Home > Enterprise >  How to Identify the current roles/permissions used in GCP projects?
How to Identify the current roles/permissions used in GCP projects?

Time:12-23

Hi I am a newbie and would greatly appreciate some help.

I am trying to analyze the current roles/permissions in the current GCP projects and consolidate the different roles/permissions in use today. There are many projects. Is there a way to check all of them?

CodePudding user response:

One way to check the inuse role of a certain project is using this command in your cloud shell:

gcloud projects get-iam-policy <project_id> | grep role

The command: gcloud projects get-iam-policy <PROJECT_ID_OR_NUMBER>
lists the IAM policy of a project. It contains users and their specific roles in that project.

grep role reduces the output of the 1st command to roles for readability purposes.

If you want to see full output with users and service account and their corresponding roles, you may remove the grep role command.

To check out for more details regarding iam policy you may refer to this GCP documentation for project level: https://cloud.google.com/sdk/gcloud/reference/projects/get-iam-policy

  • Related