REST Resource: roles

Resource: Role

A role in the Identity and Access Management API.

JSON representation
{
  "name": string,
  "title": string,
  "description": string,
  "includedPermissions": [
    string
  ],
  "stage": enum(RoleLaunchStage),
  "etag": string,
  "deleted": boolean
}
Fields
name

string

The name of the role.

When Role is used in roles.create, the role name must not be set.

When Role is used in output and other input such as roles.patch, the role name is the complete path, e.g., roles/logging.viewer for curated roles and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.

title

string

Optional. A human-readable title for the role. Typically this is limited to 100 UTF-8 bytes.

description

string

Optional. A human-readable description for the role.

includedPermissions[]

string

The names of the permissions this role grants when bound in an IAM policy.

stage

enum(RoleLaunchStage)

The current launch stage of the role. If the ALPHA launch stage has been selected for a role, the stage field will not be included in the returned definition for the role.

etag

string (bytes format)

Used to perform a consistent read-modify-write.

A base64-encoded string.

deleted

boolean

The current deleted state of the role. This field is read only. It will be ignored in calls to roles.create and roles.patch.

Methods

get

Gets a Role definition.

list

Lists the Roles defined on a resource.

queryGrantableRoles

Queries roles that can be granted on a particular resource.
Was this page helpful? Let us know how we did:

Send feedback about...

Cloud Identity and Access Management