Menu
Is there a way to list all permissions from a user in GCP?
I know there is this command:
gcloud projects get-iam-policy "project-ID"
but I can only see the IAM roles I have set up in the IAM console. For example I do not see the IAM role
BigQuery Data Viewer
that I have set up to a user on a dataset in the BigQuery page.
729
in GCP is there a way to list all permissions of an user?
In Google Cloud Platform there is no single command that can do this. Permissions via roles are assigned to resources. Organizations, Folders, Projects, Databases, Storage Objects, KMS keys, etc can have IAM permissions assigned to them. You must scan (check IAM permissions for) every resource to determine the total set of permissions that an IAM member account has.
These features are both a strength and a weakness in Google Cloud authorization, security, and auditing. These features are very powerful when understood well.
168
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
