USER_ACCOUNT: 역할을 부여할 사용자 계정입니다. 이 플래그는 ID 공급자 접두사 (user:idpprefix-user@example.com)가 있는 사용자 이메일 주소 또는 서비스 계정 프로젝트(serviceAccount:projectName:serviceAccountName)가 있는 서비스 계정 이름을 허용합니다.
ROLE: 사용자에게 할당할 사전 정의된 역할 또는 맞춤 역할의 이름입니다.
역할 바인딩 삭제
더 이상 액세스 권한이 필요하지 않으면 구성원과 연결된 역할, 권한, 액세스 권한을 삭제합니다.
구성원을 삭제하려면 다음 단계를 따르세요.
콘솔
GDC 콘솔에 로그인합니다.
메뉴 바에서 프로젝트 선택을 클릭합니다. 역할 바인딩을 설정할 기존 프로젝트 중 하나를 선택한 다음 열기를 클릭합니다.
선택한 프로젝트가 메뉴 바의 조직 이름 뒤에 표시됩니다.
탐색 메뉴에서 ID 및 액세스, 액세스를 클릭합니다.
승인된 구성원 목록에서 구성원을 선택합니다. 목록에서 여러 회원을 선택하여 한 번에 여러 회원을 삭제할 수 있습니다.
모든 액세스 권한 삭제를 클릭하여 현재 프로젝트에서 구성원과 연결된 모든 역할 바인딩을 삭제합니다.
USER_ACCOUNT: 역할을 삭제할 사용자 계정입니다. 이 플래그는 ID 공급자 접두사 (user:idpprefix-user@example.com)가 있는 사용자 이메일 주소 또는 서비스 계정 프로젝트(serviceAccount:projectName:serviceAccountName)가 있는 서비스 계정 이름을 허용합니다.
[[["이해하기 쉬움","easyToUnderstand","thumb-up"],["문제가 해결됨","solvedMyProblem","thumb-up"],["기타","otherUp","thumb-up"]],[["이해하기 어려움","hardToUnderstand","thumb-down"],["잘못된 정보 또는 샘플 코드","incorrectInformationOrSampleCode","thumb-down"],["필요한 정보/샘플이 없음","missingTheInformationSamplesINeed","thumb-down"],["번역 문제","translationIssue","thumb-down"],["기타","otherDown","thumb-down"]],["최종 업데이트: 2025-09-04(UTC)"],[[["\u003cp\u003eApplication Operators can add other Application Operators to a project through the GDC console, granting them access to project resources.\u003c/p\u003e\n"],["\u003cp\u003eSetting up role bindings requires \u003ccode\u003eProject IAM Admin\u003c/code\u003e permissions, which can be granted by your Project IAM Admin or Organization IAM Admin.\u003c/p\u003e\n"],["\u003cp\u003eRole bindings can be added via the GDC console by navigating to "Identity & Access" and "Access" then adding the member, or by using the \u003ccode\u003egdcloud\u003c/code\u003e CLI \u003ccode\u003egdcloud projects add-iam-policy-binding\u003c/code\u003e command.\u003c/p\u003e\n"],["\u003cp\u003eRole bindings can be removed via the GDC console by selecting the member and clicking "Remove All Access," or via the \u003ccode\u003egdcloud\u003c/code\u003e CLI \u003ccode\u003egdcloud projects remove-iam-policy-binding\u003c/code\u003e command.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003egdcloud\u003c/code\u003e CLI requires prior installation and authentication via the \u003ccode\u003egdcloud auth login\u003c/code\u003e command before setting or removing role bindings.\u003c/p\u003e\n"]]],[],null,["# Grant access to project resources\n\nAn Application Operator can add other Application Operators to the project\nthrough the GDC console and access to project resources.\n\nBefore you begin\n----------------\n\nPermissions are required to set up or remove role bindings. Ask your Project\nIAM Admin or Organization IAM Admin to grant you the `Project IAM Admin` role.\n\nSet up role bindings\n--------------------\n\nWork through the following steps to set up role bindings: \n\n### Console\n\n1. Sign in to the GDC console. For example, the following image signs in to the GDC console for an organization named `org-1`:\n2. Click **Select project** in the menu bar. Select one of the existing projects you want to set up the role binding in, then click **Open** . The selected project displays after your org name in the menu bar. The following example shows the selected `iam-test` project:\n3. In the navigation menu, click **Identity \\& Access** and **Access** .\n4. Click **Add member** .\n5. In the **Identity provider** dropdown menu, select an identity provider.\n6. After **Member type** , choose whether you want to add individual users with **User** , or groups with **Group** . The following example shows the selected `User`:\n7. In the **Username or group alias** field, enter the username, email address, or alias.\n8. In the **Roles** drop-down list, select the role that you want to assign to the user or group, such as **Project Viewer** . You can bind the selected user or group with multiple roles at a time by clicking **Add Another Role** .\n9. Click **Add** .\n\n### gdcloud\n\n1. Ensure you have the\n [gdcloud CLI installed](/distributed-cloud/hosted/docs/latest/gdch/resources/gdcloud-overview#download-and-install).\n\n2. Sign in using the `gdcloud auth login` command to authenticate with your\n identity provider. For more information, see\n [the gdcloud CLI authentication](/distributed-cloud/hosted/docs/latest/gdch/resources/gdcloud-auth#login).\n\n3. Set up role bindings for a project:\n\n gdcloud projects add-iam-policy-binding \u003cvar translate=\"no\"\u003ePROJECT\u003c/var\u003e \\\n --member=\u003cvar translate=\"no\"\u003eUSER_ACCOUNT\u003c/var\u003e \\\n --role= \u003cvar translate=\"no\"\u003eROLE\u003c/var\u003e\n\n Replace the following variables:\n - \u003cvar translate=\"no\"\u003ePROJECT\u003c/var\u003e: the name of the project for which you're setting up the role binding.\n - \u003cvar translate=\"no\"\u003eUSER_ACCOUNT\u003c/var\u003e: the user account to which you want to grant the role. This flag accepts either a user email address with the identity provider prefix (`user:idpprefix-user@example.com`) or a service account name with the service account project (`serviceAccount:projectName:serviceAccountName`).\n - \u003cvar translate=\"no\"\u003eROLE\u003c/var\u003e: the name of the predefined or custom role you want to assign to the user.\n\nRemove role bindings\n--------------------\n\nWhen access is no longer required, remove a member and their associated roles,\npermissions, and access.\n\nTo remove members, work through the following steps: \n\n### Console\n\n1. Sign in to the GDC console.\n2. Click **Select project** in the menu bar. Select one of the existing projects you want to set up the role binding in, then click **Open**. The selected project displays after your org name in the menu bar.\n3. In the navigation menu, click **Identity \\& Access** and **Access**.\n4. In the authorized members list, select a member. You can remove multiple members at a time by selecting multiple members in the list.\n5. Click **Remove All Access** to remove all the role bindings associated with a member from your current project.\n6. When prompted, click **Remove Member** to confirm.\n\n### gdcloud\n\n1. Ensure you have the\n [gdcloud CLI installed](/distributed-cloud/hosted/docs/latest/gdch/resources/gdcloud-overview#download-and-install).\n\n2. Sign in using the `gdcloud auth login` command to authenticate with your\n identity provider. For more information, see\n [the gdcloud CLI authentication](/distributed-cloud/hosted/docs/latest/gdch/resources/gdcloud-auth#login).\n\n3. Remove role bindings for a project:\n\n gdcloud projects remove-iam-policy-binding \u003cvar translate=\"no\"\u003ePROJECT\u003c/var\u003e \\\n --member=\u003cvar translate=\"no\"\u003eUSER_ACCOUNT\u003c/var\u003e \\\n --role= \u003cvar translate=\"no\"\u003eROLE\u003c/var\u003e\n\n Replace the following variables:\n - \u003cvar translate=\"no\"\u003ePROJECT\u003c/var\u003e: the name of the project from which you're removing the role binding.\n - \u003cvar translate=\"no\"\u003eUSER_ACCOUNT\u003c/var\u003e: the user account from which you want to remove the role. This flag accepts either a user email address with the identity provider prefix (`user:idpprefix-user@example.com`) or a service account name with the service account project (`serviceAccount:projectName:serviceAccountName`).\n - \u003cvar translate=\"no\"\u003eROLE\u003c/var\u003e: the name of the predefined or custom role you want to remove from the user account."]]