters
- Query parameters
- Request body
- Response body
- Authorization Scopes
- GetPolicyOptions
- Examples
- Try it!
Gets the IAM policy that is attached to a ServiceAccount. This IAM policy specifies which members have access to the service account.
This method does not tell you whether the service account has been granted any roles on other resources. To check whether a service account has role grants on a resource, use the getIamPolicy method for that resource. For example, to view the role grants for a project, call the Resource Manager API's projects.getIamPolicy method.
HTTP request
POST https://iam.googleapis.com/v1/{resource=projects/*/serviceAccounts/*}:getIamPolicy
The URL uses gRPC Transcoding syntax.
Path parameters
| Parameters | |
|---|---|
resource |
REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. |
Query parameters
| Parameters | |
|---|---|
options |
OPTIONAL: A |
Request body
The request body must be empty.
Response body
If successful, the response body contains an instance of Policy.
Authorization Scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/iamhttps://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
GetPolicyOptions
Encapsulates settings provided to GetIamPolicy.
| JSON representation | |
|---|---|
{ "requestedPolicyVersion": integer } |
|
| Fields | |
|---|---|
requestedPolicyVersion |
Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the IAM documentation. |