Yandex.Cloud
  • Services
  • Why Yandex.Cloud
  • Solutions
  • Pricing
  • Documentation
  • Contact us
Get started
Yandex Container Registry
  • Getting started
  • Step-by-step instructions
    • All instructions
    • Authentication in Yandex Container Registry
    • Managing a Docker image
      • Getting information about available Docker images
      • Creating a Docker image
      • Pushing a Docker image to a registry
      • Pulling a Docker image from a registry
      • Deleting a Docker image from a registry
    • Managing a registry
      • Getting information about existing registries
      • Creating a registry
      • Updating a registry
      • Deleting a registry
    • Managing a repository
      • Getting information about existing repositories
    • Managing policies for automatically deleting Docker images
      • Getting information about existing lifecycle policies
      • Creating a lifecycle policy
      • Updating a lifecycle policy
      • Performing lifecycle policy dry runs
      • Deleting a lifecycle policy
    • Working with roles
      • Assign a role
      • Viewing assigned roles
      • Revoke a role
  • Yandex Container Solution
  • Use cases
    • All use cases
    • Running a Docker image on a VM
  • Concepts
    • Overview
    • Docker image
    • Registry
    • Repository
    • Policies for automatically deleting Docker images
    • Backups
    • Quotas and limits
  • Access management
  • Pricing policy
  • API reference
    • Authentication in the API
    • gRPC
      • Overview
      • ImageService
      • LifecyclePolicyService
      • RegistryService
      • RepositoryService
      • ScannerService
      • OperationService
    • REST
      • Overview
      • Image
        • Overview
        • delete
        • get
        • list
      • LifecyclePolicy
        • Overview
      • Registry
        • Overview
        • create
        • delete
        • get
        • list
        • listAccessBindings
        • setAccessBindings
        • update
        • updateAccessBindings
      • Repository
        • Overview
        • get
        • list
        • listAccessBindings
        • setAccessBindings
        • updateAccessBindings
      • Scanner
        • Overview
  • Troubleshooting
  • Questions and answers
  1. Step-by-step instructions
  2. Working with roles
  3. Viewing assigned roles

Viewing assigned roles

    To view assigned roles:

    Management console
    CLI
    API
    1. In the management console, select the folder where you want to view the roles for a resource.

    2. In the list of services, select Container Registry.

    3. View the roles assigned for a resource:

      • Viewing roles for a registry:

        1. To the right of the registry name, click and select Configure ACL.
        2. In the window that opens, you can see a list of users and their permissions for the registry.
      • Viewing roles for a repository:

        1. Select the desired registry.
        2. To the right of the desired repository name, click and select Configure ACL.
        3. In the window that opens, you can see a list of users and their permissions for the repository.

    If you don't have the Yandex.Cloud command line interface yet, install and initialize it.

    The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id parameter.

    Run the command:

    yc <service name> <resource> list-access-bindings <resource name>|<resource ID>
    

    Where:

    • <service name>: Name of a container service.
    • <resource>: Category of the resource (registry or repository).
    • <resource name>: Name of the resource that the role is assigned for. You can specify a resource by its name or ID.
    • <resource id>: ID of the resource that the role is assigned for.

    Example. View the roles for the registry with the ID crp0pmf1n68dh715tf02:

    yc container registry list-access-bindings crp0pmf1n68dh715tf02
    

    Command execution result:

    +--------------------------+--------------+----------------------+
    |         ROLE ID          | SUBJECT TYPE |      SUBJECT ID      |
    +--------------------------+--------------+----------------------+
    | container-registry.admin | userAccount  | kolhpriseeioo9dc3v24 |
    +--------------------------+--------------+----------------------+
    

    Use the method listAccessBindings for the resources registry and repository.

    Read more about role management in the documentation for Yandex Identity and Access Management.

    Language / Region
    Careers
    Privacy policy
    Terms of use
    Brandbook
    © 2021 Yandex.Cloud LLC