com.google.cloud.iam.admin.v1
The interfaces provided are listed below, along with usage samples.
IAMClient
Service Description: Creates and manages Identity and Access Management (IAM) resources.
You can use this service to work with all of the following resources:
- **Service accounts**, which identify an application or a virtual machine (VM) instance rather than a person
- **Service account keys**, which service accounts use to authenticate with Google APIs
- **IAM policies for service accounts**, which specify the roles that a member has for the service account
- **IAM custom roles**, which help you limit the number of permissions that you grant to members
In addition, you can use this service to complete the following tasks, among others:
- Test whether a service account can use specific permissions
- Check which roles you can grant for a specific resource
- Lint, or validate, condition expressions in an IAM policy
Sample for IAMClient:
try (IAMClient iAMClient = IAMClient.create()) {
ServiceAccountName name = ServiceAccountName.of("[PROJECT]", "[SERVICE_ACCOUNT]");
ServiceAccount response = iAMClient.getServiceAccount(name);
}