Question

How do I add a Google account (email) to a GCP project? What GCP SDK command should I use?

It is possible from the UI.

However, neither the gcloud iam command nor the gcloud projects have a choice.

Answer 1

I post this community wiki answer to make the solution provided in the comment section more visible. Feel free to edit or expand.

As it was suggested by @Joachim Isaksson in the comment section, you should use the command gcloud projects add-iam-policy-binding:

Adds a policy binding to the IAM policy of a project, given a project ID and the binding. One binding consists of a member, a role, and an optional condition.

To add an IAM policy binding for the role of 'roles/editor' for the user 'test-user@gmail.com' on a project with identifier 'example-project-id-1', run:

gcloud projects add-iam-policy-binding example-project-id-1 --member='user:test-user@gmail.com' --role='roles/editor'

More information you can find in the documentation.

In addition, please have a look at the document Understanding policies.

A principal, also known as a member or identity, which can be a user account, service account, Google group, or domain.

So, the principal should exist, but you can use already existing accounts like Google Account or Google Workspace account.

Enroll in our Google Cloud Platform Certification program and learn about GCP in detail.

Thanks!