python - Remove a User from GCP project

问题描述

How do I remove a user from a GCP project. I have a requirement to delete a particular user and service account for a particular GCP project.

credentials = service_account.Credentials.from_service_account_file(
   filename=os.environ['GOOGLE_APPLICATION_CREDENTIALS'],
   scopes=['https://www.googleapis.com/auth/cloud-platform'])

I tried using this

def modify_policy_remove_member(policy, role, member):
    """Removes a  member from a role binding."""
    binding = next(b for b in policy["bindings"] if b["role"] == role)
    if "members" in binding and member in binding["members"]:
        binding["members"].remove(member)
    print(binding)
    return policy

Another way I tried was

service.projects().serviceAccounts().disable(
        name='projects/-/serviceAccounts/' + email).execute()

I am getting the following message.

Permission iam.serviceAccounts.disable is required to perform this operation on

标签： pythongoogle-cloud-platform

要添加或更新现有用户的 IAM 策略，您至少应该拥有“resourcemanager.projects.setIamPolicy”权限。或者你应该是项目的所有者。为确保您拥有足够的权限，请在控制台中检查您的 IAM 角色，然后运行：

'gcloud iam 角色描述角色/'

这将列出您与当前角色关联的所有权限。

python - Remove a User from GCP project

问题描述

解决方案

推荐阅读