User-created service accounts ending in the provided identities are
allowed to have Admin, Owner or Editor roles granted to them. Otherwise
a finding will be created.
A valid identity can be:
a partilly specified service account that starts with "@", e.g.
"@myproject.iam.gserviceaccount.com". This approves all the service
accounts suffixed with the specified identity.
a fully specified service account that does not start with "@", e.g.
"myadmin@myproject.iam.gserviceaccount.com".
Google-created service accounts are all approved.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-07 UTC."],[[["\u003cp\u003eThis page provides documentation for the \u003ccode\u003eAdminServiceAccountSettings\u003c/code\u003e class, which is part of the \u003ccode\u003eGoogle.Cloud.SecurityCenter.Settings.V1Beta1\u003c/code\u003e namespace within the .NET library.\u003c/p\u003e\n"],["\u003cp\u003e\u003ccode\u003eAdminServiceAccountSettings\u003c/code\u003e is designed to manage settings for the "ADMIN_SERVICE_ACCOUNT" scanner and inherits from \u003ccode\u003eObject\u003c/code\u003e, implementing interfaces like \u003ccode\u003eIMessage\u003c/code\u003e, \u003ccode\u003eIEquatable\u003c/code\u003e, \u003ccode\u003eIDeepCloneable\u003c/code\u003e, and \u003ccode\u003eIBufferMessage\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eThe class includes constructors for creating instances of \u003ccode\u003eAdminServiceAccountSettings\u003c/code\u003e and contains the \u003ccode\u003eApprovedIdentities\u003c/code\u003e property, which is a \u003ccode\u003eRepeatedField\u003c/code\u003e that stores strings representing approved service account identities.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eApprovedIdentities\u003c/code\u003e property determines the user-created service accounts that are allowed to have Admin, Owner, or Editor roles, with the ability to specify partially or fully defined service account identities.\u003c/p\u003e\n"]]],[],null,[]]
