REQUIRED: The complete policy to be applied to the resource. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Google Cloud services (such as Projects) might reject them.
OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used:
paths: "bindings, etag"
This is a comma-separated list of fully qualified names of fields. Example: "user.displayName,photo".
Response body
If successful, the response body contains an instance of Policy.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-06-27 UTC."],[[["This endpoint sets the access control policy for a specified resource, replacing any existing policy, and can return `NOT_FOUND`, `INVALID_ARGUMENT`, or `PERMISSION_DENIED` errors."],["The HTTP request uses a `POST` method with a URL structure that follows gRPC Transcoding syntax, and it takes the `resource` path parameter which is a string specifying the target."],["The request body requires a JSON structure that includes a `policy` object, and it optionally allows an `updateMask` string to specify which policy fields to modify."],["A successful request returns a response body containing a `Policy` instance, and the size of the provided policy is limited to a few 10s of KB."],["Authorization requires the `https://www.googleapis.com/auth/cloud-platform` OAuth scope."]]],[]]
