Method: roles.queryGrantableRoles

Lists roles that can be granted on a Google Cloud resource. A role is grantable if the IAM policy for the resource can contain bindings to the role.

POST https://iam.googleapis.com/v1/roles:queryGrantableRoles

The URL uses gRPC Transcoding syntax.

The request body contains data with the following structure:

JSON representation
{ "fullResourceName" : string , "view" : enum ( `RoleView` ) , "pageSize" : integer , "pageToken" : string }

Fields
`fullResourceName`	`string` Required. Required. The full resource name to query from the list of grantable roles. The name follows the Google Cloud Platform resource format. For example, a Cloud Platform project with id `my-project` will be named `//cloudresourcemanager.googleapis.com/projects/my-project` .
`view`	`enum ( RoleView )`
`pageSize`	`integer` Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 2,000.
`pageToken`	`string` Optional pagination token returned in an earlier QueryGrantableRolesResponse.

The grantable role query response.

If successful, the response body contains data with the following structure:

JSON representation
{ "roles" : [ { object ( `Role` ) } ] , "nextPageToken" : string }

Fields

Fields
`roles[]`	`object ( Role )` The list of matching roles.
`nextPageToken`	`string` To retrieve the next page of results, set `QueryGrantableRolesRequest.page_token` to this value.

roles[]

object ( Role )

The list of matching roles.

nextPageToken

string

To retrieve the next page of results, set QueryGrantableRolesRequest.page_token to this value.

Requires one of the following OAuth scopes:

For more information, see the Authentication Overview .