Viewing assigned roles
To view assigned roles:
-
In the management console, select the folder where you want to view the roles for a resource.
-
In the list of services, select Container Registry.
-
View the roles assigned for a resource:
-
Viewing roles for a registry:
- To the right of the registry name, click and select Configure ACL.
- In the window that opens, you can see a list of users and their permissions for the registry.
-
Viewing roles for a repository:
- Select the desired registry.
- To the right of the desired repository name, click and select Configure ACL.
- In the window that opens, you can see a list of users and their permissions for the repository.
-
If you don't have the Yandex.Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id parameter.
Run the command:
yc <service name> <resource> list-access-bindings <resource name>|<resource ID>
Where:
<service name>: Name of acontainerservice.<resource>: Category of the resource (registryorrepository).<resource name>: Name of the resource that the role is assigned for. You can specify a resource by its name or ID.<resource id>: ID of the resource that the role is assigned for.
Example. View the roles for the registry with the ID
crp0pmf1n68dh715tf02:yc container registry list-access-bindings crp0pmf1n68dh715tf02Command execution result:
+--------------------------+--------------+----------------------+ | ROLE ID | SUBJECT TYPE | SUBJECT ID | +--------------------------+--------------+----------------------+ | container-registry.admin | userAccount | kolhpriseeioo9dc3v24 | +--------------------------+--------------+----------------------+
Use the method listAccessBindings for the resources registry and repository.
Read more about role management in the documentation for Yandex Identity and Access Management.