Method: roles.list

Lists the Roles defined on a resource.

HTTP request


The URL uses gRPC Transcoding syntax.

Query parameters



The parent parameter's value depends on the target resource for the request, namely roles, projects, or organizations. Each resource type's parent value format is described below:

  • roles.list(): An empty string. This method doesn't require a resource; it simply returns all predefined roles in Cloud IAM. Example request URL:

  • projects.roles.list(): projects/{PROJECT_ID}. This method lists all project-level custom roles. Example request URL:{PROJECT_ID}/roles

  • organizations.roles.list(): organizations/{ORGANIZATION_ID}. This method lists all organization-level custom roles. Example request URL:{ORGANIZATION_ID}/roles

Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

Authorization requires the following Google IAM permission on the specified resource parent:

  • iam.roles.list



Optional limit on the number of roles to include in the response.



Optional pagination token returned in an earlier ListRolesResponse.


enum (RoleView)

Optional view for the returned Role objects. When FULL is specified, the includedPermissions field is returned, which includes a list of all permissions in the role. The default value is BASIC, which does not return the includedPermissions field.



Include Roles that have been deleted.

Request body

The request body must be empty.

Response body

If successful, the response body contains an instance of ListRolesResponse.

Authorization Scopes

Requires one of the following OAuth scopes:


For more information, see the Authentication Overview.

이 페이지가 도움이 되었나요? 평가를 부탁드립니다.

다음에 대한 의견 보내기...