SrSSKJr SSKJr SSKJr \R"\RR\RR\RR5\R"SS\R555rg)zRemove IAM Policy Binding.)base)iam_util)utilc6\rSrSrSrSS0r\S5rSrSr g) RemoveIamPolicyBindingaRemove IAM policy binding from an IAP IAM resource. Removes a policy binding from the IAM policy of an IAP IAM resource. One binding consists of a member, a role and an optional condition. See $ {parent_command} get-iam-policy for examples of how to specify an IAP IAM resource. EXAMPLESav See $ {parent_command} get-iam-policy for examples of how to specify an IAP IAM resource. To remove an IAM policy binding for the role of 'roles/editor' for the user 'test-user@gmail.com' on IAP IAM resource IAP_IAM_RESOURCE, run: $ {command} --resource-type=IAP_IAM_RESOURCE --member='user:test-user@gmail.com' --role='roles/editor' To remove an IAM policy binding for the role of 'roles/editor' for the user 'test-user@gmail.com' on regional IAP IAM resource IAP_IAM_RESOURCE, run: $ {command} --resource-type=IAP_IAM_RESOURCE --member='user:test-user@gmail.com' --role='roles/editor' --region=REGION To remove an IAM policy binding for the role of 'roles/editor' from all authenticated users on IAP IAM resource IAP_IAM_RESOURCE,run: $ {command} --resource-type=IAP_IAM_RESOURCE --member='allAuthenticatedUsers' --role='roles/editor' To remove an IAM policy binding with a condition of expression='request.time < timestamp("2019-01-01T00:00:00Z")', title='expires_end_of_2018', and description='Expires at midnight on 2018-12-31' for the role of 'roles/browser' for the user 'test-user@gmail.com' on IAP IAM resource IAP_IAM_RESOURCE, run: $ {command} --resource-type=IAP_IAM_RESOURCE --member='user:test-user@gmail.com' --role='roles/browser' --condition='expression=request.time < timestamp("2019-01-01T00:00:00Z"),title=expires_end_of_2018, description=Expires at midnight on 2018-12-31' To remove all IAM policy bindings regardless of the condition for the role of 'roles/browser' and for the user 'test-user@gmail.com' on IAP IAM resource IAP_IAM_RESOURCE, run: $ {command} --resource-type=IAP_IAM_RESOURCE --member='user:test-user@gmail.com' --role='roles/browser' --all See https://cloud.google.com/iam/docs/managing-policies for details of policy role and member types. c[R"U5 [R"U5 [RR U5 g)zRegister flags for this command. Args: parser: An argparse.ArgumentParser-like object. It is mocked out in order to capture some information, but behaves like an ArgumentParser. N)iap_utilAddIapIamResourceArgsAddRemoveIamPolicyBindingArgsrURI_FLAGRemoveFromParser)clsparsers 0lib/surface/iap/web/remove_iam_policy_binding.pyArgsRemoveIamPolicyBinding.ArgsUs7 ""  **62MM""6*c[R"U5n[R"UR 5U5nUR UR URUUR5$)zThis is what gets called when the user runs this command. Args: args: an argparse namespace. All the arguments that were provided to this command invocation. Returns: The specified function with its description and configured filter. ) rValidateAndExtractConditionr ParseIapIamResource ReleaseTrackrmemberroleall)selfargs condition iap_iam_refs rRunRemoveIamPolicyBinding.Runcs]44T:I..  K  - -dkk499i.2hh 88rN) __name__ __module__ __qualname____firstlineno____doc__ detailed_help classmethodrr!__static_attributes__r#rrrrs2 , /-b + +8rrN)r(googlecloudsdk.calliopergooglecloudsdk.command_lib.iamrgooglecloudsdk.command_lib.iaprr ReleaseTracksrALPHABETAGADefaultUniverseOnlyCommandrr#rrr5s} !)3;T..33T5F5F5I5IW8T\\W8W8r