- NAME
-
- gcloud beta spanner databases add-iam-policy-binding - add IAM policy binding to a Cloud Spanner database
- SYNOPSIS
-
-
gcloud beta spanner databases add-iam-policy-binding( DATABASE:--instance=INSTANCE)--member=MEMBER--role=ROLE[ GCLOUD_WIDE_FLAG …]
-
- DESCRIPTION
-
(BETA)Add an IAM policy binding to a Cloud Spanner database. - POSITIONAL ARGUMENTS
-
-
Database resource - The Cloud Spanner database to which to add the IAM policy
binding. The arguments in this group can be used to specify the attributes of
this resource. (NOTE) Some attributes are not given arguments in this group but
can be set in other ways. To set the [project] attribute: provide the argument
[database] on the command line with a fully specified name; set the property
[core/project]; provide the argument [--project] on the command line. This must
be specified.
DATABASE- ID of the database or fully qualified identifier for the database. This positional must be specified if any of the other arguments in this group are specified.
--instance=INSTANCE- The name of the Cloud Spanner instance.
-
Database resource - The Cloud Spanner database to which to add the IAM policy
binding. The arguments in this group can be used to specify the attributes of
this resource. (NOTE) Some attributes are not given arguments in this group but
can be set in other ways. To set the [project] attribute: provide the argument
[database] on the command line with a fully specified name; set the property
[core/project]; provide the argument [--project] on the command line. This must
be specified.
- REQUIRED FLAGS
-
--member=MEMBER-
The member to add the binding for. Should be of the form
user|group|serviceAccount:emailordomain:domain.Examples:
user:test-user@gmail.com,group:admins@example.com,serviceAccount:test123@example.domain.com, ordomain:example.domain.com.Can also be one of the following special values:
-
allUsers- Special identifier that represents anyone who is on the internet, with or without a Google account. -
allAuthenticatedUsers- Special identifier that represents anyone who is authenticated with a Google account or a service account.
-
--role=ROLE- Define the role of the member.
- GCLOUD WIDE FLAGS
-
These flags are available to all commands: --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account,
--log-http, --project, --quiet, --trace-token, --user-output-enabled,
--verbosity. Run
$ gcloud helpfor details. - API REFERENCE
-
This command uses the
spanner/v1API. The full documentation for this API can be found at: https://cloud.google.com/spanner/ - EXAMPLES
-
To add an IAM policy binding for the role of 'roles/editor' for the user
'test-user@gmail.com' with database 'my-database' and instance 'my-instance',
run:
$ gcloud beta spanner databases add-iam-policy-binding my-database \ --instance='my-instance' --member='user:test-user@gmail.com' \ --role='roles/editor'
See https://cloud.google.com/iam/docs/managing-policies for details of policy role and member types.
- NOTES
-
This command is currently in BETA and may change without notice. These variants
are also available:
$ gcloud spanner databases add-iam-policy-binding $ gcloud alpha spanner databases add-iam-policy-binding
