Update README with detailed IAM policy binding instructions and group management for Gemini Code Assist

README.md

@@ -57,13 +57,24 @@ For workloads running on GCP (Cloud Run, GKE, Compute Engine), attach the servic
 
 ```bash
 # Single user
-gcloud projects add-iam-policy-binding PROJECT_ID \
+gcloud projects add-iam-policy-binding <project-id> \
-  --member="user:YOU@DOMAIN" \
+  --member="user:<you@domain>" \
   --role="roles/cloudaicompanion.user"
 
-# Google Group (recommended for teams)
+# Create a Google Group (recommended for teams)
-gcloud projects add-iam-policy-binding PROJECT_ID \
+gcloud identity groups create devs@<domain> \
-  --member="group:devs@DOMAIN" \
+  --organization=<organization-id> \
+  --display-name="Gemini Developers" \
+  --description="Users with access to Gemini Code Assist"
+
+# Add a member to the group
+gcloud identity groups memberships add \
+  --group-email=devs@<domain> \
+  --member-email=<you@domain>
+
+# Grant the group access
+gcloud projects add-iam-policy-binding <project-id> \
+  --member="group:devs@<domain>" \
   --role="roles/cloudaicompanion.user"
 ```
 
@@ -79,19 +90,19 @@ If you don't have a project yet:
 
 ```bash
 # List available folders to find your folder ID
-gcloud resource-manager folders list --organization=ORGANIZATION_ID
+gcloud resource-manager folders list --organization=<organization-id>
 
 # Create a new project inside a folder
-gcloud projects create PROJECT_ID \
+gcloud projects create <project-id> \
-  --name="PROJECT_DISPLAY_NAME" \
+  --name="<display-name>" \
-  --folder=FOLDER_ID
+  --folder=<folder-id>
 
 # Link a billing account (required before enabling APIs)
-gcloud billing projects link PROJECT_ID \
+gcloud billing projects link <project-id> \
-  --billing-account=BILLING_ACCOUNT_ID
+  --billing-account=<billing-account-id>
 
 # Verify
-gcloud projects describe PROJECT_ID
+gcloud projects describe <project-id>
 ```
 
 To find your billing account ID: