docs/dyn/iam_v1.roles.html

<html><body>
<style>

body, h1, h2, h3, div, span, p, pre, a {
  margin: 0;
  padding: 0;
  border: 0;
  font-weight: inherit;
  font-style: inherit;
  font-size: 100%;
  font-family: inherit;
  vertical-align: baseline;
}

body {
  font-size: 13px;
  padding: 1em;
}

h1 {
  font-size: 26px;
  margin-bottom: 1em;
}

h2 {
  font-size: 24px;
  margin-bottom: 1em;
}

h3 {
  font-size: 20px;
  margin-bottom: 1em;
  margin-top: 1em;
}

pre, code {
  line-height: 1.5;
  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
}

pre {
  margin-top: 0.5em;
}

h1, h2, h3, p {
  font-family: Arial, sans serif;
}

h1, h2, h3 {
  border-bottom: solid #CCC 1px;
}

.toc_element {
  margin-top: 0.5em;
}

.firstline {
  margin-left: 2 em;
}

.method  {
  margin-top: 1em;
  border: solid 1px #CCC;
  padding: 1em;
  background: #EEE;
}

.details {
  font-weight: bold;
  font-size: 14px;
}

</style>

<h1><a href="iam_v1.html">Identity and Access Management (IAM) API</a> . <a href="iam_v1.roles.html">roles</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
  <code><a href="#close">close()</a></code></p>
<p class="firstline">Close httplib2 connections.</p>
<p class="toc_element">
  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
<p class="firstline">Gets the definition of a Role.</p>
<p class="toc_element">
  <code><a href="#list">list(pageSize=None, parent=None, showDeleted=None, pageToken=None, view=None, x__xgafv=None)</a></code></p>
<p class="firstline">Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.</p>
<p class="toc_element">
  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
<p class="firstline">Retrieves the next page of results.</p>
<p class="toc_element">
  <code><a href="#queryGrantableRoles">queryGrantableRoles(body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Lists roles that can be granted on a Google Cloud resource. A role is grantable if the IAM policy for the resource can contain bindings to the role.</p>
<p class="toc_element">
  <code><a href="#queryGrantableRoles_next">queryGrantableRoles_next(previous_request, previous_response)</a></code></p>
<p class="firstline">Retrieves the next page of results.</p>
<h3>Method Details</h3>
<div class="method">
    <code class="details" id="close">close()</code>
  <pre>Close httplib2 connections.</pre>
</div>

<div class="method">
    <code class="details" id="get">get(name, x__xgafv=None)</code>
  <pre>Gets the definition of a Role.

Args:
  name: string, The `name` parameter&#x27;s value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type&#x27;s `name` value format is described below: * [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`. This method returns results from all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID. (required)
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # A role in the Identity and Access Management API.
      &quot;stage&quot;: &quot;A String&quot;, # The current launch stage of the role. If the `ALPHA` launch stage has been selected for a role, the `stage` field will not be included in the returned definition for the role.
      &quot;includedPermissions&quot;: [ # The names of the permissions this role grants when bound in an IAM policy.
        &quot;A String&quot;,
      ],
      &quot;etag&quot;: &quot;A String&quot;, # Used to perform a consistent read-modify-write.
      &quot;title&quot;: &quot;A String&quot;, # Optional. A human-readable title for the role. Typically this is limited to 100 UTF-8 bytes.
      &quot;description&quot;: &quot;A String&quot;, # Optional. A human-readable description for the role.
      &quot;name&quot;: &quot;A String&quot;, # The name of the role. When Role is used in CreateRole, the role name must not be set. When Role is used in output and other input such as UpdateRole, the role name is the complete path, e.g., roles/logging.viewer for predefined roles and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.
      &quot;deleted&quot;: True or False, # The current deleted state of the role. This field is read only. It will be ignored in calls to CreateRole and UpdateRole.
    }</pre>
</div>

<div class="method">
    <code class="details" id="list">list(pageSize=None, parent=None, showDeleted=None, pageToken=None, view=None, x__xgafv=None)</code>
  <pre>Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.

Args:
  pageSize: integer, Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000.
  parent: string, The `parent` parameter&#x27;s value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type&#x27;s `parent` value format is described below: * [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string. This method doesn&#x27;t require a resource; it simply returns all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles` * [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list): `projects/{PROJECT_ID}`. This method lists all project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list): `organizations/{ORGANIZATION_ID}`. This method lists all organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.
  showDeleted: boolean, Include Roles that have been deleted.
  pageToken: string, Optional pagination token returned in an earlier ListRolesResponse.
  view: string, Optional view for the returned Role objects. When `FULL` is specified, the `includedPermissions` field is returned, which includes a list of all permissions in the role. The default value is `BASIC`, which does not return the `includedPermissions` field.
    Allowed values
      BASIC - Omits the `included_permissions` field. This is the default value.
      FULL - Returns all fields.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # The response containing the roles defined under a resource.
    &quot;nextPageToken&quot;: &quot;A String&quot;, # To retrieve the next page of results, set `ListRolesRequest.page_token` to this value.
    &quot;roles&quot;: [ # The Roles defined on this resource.
      { # A role in the Identity and Access Management API.
          &quot;stage&quot;: &quot;A String&quot;, # The current launch stage of the role. If the `ALPHA` launch stage has been selected for a role, the `stage` field will not be included in the returned definition for the role.
          &quot;includedPermissions&quot;: [ # The names of the permissions this role grants when bound in an IAM policy.
            &quot;A String&quot;,
          ],
          &quot;etag&quot;: &quot;A String&quot;, # Used to perform a consistent read-modify-write.
          &quot;title&quot;: &quot;A String&quot;, # Optional. A human-readable title for the role. Typically this is limited to 100 UTF-8 bytes.
          &quot;description&quot;: &quot;A String&quot;, # Optional. A human-readable description for the role.
          &quot;name&quot;: &quot;A String&quot;, # The name of the role. When Role is used in CreateRole, the role name must not be set. When Role is used in output and other input such as UpdateRole, the role name is the complete path, e.g., roles/logging.viewer for predefined roles and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.
          &quot;deleted&quot;: True or False, # The current deleted state of the role. This field is read only. It will be ignored in calls to CreateRole and UpdateRole.
        },
    ],
  }</pre>
</div>

<div class="method">
    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
  <pre>Retrieves the next page of results.

Args:
  previous_request: The request for the previous page. (required)
  previous_response: The response from the request for the previous page. (required)

Returns:
  A request object that you can call &#x27;execute()&#x27; on to request the next
  page. Returns None if there are no more items in the collection.
    </pre>
</div>

<div class="method">
    <code class="details" id="queryGrantableRoles">queryGrantableRoles(body=None, x__xgafv=None)</code>
  <pre>Lists roles that can be granted on a Google Cloud resource. A role is grantable if the IAM policy for the resource can contain bindings to the role.

Args:
  body: object, The request body.
    The object takes the form of:

{ # The grantable role query request.
    &quot;fullResourceName&quot;: &quot;A String&quot;, # Required. The full resource name to query from the list of grantable roles. The name follows the Google Cloud Platform resource format. For example, a Cloud Platform project with id `my-project` will be named `//cloudresourcemanager.googleapis.com/projects/my-project`.
    &quot;view&quot;: &quot;A String&quot;,
    &quot;pageToken&quot;: &quot;A String&quot;, # Optional pagination token returned in an earlier QueryGrantableRolesResponse.
    &quot;pageSize&quot;: 42, # Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000.
  }

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # The grantable role query response.
    &quot;nextPageToken&quot;: &quot;A String&quot;, # To retrieve the next page of results, set `QueryGrantableRolesRequest.page_token` to this value.
    &quot;roles&quot;: [ # The list of matching roles.
      { # A role in the Identity and Access Management API.
          &quot;stage&quot;: &quot;A String&quot;, # The current launch stage of the role. If the `ALPHA` launch stage has been selected for a role, the `stage` field will not be included in the returned definition for the role.
          &quot;includedPermissions&quot;: [ # The names of the permissions this role grants when bound in an IAM policy.
            &quot;A String&quot;,
          ],
          &quot;etag&quot;: &quot;A String&quot;, # Used to perform a consistent read-modify-write.
          &quot;title&quot;: &quot;A String&quot;, # Optional. A human-readable title for the role. Typically this is limited to 100 UTF-8 bytes.
          &quot;description&quot;: &quot;A String&quot;, # Optional. A human-readable description for the role.
          &quot;name&quot;: &quot;A String&quot;, # The name of the role. When Role is used in CreateRole, the role name must not be set. When Role is used in output and other input such as UpdateRole, the role name is the complete path, e.g., roles/logging.viewer for predefined roles and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.
          &quot;deleted&quot;: True or False, # The current deleted state of the role. This field is read only. It will be ignored in calls to CreateRole and UpdateRole.
        },
    ],
  }</pre>
</div>

<div class="method">
    <code class="details" id="queryGrantableRoles_next">queryGrantableRoles_next(previous_request, previous_response)</code>
  <pre>Retrieves the next page of results.

Args:
  previous_request: The request for the previous page. (required)
  previous_response: The response from the request for the previous page. (required)

Returns:
  A request object that you can call &#x27;execute()&#x27; on to request the next
  page. Returns None if there are no more items in the collection.
    </pre>
</div>

</body></html>