I want a simple way to list out all the resources that a group has been granted access to in Google Cloud. One way is to iterate over all the projects and then check access granted to the group. This is the process I currently follow but it takes a while because of the numbers of projects we have.
Is there an easier way ?
According to this link, you can search all IAM policieswithin the specified accessible scope, such as a project, folder or organization.
For Google groups, such as group:[email protected]:
gcloud asset search-all-iam-policies --query=policy:"group:[email protected]" --scope=organizations/{YOUR_ORGANIZATION_NUMBER}