diff --git a/packages/google-cloud-iam/google/cloud/iam_credentials_v1/proto/common.proto b/packages/google-cloud-iam/google/cloud/iam_credentials_v1/proto/common.proto
deleted file mode 100644
index 045a0dfbcaa4..000000000000
--- a/packages/google-cloud-iam/google/cloud/iam_credentials_v1/proto/common.proto
+++ /dev/null
@@ -1,189 +0,0 @@
-// Copyright 2020 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-syntax = "proto3";
-
-package google.iam.credentials.v1;
-
-import "google/api/field_behavior.proto";
-import "google/api/resource.proto";
-import "google/protobuf/duration.proto";
-import "google/protobuf/timestamp.proto";
-
-option cc_enable_arenas = true;
-option csharp_namespace = "Google.Cloud.Iam.Credentials.V1";
-option go_package = "google.golang.org/genproto/googleapis/iam/credentials/v1;credentials";
-option java_multiple_files = true;
-option java_outer_classname = "IAMCredentialsCommonProto";
-option java_package = "com.google.cloud.iam.credentials.v1";
-option (google.api.resource_definition) = {
-  type: "iam.googleapis.com/ServiceAccount"
-  pattern: "projects/{project}/serviceAccounts/{service_account}"
-};
-
-message GenerateAccessTokenRequest {
-  // Required. The resource name of the service account for which the credentials
-  // are requested, in the following format:
-  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
-  // character is required; replacing it with a project ID is invalid.
-  string name = 1 [
-    (google.api.field_behavior) = REQUIRED,
-    (google.api.resource_reference) = {
-      type: "iam.googleapis.com/ServiceAccount"
-    }
-  ];
-
-  // The sequence of service accounts in a delegation chain. Each service
-  // account must be granted the `roles/iam.serviceAccountTokenCreator` role
-  // on its next service account in the chain. The last service account in the
-  // chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-  // on the service account that is specified in the `name` field of the
-  // request.
-  //
-  // The delegates must have the following format:
-  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
-  // character is required; replacing it with a project ID is invalid.
-  repeated string delegates = 2;
-
-  // Required. Code to identify the scopes to be included in the OAuth 2.0 access token.
-  // See https://developers.google.com/identity/protocols/googlescopes for more
-  // information.
-  // At least one value required.
-  repeated string scope = 4 [(google.api.field_behavior) = REQUIRED];
-
-  // The desired lifetime duration of the access token in seconds.
-  // Must be set to a value less than or equal to 3600 (1 hour). If a value is
-  // not specified, the token's lifetime will be set to a default value of one
-  // hour.
-  google.protobuf.Duration lifetime = 7;
-}
-
-message GenerateAccessTokenResponse {
-  // The OAuth 2.0 access token.
-  string access_token = 1;
-
-  // Token expiration time.
-  // The expiration time is always set.
-  google.protobuf.Timestamp expire_time = 3;
-}
-
-message SignBlobRequest {
-  // Required. The resource name of the service account for which the credentials
-  // are requested, in the following format:
-  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
-  // character is required; replacing it with a project ID is invalid.
-  string name = 1 [
-    (google.api.field_behavior) = REQUIRED,
-    (google.api.resource_reference) = {
-      type: "iam.googleapis.com/ServiceAccount"
-    }
-  ];
-
-  // The sequence of service accounts in a delegation chain. Each service
-  // account must be granted the `roles/iam.serviceAccountTokenCreator` role
-  // on its next service account in the chain. The last service account in the
-  // chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-  // on the service account that is specified in the `name` field of the
-  // request.
-  //
-  // The delegates must have the following format:
-  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
-  // character is required; replacing it with a project ID is invalid.
-  repeated string delegates = 3;
-
-  // Required. The bytes to sign.
-  bytes payload = 5 [(google.api.field_behavior) = REQUIRED];
-}
-
-message SignBlobResponse {
-  // The ID of the key used to sign the blob.
-  string key_id = 1;
-
-  // The signed blob.
-  bytes signed_blob = 4;
-}
-
-message SignJwtRequest {
-  // Required. The resource name of the service account for which the credentials
-  // are requested, in the following format:
-  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
-  // character is required; replacing it with a project ID is invalid.
-  string name = 1 [
-    (google.api.field_behavior) = REQUIRED,
-    (google.api.resource_reference) = {
-      type: "iam.googleapis.com/ServiceAccount"
-    }
-  ];
-
-  // The sequence of service accounts in a delegation chain. Each service
-  // account must be granted the `roles/iam.serviceAccountTokenCreator` role
-  // on its next service account in the chain. The last service account in the
-  // chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-  // on the service account that is specified in the `name` field of the
-  // request.
-  //
-  // The delegates must have the following format:
-  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
-  // character is required; replacing it with a project ID is invalid.
-  repeated string delegates = 3;
-
-  // Required. The JWT payload to sign: a JSON object that contains a JWT Claims Set.
-  string payload = 5 [(google.api.field_behavior) = REQUIRED];
-}
-
-message SignJwtResponse {
-  // The ID of the key used to sign the JWT.
-  string key_id = 1;
-
-  // The signed JWT.
-  string signed_jwt = 2;
-}
-
-message GenerateIdTokenRequest {
-  // Required. The resource name of the service account for which the credentials
-  // are requested, in the following format:
-  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
-  // character is required; replacing it with a project ID is invalid.
-  string name = 1 [
-    (google.api.field_behavior) = REQUIRED,
-    (google.api.resource_reference) = {
-      type: "iam.googleapis.com/ServiceAccount"
-    }
-  ];
-
-  // The sequence of service accounts in a delegation chain. Each service
-  // account must be granted the `roles/iam.serviceAccountTokenCreator` role
-  // on its next service account in the chain. The last service account in the
-  // chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-  // on the service account that is specified in the `name` field of the
-  // request.
-  //
-  // The delegates must have the following format:
-  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
-  // character is required; replacing it with a project ID is invalid.
-  repeated string delegates = 2;
-
-  // Required. The audience for the token, such as the API or account that this token
-  // grants access to.
-  string audience = 3 [(google.api.field_behavior) = REQUIRED];
-
-  // Include the service account email in the token. If set to `true`, the
-  // token will contain `email` and `email_verified` claims.
-  bool include_email = 4;
-}
-
-message GenerateIdTokenResponse {
-  // The OpenId Connect ID token.
-  string token = 1;
-}
diff --git a/packages/google-cloud-iam/google/cloud/iam_credentials_v1/proto/iamcredentials.proto b/packages/google-cloud-iam/google/cloud/iam_credentials_v1/proto/iamcredentials.proto
deleted file mode 100644
index b5dcae87f4e3..000000000000
--- a/packages/google-cloud-iam/google/cloud/iam_credentials_v1/proto/iamcredentials.proto
+++ /dev/null
@@ -1,78 +0,0 @@
-// Copyright 2020 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-syntax = "proto3";
-
-package google.iam.credentials.v1;
-
-import "google/api/annotations.proto";
-import "google/api/client.proto";
-import "google/iam/credentials/v1/common.proto";
-
-option cc_enable_arenas = true;
-option csharp_namespace = "Google.Cloud.Iam.Credentials.V1";
-option go_package = "google.golang.org/genproto/googleapis/iam/credentials/v1;credentials";
-option java_multiple_files = true;
-option java_outer_classname = "IAMCredentialsProto";
-option java_package = "com.google.cloud.iam.credentials.v1";
-
-// A service account is a special type of Google account that belongs to your
-// application or a virtual machine (VM), instead of to an individual end user.
-// Your application assumes the identity of the service account to call Google
-// APIs, so that the users aren't directly involved.
-//
-// Service account credentials are used to temporarily assume the identity
-// of the service account. Supported credential types include OAuth 2.0 access
-// tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
-// more.
-service IAMCredentials {
-  option (google.api.default_host) = "iamcredentials.googleapis.com";
-  option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform";
-
-  // Generates an OAuth 2.0 access token for a service account.
-  rpc GenerateAccessToken(GenerateAccessTokenRequest) returns (GenerateAccessTokenResponse) {
-    option (google.api.http) = {
-      post: "/v1/{name=projects/*/serviceAccounts/*}:generateAccessToken"
-      body: "*"
-    };
-    option (google.api.method_signature) = "name,delegates,scope,lifetime";
-  }
-
-  // Generates an OpenID Connect ID token for a service account.
-  rpc GenerateIdToken(GenerateIdTokenRequest) returns (GenerateIdTokenResponse) {
-    option (google.api.http) = {
-      post: "/v1/{name=projects/*/serviceAccounts/*}:generateIdToken"
-      body: "*"
-    };
-    option (google.api.method_signature) = "name,delegates,audience,include_email";
-  }
-
-  // Signs a blob using a service account's system-managed private key.
-  rpc SignBlob(SignBlobRequest) returns (SignBlobResponse) {
-    option (google.api.http) = {
-      post: "/v1/{name=projects/*/serviceAccounts/*}:signBlob"
-      body: "*"
-    };
-    option (google.api.method_signature) = "name,delegates,payload";
-  }
-
-  // Signs a JWT using a service account's system-managed private key.
-  rpc SignJwt(SignJwtRequest) returns (SignJwtResponse) {
-    option (google.api.http) = {
-      post: "/v1/{name=projects/*/serviceAccounts/*}:signJwt"
-      body: "*"
-    };
-    option (google.api.method_signature) = "name,delegates,payload";
-  }
-}