gcloud alpha iap web get-iam-policy - get IAM policy for an IAP IAM resource
gcloud alpha iap web get-iam-policy [--resource-type=RESOURCE_TYPE : --region=REGION --service=SERVICE --version=VERSION] [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [GCLOUD_WIDE_FLAG ...]
(ALPHA) gcloud alpha iap web get-iam-policy displays the IAM policy associated with an IAP IAM resource. If formatted as JSON, the output can be edited and used as a policy file for set-iam-policy. The output includes an "etag" field identifying the version emitted and allowing detection of concurrent policy updates; see $ gcloud alpha iap web set-iam-policy for additional details.
To get the IAM policy for the web accesses to the IAP protected resources within the active project, run:
$ gcloud alpha iap web get-iam-policy
To get the IAM policy for the web accesses to the IAP protected resources within a project, run:
$ gcloud alpha iap web get-iam-policy --project=PROJECT_ID
To get the IAM policy for the web accesses to the IAP protected resources within an App Engine application, run:
$ gcloud alpha iap web get-iam-policy --resource-type=app-engine
To get the IAM policy for the web accesses to the IAP protected resources within an App Engine service, run:
$ gcloud alpha iap web get-iam-policy --resource-type=app-engine \ --service=SERVICE_ID
To get the IAM policy for the web accesses to the IAP protected resources within an App Engine service version, run:
$ gcloud alpha iap web get-iam-policy --resource-type=app-engine \ --service=SERVICE_ID --version=VERSION
To get the IAM policy for the web accesses to the IAP protected resources within all backend services, run:
$ gcloud alpha iap web get-iam-policy \ --resource-type=backend-services
To get the IAM policy for the web accesses to the IAP protected resources within a backend service, run:
$ gcloud alpha iap web get-iam-policy \ --resource-type=backend-services --service=SERVICE_ID
- --resource-type=RESOURCE_TYPE
Resource type of the IAP resource. RESOURCE_TYPE must be one of: app-engine, backend-services.
- --region=REGION
Region name. Should only be specified with --resource-type=backend-services.
- --service=SERVICE
Service name.
- --version=VERSION
Service version. Should only be specified with --resource-type=app-engine.
- --filter=EXPRESSION
Apply a Boolean filter EXPRESSION to each resource item to be listed. If the expression evaluates True, then that item is listed. For more details and examples of filter expressions, run $ gcloud topic filters. This flag interacts with other flags that are applied in this order: --flatten, --sort-by, --filter, --limit.
- --limit=LIMIT
Maximum number of resources to list. The default is unlimited. This flag interacts with other flags that are applied in this order: --flatten, --sort-by, --filter, --limit.
- --page-size=PAGE_SIZE
Some services group resource list output into pages. This flag specifies the maximum number of resources per page. The default is determined by the service if it supports paging, otherwise it is unlimited (no paging). Paging may be applied before or after --filter and --limit depending on the service.
- --sort-by=[FIELD,...]
Comma-separated list of resource field key names to sort by. The default order is ascending. Prefix a field with ``~'' for descending order on that field. This flag interacts with other flags that are applied in this order: --flatten, --sort-by, --filter, --limit.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
$ gcloud iap web get-iam-policy
$ gcloud beta iap web get-iam-policy