Viewing assigned roles
Written by
To view assigned roles:
Management console
CLI
API
- In the management console, select the folder where you wish to view resource roles.
- In the list of services, select Container Registry.
- View the roles assigned for a resource:
- Viewing roles for a registry:
- To the right of the registry name, click and select Configure ACL.
- In the window that opens, you can see a list of users and their permissions for the registry.
- Viewing roles for a repository:
- Select the desired registry.
- To the right of the repository name, click and select Configure ACL.
- In the window that opens, you can see a list of users and their permissions for the repository.
- Viewing roles for a registry:
If you don't have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id parameter.
Run the command:
yc <service name> <resource> list-access-bindings <resource name>|<resource ID>
Where:
<service name>: Name of acontainerservice.<resource>: Category of the resource (registryorrepository).<resource name>: Name of the resource that the role is assigned for. You can specify a resource by its name or ID.<resource id>: ID of the resource that the role is assigned for.
Example. View the roles for the registry with the ID
crp0pmf1n68dh715tf02:yc container registry list-access-bindings crp0pmf1n68dh715tf02Result:
+--------------------------+------------------+----------------------+ | ROLE ID | SUBJECT TYPE | SUBJECT ID | +--------------------------+------------------+----------------------+ | container-registry.admin | federatedAccount | kolhpriseeioo9dc3v24 | +--------------------------+------------------+----------------------+
Use the method listAccessBindings for the resources registry and repository.
Read more about role management in the Yandex Identity and Access Management documentation.