The existing endpoint for listing project-level role assignments is at path v2/projects/{:project_id}/role-assignments.
Requiring a project ID to be specified makes it impossible to query for all of a given principal's project role assignments across all projects, which is a useful thing to do if one is trying to audit or otherwise develop a comprehensive notion of all of a given principal's permissions.
I propose adding a second endpoint at path v2/project-role-assignments that takes all optional selection criteria, including project ID as URL query parameters. For compatibility with older clients, the old endpoint would continue to exist and function just as it does today, but newer clients could opt to use the newer endpoint to support queries that were not previously possible.
The existing endpoint for listing project-level role assignments is at path
v2/projects/{:project_id}/role-assignments.Requiring a project ID to be specified makes it impossible to query for all of a given principal's project role assignments across all projects, which is a useful thing to do if one is trying to audit or otherwise develop a comprehensive notion of all of a given principal's permissions.
I propose adding a second endpoint at path
v2/project-role-assignmentsthat takes all optional selection criteria, including project ID as URL query parameters. For compatibility with older clients, the old endpoint would continue to exist and function just as it does today, but newer clients could opt to use the newer endpoint to support queries that were not previously possible.