Assign an access policy

POST /iam/v1/access_policies

Assign an access policy to a user or a service account. If the email address supplied to the principal request body field is not known to the IAM service, a new user account is created to track that email address within the IAM service. However, a corresponding SSO user account is not created at that time. Use the create SSO user call to create a corresponding SSO user account.

If the principal email address corresponds to a service account, then the specified role is applied to that service account. Service account email addresses conform to the following format:

<service_account_name@<tsg_id>.iam.panServiceAccounts.com

Request

Responses

Successful response.

Assign an access policy

/iam/v1/access_policies

Request​

Responses​

Request

Responses