gcloud container binauthz attestors set-iam-policy - set the IAM policy for an attestor
gcloud container binauthz attestors set-iam-policy ATTESTOR_NAME POLICY_FILE [GCLOUD_WIDE_FLAG ...]
See https://cloud.google.com/iam/docs/managing-policies for details of the policy file format and contents.
The following command will read an IAM policy defined in a JSON file 'iam_policy.json' and set it for the attestor my_attestor:
$ gcloud container binauthz attestors set-iam-policy my_attestor \ iam_policy.json
- ATTESTOR_NAME
The name of the attestor whose IAM policy will be updated.
- POLICY_FILE
The JSON or YAML file containing the IAM policy.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
These variants are also available:
$ gcloud alpha container binauthz attestors set-iam-policy
$ gcloud beta container binauthz attestors set-iam-policy