Chapter 56. ServiceAccountService

56.1. ListServiceAccounts

GET /v1/serviceaccounts

56.1.1. Description

56.1.2. Parameters

56.1.2.1. Query Parameters

Name	Required	Default
query	-	null
pagination.limit	-	null
pagination.offset	-	null
pagination.sortOption.field	-	null
pagination.sortOption.reversed	-	null
pagination.sortOption.aggregateBy.aggrFunc	-	UNSET
pagination.sortOption.aggregateBy.distinct	-	null

56.1.3. Return Type

V1ListServiceAccountResponse

56.1.4. Content Type

application/json

56.1.5. Responses

Table 56.1. HTTP Response Codes
Code	Message	Datatype
200	A successful response.	V1ListServiceAccountResponse
0	An unexpected error response.	GooglerpcStatus

56.1.6. Samples

56.1.7. Common object reference

56.1.7.1. GooglerpcStatus

Field Name	Type	Format
code	Integer	int32
message	String
details	List of ProtobufAny

56.1.7.2. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}

Example 3: Pack and unpack a message in Python.

foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...

Example 4: Pack and unpack a message in Go

foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

56.1.7.2.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}

{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}

Field Name	Required	Nullable	Type	Description	Format
@type			String	A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics.

56.1.7.3. StorageK8sRole

Properties of an individual k8s Role or ClusterRole. ////////////////////////////////////////

Field Name	Type	Format
id	String
name	String
namespace	String
clusterId	String
clusterName	String
clusterRole	Boolean
labels	Map of `string`
annotations	Map of `string`
createdAt	Date	date-time
rules	List of StoragePolicyRule

56.1.7.4. StoragePolicyRule

Properties of an individual rules that grant permissions to resources. ////////////////////////////////////////

Field Name	Required	Nullable	Type	Description	Format
verbs			List of `string`
apiGroups			List of `string`
resources			List of `string`
nonResourceUrls			List of `string`
resourceNames			List of `string`

56.1.7.5. StorageServiceAccount

Any properties of an individual service account. (regardless of time, scope, or context) ////////////////////////////////////////

Field Name	Type	Format
id	String
name	String
namespace	String
clusterName	String
clusterId	String
labels	Map of `string`
annotations	Map of `string`
createdAt	Date	date-time
automountToken	Boolean
secrets	List of `string`
imagePullSecrets	List of `string`

56.1.7.6. V1ListServiceAccountResponse

A list of service accounts (free of scoped information) Next Tag: 2

Field Name	Required	Nullable	Type	Description	Format
saAndRoles			List of V1ServiceAccountAndRoles

56.1.7.7. V1SADeploymentRelationship

Service accounts can be used by a deployment. Next Tag: 3

Field Name	Required	Nullable	Type	Description	Format
id			String
name			String	Name of the deployment.

56.1.7.8. V1ScopedRoles

Field Name	Required	Nullable	Type	Description	Format
namespace			String
roles			List of StorageK8sRole

56.1.7.9. V1ServiceAccountAndRoles

A service account and the roles that reference it Next Tag: 5

Field Name	Required	Nullable	Type	Description	Format
serviceAccount			StorageServiceAccount
clusterRoles			List of StorageK8sRole
scopedRoles			List of V1ScopedRoles
deploymentRelationships			List of V1SADeploymentRelationship

56.2. GetServiceAccount

GET /v1/serviceaccounts/{id}

56.2.1. Description

56.2.2. Parameters

56.2.2.1. Path Parameters

Name	Description	Required	Default	Pattern
id		X	null

56.2.3. Return Type

V1GetServiceAccountResponse

56.2.4. Content Type

application/json

56.2.5. Responses

Table 56.2. HTTP Response Codes
Code	Message	Datatype
200	A successful response.	V1GetServiceAccountResponse
0	An unexpected error response.	GooglerpcStatus

56.2.6. Samples

56.2.7. Common object reference

56.2.7.1. GooglerpcStatus

Field Name	Type	Format
code	Integer	int32
message	String
details	List of ProtobufAny

56.2.7.2. ProtobufAny