- NAME
-
- gcloud beta iam principal-access-boundary-policies create - create PrincipalAccessBoundaryPolicy instance
- SYNOPSIS
-
-
gcloud beta iam principal-access-boundary-policies create(PRINCIPAL_ACCESS_BOUNDARY_POLICY:--location=LOCATION--organization=ORGANIZATION) [--annotations=[ANNOTATIONS,…]] [--async] [--display-name=DISPLAY_NAME] [--etag=ETAG] [[--details-rules=[description=DESCRIPTION],[effect=EFFECT],[resources=RESOURCES] :--details-enforcement-version=DETAILS_ENFORCEMENT_VERSION]] [GCLOUD_WIDE_FLAG …]
-
- DESCRIPTION
-
(BETA)Create PrincipalAccessBoundaryPolicy instance. - EXAMPLES
-
To create a policy instance called
my-policy, run:gcloud beta iam principal-access-boundary-policies create my-policy --organization=123 --location=global - POSITIONAL ARGUMENTS
-
-
PrincipalAccessBoundaryPolicy resource - Identifier. The resource name of the
principal access boundary policy.
The following format is supported:
organizations/{organization_id}/locations/{location}/principalAccessBoundaryPolicies/{policy_id}The arguments in this group can be used to specify the attributes of this resource.This must be specified.
PRINCIPAL_ACCESS_BOUNDARY_POLICY-
ID of the principalAccessBoundaryPolicy or fully qualified identifier for the
principalAccessBoundaryPolicy.
To set the
principal_access_boundary_policyattribute:-
provide the argument
principal_access_boundary_policyon the command line.
This positional argument must be specified if any of the other arguments in this group are specified.
-
provide the argument
--location=LOCATION-
The location id of the principalAccessBoundaryPolicy resource.
To set the
locationattribute:-
provide the argument
principal_access_boundary_policyon the command line with a fully specified name; -
provide the argument
--locationon the command line.
-
provide the argument
--organization=ORGANIZATION-
The organization id of the principalAccessBoundaryPolicy resource.
To set the
organizationattribute:-
provide the argument
principal_access_boundary_policyon the command line with a fully specified name; -
provide the argument
--organizationon the command line.
-
provide the argument
-
PrincipalAccessBoundaryPolicy resource - Identifier. The resource name of the
principal access boundary policy.
- FLAGS
-
--annotations=[ANNOTATIONS,…]-
User defined annotations. See http://google.aip.dev/148#annotations
for more details such as format and size limitations.
KEY-
Sets
KEYvalue. VALUE-
Sets
VALUEvalue.
Shorthand Example:--annotations=string=string
JSON Example:--annotations='{"string": "string"}'File Example:--annotations=path_to_file.(yaml|json)
--async- Return immediately, without waiting for the operation in progress to complete.
--display-name=DISPLAY_NAME- The description of the principal access boundary policy. Must be less than or equal to 63 characters.
--etag=ETAG- The etag for the principal access boundary. If this is provided on update, it must match the server's etag.
-
Principal access boundary policy details
--details-rules=[description=DESCRIPTION],[effect=EFFECT],[resources=RESOURCES]-
A list of principal access boundary policy rules. The number of rules in a
policy is limited to 500. Required, A list of principal access boundary policy
rules. The number of rules in a policy is limited to 500.
description- The description of the principal access boundary policy rule. Must be less than or equal to 256 characters.
effect- The access relationship of principals to the resources in this rule.
resources-
A list of Cloud Resource Manager resources. The resource and all the descendants
are included. The number of resources in a policy is limited to 500 across all
rules.
The following resource names are supported:
- Organization, such as "//cloudresourcemanager.googleapis.com/organizations/123".
- Folder, such as "//cloudresourcemanager.googleapis.com/folders/123".
- Project, such as "//cloudresourcemanager.googleapis.com/projects/123" or "//cloudresourcemanager.googleapis.com/projects/my-project-id".
Shorthand Example:--details-rules=description=string,effect=string,resources=["string"] --details-rules=description=string,effect=string,resources=["string"]
JSON Example:--details-rules='[{"description": "string", "effect": "string", "resources": ["string"]}]'File Example:--details-rules=path_to_file.(yaml|json)
This flag argument must be specified if any of the other arguments in this group are specified.
--details-enforcement-version=DETAILS_ENFORCEMENT_VERSION- The version number that indicates which GCP services are included in the enforcement (e.g. "latest", "1", …). If empty, the PAB policy version will be set to the current latest version, and this version won't get updated when new versions are released.
- GCLOUD WIDE FLAGS
-
These flags are available to all commands:
--access-token-file,--account,--billing-project,--configuration,--flags-file,--flatten,--format,--help,--impersonate-service-account,--log-http,--project,--quiet,--trace-token,--user-output-enabled,--verbosity.Run
$ gcloud helpfor details. - API REFERENCE
-
This command uses the
iam/v3betaAPI. The full documentation for this API can be found at: http://cloud.go888ogle.com.fqhub.com/iam/ - NOTES
- This command is currently in beta and might change without notice.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-06-04 UTC.
[{
"type": "thumb-down",
"id": "hardToUnderstand",
"label":"Hard to understand"
},{
"type": "thumb-down",
"id": "incorrectInformationOrSampleCode",
"label":"Incorrect information or sample code"
},{
"type": "thumb-down",
"id": "missingTheInformationSamplesINeed",
"label":"Missing the information/samples I need"
},{
"type": "thumb-down",
"id": "otherDown",
"label":"Other"
}]
[{
"type": "thumb-up",
"id": "easyToUnderstand",
"label":"Easy to understand"
},{
"type": "thumb-up",
"id": "solvedMyProblem",
"label":"Solved my problem"
},{
"type": "thumb-up",
"id": "otherUp",
"label":"Other"
}]