- NAME
-
- gcloud bigtable authorized-views add-iam-policy-binding - add an IAM policy binding to a Cloud Bigtable authorized view
- SYNOPSIS
-
-
gcloud bigtable authorized-views add-iam-policy-binding
(AUTHORIZED_VIEW
:--instance
=INSTANCE
--table
=TABLE
)--member
=PRINCIPAL
--role
=ROLE
[--condition
=[KEY
=VALUE
,…] |--condition-from-file
=PATH_TO_FILE
] [GCLOUD_WIDE_FLAG …
]
-
- DESCRIPTION
- Add an IAM policy binding to a Cloud Bigtable authorized view. One binding consists of a member, a role, and an optional condition.
- EXAMPLES
-
To add an IAM policy binding for the role of 'roles/editor' for the user
'test-user@gmail.com' with authorized view 'my-authorized-view' in instance
'my-instance' and table 'my-table', run:
gcloud bigtable authorized-views add-iam-policy-binding my-authorized-view --instance='my-instance' --table='my-table' --member='user:test-user@gmail.com' --role='roles/editor'
To add an IAM policy binding which expires at the end of the year 2020 for the role of 'roles/bigtable.admin' and the user 'test-user@gmail.com' with authorized view 'my-authorized-view' in instance 'my-instance' and table 'my-table', run:
gcloud bigtable authorized-views add-iam-policy-binding my-authorized-view --instance='my-instance' --table='my-table' --member='user:test-user@gmail.com' --role='roles/bigtable.admin' --condition='expression=request.time <
timestamp("2021-01-01T00:00:00Z"),title=expires_end_of_2020,descrip\ tion=Expires at midnight on 2020-12-31'See https://cloud.google.com/iam/docs/managing-policies for details of policy role and member types.
- POSITIONAL ARGUMENTS
-
-
Authorized view resource - Cloud Bigtable authorized view to add the IAM policy
binding to. The arguments in this group can be used to specify the attributes of
this resource. (NOTE) Some attributes are not given arguments in this group but
can be set in other ways.
To set the
project
attribute:-
provide the argument
authorized_view
on the command line with a fully specified name; -
provide the argument
--project
on the command line; -
set the property
core/project
.
This must be specified.
AUTHORIZED_VIEW
-
ID of the authorized-view or fully qualified identifier for the authorized-view.
To set the
authorized_view
attribute:-
provide the argument
authorized_view
on the command line.
This positional argument must be specified if any of the other arguments in this group are specified.
-
provide the argument
--instance
=INSTANCE
-
Name of the Cloud Bigtable instance.
To set the
instance
attribute:-
provide the argument
authorized_view
on the command line with a fully specified name; -
provide the argument
--instance
on the command line.
-
provide the argument
--table
=TABLE
-
Name of the Cloud Bigtable table.
To set the
table
attribute:-
provide the argument
authorized_view
on the command line with a fully specified name; -
provide the argument
--table
on the command line.
-
provide the argument
-
provide the argument
-
Authorized view resource - Cloud Bigtable authorized view to add the IAM policy
binding to. The arguments in this group can be used to specify the attributes of
this resource. (NOTE) Some attributes are not given arguments in this group but
can be set in other ways.
- REQUIRED FLAGS
-
--member
=PRINCIPAL
-
The principal to add the binding for. Should be of the form
user|group|serviceAccount:email
ordomain:domain
.Examples:
user:test-user@gmail.com
,group:admins@example.com
,serviceAccount:test123@example.domain.com
, ordomain:example.domain.com
.Some resources also accept the following special values:
-
allUsers
- Special identifier that represents anyone who is on the internet, with or without a Google account. -
allAuthenticatedUsers
- Special identifier that represents anyone who is authenticated with a Google account or a service account.
-
--role
=ROLE
-
Role name to assign to the principal. The role name is the complete path of a
predefined role, such as
roles/logging.viewer
, or the role ID for a custom role, such asorganizations/{ORGANIZATION_ID}/roles/logging.viewer
.
- OPTIONAL FLAGS
-
-
At most one of these can be specified:
--condition
=[KEY
=VALUE
,…]-
A condition to include in the binding. When the condition is explicitly
specified as
None
(--condition=None
), a binding without a condition is added. When the condition is specified and is notNone
,--role
cannot be a basic role. Basic roles areroles/editor
,roles/owner
, androles/viewer
. For more on conditions, refer to the conditions overview guide: https://cloud.google.com/iam/docs/conditions-overviewWhen using the
--condition
flag, include the following key-value pairs:expression
-
(Required) Condition expression that evaluates to True or False. This uses a
subset of Common Expression Language syntax.
If the condition expression includes a comma, use a different delimiter to separate the key-value pairs. Specify the delimiter before listing the key-value pairs. For example, to specify a colon (
:
) as the delimiter, do the following:--condition=^:^title=TITLE:expression=EXPRESSION
. For more information, see https://cloud.google.com/sdk/gcloud/reference/topic/escaping. title
- (Required) A short string describing the purpose of the expression.
description
- (Optional) Additional description for the expression.
--condition-from-file
=PATH_TO_FILE
-
Path to a local JSON or YAML file that defines the condition. To see available
fields, see the help for
--condition
. Use a full or relative path to a local file containing the value of condition.
-
At most one of these can be specified:
- GCLOUD WIDE FLAGS
-
These flags are available to all commands:
--access-token-file
,--account
,--billing-project
,--configuration
,--flags-file
,--flatten
,--format
,--help
,--impersonate-service-account
,--log-http
,--project
,--quiet
,--trace-token
,--user-output-enabled
,--verbosity
.Run
$ gcloud help
for details. - API REFERENCE
-
This command uses the
bigtableadmin/v2
API. The full documentation for this API can be found at: https://cloud.google.com/bigtable/ - NOTES
-
These variants are also available:
gcloud alpha bigtable authorized-views add-iam-policy-binding
gcloud beta bigtable authorized-views add-iam-policy-binding
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-07-30 UTC.