gcloud alpha iam policies create - create a policy on the given attachment point with the given name
gcloud alpha iam policies create POLICY_ID --attachment-point=ATTACHMENT_POINT --kind=KIND --policy-file=POLICY_FILE [GCLOUD_WIDE_FLAG ...]
(ALPHA) Create a policy on the given attachment point with the given name.
The following command creates the IAM policy defined at the resource project 123 of kind denypolicies and id my-deny-policy from the file policy.json:
$ gcloud alpha iam policies create my-deny-policy \ --attachment-point=cloudresourcemanager.googleapis.com/\ projects/123 --kind=denypolicies --policy-file=policy.json
- POLICY_ID
Policy ID that is unique for the resource to which the policy is attached.
- --attachment-point=ATTACHMENT_POINT
Resource to which the policy is attached. For valid formats, see https://cloud.google.com/iam/help/deny/attachment-point.
- --kind=KIND
Policy type. Use denypolicies for deny policies.
- --policy-file=POLICY_FILE
Path to the file that contains the policy, in JSON or YAML format. For valid syntax, see https://cloud.google.com/iam/help/deny/policy-syntax.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
$ gcloud iam policies create
$ gcloud beta iam policies create