Delete a custom role
Stay organized with collections
Save and categorize content based on your preferences.
Demonstrates deleting a custom role.
Explore further
For detailed documentation that includes this code sample, see the following:
Code sample
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],[],[[["\u003cp\u003eThis page provides code samples demonstrating how to delete a custom role within Google Cloud IAM.\u003c/p\u003e\n"],["\u003cp\u003eThe examples are available in C++, C#, Go, Java, and Python, showcasing language-specific implementations.\u003c/p\u003e\n"],["\u003cp\u003eEach code sample utilizes the IAM client library and requires setting up Application Default Credentials for authentication.\u003c/p\u003e\n"],["\u003cp\u003eDeleting a custom role involves sending a \u003ccode\u003eDeleteRoleRequest\u003c/code\u003e with the role's name to the IAM service.\u003c/p\u003e\n"],["\u003cp\u003eFurther details can be found on the IAM client libraries, IAM API reference documentation for each language and information on how to setup Application Default Credentials for authentication.\u003c/p\u003e\n"]]],[],null,["# Delete a custom role\n\nDemonstrates deleting a custom role.\n\nExplore further\n---------------\n\n\nFor detailed documentation that includes this code sample, see the following:\n\n- [Create and manage custom roles](/iam/docs/creating-custom-roles)\n\nCode sample\n-----------\n\n### C++\n\n\nTo learn how to install and use the client library for IAM, see\n[IAM client libraries](/iam/docs/reference/libraries).\n\n\nFor more information, see the\n[IAM C++ API\nreference documentation](/cpp/docs/reference/iam/latest).\n\n\nTo authenticate to IAM, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n namespace iam = ::google::cloud::iam_admin_v1;\n [](std::string const& name) {\n iam::IAMClient client(iam::MakeIAMConnection());\n google::iam::admin::v1::DeleteRoleRequest request;\n request.set_name(name);\n auto response = client.DeleteRole(request);\n if (!response) throw std::move(response).status();\n std::cout \u003c\u003c \"Role successfully deleted: \" \u003c\u003c response-\u003eDebugString()\n \u003c\u003c \"\\n\";\n }\n\n### C#\n\n\nTo learn how to install and use the client library for IAM, see\n[IAM client libraries](/iam/docs/reference/libraries).\n\n\nFor more information, see the\n[IAM C# API\nreference documentation](https://developers.google.com/api-client-library/dotnet/apis/iam/v1).\n\n\nTo authenticate to IAM, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n\n using System;\n using https://cloud.google.com/dotnet/docs/reference/Google.Apis/latest/Google.Apis.Auth.OAuth2.html;\n using Google.Apis.Iam.v1;\n using Google.Apis.Iam.v1.Data;\n\n public partial class CustomRoles\n {\n public static void DeleteRole(string name, string projectId)\n {\n var credential = https://cloud.google.com/dotnet/docs/reference/Google.Apis/latest/Google.Apis.Auth.OAuth2.GoogleCredential.html.https://cloud.google.com/dotnet/docs/reference/Google.Apis/latest/Google.Apis.Auth.OAuth2.GoogleCredential.html#Google_Apis_Auth_OAuth2_GoogleCredential_GetApplicationDefault()\n .https://cloud.google.com/dotnet/docs/reference/Google.Apis/latest/Google.Apis.Auth.OAuth2.GoogleCredential.html#Google_Apis_Auth_OAuth2_GoogleCredential_CreateScoped_System_Collections_Generic_IEnumerable_System_String__(IamService.Scope.CloudPlatform);\n var service = new IamService(new IamService.Initializer\n {\n HttpClientInitializer = credential\n });\n\n service.Projects.Roles.Delete(\n $\"projects/{projectId}/roles/{name}\").Execute();\n Console.WriteLine(\"Deleted role: \" + name);\n }\n }\n\n### Go\n\n\nTo learn how to install and use the client library for IAM, see\n[IAM client libraries](/iam/docs/reference/libraries).\n\n\nFor more information, see the\n[IAM Go API\nreference documentation](https://godoc.org/google.golang.org/genproto/googleapis/iam/admin/v1).\n\n\nTo authenticate to IAM, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n import (\n \t\"context\"\n \t\"fmt\"\n \t\"io\"\n\n \tiam \"google.golang.org/api/iam/v1\"\n )\n\n // deleteRole deletes a custom role.\n func deleteRole(w io.Writer, projectID, name string) error {\n \tctx := context.Background()\n \tservice, err := iam.NewService(ctx)\n \tif err != nil {\n \t\treturn fmt.Errorf(\"iam.NewService: %w\", err)\n \t}\n\n \t_, err = service.Projects.Roles.Delete(\"projects/\" + projectID + \"/roles/\" + name).Do()\n \tif err != nil {\n \t\treturn fmt.Errorf(\"Projects.Roles.Delete: %w\", err)\n \t}\n \tfmt.Fprintf(w, \"Deleted role: %v\", name)\n \treturn nil\n }\n\n### Java\n\n\nTo learn how to install and use the client library for IAM, see\n[IAM client libraries](/iam/docs/reference/libraries).\n\n\nFor more information, see the\n[IAM Java API\nreference documentation](https://developers.google.com/api-client-library/java/apis/iam/v1).\n\n\nTo authenticate to IAM, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n\n import com.google.cloud.iam.admin.v1.https://cloud.google.com/java/docs/reference/google-iam-admin/latest/com.google.cloud.iam.admin.v1.IAMClient.html;\n import com.google.iam.admin.v1.https://cloud.google.com/java/docs/reference/google-iam-admin/latest/com.google.iam.admin.v1.DeleteRoleRequest.html;\n import java.io.IOException;\n\n /** Delete role. */\n public class DeleteRole {\n\n public static void main(String[] args) throws IOException {\n // TODO(developer): Replace the variables before running the sample.\n // Role ID must point to an existing role.\n String projectId = \"your-project-id\";\n String roleId = \"a unique identifier (e.g. testViewer)\";\n\n deleteRole(projectId, roleId);\n }\n\n public static void deleteRole(String projectId, String roleId) throws IOException {\n String roleName = \"projects/\" + projectId + \"/roles/\" + roleId;\n https://cloud.google.com/java/docs/reference/google-iam-admin/latest/com.google.iam.admin.v1.DeleteRoleRequest.html deleteRoleRequest = https://cloud.google.com/java/docs/reference/google-iam-admin/latest/com.google.iam.admin.v1.DeleteRoleRequest.html.newBuilder().setName(roleName).build();\n\n // Initialize client for sending requests. This client only needs to be created\n // once, and can be reused for multiple requests.\n try (https://cloud.google.com/java/docs/reference/google-iam-admin/latest/com.google.cloud.iam.admin.v1.IAMClient.html iamClient = https://cloud.google.com/java/docs/reference/google-iam-admin/latest/com.google.cloud.iam.admin.v1.IAMClient.html.create()) {\n iamClient.deleteRole(deleteRoleRequest);\n System.out.println(\"Role deleted.\");\n }\n }\n }\n\n### Python\n\n\nTo learn how to install and use the client library for IAM, see\n[IAM client libraries](/iam/docs/reference/libraries).\n\n\nFor more information, see the\n[IAM Python API\nreference documentation](https://developers.google.com/api-client-library/python/apis/iam/v1).\n\n\nTo authenticate to IAM, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n from google.api_core.exceptions import FailedPrecondition, NotFound\n from google.cloud.iam_admin_v1 import (\n https://cloud.google.com/python/docs/reference/iam/latest/google.cloud.iam_admin_v1.types.DeleteRoleRequest.html,\n https://cloud.google.com/python/docs/reference/iam/latest/google.cloud.iam_admin_v1.services.iam.IAMClient.html,\n https://cloud.google.com/python/docs/reference/iam/latest/google.cloud.iam_admin_v1.types.Role.html,\n https://cloud.google.com/python/docs/reference/iam/latest/google.cloud.iam_admin_v1.types.UndeleteRoleRequest.html,\n )\n def delete_role(project_id: str, role_id: str) -\u003e Role:\n \"\"\"Deletes iam role in GCP project. Can be undeleted later.\n Args:\n project_id: GCP project id\n role_id: id of GCP iam role\n\n Returns: google.cloud.iam_admin_v1.Role object\n \"\"\"\n client = IAMClient()\n name = f\"projects/{project_id}/roles/{role_id}\"\n request = DeleteRoleRequest(name=name)\n try:\n role = client.https://cloud.google.com/python/docs/reference/iam/latest/google.cloud.iam_admin_v1.services.iam.IAMClient.html#google_cloud_iam_admin_v1_services_iam_IAMClient_delete_role(request)\n print(f\"Deleted role: {role_id}: {role}\")\n return role\n except NotFound:\n print(f\"Role with id [{role_id}] not found, take some actions\")\n except FailedPrecondition as err:\n print(f\"Role with id [{role_id}] already deleted, take some actions)\", err)\n\nWhat's next\n-----------\n\n\nTo search and filter code samples for other Google Cloud products, see the\n[Google Cloud sample browser](/docs/samples?product=iam)."]]
