There are several ways my user can get privileges in a Google Cloud Platform project. Direct role and privilege assignment, act as service accounts, different group membership.
So given a GCP project, how can I list the active privileges for my user?
gcloud projects get-iam-policy $PROJ \
--flatten="bindings[].members" \
--format='table(bindings.role)' \
--filter="bindings.members:user:$USER"
USER is like email (me@org.com), PROJ is like project-654321.
UPDATE To search across all resources:
gcloud asset search-all-iam-policies --query=policy:$EMAIL