BERJAYA

Identity and Access Management (IAM) API

Manages identity and access control for Google Cloud Platform resources, including the creation of service accounts, which you can use to authenticate to Google and make API calls.

REST Resource: v1.iamPolicies
REST Resource: v1.organizations.roles
REST Resource: v1.permissions
REST Resource: v1.projects.roles
REST Resource: v1.projects.serviceAccounts
REST Resource: v1.projects.serviceAccounts.keys
REST Resource: v1.roles

Service: iam.googleapis.com

All URIs below are relative to https://iam.googleapis.com

This service provides the following discovery document:

https://iam.googleapis.com/$discovery/rest?version=v1

REST Resource: v1.iamPolicies

Methods
`lintPolicy`	`POST /v1/iamPolicies:lintPolicy` Lints a Cloud IAM policy object or its sub fields.
`queryAuditableServices`	`POST /v1/iamPolicies:queryAuditableServices` Returns a list of services that support service level audit logging configuration for the given resource.

REST Resource: v1.organizations.roles

Methods
`create`	`POST /v1/{parent=organizations/*}/roles` Creates a new Role.
`delete`	`DELETE /v1/{name=organizations//roles/}` Soft deletes a role.
`get`	`GET /v1/{name=organizations//roles/}` Gets a Role definition.
`list`	`GET /v1/{parent=organizations/*}/roles` Lists the Roles defined on a resource.
`patch`	`PATCH /v1/{name=organizations//roles/}` Updates a Role definition.
`undelete`	`POST /v1/{name=organizations//roles/}:undelete` Undelete a Role, bringing it back in its previous state.

REST Resource: v1.permissions

Methods
`queryTestablePermissions`	`POST /v1/permissions:queryTestablePermissions` Lists the permissions testable on a resource.

REST Resource: v1.projects.roles

Methods
`create`	`POST /v1/{parent=projects/*}/roles` Creates a new Role.
`delete`	`DELETE /v1/{name=projects//roles/}` Soft deletes a role.
`get`	`GET /v1/{name=projects//roles/}` Gets a Role definition.
`list`	`GET /v1/{parent=projects/*}/roles` Lists the Roles defined on a resource.
`patch`	`PATCH /v1/{name=projects//roles/}` Updates a Role definition.
`undelete`	`POST /v1/{name=projects//roles/}:undelete` Undelete a Role, bringing it back in its previous state.

REST Resource: v1.projects.serviceAccounts

Methods
`create`	`POST /v1/{name=projects/*}/serviceAccounts` Creates a `ServiceAccount` and returns it.
`delete`	`DELETE /v1/{name=projects//serviceAccounts/}` Deletes a `ServiceAccount`.
`disable`	`POST /v1/{name=projects//serviceAccounts/}:disable` Disables a `ServiceAccount`.
`enable`	`POST /v1/{name=projects//serviceAccounts/}:enable` Enables a `ServiceAccount`.
`get`	`GET /v1/{name=projects//serviceAccounts/}` Gets a `ServiceAccount`.
`getIamPolicy`	`POST /v1/{resource=projects//serviceAccounts/}:getIamPolicy` Returns the Cloud IAM access control policy for a `ServiceAccount`.
`list`	`GET /v1/{name=projects/*}/serviceAccounts` Lists `ServiceAccounts` for a project.
`patch`	`PATCH /v1/{serviceAccount.name=projects//serviceAccounts/}` Patches a `ServiceAccount`.
`setIamPolicy`	`POST /v1/{resource=projects//serviceAccounts/}:setIamPolicy` Sets the Cloud IAM access control policy for a `ServiceAccount`.
`signBlob`	`POST /v1/{name=projects//serviceAccounts/}:signBlob` Note: This method is in the process of being deprecated.
`signJwt`	`POST /v1/{name=projects//serviceAccounts/}:signJwt` Note: This method is in the process of being deprecated.
`testIamPermissions`	`POST /v1/{resource=projects//serviceAccounts/}:testIamPermissions` Tests the specified permissions against the IAM access control policy for a `ServiceAccount`.
`undelete`	`POST /v1/{name=projects//serviceAccounts/}:undelete` Restores a deleted `ServiceAccount`.
`update`	`PUT /v1/{name=projects//serviceAccounts/}` Updates a `ServiceAccount`.

REST Resource: v1.projects.serviceAccounts.keys

Methods
`create`	`POST /v1/{name=projects//serviceAccounts/}/keys` Creates a `ServiceAccountKey` and returns it.
`delete`	`DELETE /v1/{name=projects//serviceAccounts//keys/*}` Deletes a `ServiceAccountKey`.
`get`	`GET /v1/{name=projects//serviceAccounts//keys/*}` Gets the `ServiceAccountKey` by key id.
`list`	`GET /v1/{name=projects//serviceAccounts/}/keys` Lists `ServiceAccountKeys`.

REST Resource: v1.roles

Methods
`get`	`GET /v1/{name=roles/*}` Gets a Role definition.
`list`	`GET /v1/roles` Lists the Roles defined on a resource.
`queryGrantableRoles`	`POST /v1/roles:queryGrantableRoles` Queries roles that can be granted on a particular resource.

Was this page helpful? Let us know how we did:

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see our Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated March 28, 2019.

Jun	JUL	Aug
	15
2018	2019	2020