Resource: ServiceAccount
A service account in the Identity and Access Management API.
To create a service account, specify the projectId
and the accountId
for the account. The accountId
is unique within the project, and is used to generate the service account email address and a stable uniqueId
.
If the account already exists, the account's resource name is returned in the format of projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}. The caller can use the name in other methods to access the account.
All other methods can identify the service account using the format projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}
. Using -
as a wildcard for the PROJECT_ID
will infer the project from the account. The ACCOUNT
value can be the email
address or the uniqueId
of the service account.
JSON representation | |
---|---|
{ "name": string, "projectId": string, "uniqueId": string, "email": string, "displayName": string, "etag": string, "description": string, "oauth2ClientId": string, "disabled": boolean } |
Fields | |
---|---|
name |
The resource name of the service account in the following format: Requests using In responses the resource name will always be in the format |
projectId |
The id of the project that owns the service account. Note: This field is used in responses only. Any value specified here in a request is ignored. |
uniqueId |
The unique and stable id of the service account. Note: This field is used in responses only. Any value specified here in a request is ignored. |
email |
The email address of the service account. Note: This field is used in responses only. Any value specified here in a request is ignored. |
displayName |
Optional. A user-specified name for the service account. Must be less than or equal to 100 UTF-8 bytes. |
etag |
Optional. Note: A base64-encoded string. |
description |
Optional. A user-specified opaque description of the service account. Must be less than or equal to 256 UTF-8 bytes. |
oauth2ClientId |
The OAuth2 client id for the service account. This is used in conjunction with the OAuth2 clientconfig API to make three legged OAuth2 (3LO) flows to access the data of Google users. Note: This field is used in responses only. Any value specified here in a request is ignored. |
disabled |
A bool indicate if the service account is disabled. The field is currently in alpha phase. Note: This field is used in responses only. Any value specified here in a request is ignored. |
Methods |
|
---|---|
|
Creates a ServiceAccount and returns it. |
|
Deletes a ServiceAccount . |
|
DisableServiceAccount is currently in the alpha launch stage. |
|
EnableServiceAccount is currently in the alpha launch stage. |
|
Gets a ServiceAccount . |
|
Returns the Cloud IAM access control policy for a ServiceAccount . |
|
Lists ServiceAccounts for a project. |
|
Patches a ServiceAccount . |
|
Sets the Cloud IAM access control policy for a ServiceAccount . |
|
Note: This method is in the process of being deprecated. |
|
Note: This method is in the process of being deprecated. |
|
Tests the specified permissions against the IAM access control policy for a ServiceAccount . |
|
Restores a deleted ServiceAccount . |
|
Note: This method is in the process of being deprecated. |