get iam policy – your gcloud friend
Anytime someone asks you - Can you show me all the administrators for this GCP org?
Can you show me who are the project owners for these projects?
Can you show me who are the security auditors on this org?
etc...
The general question is that you are trying to determine all IAM users who are assigned certain roles.
The quickest way to do this is via gCloud and the get-iam-policy command.
gCloud organizations get-iam-policy org_id
gCloud projects get-iam-policy project_id
Hopefully, the pattern is evident.
Leave a Reply