setIamPolicy method
Sets the IAM policy that is attached to a ServiceAccount.
Use this method to grant or revoke access to the service account. For
example, you could grant a principal the ability to impersonate the
service account. This method does not enable the service account to access
other resources. To grant roles to a service account on a resource, follow
these steps: 1. Call the resource's getIamPolicy method to get its
current IAM policy. 2. Edit the policy so that it binds the service
account to an IAM role for the resource. 3. Call the resource's
setIamPolicy method to update its IAM policy. For detailed instructions,
see
Manage access to project, folders, and organizations
or
Manage access to other resources.
request - The metadata request object.
Request parameters:
resource - REQUIRED: The resource for which the policy is being
specified. See
Resource names for
the appropriate value for this field.
Value must have pattern ^projects/\[^/\]+/serviceAccounts/\[^/\]+$.
$fields - Selector specifying which fields to include in a partial
response.
Completes with a Policy.
Completes with a commons.ApiRequestError if the API endpoint returned an error.
If the used http.Client completes with an error when making a REST call,
this method will complete with the same error.
Implementation
async.Future<Policy> setIamPolicy(
SetIamPolicyRequest request,
core.String resource, {
core.String? $fields,
}) async {
final body_ = convert.json.encode(request);
final queryParams_ = <core.String, core.List<core.String>>{
if ($fields != null) 'fields': [$fields],
};
final url_ = 'v1/' + core.Uri.encodeFull('$resource') + ':setIamPolicy';
final response_ = await _requester.request(
url_,
'POST',
body: body_,
queryParams: queryParams_,
);
return Policy.fromJson(response_ as core.Map<core.String, core.dynamic>);
}