Am I permitted?

gcloud includes gcloud iam roles describe

So you can enumerate a role’s (ROLE) permissions using:

ROLE="..."

gcloud iam roles describe ${ROLE}

But, you generally want to know whether the role includes specific permissions (PERM).

Customarily, you’d think you can gcloud ... --flatten=... --filter=... but gcloud only provides --filter on list methods (not describe). However, there is a filter projection:

ROLE="..."
PERM="..."

FORMAT="value(includedPermissions.filter(\"${PERM}\"))"

gcloud iam roles describe ${ROLE} \
--format="${FORMAT}"

Alternatively, it’s slightly more UNIX-y to have tools (such as gcloud) produce JSON or YAML and then use a JSON (e.g. jq) or YAML (e.g. yq) processor:

ROLE="..."
PERM="..."

FILTER=".includedPermissions[]|select(.==\"${PERM}\")"

gcloud iam roles describe ${ROLE} \
--format=json \
| jq -r "${FILTER}"