gcloud alpha resource-manager tags keys set-iam-policy - sets IAM policy for a TagKey resource
gcloud alpha resource-manager tags keys set-iam-policy RESOURCE_NAME POLICY_FILE [GCLOUD_WIDE_FLAG ...]
(ALPHA) Sets the IAM policy for a TagKey resource given the TagKey's display name and parent or the TagKey's numeric id and a file encoded in JSON or YAML that contains the IAM policy.
To set the IAM policy for a TagKey with id '123' and IAM policy defined in a YAML file '/path/to/my_policy.yaml', run:
$ gcloud alpha resource-manager tags keys set-iam-policy \ tagKeys/123 /path/to/my_policy.yaml
To set the IAM policy for a tagKey with the short_name 'env' under 'organization/456' and IAM policy defined in a JSON file '/path/to/my_policy.json', run:
$ gcloud alpha resource-manager tags keys set-iam-policy 456/env \ /path/to/my_policy.json
- RESOURCE_NAME
Resource name or namespaced name. The resource name should be in the form {resource_type}/{numeric_id}. The namespaced name should be in the form {org_id}/{short_name} where short_name must be 1-63 characters, beginning and ending with an alphanumeric character ([a-z0-9A-Z]) with dashes (-), underscores ( _ ), dots (.), and alphanumerics between.
- POLICY_FILE
Path to a local JSON or YAML formatted file containing a valid policy. The output of the get-iam-policy command is a valid file, as is any JSON or YAML file conforming to the structure of a Policy https://cloud.google.com/iam/reference/rest/v1/Policy.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
$ gcloud resource-manager tags keys set-iam-policy
$ gcloud beta resource-manager tags keys set-iam-policy