Google Cloud v9.3.0 published on Tuesday, Oct 7, 2025 by Pulumi
gcp.serviceaccount.getIamPolicy
Retrieves the current IAM policy data for a service account.
example
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const foo = gcp.serviceaccount.getIamPolicy({
serviceAccountId: testAccount.name,
});
import pulumi
import pulumi_gcp as gcp
foo = gcp.serviceaccount.get_iam_policy(service_account_id=test_account["name"])
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v9/go/gcp/serviceaccount"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := serviceaccount.GetIamPolicy(ctx, &serviceaccount.GetIamPolicyArgs{
ServiceAccountId: testAccount.Name,
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var foo = Gcp.ServiceAccount.GetIamPolicy.Invoke(new()
{
ServiceAccountId = testAccount.Name,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.serviceaccount.ServiceaccountFunctions;
import com.pulumi.gcp.serviceaccount.inputs.GetIamPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var foo = ServiceaccountFunctions.getIamPolicy(GetIamPolicyArgs.builder()
.serviceAccountId(testAccount.name())
.build());
}
}
variables:
foo:
fn::invoke:
function: gcp:serviceaccount:getIamPolicy
arguments:
serviceAccountId: ${testAccount.name}
Using getIamPolicy
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getIamPolicy(args: GetIamPolicyArgs, opts?: InvokeOptions): Promise<GetIamPolicyResult>
function getIamPolicyOutput(args: GetIamPolicyOutputArgs, opts?: InvokeOptions): Output<GetIamPolicyResult>def get_iam_policy(service_account_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetIamPolicyResult
def get_iam_policy_output(service_account_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetIamPolicyResult]func GetIamPolicy(ctx *Context, args *GetIamPolicyArgs, opts ...InvokeOption) (*GetIamPolicyResult, error)
func GetIamPolicyOutput(ctx *Context, args *GetIamPolicyOutputArgs, opts ...InvokeOption) GetIamPolicyResultOutput> Note: This function is named GetIamPolicy in the Go SDK.
public static class GetIamPolicy
{
public static Task<GetIamPolicyResult> InvokeAsync(GetIamPolicyArgs args, InvokeOptions? opts = null)
public static Output<GetIamPolicyResult> Invoke(GetIamPolicyInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetIamPolicyResult> getIamPolicy(GetIamPolicyArgs args, InvokeOptions options)
public static Output<GetIamPolicyResult> getIamPolicy(GetIamPolicyArgs args, InvokeOptions options)
fn::invoke:
function: gcp:serviceaccount/getIamPolicy:getIamPolicy
arguments:
# arguments dictionaryThe following arguments are supported:
- Service
Account stringId - The fully-qualified name of the service account to apply policy to.
- Service
Account stringId - The fully-qualified name of the service account to apply policy to.
- service
Account StringId - The fully-qualified name of the service account to apply policy to.
- service
Account stringId - The fully-qualified name of the service account to apply policy to.
- service_
account_ strid - The fully-qualified name of the service account to apply policy to.
- service
Account StringId - The fully-qualified name of the service account to apply policy to.
getIamPolicy Result
The following output properties are available:
- Etag string
- (Computed) The etag of the IAM policy.
- Id string
- The provider-assigned unique ID for this managed resource.
- Policy
Data string - (Computed) The policy data
- Service
Account stringId
- Etag string
- (Computed) The etag of the IAM policy.
- Id string
- The provider-assigned unique ID for this managed resource.
- Policy
Data string - (Computed) The policy data
- Service
Account stringId
- etag String
- (Computed) The etag of the IAM policy.
- id String
- The provider-assigned unique ID for this managed resource.
- policy
Data String - (Computed) The policy data
- service
Account StringId
- etag string
- (Computed) The etag of the IAM policy.
- id string
- The provider-assigned unique ID for this managed resource.
- policy
Data string - (Computed) The policy data
- service
Account stringId
- etag str
- (Computed) The etag of the IAM policy.
- id str
- The provider-assigned unique ID for this managed resource.
- policy_
data str - (Computed) The policy data
- service_
account_ strid
- etag String
- (Computed) The etag of the IAM policy.
- id String
- The provider-assigned unique ID for this managed resource.
- policy
Data String - (Computed) The policy data
- service
Account StringId
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
google-betaTerraform Provider.
