.TH "GCLOUD_IAM_SIMULATOR_REPLAY\-RECENT\-ACCESS" 1



.SH "NAME"
.HP
gcloud iam simulator replay\-recent\-access \- determine affected recent access attempts before IAM policy                 change deployment



.SH "SYNOPSIS"
.HP
\f5gcloud iam simulator replay\-recent\-access\fR \fIRESOURCE\fR \fIPOLICY_FILE\fR [\fIGCLOUD_WIDE_FLAG\ ...\fR]



.SH "DESCRIPTION"

Replay the most recent 1,000 access logs from the past 90 days using the
simulated policy. For each log entry, the replay determines if setting the
provided policy on the given resource would result in a change in the access
state, e.g. a previously granted access becoming denied. Any differences found
are returned.



.SH "EXAMPLES"

To simulate a permission change of a member on a resource, run:

.RS 2m
$ gcloud iam simulator replay\-recent\-access projects/project\-id \e
    path/to/policy_file.json
.RE

See https://cloud.google.com/iam/docs/managing\-policies for details of policy
role and member types.



.SH "POSITIONAL ARGUMENTS"

.RS 2m
.TP 2m
\fIRESOURCE\fR

Full resource name to simulate the IAM policy for.

See: https://cloud.google.com/apis/design/resource_names#full_resource_name.

.TP 2m
\fIPOLICY_FILE\fR

Path to a local JSON or YAML formatted file containing a valid policy.

The output of the \f5get\-iam\-policy\fR command is a valid file, as is any JSON
or YAML file conforming to the structure of a Policy. See the Policy reference
(https://cloud.google.com/iam/reference/rest/v1/Policy) for details.


.RE
.sp

.SH "GCLOUD WIDE FLAGS"

These flags are available to all commands: \-\-access\-token\-file, \-\-account,
\-\-billing\-project, \-\-configuration, \-\-flags\-file, \-\-flatten,
\-\-format, \-\-help, \-\-impersonate\-service\-account, \-\-log\-http,
\-\-project, \-\-quiet, \-\-trace\-token, \-\-user\-output\-enabled,
\-\-verbosity.

Run \fB$ gcloud help\fR for details.