NAME
    gcloud iam simulator replay-recent-access - determine affected recent
        access attempts before IAM policy change deployment

SYNOPSIS
    gcloud iam simulator replay-recent-access RESOURCE POLICY_FILE
        [GCLOUD_WIDE_FLAG ...]

DESCRIPTION
    Replay the most recent 1,000 access logs from the past 90 days using the
    simulated policy. For each log entry, the replay determines if setting the
    provided policy on the given resource would result in a change in the
    access state, e.g. a previously granted access becoming denied. Any
    differences found are returned.

EXAMPLES
    To simulate a permission change of a member on a resource, run:

        $ gcloud iam simulator replay-recent-access projects/project-id \
            path/to/policy_file.json

    See https://cloud.google.com/iam/docs/managing-policies for details of
    policy role and member types.

POSITIONAL ARGUMENTS
     RESOURCE
        Full resource name to simulate the IAM policy for.

        See:
        https://cloud.google.com/apis/design/resource_names#full_resource_name.

     POLICY_FILE
        Path to a local JSON or YAML formatted file containing a valid policy.

        The output of the get-iam-policy command is a valid file, as is any
        JSON or YAML file conforming to the structure of a Policy. See the
        Policy reference
        (https://cloud.google.com/iam/reference/rest/v1/Policy) for details.

GCLOUD WIDE FLAGS
    These flags are available to all commands: --access-token-file, --account,
    --billing-project, --configuration, --flags-file, --flatten, --format,
    --help, --impersonate-service-account, --log-http, --project, --quiet,
    --trace-token, --user-output-enabled, --verbosity.

    Run $ gcloud help for details.
