1
0
Fork 0
mirror of https://github.com/imjasonh/gcloud-help synced 2026-07-11 23:49:35 +00:00
gcloud-help/gcloud/beta/source-manager/instances/add-iam-policy-binding
2025-08-27 10:57:46 +00:00

97 lines
3.7 KiB
Text

NAME
gcloud beta source-manager instances add-iam-policy-binding - add an IAM
policy binding to a Secure Source Manager instance
SYNOPSIS
gcloud beta source-manager instances add-iam-policy-binding
(INSTANCE : --region=REGION) --member=PRINCIPAL --role=ROLE
[GCLOUD_WIDE_FLAG ...]
DESCRIPTION
(BETA) Add an IAM policy binding to a Secure Source Manager instance.
EXAMPLES
To add an IAM policy binding for the role of 'roles/editor' for the user
'test-user@gmail.com' with instance named 'my-instance' and location
'us-central1', run:
$ gcloud beta source-manager instances add-iam-policy-binding \
my-instance --region='us-central1' \
--member='user:test-user@gmail.com' --role='roles/editor'
See https://cloud.google.com/iam/docs/managing-policies for details of
policy role and member types.
POSITIONAL ARGUMENTS
Instance resource - The instance for which to add the IAM policy binding.
The arguments in this group can be used to specify the attributes of this
resource. (NOTE) Some attributes are not given arguments in this group but
can be set in other ways.
To set the project attribute:
◆ provide the argument instance on the command line with a fully
specified name;
◆ provide the argument --project on the command line;
◆ set the property core/project.
This must be specified.
INSTANCE
ID of the instance or fully qualified identifier for the instance.
To set the instance attribute:
▸ provide the argument instance on the command line.
This positional argument must be specified if any of the other
arguments in this group are specified.
--region=REGION
Secure Source Manager location.
To set the region attribute:
▸ provide the argument instance on the command line with a fully
specified name;
▸ provide the argument --region on the command line.
REQUIRED FLAGS
--member=PRINCIPAL
The principal to add the binding for. Should be of the form
user|group|serviceAccount:email or domain:domain.
Examples: user:test-user@gmail.com, group:admins@example.com,
serviceAccount:test123@example.domain.com, or
domain:example.domain.com.
Some resources also accept the following special values:
◆ allUsers - Special identifier that represents anyone who is on the
internet, with or without a Google account.
◆ allAuthenticatedUsers - Special identifier that represents anyone
who is authenticated with a Google account or a service account.
--role=ROLE
Role name to assign to the principal. The role name is the complete
path of a predefined role, such as roles/logging.viewer, or the role ID
for a custom role, such as
organizations/{ORGANIZATION_ID}/roles/logging.viewer.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
API REFERENCE
This command uses the securesourcemanager/v1 API. The full documentation
for this API can be found at:
https://cloud.google.com/secure-source-manager
NOTES
This command is currently in beta and might change without notice. These
variants are also available:
$ gcloud source-manager instances add-iam-policy-binding
$ gcloud alpha source-manager instances add-iam-policy-binding