gcloud beyondcorp security-gateways applications add-iam-policy-binding

NAME
gcloud beyondcorp security-gateways applications add-iam-policy-binding - add an IAM policy binding to a security gateway application
SYNOPSIS
gcloud beyondcorp security-gateways applications add-iam-policy-binding (APPLICATION : --location=LOCATION --security-gateway=SECURITY_GATEWAY) --member=PRINCIPAL --role=ROLE [GCLOUD_WIDE_FLAG]
DESCRIPTION
Adds an IAM policy binding to the given security gateway application. 
EXAMPLES
    To add an IAM policy binding for the role of
    'roles/beyondcorp.sgApplicationUser' for the user 'test-user@gmail.com'
    on a security gateway application 'my-app' under security gateway
    'my-security-gateway':
 
gcloud beyondcorp security-gateways applications add-iam-policy-binding my-app --security-gateway=my-security-gateway --member='user:test-user@gmail.com' --role='roles/beyondcorp.sgApplicationUser' --location=global
POSITIONAL ARGUMENTS
Application resource - The security gateway application for which to add the IAM policy binding. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.

To set the project attribute:

  • provide the argument application on the command line with a fully specified name;
  • provide the argument --project on the command line;
  • set the property core/project.

This must be specified.

APPLICATION
ID of the application or fully qualified identifier for the application.

To set the application attribute:

  • provide the argument application on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--location=LOCATION
The location id. We support only global location.

To set the location attribute:

  • provide the argument application on the command line with a fully specified name;
  • provide the argument --location on the command line.
--security-gateway=SECURITY_GATEWAY
The security gateway ID.

To set the security-gateway attribute:

  • provide the argument application on the command line with a fully specified name;
  • provide the argument --security-gateway on the command line.
REQUIRED FLAGS
--member=PRINCIPAL
The principal to add the binding for. Should be of the form user|group|serviceAccount:email or domain:domain.

Examples: user:test-user@gmail.com, group:admins@example.com, serviceAccount:test123@example.domain.com, or domain:example.domain.com.

Some resources also accept the following special values:

  • allUsers - Special identifier that represents anyone who is on the internet, with or without a Google account.
  • allAuthenticatedUsers - Special identifier that represents anyone who is authenticated with a Google account or a service account.
--role=ROLE
Role name to assign to the principal. The role name is the complete path of a predefined role, such as roles/logging.viewer, or the role ID for a custom role, such as organizations/{ORGANIZATION_ID}/roles/logging.viewer.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES
This variant is also available: 
gcloud beta beyondcorp security-gateways applications add-iam-policy-binding