Method: projects.roles.delete

Deletes a custom Role.

When you delete a custom role, the following changes occur immediately:

  • You cannot bind a principal to the custom role in an IAM Policy.
  • Existing bindings to the custom role are not changed, but they have no effect.
  • By default, the response from roles.list does not include the custom role.

You have 7 days to undelete the custom role. After 7 days, the following changes occur:

  • The custom role is permanently deleted and cannot be recovered.
  • If an IAM policy contains a binding to the custom role, the binding is permanently removed.

HTTP request


The URL uses gRPC Transcoding syntax.

Path parameters



The name parameter's value depends on the target resource for the request, namely projects or organizations. Each resource type's name value format is described below:

  • projects.roles.delete: projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}. This method deletes only custom roles that have been created at the project level. Example request URL:{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}

  • organizations.roles.delete: organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}. This method deletes only custom roles that have been created at the organization level. Example request URL:{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}

Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

Authorization requires the following IAM permission on the specified resource name:

  • iam.roles.delete

Query parameters


string (bytes format)

Used to perform a consistent read-modify-write.

A base64-encoded string.

Request body

The request body must be empty.

Response body

If successful, the response body contains an instance of Role.

Authorization scopes

Requires one of the following OAuth scopes:


For more information, see the Authentication Overview.