setIamPolicy method

Future<Policy> setIamPolicy(SetIamPolicyRequest request, String resource, { String? $fields, })

Sets the IAM policy that is attached to a ServiceAccount.

Use this method to grant or revoke access to the service account. For example, you could grant a principal the ability to impersonate the service account. This method does not enable the service account to access other resources. To grant roles to a service account on a resource, follow these steps: 1. Call the resource's getIamPolicy method to get its current IAM policy. 2. Edit the policy so that it binds the service account to an IAM role for the resource. 3. Call the resource's setIamPolicy method to update its IAM policy. For detailed instructions, see Manage access to project, folders, and organizations or Manage access to other resources.

request - The metadata request object.

Request parameters:

resource - REQUIRED: The resource for which the policy is being specified. See Resource names for the appropriate value for this field. Value must have pattern ^projects/\[^/\]+/serviceAccounts/\[^/\]+$.

$fields - Selector specifying which fields to include in a partial response.

Completes with a Policy.

Completes with a commons.ApiRequestError if the API endpoint returned an error.

If the used http.Client completes with an error when making a REST call, this method will complete with the same error.

Implementation

async.Future<Policy> setIamPolicy(
  SetIamPolicyRequest request,
  core.String resource, {
  core.String? $fields,
}) async {
  final body_ = convert.json.encode(request);
  final queryParams_ = <core.String, core.List<core.String>>{
    if ($fields != null) 'fields': [$fields],
  };

  final url_ = 'v1/' + core.Uri.encodeFull('$resource') + ':setIamPolicy';

  final response_ = await _requester.request(
    url_,
    'POST',
    body: body_,
    queryParams: queryParams_,
  );
  return Policy.fromJson(response_ as core.Map<core.String, core.dynamic>);
}