LaVOZs

The World’s Largest Online Community for Developers

'; google cloud platform - Delete specific IAM user from all the roles in a project/org using CLI - LavOzs.Com

How do I delete a specific user from all the roles recursively - from a project or organization?

Something similar to :

gcloud projects remove-iam-policy-binding <prj id> --member user:testp@xyz.com

Without providing the --role?

Role is a required flag, you can't perform this command without it. You would have to go through all the roles the person had and remove them. This is easy to see on the IAM console page.

This doc goes through all the things to consider when removing access from your project. You can delete the user via the console but also be aware of service accounts, client ID secrets, API keys, SSH keys, Cloud SQL access, Cloud Storage ACLs, BigQuery datasets and Pub/Sub topics.

Related
How to exit the current user with Google Cloud SDK Shell?
How can Google IAM be used to manage authentication and authorization for a Spring Boot application
Assign IAM roles to GSuite admin console groups
kubectl - cert manager - credentials not found
Trouble of AutoML API setup
IAM Custom Role for Inserting to Specific BigQuery Dataset
Why is it so hard to use gcloud commands from my host computer instead of the gcloud interactive shell?
Deletion of users (identities) from Google bucket IAM Policy does not work
Google Cloud Function not created with Private access