Sets the access control policy on the specified note or occurrence. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or an occurrence, respectively.
The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.
REQUIRED: The complete policy to be applied to the resource. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Google Cloud services (such as Projects) might reject them.
Response body
If successful, the response body contains an instance of Policy.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-07-31 UTC."],[[["\u003cp\u003eThis document details how to set the access control policy on a specified note or occurrence, requiring specific permissions for each resource type.\u003c/p\u003e\n"],["\u003cp\u003eThe resource can be either a note or an occurrence, identified by a specific format such as \u003ccode\u003eprojects/[PROJECT_ID]/notes/[NOTE_ID]\u003c/code\u003e or \u003ccode\u003eprojects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eRequests are made via HTTP, using gRPC Transcoding syntax, and must specify a location from a predefined list of available locations.\u003c/p\u003e\n"],["\u003cp\u003eThe request body requires a JSON structure containing a policy object, which is necessary for defining the access control policy.\u003c/p\u003e\n"],["\u003cp\u003eSuccessful requests will receive a response body containing a \u003ccode\u003ePolicy\u003c/code\u003e instance, and requests must include the \u003ccode\u003ehttps://www.googleapis.com/auth/cloud-platform\u003c/code\u003e OAuth scope for authorization.\u003c/p\u003e\n"]]],[],null,["# Method: projects.notes.setIamPolicy\n\n- [HTTP request](#body.HTTP_TEMPLATE)\n- [Path parameters](#body.PATH_PARAMETERS)\n- [Request body](#body.request_body)\n - [JSON representation](#body.request_body.SCHEMA_REPRESENTATION)\n- [Response body](#body.response_body)\n- [Authorization scopes](#body.aspect)\n- [Try it!](#try-it)\n\nSets the access control policy on the specified note or occurrence. Requires `containeranalysis.notes.setIamPolicy` or `containeranalysis.occurrences.setIamPolicy` permission if the resource is a note or an occurrence, respectively.\n\nThe resource takes the format `projects/[PROJECT_ID]/notes/[NOTE_ID]` for notes and `projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]` for occurrences.\n\n### HTTP request\n\nChoose a location: \nglobal asia-east1 asia-east2 asia-northeast1 asia-northeast3 asia-south1 asia-south2 asia-southeast1 asia-southeast2 australia-southeast1 europe-central2 europe-north1 europe-southwest1 europe-west1 europe-west2 europe-west3 europe-west4 europe-west6 europe-west8 europe-west9 me-central1 me-central2 me-west1 northamerica-northeast1 northamerica-northeast2 southamerica-east1 southamerica-west1 us-central1 us-central2 us-east1 us-east4 us-east5 us-east7 us-south1 us-west1 us-west2 us-west3 us-west4 africa-south1 asia-northeast2 australia-southeast2 europe-west10 us eu \n\n\u003cbr /\u003e\n\nThe URLs use [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\n### Path parameters\n\n### Request body\n\nThe request body contains data with the following structure:\n\n### Response body\n\nIf successful, the response body contains an instance of [Policy](/artifact-analysis/docs/reference/rest/Shared.Types/Policy).\n\n### Authorization scopes\n\nRequires the following OAuth scope:\n\n- `https://www.googleapis.com/auth/cloud-platform`\n\nFor more information, see the [Authentication Overview](/docs/authentication#authorization-gcp)."]]