Method: projects.serviceAccounts.disable

serviceAccounts.disable is currently in the alpha launch stage.

Disables a ServiceAccount, which immediately prevents the service account from authenticating and gaining access to APIs.

Disabled service accounts can be safely restored by using serviceAccounts.enable at any point. Deleted service accounts cannot be restored using this method.

Disabling a service account that is bound to VMs, Apps, Functions, or other jobs will cause those jobs to lose access to resources if they are using the disabled service account.

To improve reliability of your services and avoid unexpected outages, it is recommended to first disable a service account rather than delete it. After disabling the service account, wait at least 24 hours to verify there are no unintended consequences, and then delete the service account.

HTTP request

POST https://iam.googleapis.com/v1/{name=projects/*/serviceAccounts/*}:disable

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters
name

string

The resource name of the service account in the following format: projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}. Using - as a wildcard for the PROJECT_ID will infer the project from the account. The ACCOUNT value can be the email address or the uniqueId of the service account.

Authorization requires the following Google IAM permission on the specified resource name:

  • iam.serviceAccounts.disable

Request body

The request body must be empty.

Response body

If successful, the response body will be empty.

Authorization Scopes

Requires one of the following OAuth scopes:

  • https://www.googleapis.com/auth/iam
  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

หน้านี้มีประโยชน์ไหม โปรดแสดงความคิดเห็น