To grant the project role of name "pr-test" for project's service account "psa-test" in project "iam-test", run:
gdcloud iam service-accounts add-iam-policy-binding --role=ProjectRole/pr-test --iam-account=psa-test --project=iam-test
必需标志
--iam-account string Project's service account to bind with the role. The flag is required to run the command.
--role string Role to bind with the service account in the format of "RoleType/NAME" where RoleType is one of the Kubernetes type in Role, ProjectRole, ClusterRole or OrganizationRole, and NAME is the name of the role. The flag is required to run the command.
可选标志
--role-namespace string Namespace of Role to bind with the service account. This is only applicable for multizone enabled environments.
[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-09-04。"],[[["\u003cp\u003eThis command, \u003ccode\u003egdcloud iam service-accounts add-iam-policy-binding\u003c/code\u003e, grants a specified role to a project's service account.\u003c/p\u003e\n"],["\u003cp\u003eThe required flags are \u003ccode\u003e--iam-account\u003c/code\u003e, for specifying the target service account, and \u003ccode\u003e--role\u003c/code\u003e, for defining the role to be assigned.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003e--role\u003c/code\u003e flag requires the input to be in the format "RoleType/NAME", where RoleType is one of the following; Role, ProjectRole, ClusterRole or OrganizationRole.\u003c/p\u003e\n"],["\u003cp\u003eThe command automatically generates a binding name, removing the need for user input on this parameter.\u003c/p\u003e\n"],["\u003cp\u003eAn optional flag \u003ccode\u003e--role-namespace\u003c/code\u003e is available for multizone environments, allowing specification of the namespace of the Role.\u003c/p\u003e\n"]]],[],null,["# gdcloud iam service-accounts add-iam-policy-binding\n\nNAME\n----\n\ngdcloud iam service-accounts add-iam-policy-binding - Grant a Role/ProjectRole/ClusterRole/OrganizationRole to a service account.\n\nSYNOPSIS\n--------\n\n gdcloud iam service-accounts add-iam-policy-binding [flags]\n\nDESCRIPTION\n-----------\n\nGrant a Role, ProjectRole, ClusterRole or OrganizationRole to a project's service account. The name of the binding will be auto generated so you don't need to provide a name.\n\n### EXAMPLES\n\n\n To grant the project role of name \"pr-test\" for project's service account \"psa-test\" in project \"iam-test\", run:\n\n gdcloud iam service-accounts add-iam-policy-binding --role=ProjectRole/pr-test --iam-account=psa-test --project=iam-test\n\n### REQUIRED FLAGS\n\n --iam-account string Project's service account to bind with the role. The flag is required to run the command.\n --role string Role to bind with the service account in the format of \"RoleType/NAME\" where RoleType is one of the Kubernetes type in Role, ProjectRole, ClusterRole or OrganizationRole, and NAME is the name of the role. The flag is required to run the command.\n\n### OPTIONAL FLAGS\n\n --role-namespace string Namespace of Role to bind with the service account. This is only applicable for multizone enabled environments.\n\n### GDCLOUD WIDE FLAGS\n\nThese flags are available to all commands: `--configuration`, `--format`, `--help`, `--project`, `--quiet`.\n\nFor more information, see the [gdcloud CLI reference overview](/distributed-cloud/hosted/docs/latest/gdch/resources/gdcloud-reference/gdcloud) page."]]
