gcloud iam list-grantable-roles

NAME: gcloud iam list-grantable-roles - list IAM grantable roles for a resource
SYNOPSIS: gcloud iam list-grantable-roles RESOURCE [--filter=EXPRESSION] [--page-size=PAGE_SIZE; default=100] [GCLOUD_WIDE_FLAG …]
DESCRIPTION: This command displays the list of grantable roles for a resource. The resource can be referenced either via the full resource name or via a URI. User can then add IAM policy bindings to grant the roles.
POSITIONAL ARGUMENTS: RESOURCE

The full resource name or URI to get the list of roles for.
See "Resource Names" for details. To get a URI from most list commands in gcloud, pass the --uri flag. For example:
$ gcloud compute instances list --project prj --uri https://www.googleapis.com/compute/v1/projects/prj/zones/us-east1-c/instances/i1 https://www.googleapis.com/compute/v1/projects/prj/zones/us-east1-d/instances/i2
LIST COMMAND FLAGS: --filter=EXPRESSION

Apply a Boolean filter EXPRESSION to each resource item to be listed. If the expression evaluates True, then that item is listed. For more details and examples of filter expressions, run $ gcloud topic filters. This flag interacts with other flags that are applied in this order: --flatten, --sort-by, --filter, --limit.

--page-size=PAGE_SIZE; default=100

Some services group resource list output into pages. This flag specifies the maximum number of resources per page. The default is 100. Paging may be applied before or after --filter and --limit depending on the service.
GCLOUD WIDE FLAGS: These flags are available to all commands: --account, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity. Run $ gcloud help for details.
EXAMPLES: List grantable roles for a project:
$ gcloud iam list-grantable-roles \ //cloudresourcemanager.googleapis.com/projects/PROJECT_ID

List grantable roles for a resource identified via full resource name:
$ gcloud iam list-grantable-roles \ //compute.googleapis.com/projects/example-project/zones/\ us-central1-f/instances/example-instance

List grantable roles for a resource identified via URI:
$ gcloud iam list-grantable-roles \ https://www.googleapis.com/compute/v1/projects/example-project/\ zones/us-central1-f/instances/example-instance
NOTES: These variants are also available:
$ gcloud alpha iam list-grantable-roles $ gcloud beta iam list-grantable-roles

Was this page helpful? Let us know how we did:

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 3.0 License, and code samples are licensed under the Apache 2.0 License. For details, see our Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated March 26, 2019.

gcloud iam list-grantable-roles

Send feedback about...