Filtering and formatting 'gcloud projects get-iam-policy'

[Mark Drummond]

Trying to build a gcloud command that will return a list of just the project Owners for a given project. It looks like I need a filter / formatting that implements the logic:

"FOR ALL N, RETURN the list bindings[N].members WHERE bindings[N].role='roles/owner'"

Where N is >= 0.

Maybe it is easier to just pull the entire list as JSON and process it in python?

The content of this message is subject to our e-mail confidentiality policy.
Le contenu de ce message est assujetti à notre politique en matière de confidentialité des courriels.

[Tiago (Google Cloud Platform Support)]

Hi Mark,

There are a couple of different ways to implement this, either scripting with grep/sed/awk or, as you suggested, pulling the output list as JSON and processing it with loops and conditionals in a programming language of your choice. 

A simple approach would be to use the command flags available when listing all the IAM policy for a given project. For instance, the following command:

`gcloud projects get-iam-policy $PROJECT_ID --flatten="bindings[].members" --format="table(bindings.members)" --filter="bindings.role:roles/owner"`

outputs all the users and service accounts associated with the role ‘roles/owner’ in the project in question.