In my work, I need to fetch all of the IAM policies for each of the GCP projects we manage (several thousand projects as it stands today).
When I use projects.getIamPolicy, I am seeing periodic 429 responses as we're exceeding the quota limit.
However, I cannot find a means in which to make a batch request to Google, or do something like fetch policies for all projects within a given GCP folder.
Aside from simply adding retries/backoff to the API calls or increasing the quota limit, is there a more intelligent way to get all the IAM policy information for many projects at once?
So far, I have tried consulting the Google CRM API documentation, in which I see a method for fetching folder IAM policies (folders.getIamPolicy) but not a batch request or folder request to get project-level data.
Additionally, I am making changes to request a higher quota limit and add retries, though I would prefer to refactor this into a more sensible design (instead of implementing bandaid solutions).
# Example: gcloud projects get-ancestors-iam-policy my-fancy-project You can check the reference from this [post][1] by Jelle den Burger
[1]: https://stackoverflow.com/questions/47006116/how-do-i-list-and-view-users-permissions-with-gcloud