How to display roles assigned to a GCP service account.

<pre lang="bash">
gcloud projects get-iam-policy your-project-id \
--flatten="bindings[].members" \
--format='table(bindings.role)' \
--filter="bindings.members:your-service-account@your-project.iam.gserviceaccount.com"

Result

<pre lang="bash">
ROLE
organizations/xxxxxxxxxxxxx/roles/role-name
roles/compute.instanceAdmin.v1
roles/compute.networkViewer
roles/logging.logWriter
roles/monitoring.metricWriter