gcloud alpha compute backend-services set-iam-policy - set the IAM policy binding for a Compute Engine backend service
gcloud alpha compute backend-services set-iam-policy BACKEND_SERVICE_NAME POLICY_FILE [--global | --region=REGION] [GCLOUD_WIDE_FLAG ...]
(ALPHA) Sets the IAM policy for the given backend service as defined in a JSON or YAML file.
The following command will read an IAM policy defined in a JSON file 'policy.json' and set it for the backend service my-backend-service:
$ gcloud alpha compute backend-services set-iam-policy \ my-backend-service policy.json --region=REGION
$ gcloud alpha compute backend-services set-iam-policy \ my-backend-service policy.json --global
See https://cloud.google.com/iam/docs/managing-policies for details of the policy file format and contents.
- BACKEND_SERVICE_NAME
Name of the backend service to operate on.
- POLICY_FILE
Path to a local JSON or YAML formatted file containing a valid policy.
The output of the get-iam-policy command is a valid file, as is any JSON or YAML file conforming to the structure of a Policy https://cloud.google.com/iam/reference/rest/v1/Policy.
- At most one of these can be specified:
- --global
If set, the backend service is global.
- --region=REGION
Region of the backend service to operate on. Overrides the default compute/region property value for this command invocation.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
$ gcloud compute backend-services set-iam-policy
$ gcloud beta compute backend-services set-iam-policy