General reference documentation
-
IAM REST API
Manage roles and permissions, and manage your service accounts and keys, with the REST API.
-
IAM RPC API
Manage roles and permissions, and manage your service accounts and keys, with the RPC API.
-
Security Token Service REST API
Exchange access tokens.
-
Service Account Credentials REST API
Create short-lived, limited-privilege credentials for service accounts.
-
Client libraries
Use a client library to integrate your application with IAM.
-
gcloud iamcommandsUse the
gcloud iamcommands to work with IAM from the command line. -
Resource types that accept allow policies
Learn which resource types accept allow policies.
-
Basic and predefined roles reference
View IAM basic roles, as well as a complete list of IAM predefined roles and the permissions they contain.
-
Permissions reference
View a complete list of IAM permissions and the roles that grant them.
-
Support levels for permissions in custom roles
Learn which IAM permissions you can use in custom roles.
-
Permissions supported in deny policies
Learn which IAM permissions you can use in deny policies.
-
Service agents
Get details about the service accounts that Google Cloud services use to access your resources.
-
Full resource names
Understand the format that IAM uses to identify another service's resources.
-
Retry failed requests
Find out how to retry failed requests to the IAM API.
-
Principal identifiers
Understand the identifiers that you use when listing principals in allow policies and deny policies.
-
Workforce identity federation: supported products and limitations
Lists Google Cloud products that work with workforce identity federation, and provides associated product limitations.