Score:2

Server

GCP: Can I list permissions assigned to custom role using gcloud?

Scott Queen

10/18/22, 6:04 PM

Is there any way to list the permissions associated with a (custom) role in Google Cloud Platform IAM using gcloud? I can find how to list the roles, but not the permissions associated with a given role.

1531

1 + 0

google-cloud-platform

google-iam

Score:2

Server

John Hanley

10/18/22, 6:53 PM

You can list the permissions associated with a role using this command. Replace the role name with your custom role name.

gcloud iam roles describe roles/editor

Documentation: gcloud iam roles describe

0 + 5

noob

11/28/22, 8:25 AM

This does not seem to work with the custom roles. The error is as follows `ERROR: (gcloud.beta.iam.roles.describe) Invalid value for [ROLE_ID]: The role id that starts with 'roles/' only stands for curated role. Should not specify the project or organization for curated roles`

John Hanley

11/28/22, 8:29 AM

@noob - What command are you running? The command in my answer is correct. If you mean that you created a custom role, then use the custom role name instead of `roles/editor`

noob

11/28/22, 8:32 AM

This is the command I am using - `gcloud iam roles describe roles/CustomRole --project=my-project` this works for the curated roles, but not for the custom roles for me.

John Hanley

11/28/22, 8:39 AM

@Remove `roles/` and use the custom role name. You will need to look up the role ID and use the last part as in **MyCustomRole43**. In my answer `roles/editor` is the role name, the `roles` portion is not part of a custom role except when specifying the full role ID. You will also need to specify the project for custom roles as they are project specific. All of this is documented.

noob

11/28/22, 9:16 AM

Thanks, removing the `roles/` prefix worked.

Score:1

Server

Devashish Priyadarshi

10/8/23, 2:45 AM

for predefined role: gcloud iam roles describe roles/[roleid]

for custom role: gcloud iam roles describe [roleid] --project=[projectid]

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: GCP: Can I list permissions assigned to custom role using gcloud?

TH: GCP: ฉันสามารถแสดงรายการสิทธิ์ที่กำหนดให้กับบทบาทที่กำหนดเองโดยใช้ gcloud ได้หรือไม่

RO: GCP: Pot enumera permisiunile atribuite rolului personalizat folosind gcloud?

RU: GCP: Могу ли я перечислить разрешения, назначенные пользовательской роли, с помощью gcloud?

VI: GCP: Tôi có thể liệt kê các quyền được gán cho vai trò tùy chỉnh bằng gcloud không?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.