gcloud_iam_service-accounts_set-iam-policy (1)
NAME
- gcloud iam service-accounts set-iam-policy - set IAM policy for a service account
SYNOPSIS
-
gcloud iam service-accounts set-iam-policy SERVICE_ACCOUNT POLICY_FILE [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
When managing IAM roles, you can treat a service account either as a resource or as an identity. This command is to set the iam policy of a service account resource. There are other gcloud commands to manage IAM policies for other types of resources. For example, to manage IAM policies on a project, use the $ gcloud projects commands.
POSITIONAL ARGUMENTS
-
- SERVICE_ACCOUNT
-
The service account whose policy to set. The account should be formatted either
as a numeric service account ID or as an email, like this: 123456789876543212345
or my-iam-account@somedomain.com.
- POLICY_FILE
-
Path to a local JSON or YAML formatted file containing a valid policy.
GCLOUD WIDE FLAGS
These flags are available to all commands: --account, --configuration, --flags-file, --flatten, --format, --help, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity. Run $ gcloud help for details.
EXAMPLES
The following command will read an IAM policy defined in a JSON file 'policy.json' and set it for a service account with identifier 'my-iam-account@somedomain.com'
-
$ gcloud iam service-accounts set-iam-policy \
my-iam-account@somedomain.com policy.json
See cloud.google.com/iam/docs/managing-policies for details of the policy file format and contents.
NOTES
These variants are also available:
- $ gcloud alpha iam service-accounts set-iam-policy $ gcloud beta iam service-accounts set-iam-policy