This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Fetch list of users/admins on a GCP account

Posted on 08-06-2024 08:34 AM
nachiraman
New Member
Reply posted on --/--/---- --:-- AM
Team, on behalf of our customers, we would like to provide GCP customers with a way to connect their accounts with our customer's apps to accomplish various use cases. One of them is automating compliance by continuously reporting the list of users/admins and their associated permissions on a GCP account.
 
To accomplish this, we must fetch the list of users/admins via the API. Is there a way to do this today? 
2 1 187
Topic Labels
1 REPLY 1

Posted on --/--/---- --:-- AM
yrhsk
Bronze 4
Bronze 4
Reply posted on --/--/---- --:-- AM

You can use this Bash script that uses gcloud SDK for this:

```
#!/bin/bash

list_users() {
local project_id=$1
local policies=$(gcloud projects get-iam-policy $project_id --format=json)

echo -e "Listing all users with their associated permissions for project: $project_id\n"
echo "$policies" | jq -r '.bindings[] | "\(.role)\t\(.members[])"' | column -t
}

list_admins() {
local project_id=$1
local policies=$(gcloud projects get-iam-policy $project_id --format=json)

echo -e "Listing all admins for project: $project_id\n"
echo "$policies" | jq -r '.bindings[] | select(.role | contains("admin")) | "\(.role)\t\(.members[])"' | column -t
}

if [ -z "$1" ]; then
echo "Usage: $0 <project-id>"
exit 1
fi

PROJECT_ID=$1

list_users $PROJECT_ID
list_admins $PROJECT_ID
```

Save it to file (let's say, "list_permissions.sh"), then make it executable - run "chmod +x list_permissions.sh", and then run with passing your project ID as a parameter: "./list_permissions.sh <project-id>"

Top Solution Authors
View all