gcloud alpha iap web set-iam-policy

NAME
gcloud alpha iap web set-iam-policy - set the IAM policy for an IAP IAM resource
SYNOPSIS
gcloud alpha iap web set-iam-policy POLICY_FILE [--region=REGION --resource-type=RESOURCE_TYPE --service=SERVICE --version=VERSION] [GCLOUD_WIDE_FLAG]
DESCRIPTION
(ALPHA) This command replaces the existing IAM policy for an IAP IAM resource, given a file encoded in JSON or YAML that contains the IAM policy. If the given policy file specifies an "etag" value, then the replacement will succeed only if the policy already in place matches that etag. (An etag obtained via $ gcloud alpha iap web get-iam-policy will prevent the replacement if the policy for the resource has been subsequently updated.) A policy file that does not contain an etag value will replace any existing policy for the resource.
EXAMPLES
To set the IAM policy for the web accesses to the IAP protected resources within the active project, run:
gcloud alpha iap web set-iam-policy POLICY_FILE

To set the IAM policy for the web accesses to the IAP protected resources within a project, run:

gcloud alpha iap web set-iam-policy POLICY_FILE --project=PROJECT_ID

To set the IAM policy for the web accesses to the IAP protected resources within an App Engine application, run:

gcloud alpha iap web set-iam-policy POLICY_FILE --resource-type=app-engine

To set the IAM policy for the web accesses to the IAP protected resources within an App Engine service, run:

gcloud alpha iap web set-iam-policy POLICY_FILE --resource-type=app-engine --service=SERVICE_ID

To set the IAM policy for the web accesses to the IAP protected resources within an App Engine service version, run:

gcloud alpha iap web set-iam-policy POLICY_FILE --resource-type=app-engine --service=SERVICE_ID --version=VERSION

To set the IAM policy for the web accesses to the IAP protected resources within all backend services, run:

gcloud alpha iap web set-iam-policy POLICY_FILE --resource-type=backend-services

To set the IAM policy for the web accesses to the IAP protected resources within a backend service, run:

gcloud alpha iap web set-iam-policy POLICY_FILE --resource-type=backend-services --service=SERVICE_ID

To set the IAM policy for the web accesses to the IAP protected resources within a regional backend service, run:

gcloud alpha iap web set-iam-policy POLICY_FILE --resource-type=backend-services --service=SERVICE_ID --region=REGION
POSITIONAL ARGUMENTS
POLICY_FILE
JSON or YAML file containing the IAM policy.
FLAGS
--region=REGION
Region name. Not applicable for resource-type=app-engine. Required when resource-type=backend-services and regional scoped. Not applicable for global backend-services. Required when resource-type=cloud-run.
--resource-type=RESOURCE_TYPE
Resource type of the IAP resource. --resource-type=cloud-run is private priview feature and reach out to cloud-run team if you want to test it. RESOURCE_TYPE must be one of: app-engine, backend-services, forwarding-rule, cloud-run.
--service=SERVICE
Service name.
--version=VERSION
Service version. Should only be specified with --resource-type=app-engine.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
gcloud iap web set-iam-policy
gcloud beta iap web set-iam-policy