When you delete a custom role, the following changes occur immediately:
You cannot bind a principal to the custom role in an IAM Policy.
Existing bindings to the custom role are not changed, but they have no effect.
By default, the response from roles.list does not include the custom role.
A deleted custom role still counts toward the custom role limit until it is permanently deleted. You have 7 days to undelete the custom role. After 7 days, the following changes occur:
The custom role is permanently deleted and cannot be recovered.
If an IAM policy contains a binding to the custom role, the binding is permanently removed.
The custom role no longer counts toward your custom role limit.
The name parameter's value depends on the target resource for the request, namely projects or organizations. Each resource type's name value format is described below:
projects.roles.delete: projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}. This method deletes only custom roles that have been created at the project level. Example request URL: https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}
organizations.roles.delete: organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}. This method deletes only custom roles that have been created at the organization level. Example request URL: https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}
Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.
Authorization requires the following IAM permission on the specified resource name:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-01-16 UTC."],[[["This endpoint allows the deletion of custom roles within either a project or an organization, specified via the `name` path parameter."],["Deleting a custom role immediately prevents new bindings to it, though existing bindings remain in place, and the custom role is not included in the result of roles.list by default."],["Custom roles can be undeleted within 7 days; after that, the role is permanently deleted, bindings are removed from policies, and the role no longer counts towards the custom role limit."],["The HTTP request is a DELETE operation, using a URL that follows gRPC Transcoding syntax, and the request body for this operation must be empty."],["The delete operation requires the `iam.roles.delete` IAM permission on the resource specified in the `name` parameter and accepts an `etag` query parameter for consistent read-modify-write operations."]]],[]]
