gcloud alpha gemini-cloud-assist investigations add-iam-policy-binding

NAME
gcloud alpha gemini-cloud-assist investigations add-iam-policy-binding - adds an IAM policy binding for an investigation
SYNOPSIS
gcloud alpha gemini-cloud-assist investigations add-iam-policy-binding (INVESTIGATION : --region=REGION) --member=PRINCIPAL --role=ROLE [GCLOUD_WIDE_FLAG]
DESCRIPTION
(ALPHA) Adds an IAM policy binding for an investigation.
EXAMPLES
To add an IAM policy binding for the role of 'roles/geminicloudassist.investigationViewer' for the user 'test-user@gmail.com' on the investigation 'project/my-project/locations/my-location/investigations/my-investigation', run:
gcloud alpha gemini-cloud-assist investigations add-iam-policy-binding project/my-project/locations/my-location/investigations/my-investigation --member='user:test-user@gmail.com' --role='roles/geminicloudassist.investigationViewer'

See https://cloud.google.com/iam/docs/managing-policies for details of policy role and member types.

POSITIONAL ARGUMENTS
Investigation resource - The investigation name to add IAM policy binding for. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.

To set the project attribute:

  • provide the argument investigation on the command line with a fully specified name;
  • provide the argument --project on the command line;
  • set the property core/project.

This must be specified.

INVESTIGATION
ID of the investigation or fully qualified identifier for the investigation.

To set the investigation attribute:

  • provide the argument investigation on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--region=REGION
The Cloud region for the investigation.

To set the region attribute:

  • provide the argument investigation on the command line with a fully specified name;
  • provide the argument --region on the command line.
REQUIRED FLAGS
--member=PRINCIPAL
The principal to add the binding for. Should be of the form user|group|serviceAccount:email or domain:domain.

Examples: user:test-user@gmail.com, group:admins@example.com, serviceAccount:test123@example.domain.com, or domain:example.domain.com.

Some resources also accept the following special values:

  • allUsers - Special identifier that represents anyone who is on the internet, with or without a Google account.
  • allAuthenticatedUsers - Special identifier that represents anyone who is authenticated with a Google account or a service account.
--role=ROLE
Role name to assign to the principal. The role name is the complete path of a predefined role, such as roles/logging.viewer, or the role ID for a custom role, such as organizations/{ORGANIZATION_ID}/roles/logging.viewer.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist.