When a binding is made through IAM, will same member get all access of that role?

[aravind ashok]

The is in reference to code at official page, where we want to give access to a user for a specific PUBSUB subscription: https://cloud.google.com/pubsub/docs/access-control#setting_a_policy

In the above code:

• Role roles/pubsub.editor is binded to member allUsers for specific resource like 'pubsub.your-subscription-id'; the resource policy is updated in same terms.
• As far as I know 'roles/pubsub.editor' role has all access to PUBSUB subscriptions and policies.

Q)After executing the above code, can we conclude that allUsers get all accesses that role roles/pubsub.editor has? Or is this binding only specific to this resource's policy?

As I am a newbie here, please help if my understandings are wrong here. :)

[Eduardo Ortiz Caraveo]

Short answer is yes, every member of the group that you are assigning the permission to will be granted those two permissions.