gcloud iam

Configure Identity and Access Management (IAM) preferences and service accounts. See also: gcloud. More information: https://cloud.google.com/sdk/gcloud/reference/iam.

• List IAM grantable roles for a resource:

gcloud iam list-grantable-roles resource

• Create a custom role for a organization or project:

gcloud iam roles create role_name --organization|project organization|project_id --file path/to/role.yaml

• Create a service account for a project:

gcloud iam service-accounts create name

• Add an IAM policy binding to a service account:

gcloud iam service-accounts add-iam-policy-binding service_account_email --member member --role role

• Replace existing IAM policy binding:

gcloud iam service-accounts set-iam-policy service_account_email policy_file

• List a service account’s keys:

gcloud iam service-accounts keys list --iam-account service_account_email