serviceAccount property
The service account used to generate an OpenID Connect (OIDC)-compatible JWT token signed by the Google OIDC Provider (accounts.google.com) for extension endpoint (https://cloud.google.com/iam/docs/create-short-lived-credentials-direct#sa-credentials-oidc).
-
The audience for the token will be set to the URL in the server url defined in the OpenApi spec.
-
If the service account is provided, the service account should grant
iam.serviceAccounts.getOpenIdTokenpermission to Vertex AI Extension Service Agent (https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents).
Implementation
final String? serviceAccount;