To grant the project role of name "pr-test" for project's service account "psa-test" in project "iam-test", run:
gdcloud iam service-accounts add-iam-policy-binding --role=ProjectRole/pr-test --iam-account=psa-test --project=iam-test
必要標記
--iam-account string Project's service account to bind with the role. The flag is required to run the command.
--role string Role to bind with the service account in the format of "RoleType/NAME" where RoleType is one of the Kubernetes type in Role, ProjectRole, ClusterRole or OrganizationRole, and NAME is the name of the role. The flag is required to run the command.
選用旗標
--role-namespace string Namespace of Role to bind with the service account. This is only applicable for multizone enabled environments.
[[["容易理解","easyToUnderstand","thumb-up"],["確實解決了我的問題","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["難以理解","hardToUnderstand","thumb-down"],["資訊或程式碼範例有誤","incorrectInformationOrSampleCode","thumb-down"],["缺少我需要的資訊/範例","missingTheInformationSamplesINeed","thumb-down"],["翻譯問題","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["上次更新時間:2025-09-04 (世界標準時間)。"],[[["\u003cp\u003eThis command, \u003ccode\u003egdcloud iam service-accounts add-iam-policy-binding\u003c/code\u003e, grants a specified role to a project's service account.\u003c/p\u003e\n"],["\u003cp\u003eThe required flags are \u003ccode\u003e--iam-account\u003c/code\u003e, for specifying the target service account, and \u003ccode\u003e--role\u003c/code\u003e, for defining the role to be assigned.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003e--role\u003c/code\u003e flag requires the input to be in the format "RoleType/NAME", where RoleType is one of the following; Role, ProjectRole, ClusterRole or OrganizationRole.\u003c/p\u003e\n"],["\u003cp\u003eThe command automatically generates a binding name, removing the need for user input on this parameter.\u003c/p\u003e\n"],["\u003cp\u003eAn optional flag \u003ccode\u003e--role-namespace\u003c/code\u003e is available for multizone environments, allowing specification of the namespace of the Role.\u003c/p\u003e\n"]]],[],null,["# gdcloud iam service-accounts add-iam-policy-binding\n\nNAME\n----\n\ngdcloud iam service-accounts add-iam-policy-binding - Grant a Role/ProjectRole/ClusterRole/OrganizationRole to a service account.\n\nSYNOPSIS\n--------\n\n gdcloud iam service-accounts add-iam-policy-binding [flags]\n\nDESCRIPTION\n-----------\n\nGrant a Role, ProjectRole, ClusterRole or OrganizationRole to a project's service account. The name of the binding will be auto generated so you don't need to provide a name.\n\n### EXAMPLES\n\n\n To grant the project role of name \"pr-test\" for project's service account \"psa-test\" in project \"iam-test\", run:\n\n gdcloud iam service-accounts add-iam-policy-binding --role=ProjectRole/pr-test --iam-account=psa-test --project=iam-test\n\n### REQUIRED FLAGS\n\n --iam-account string Project's service account to bind with the role. The flag is required to run the command.\n --role string Role to bind with the service account in the format of \"RoleType/NAME\" where RoleType is one of the Kubernetes type in Role, ProjectRole, ClusterRole or OrganizationRole, and NAME is the name of the role. The flag is required to run the command.\n\n### OPTIONAL FLAGS\n\n --role-namespace string Namespace of Role to bind with the service account. This is only applicable for multizone enabled environments.\n\n### GDCLOUD WIDE FLAGS\n\nThese flags are available to all commands: `--configuration`, `--format`, `--help`, `--project`, `--quiet`.\n\nFor more information, see the [gdcloud CLI reference overview](/distributed-cloud/hosted/docs/latest/gdch/resources/gdcloud-reference/gdcloud) page."]]
