Some or all of the information on this page might not apply to Cloud de Confiance by S3NS. See Differences from Google Cloud for more details.

gcloud beta beyondcorp security-gateways add-iam-policy-binding

INFORMATION: gcloud beta beyondcorp security-gateways add-iam-policy-binding is not available in universe domain universe.
NAME: gcloud beta beyondcorp security-gateways add-iam-policy-binding - add an IAM policy binding to a security gateway
SYNOPSIS: gcloud beta beyondcorp security-gateways add-iam-policy-binding (SECURITY_GATEWAY : --location=LOCATION) --member=PRINCIPAL --role=ROLE [GCLOUD_WIDE_FLAG …]
DESCRIPTION: (BETA) Adds an IAM policy binding to the given security gateway.
EXAMPLES: To add an IAM policy binding for the role of 'roles/beyondcorp.serviceDiscoveryUser' for the user 'test-user@gmail.com' on a security gateway with ID 'my-security-gateway':
gcloud beta beyondcorp security-gateways add-iam-policy-binding my-security-gateway --member='user:test-user@gmail.com' --role='roles/beyondcorp.serviceDiscoveryUser' --location=global

See https://cloud.google.com/iam/docs/managing-policies for details on policy role and member types.
POSITIONAL ARGUMENTS: SecurityGateway resource - The security gateway for which to add the IAM policy binding. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.
To set the project attribute:

provide the argument security_gateway on the command line with a fully specified name;

provide the argument --project on the command line;

set the property core/project.

This must be specified.

SECURITY_GATEWAY

ID of the securityGateway or fully qualified identifier for the securityGateway.
To set the security_gateway attribute:

provide the argument security_gateway on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--location=LOCATION

The location id of the securityGateway resource. We support only global location.
To set the location attribute:

provide the argument security_gateway on the command line with a fully specified name;

provide the argument --location on the command line.
REQUIRED FLAGS: --member=PRINCIPAL

The principal to add the binding for. Should be of the form user|group|serviceAccount:email or domain:domain.
Examples: user:test-user@gmail.com, group:admins@example.com, serviceAccount:test123@example.domain.com, or domain:example.domain.com.
Some resources also accept the following special values:

allUsers - Special identifier that represents anyone who is on the internet, with or without a Google account.

allAuthenticatedUsers - Special identifier that represents anyone who is authenticated with a Google account or a service account.

--role=ROLE

Role name to assign to the principal. The role name is the complete path of a predefined role, such as roles/logging.viewer, or the role ID for a custom role, such as organizations/{ORGANIZATION_ID}/roles/logging.viewer.
GCLOUD WIDE FLAGS: These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
API REFERENCE: This command uses the beyondcorp/v1 API. The full documentation for this API can be found at: https://cloud.google.com/
NOTES: This command is currently in beta and might change without notice. This variant is also available:
gcloud beyondcorp security-gateways add-iam-policy-binding