NAME

gcloud alpha transfer authorize - authorize an account for all Transfer Service features

SYNOPSIS

gcloud alpha transfer authorize [--add-missing] [--creds-file=CREDS_FILE] [GCLOUD_WIDE_FLAG ...]

DESCRIPTION

(ALPHA) Authorize a Google account for all Transfer Service features.

This command provides admin and owner rights for simplicity. If that's too much authority for your use case, see custom setups here: https://cloud.google.com/storage-transfer/docs/on-prem-set-up

EXAMPLES

To see what Transfer Service IAM roles the account logged into gcloud may be missing, run:

$ gcloud alpha transfer authorize

To add the missing IAM roles, run:

$ gcloud alpha transfer authorize --add-missing

To check a custom service account for missing roles, run:

$ gcloud alpha transfer authorize \ --creds-file=path/to/service-account-key.json

FLAGS

--add-missing

Add IAM roles necessary to use all Transfer Service features to the specified account. By default, this command just prints missing roles.

--creds-file=CREDS_FILE

The path to the creds file for an account to authorize. The file should be in JSON format and contain a "type" and "client_email", which are automatically generated for most creds files downloaded from Google (e.g. service account tokens). If this flag is not present, the command authorizes the user currently logged into gcloud.

GCLOUD WIDE FLAGS

These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES

This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. This variant is also available:

$ gcloud transfer authorize