Lists every predefined Role
that IAM supports, or every custom role that is defined for an organization or project.
HTTP request
GET https://iam.googleapis.com/v1/roles
The URL uses gRPC Transcoding syntax.
Query parameters
Parameters | |
---|---|
parent |
The
Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID. Authorization requires the following IAM permission on the specified resource
|
page |
Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000. |
page |
Optional pagination token returned in an earlier ListRolesResponse. |
view |
Optional view for the returned Role objects. When |
show |
Include Roles that have been deleted. |
Request body
The request body must be empty.
Response body
If successful, the response body contains an instance of ListRolesResponse
.
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/iam
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
Usa o .NET client library. Usa o Go client library. Usa o Java client library. Usa o Node.js client library. Usa o PHP client library. Usa o Python client library. Usa o Ruby client library.Exemplos
// BEFORE RUNNING:
// ---------------
// 1. If not already done, enable the Identity and Access Management (IAM) API
// and check the quota for your project at
// https://console.developers.google.com/apis/api/iam
// 2. This sample uses Application Default Credentials for authentication.
// If not already done, install the gcloud CLI from
// https://cloud.google.com/sdk and run
// `gcloud beta auth application-default login`.
// For more information, see
// https://developers.google.com/identity/protocols/application-default-credentials
// 3. Install the C# client library by adding a dependency on the relevant NuGet
// package. Libraries published by Google are owned by google-apis-packages:
// https://www.nuget.org/profiles/google-apis-packages
using Google.Apis.Auth.OAuth2;
using Google.Apis.Services;
using Google.Apis.Iam.v1;
using Newtonsoft.Json;
using System;
using System.Threading.Tasks;
using Data = Google.Apis.Iam.v1.Data;
namespace IamSample
{
public class IamExample
{
public static void Main(string[] args)
{
IamService iamService = new IamService(new BaseClientService.Initializer
{
HttpClientInitializer = GetCredential(),
ApplicationName = "Google-iamSample/0.1",
});
RolesResource.ListRequest request = iamService.Roles.List();
Data.ListRolesResponse response;
do
{
// To execute asynchronously in an async method, replace `request.Execute()` as shown:
response = request.Execute();
// response = await request.ExecuteAsync();
if (response.Roles == null)
{
continue;
}
foreach (Data.Role role in response.Roles)
{
// TODO: Change code below to process each `role` resource:
Console.WriteLine(JsonConvert.SerializeObject(role));
}
request.PageToken = response.NextPageToken;
} while (response.NextPageToken != null);
}
public static GoogleCredential GetCredential()
{
GoogleCredential credential = Task.Run(() => GoogleCredential.GetApplicationDefaultAsync()).Result;
if (credential.IsCreateScopedRequired)
{
credential = credential.CreateScoped("https://www.googleapis.com/auth/cloud-platform");
}
return credential;
}
}
}package main
// BEFORE RUNNING:
// ---------------
// 1. If not already done, enable the Identity and Access Management (IAM) API
// and check the quota for your project at
// https://console.developers.google.com/apis/api/iam
// 2. This sample uses Application Default Credentials for authentication.
// If not already done, install the gcloud CLI from
// https://cloud.google.com/sdk/ and run
// `gcloud beta auth application-default login`.
// For more information, see
// https://developers.google.com/identity/protocols/application-default-credentials
// 3. Install and update the Go dependencies by running `go get -u` in the
// project directory.
import (
"fmt"
"log"
"golang.org/x/net/context"
"golang.org/x/oauth2/google"
"google.golang.org/api/iam/v1"
)
func main() {
ctx := context.Background()
iamService, err := iam.NewService(ctx)
if err != nil {
log.Fatal(err)
}
req := iamService.Roles.List()
if err := req.Pages(ctx, func(page *iam.ListRolesResponse) error {
for _, role := range page.Roles {
// TODO: Change code below to process each `role` resource:
fmt.Printf("%#v\n", role)
}
return nil
}); err != nil {
log.Fatal(err)
}
}/*
* BEFORE RUNNING:
* ---------------
* 1. If not already done, enable the Identity and Access Management (IAM) API
* and check the quota for your project at
* https://console.developers.google.com/apis/api/iam
* 2. This sample uses Application Default Credentials for authentication.
* If not already done, install the gcloud CLI from
* https://cloud.google.com/sdk and run
* `gcloud beta auth application-default login`.
* For more information, see
* https://developers.google.com/identity/protocols/application-default-credentials
* 3. Install the Java client library on Maven or Gradle. Check installation
* instructions at https://github.com/google/google-api-java-client.
* On other build systems, you can add the jar files to your project from
* https://developers.google.com/resources/api-libraries/download/iam/v1/java
*/
import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
import com.google.api.client.googleapis.javanet.GoogleNetHttpTransport;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.json.JsonFactory;
import com.google.api.client.json.jackson2.JacksonFactory;
import com.google.api.services.iam.v1.Iam;
import com.google.api.services.iam.v1.model.ListRolesResponse;
import com.google.api.services.iam.v1.model.Role;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.Arrays;
public class IamExample {
public static void main(String args[]) throws IOException, GeneralSecurityException {
Iam iamService = createIamService();
Iam.Roles.List request = iamService.roles().list();
ListRolesResponse response;
do {
response = request.execute();
if (response.getRoles() == null) {
continue;
}
for (Role role : response.getRoles()) {
// TODO: Change code below to process each `role` resource:
System.out.println(role);
}
request.setPageToken(response.getNextPageToken());
} while (response.getNextPageToken() != null);
}
public static Iam createIamService() throws IOException, GeneralSecurityException {
HttpTransport httpTransport = GoogleNetHttpTransport.newTrustedTransport();
JsonFactory jsonFactory = JacksonFactory.getDefaultInstance();
GoogleCredential credential = GoogleCredential.getApplicationDefault();
if (credential.createScopedRequired()) {
credential =
credential.createScoped(Arrays.asList("https://www.googleapis.com/auth/cloud-platform"));
}
return new Iam.Builder(httpTransport, jsonFactory, credential)
.setApplicationName("Google-iamSample/0.1")
.build();
}
}// BEFORE RUNNING:
// ---------------
// 1. If not already done, enable the Identity and Access Management (IAM) API
// and check the quota for your project at
// https://console.developers.google.com/apis/api/iam
// 2. This sample uses Application Default Credentials for authentication.
// If not already done, install the gcloud CLI from
// https://cloud.google.com/sdk and run
// `gcloud beta auth application-default login`.
// For more information, see
// https://developers.google.com/identity/protocols/application-default-credentials
// 3. Install the Node.js client library by running
// `npm install googleapis --save`
const {google} = require('googleapis');
const iam = google.iam('v1');
async function main () {
const authClient = await authorize();
const request = {
auth: authClient,
};
let response;
do {
if (response && response.nextPageToken) {
request.pageToken = response.nextPageToken;
}
response = (await iam.roles.list(request)).data;
const rolesPage = response.roles;
if (rolesPage) {
for (let i = 0; i < rolesPage.length; i++) {
// TODO: Change code below to process each resource in `rolesPage`:
console.log(JSON.stringify(rolesPage[i], null, 2));
}
}
} while (response.nextPageToken);
}
main();
async function authorize() {
const auth = new google.auth.GoogleAuth({
scopes: ['https://www.googleapis.com/auth/cloud-platform']
});
return await auth.getClient();
}<?php
/*
* BEFORE RUNNING:
* ---------------
* 1. If not already done, enable the Identity and Access Management (IAM) API
* and check the quota for your project at
* https://console.developers.google.com/apis/api/iam
* 2. This sample uses Application Default Credentials for authentication.
* If not already done, install the gcloud CLI from
* https://cloud.google.com/sdk and run
* `gcloud beta auth application-default login`.
* For more information, see
* https://developers.google.com/identity/protocols/application-default-credentials
* 3. Install the PHP client library with Composer. Check installation
* instructions at https://github.com/google/google-api-php-client.
*/
// Autoload Composer.
require_once __DIR__ . '/vendor/autoload.php';
$client = new Google_Client();
$client->setApplicationName('Google-iamSample/0.1');
$client->useApplicationDefaultCredentials();
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
$service = new Google_Service_Iam($client);
$optParams = [];
do {
$response = $service->roles->listRoles($optParams);
foreach ($response['roles'] as $role) {
// TODO: Change code below to process each `role` resource:
echo '<pre>', var_export($role, true), '</pre>', "\n";
}
$optParams['pageToken'] = $response->getNextPageToken();
} while ($optParams['pageToken']);
?>"""
BEFORE RUNNING:
---------------
1. If not already done, enable the Identity and Access Management (IAM) API
and check the quota for your project at
https://console.developers.google.com/apis/api/iam
2. This sample uses Application Default Credentials for authentication.
If not already done, install the gcloud CLI from
https://cloud.google.com/sdk and run
`gcloud beta auth application-default login`.
For more information, see
https://developers.google.com/identity/protocols/application-default-credentials
3. Install the Python client library for Google APIs by running
`pip install --upgrade google-api-python-client`
4. Install the OAuth 2.0 client for Google APIs by running
`pip install --upgrade oauth2client`
"""
from pprint import pprint
from googleapiclient import discovery
from oauth2client.client import GoogleCredentials
credentials = GoogleCredentials.get_application_default()
service = discovery.build('iam', 'v1', credentials=credentials)
request = service.roles().list()
while True:
response = request.execute()
for role in response.get('roles', []):
# TODO: Change code below to process each `role` resource:
pprint(role)
request = service.roles().list_next(previous_request=request, previous_response=response)
if request is None:
break# BEFORE RUNNING:
# ---------------
# 1. If not already done, enable the Identity and Access Management (IAM) API
# and check the quota for your project at
# https://console.developers.google.com/apis/api/iam
# 2. This sample uses Application Default Credentials for authentication.
# If not already done, install the gcloud CLI from
# https://cloud.google.com/sdk and run
# `gcloud beta auth application-default login`.
# For more information, see
# https://developers.google.com/identity/protocols/application-default-credentials
# 3. Install the Ruby client library and Application Default Credentials
# library by running `gem install google-api-client` and
# `gem install googleauth`
require 'googleauth'
require 'google/apis/iam_v1'
service = Google::Apis::IamV1::IamService.new
service.authorization = \
Google::Auth.get_application_default(['https://www.googleapis.com/auth/cloud-platform'])
roles = service.fetch_all(items: :roles) do |token|
service.list_roles(page_token: token)
end
roles.each do |role|
# TODO: Change code below to process each `role` resource:
puts role.to_json
end