IAM roles impersonate or manage service accounts used at folder level for Google Cloud.
In GCP Console -
In Terraform -
References:
https://cloud.google.com/resource-manager/docs/access-control-folders
https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_folder_iam