NAME

gcloud alpha iam roles copy - create a role from an existing role

SYNOPSIS

gcloud alpha iam roles copy [--dest-organization=DEST_ORGANIZATION] [--dest-project=DEST_PROJECT] [--destination=DESTINATION] [--source=SOURCE] [--source-organization=SOURCE_ORGANIZATION] [--source-project=SOURCE_PROJECT] [GCLOUD_WIDE_FLAG ...]

DESCRIPTION

(ALPHA) This command creates a role from an existing role.

EXAMPLES

To create a copy of an existing role spanner.databaseAdmin into an organization with 1234567, run:

$ gcloud alpha iam roles copy \ --source="roles/spanner.databaseAdmin" \ --destination=CustomViewer --dest-organization=1234567

To create a copy of an existing role spanner.databaseAdmin into a project with PROJECT_ID, run:

$ gcloud alpha iam roles copy \ --source="roles/spanner.databaseAdmin" \ --destination=CustomSpannerDbAdmin --dest-project=PROJECT_ID

To modify the newly created role see the roles update command.

FLAGS

--dest-organization=DEST_ORGANIZATION

The organization of the destination role.

--dest-project=DEST_PROJECT

The project of the destination role.

--destination=DESTINATION

The destination role ID for the new custom role. For example: viewer.

--source=SOURCE

The source role ID. For predefined roles, for example: roles/viewer. For custom roles, for example: myCompanyAdmin.

--source-organization=SOURCE_ORGANIZATION

The organization of the source role if it is an custom role.

--source-project=SOURCE_PROJECT

The project of the source role if it is an custom role.

GCLOUD WIDE FLAGS

These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES

This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:

$ gcloud iam roles copy

$ gcloud beta iam roles copy