Skip to main content
Members, firewall rules, secrets, and settings can be attached to an organization, project, or Site. Pass exactly one scope flag: --organization-id, --project-id, or --site-id. For guidance on choosing the right scope, see Resource Hierarchy. For the platform security model behind members, firewall rules, and secrets, see Security and Operations.

Members

Roles are owner, developer, and read.

Firewall

Firewall rules do not currently support in-place update.

Secrets

Secret values are write-only from the CLI.

Settings