I am trying to assign a role to a user only for 24 hours.I was using gcloud command for this and condition statement within the command.
gcloud projects add-iam-policy-binding project_name --member='user:[email protected]' --role='roles/storage.admin' --condition='expression=request.time < request.time + duration('86400s') , title = sample_condition, description = sample_description'
This was throwing an error stating that ERROR: (gcloud.projects.add-iam-policy-binding) argument --condition: valid keys are [None, Description,expression,title]; recieved: title
I believe the command without --condition is working fine Iam new to common expression language and any help is greatly appreciated !
There is no condition to grant access for a duration. You must compute the end time and set it as condition, something like thisfollowing
gcloud projects add-iam-policy-binding <PROJECT_ID> \
--member=<your member> \
--role=<your rols> \
--condition=expression="request.time < timestamp('$(date -d "now + 24 hours" +"%Y-%m-%dT%H:%M:%SZ")')",title="Expires on $(date -d "now + 24 hours" +"%Y-%m-%dT%H:%M:%SZ")"