Lists roles that can be granted on a Google Cloud resource. A role is grantable if the IAM policy for the resource can contain bindings to the role.
HTTP request
POST https://iam.googleapis.com/v1/roles:queryGrantableRoles
The URL uses gRPC Transcoding syntax.
Request body
The request body contains data with the following structure:
JSON representation |
---|
{
"fullResourceName": string,
"view": enum ( |
Fields | |
---|---|
fullResourceName |
Required. The full resource name to query from the list of grantable roles. The name follows the Google Cloud Platform resource format. For example, a Cloud Platform project with id |
view |
|
pageSize |
Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 2,000. |
pageToken |
Optional pagination token returned in an earlier QueryGrantableRolesResponse. |
Response body
The grantable role query response.
If successful, the response body contains data with the following structure:
JSON representation |
---|
{
"roles": [
{
object ( |
Fields | |
---|---|
roles[] |
The list of matching roles. |
nextPageToken |
To retrieve the next page of results, set |
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/iam
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.