如何列出我的Google Cloud Project的所有IAM用户？ [英] How do I list all IAM users for my Google Cloud Project

问题描述

我希望能够列出与我的项目关联的所有用户和服务帐户（最好使用 gcloud CLI工具，但如果需要的话，很乐意进行API调用）。

I'd like to be able to list all users and service account associated with my projects (preferably using the gcloud CLI tool, but happy to make an API call if needs be).

我可以使用这个，但是如何列出所有的用户呢？我期望类似以下的内容，但我在doco中看不到任何东西：

I can easily list all the service accounts associated with a project using this, but how can list all the users too? I'd expect something like the following, but I cannot see anything in the doco:

gcloud beta iam users list

推荐答案

列出项目中的所有服务帐户

以下命令列出与项目相关的所有服务帐户：

List all service accounts in a project

The following command lists all service accounts associated with a project:

$ gcloud iam service-accounts list

NAME                                    EMAIL
Compute Engine default service account  12345678-compute@developer.gserviceaccount.com
dummy-sa-1                              dummy-sa-1@MY_PROJECT.iam.gserviceaccount.com

使用IAM角色列出项目中的所有用户和服务帐户

如果您想列出所有您的可以使用以下命令：

List all Users and Service accounts in a project with their IAM roles

If you would like to list all users/service-accounts who have been granted any IAM roles on a specified project, you can use this command:

$ gcloud projects get-iam-policy MY_PROJECT

bindings:
- members:
  - serviceAccount:12345678-compute@developer.gserviceaccount.com
  - user:alice@foobar.com
  role: roles/editor
- members:
  - user:you@yourdomain.com
  - user:someoneelse@yourdomain.com
  role: roles/owner
etag: ARBITRARY_ETAG_HERE
version: 1

格式化输出

gcloud 支持格式化输出为 json 以及很多其他需要的自定义，这可能更容易在某些情况下解析或仅打印您需要的信息。

Formatting the output

gcloud supports formatting the output as json and lot of other customizations as needed, which might be easier to parse in certain cases or print only the information you need.

示例：

# Prints the output as json instead of the default yaml format
$ gcloud projects get-iam-policy MY_PROJECT --format=json

# Display just the bindings in json format
$ gcloud projects get-iam-policy MY_PROJECT --format='json(bindings)'

# Display the bindings in a flattened format
$ $ gcloud projects get-iam-policy MY_PROJECT --format='flattened(bindings)'

这篇关于如何列出我的Google Cloud Project的所有IAM用户？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！