Console
    Start free

    gcloud asset get-effective-iam-policy

    NAME
    gcloud asset get-effective-iam-policy - get effective IAM policies for a specified list of resources within accessible scope, such as a project, folder or organization
    SYNOPSIS
    gcloud asset get-effective-iam-policy --names = NAMES , [ NAMES , …] --scope = SCOPE [ GCLOUD_WIDE_FLAG ]
    DESCRIPTION
    Batch get effective IAM policies that match a request.
    EXAMPLES
    To list effective IAM policies of 1 resource in an organization, run: 
     gcloud  
asset  
get-effective-iam-policy  
 --scope 
 = 
organizations/YOUR_ORG_ID  
 --names 
 = 
RESOURCE_NAME1

    To list effective IAM policies of 2 resources in a folder, run:

     gcloud  
asset  
get-effective-iam-policy  
 --scope 
 = 
folders/YOUR_FOLDER_ID  
 --names 
 = 
RESOURCE_NAME1,RESOURCE_NAME2

    To list effective IAM policies of 3 resources in a project using project ID, run:

     gcloud  
asset  
get-effective-iam-policy  
 --scope 
 = 
projects/YOUR_PROJECT_ID  
 --names 
 = 
RESOURCE_NAME1,RESOURCE_NAME2,RESOURCE_NAME3

    To list effective IAM policies of 2 resources in a project using project number, run:

     gcloud  
asset  
get-effective-iam-policy  
 --scope 
 = 
projects/YOUR_PROJECT_NUMBER  
 --names 
 = 
RESOURCE_NAME1,RESOURCE_NAME2
    REQUIRED FLAGS
    --names = NAMES ,[ NAMES ,…]
    Names refer to a list of full resource names of searchable asset types . For each batch call, total number of names provided is between 1 and 20.

    The example value is:

    • //cloudsql.googleapis.com/projects/{PROJECT_ID}/instances/{INSTANCE} (e.g. //cloudsql.googleapis.com/projects/probe-per-rt-project/instances/instance1 )
    --scope = SCOPE
    Scope can be a project, a folder, or an organization. The search is limited to the IAM policies within this scope. The caller must be granted the cloudasset.assets.analyzeIamPolicy , cloudasset.assets.searchAllResources , cloudasset.assets.searchAllIamPolicies permissions on the desired scope.

    The allowed values are:

    • projects/{PROJECT_ID} (e.g. projects/foo-bar )
    • projects/{PROJECT_NUMBER} (e.g. projects/12345678 )
    • folders/{FOLDER_NUMBER} (e.g. folders/1234567 )
    • organizations/{ORGANIZATION_NUMBER} (e.g. organizations/123456 )
    GCLOUD WIDE FLAGS
    These flags are available to all commands: --access-token-file , --account , --billing-project , --configuration , --flags-file , --flatten , --format , --help , --impersonate-service-account , --log-http , --project , --quiet , --trace-token , --user-output-enabled , --verbosity .

    Run $ gcloud help for details.
    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: