- NAME
-
- gcloud beta iap web set-iam-policy - set the IAM policy for an IAP IAM resource
- SYNOPSIS
-
-
gcloud beta iap web set-iam-policyPOLICY_FILE[--region=REGION--resource-type=RESOURCE_TYPE--service=SERVICE--version=VERSION] [GCLOUD_WIDE_FLAG …]
-
- DESCRIPTION
-
(BETA)This command replaces the existing IAM policy for an IAP IAM resource, given a file encoded in JSON or YAML that contains the IAM policy. If the given policy file specifies an "etag" value, then the replacement will succeed only if the policy already in place matches that etag. (An etag obtained via $ gcloud beta iap web get-iam-policy will prevent the replacement if the policy for the resource has been subsequently updated.) A policy file that does not contain an etag value will replace any existing policy for the resource. - EXAMPLES
-
To set the IAM policy for the web accesses to the IAP protected resources within
the active project, run:
gcloud beta iap web set-iam-policy POLICY_FILETo set the IAM policy for the web accesses to the IAP protected resources within a project, run:
gcloud beta iap web set-iam-policy POLICY_FILE --project=PROJECT_IDTo set the IAM policy for the web accesses to the IAP protected resources within an App Engine application, run:
gcloud beta iap web set-iam-policy POLICY_FILE --resource-type=app-engineTo set the IAM policy for the web accesses to the IAP protected resources within an App Engine service, run:
gcloud beta iap web set-iam-policy POLICY_FILE --resource-type=app-engine --service=SERVICE_IDTo set the IAM policy for the web accesses to the IAP protected resources within an App Engine service version, run:
gcloud beta iap web set-iam-policy POLICY_FILE --resource-type=app-engine --service=SERVICE_ID --version=VERSIONTo set the IAM policy for the web accesses to the IAP protected resources within all backend services, run:
gcloud beta iap web set-iam-policy POLICY_FILE --resource-type=backend-servicesTo set the IAM policy for the web accesses to the IAP protected resources within a backend service, run:
gcloud beta iap web set-iam-policy POLICY_FILE --resource-type=backend-services --service=SERVICE_IDTo set the IAM policy for the web accesses to the IAP protected resources within a regional backend service, run:
gcloud beta iap web set-iam-policy POLICY_FILE --resource-type=backend-services --service=SERVICE_ID --region=REGION - POSITIONAL ARGUMENTS
-
POLICY_FILE- JSON or YAML file containing the IAM policy.
- FLAGS
-
--region=REGION-
Region name. Not applicable for
resource-type=app-engine. Required whenresource-type=backend-servicesand regional scoped. Not applicable for global backend-services. Required whenresource-type=cloud-run. --resource-type=RESOURCE_TYPE-
Resource type of the IAP resource.
--resource-type=cloud-runis in private preview and reach out to IAP team in case of any queries.RESOURCE_TYPEmust be one of:app-engine,backend-services,forwarding-rule,cloud-run. --service=SERVICE- Service name.
--version=VERSION-
Service version. Should only be specified with
--resource-type=app-engine.
- GCLOUD WIDE FLAGS
-
These flags are available to all commands:
--access-token-file,--account,--billing-project,--configuration,--flags-file,--flatten,--format,--help,--impersonate-service-account,--log-http,--project,--quiet,--trace-token,--user-output-enabled,--verbosity.Run
$ gcloud helpfor details. - NOTES
-
This command is currently in beta and might change without notice. These
variants are also available:
gcloud iap web set-iam-policygcloud alpha iap web set-iam-policy
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-03-11 UTC.