Join Log in
Score:1
Lowell Boone avatar Server

Display Existing Policy Bindings for GCP Service Account

ru flag
Lowell Boone

I'm setting up a service account to access a CloudSQL DB from GKE. I've created both the GSA and the KSA, and have executed the command to associate the two (gcloud iam service-accounts add-iam-policy-binding...). How do I inspect the bindings to ensure that my invocation has succeeded? I would have thought there would be a command like gcloud iam service-accounts list-iam-policy-binding ... to display the status.

237
0 + 0
John Hanley avatar
cn flag
John Hanley
Do you mean **gcloud iam service-accounts get-iam-policy**? With IAM you can add a binding to a policy. To check (read) the bindings, read the policy and process each binding.
0
Reply
Lowell Boone avatar
ru flag
Lowell Boone
Yes! I wonder why that option is not listed in the help...
0
Reply
Score:1
John Hanley avatar Server
cn flag
John Hanley

A service account can be treated as a resource or an identity. This answer applies to service accounts as a resource.

Access control for Google Cloud resources is managed by Identity and Access Management (IAM) policies, which are attached to resources. Each resource can have only one IAM policy.

IAM resource policy manages permissions granted to a member for a resource. These are called bindings. A binding consists of a member, role, and optionally a condition.

The CLI command gcloud iam service-accounts add-iam-policy-binding adds a binding to a policy.

To view the bindings assigned to a resource, read the policy. The command gcloud iam service-accounts get-iam-policy reads the policy.

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.