Custom roles creation in GCP - Time & Space Complexity

When creating custom roles in GCP, it is important to understand how the time to create roles grows as you add more permissions.

We want to know how the number of permissions affects the time and operations needed to create a custom role.

Analyze the time complexity of creating a custom role with multiple permissions.

    gcloud iam roles create myCustomRole \
      --project=my-project \
      --title="My Custom Role" \
      --permissions=storage.buckets.get,storage.objects.list,compute.instances.start
    

This command creates a custom role with a list of permissions specified.

Look at what happens when adding permissions to the role.

• Primary operation: API call to create or update the custom role with all permissions.
• How many times: One API call per role creation, but the size of the permissions list affects the payload size.

As you add more permissions, the data sent in the API call grows linearly.

Input Size (n)	Approx. API Calls/Operations
10	1 API call with 10 permissions
100	1 API call with 100 permissions
1000	1 API call with 1000 permissions

Pattern observation: The number of API calls stays the same, but the payload size grows with the number of permissions.

Time Complexity: O(n)

This means the time to create a custom role grows linearly with the number of permissions included.

[X] Wrong: "Creating a custom role with many permissions requires multiple API calls, one per permission."

[OK] Correct: Actually, all permissions are sent in a single API call, so the number of calls does not increase with permissions.

Understanding how API calls scale with input size helps you design efficient cloud operations and explain your reasoning clearly in interviews.

"What if we split permissions into multiple smaller roles instead of one big role? How would the time complexity change?"