In this lesson, we are going to demonstrate how to edit a project’s IAM policy using the command line interface (gcloud commands). This lesson is a bit more advanced since we are working with editing JSON files, but it is good to understand the ‘behind the scenes’ working of how IAM policies are set.
For your reference, we are using the below commands for viewing and editing our IAM policies:
Retrieve IAM policy and download in JSON format:
gcloud projects get-iam-policy (PROJECT_ID) --format json > (filename).json
Update IAM policy from updated JSON file:
gcloud projects set-iam-policy PROJECT_ID iam.json
Add single binding without downloading JSON file:
gcloud projects add-iam-policy-binding PROJECT_ID --member user:(user's email)--role roles/editor