Method: projects.serviceAccounts.getIamPolicy

Returns the Cloud IAM access control policy for a ServiceAccount.

Note: Service accounts are both resources and identities. This method treats the service account as a resource. It returns the Cloud IAM policy that reflects what members have access to the service account.

This method does not return what resources the service account has access to. To see if a service account has access to a resource, call the getIamPolicy method on the target resource. For example, to view grants for a project, call the projects.getIamPolicy method.

HTTP request

POST https://iam.googleapis.com/v1/{resource=projects/*/serviceAccounts/*}:getIamPolicy

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters
resource

string

REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.

Query parameters

Parameters
options

object (GetPolicyOptions)

OPTIONAL: A GetPolicyOptions object for specifying options to GetIamPolicy. This field is only used by Cloud IAM.

Request body

The request body must be empty.

Response body

If successful, the response body contains an instance of Policy.

Authorization Scopes

Requires one of the following OAuth scopes:

  • https://www.googleapis.com/auth/iam
  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

GetPolicyOptions

Encapsulates settings provided to GetIamPolicy.

JSON representation
{
  "requestedPolicyVersion": integer
}
Fields
requestedPolicyVersion

integer

Optional. The policy format version to be returned.

Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected.

Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset.

このページは役立ちましたか?評価をお願いいたします。

フィードバックを送信...