MEMBER_TYPE is the type of the member you are removing from the policy. For example, user. represents both Google accounts and Google groups. Two special member types are: allAuthenticatedUsers and allUsersMEMBER_NAME is the name of the member you are removing from the policy. For example, [email protected].BUCKET_NAME is the name of the bucket from which you are allowing / denying member access. For example, my-test-bucket.IAM_ROLE is the role to be granted / denied - e.g. roles/storage.admin
gsutil iam ch MEMBER_TYPE:MEMBER_NAME:IAM_ROLE gs://BUCKET_NAME
gsutil iam ch user:[email protected]:roles/storage.admin gs://my_test_bucket
Leave a Reply