google.cloud.resourcemanager.v3.organizations.proto Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of proto-google-cloud-resourcemanager-v3 Show documentation
Show all versions of proto-google-cloud-resourcemanager-v3 Show documentation
Proto library for google-cloud-resourcemanager
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.cloud.resourcemanager.v3;
import "google/api/annotations.proto";
import "google/api/client.proto";
import "google/api/field_behavior.proto";
import "google/api/resource.proto";
import "google/iam/v1/iam_policy.proto";
import "google/iam/v1/policy.proto";
import "google/protobuf/timestamp.proto";
option csharp_namespace = "Google.Cloud.ResourceManager.V3";
option go_package = "cloud.google.com/go/resourcemanager/apiv3/resourcemanagerpb;resourcemanagerpb";
option java_multiple_files = true;
option java_outer_classname = "OrganizationsProto";
option java_package = "com.google.cloud.resourcemanager.v3";
option php_namespace = "Google\\Cloud\\ResourceManager\\V3";
option ruby_package = "Google::Cloud::ResourceManager::V3";
// Allows users to manage their organization resources.
service Organizations {
option (google.api.default_host) = "cloudresourcemanager.googleapis.com";
option (google.api.oauth_scopes) =
"https://www.googleapis.com/auth/cloud-platform,"
"https://www.googleapis.com/auth/cloud-platform.read-only";
// Fetches an organization resource identified by the specified resource name.
rpc GetOrganization(GetOrganizationRequest) returns (Organization) {
option (google.api.http) = {
get: "/v3/{name=organizations/*}"
};
option (google.api.method_signature) = "name";
}
// Searches organization resources that are visible to the user and satisfy
// the specified filter. This method returns organizations in an unspecified
// order. New organizations do not necessarily appear at the end of the
// results, and may take a small amount of time to appear.
//
// Search will only return organizations on which the user has the permission
// `resourcemanager.organizations.get`
rpc SearchOrganizations(SearchOrganizationsRequest)
returns (SearchOrganizationsResponse) {
option (google.api.http) = {
get: "/v3/organizations:search"
};
option (google.api.method_signature) = "query";
}
// Gets the access control policy for an organization resource. The policy may
// be empty if no such policy or resource exists. The `resource` field should
// be the organization's resource name, for example: "organizations/123".
//
// Authorization requires the IAM permission
// `resourcemanager.organizations.getIamPolicy` on the specified organization.
rpc GetIamPolicy(google.iam.v1.GetIamPolicyRequest)
returns (google.iam.v1.Policy) {
option (google.api.http) = {
post: "/v3/{resource=organizations/*}:getIamPolicy"
body: "*"
};
option (google.api.method_signature) = "resource";
}
// Sets the access control policy on an organization resource. Replaces any
// existing policy. The `resource` field should be the organization's resource
// name, for example: "organizations/123".
//
// Authorization requires the IAM permission
// `resourcemanager.organizations.setIamPolicy` on the specified organization.
rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest)
returns (google.iam.v1.Policy) {
option (google.api.http) = {
post: "/v3/{resource=organizations/*}:setIamPolicy"
body: "*"
};
option (google.api.method_signature) = "resource";
}
// Returns the permissions that a caller has on the specified organization.
// The `resource` field should be the organization's resource name,
// for example: "organizations/123".
//
// There are no permissions required for making this API call.
rpc TestIamPermissions(google.iam.v1.TestIamPermissionsRequest)
returns (google.iam.v1.TestIamPermissionsResponse) {
option (google.api.http) = {
post: "/v3/{resource=organizations/*}:testIamPermissions"
body: "*"
};
option (google.api.method_signature) = "resource,permissions";
}
}
// The root node in the resource hierarchy to which a particular entity's
// (a company, for example) resources belong.
message Organization {
option (google.api.resource) = {
type: "cloudresourcemanager.googleapis.com/Organization"
pattern: "organizations/{organization}"
style: DECLARATIVE_FRIENDLY
};
// Organization lifecycle states.
enum State {
// Unspecified state. This is only useful for distinguishing unset values.
STATE_UNSPECIFIED = 0;
// The normal and active state.
ACTIVE = 1;
// The organization has been marked for deletion by the user.
DELETE_REQUESTED = 2;
}
// Output only. The resource name of the organization. This is the
// organization's relative path in the API. Its format is
// "organizations/[organization_id]". For example, "organizations/1234".
string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. A human-readable string that refers to the organization in the
// Google Cloud Console. This string is set by the server and cannot be
// changed. The string will be set to the primary domain (for example,
// "google.com") of the Google Workspace customer that owns the organization.
string display_name = 2 [(google.api.field_behavior) = OUTPUT_ONLY];
// The owner of this organization. The owner should be specified on
// creation. Once set, it cannot be changed.
//
// The lifetime of the organization and all of its descendants are bound to
// the owner. If the owner is deleted, the organization and all its
// descendants will be deleted.
oneof owner {
// Immutable. The G Suite / Workspace customer id used in the Directory API.
string directory_customer_id = 3 [(google.api.field_behavior) = IMMUTABLE];
}
// Output only. The organization's current lifecycle state.
State state = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. Timestamp when the Organization was created.
google.protobuf.Timestamp create_time = 5
[(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. Timestamp when the Organization was last modified.
google.protobuf.Timestamp update_time = 6
[(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. Timestamp when the Organization was requested for deletion.
google.protobuf.Timestamp delete_time = 7
[(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. A checksum computed by the server based on the current value
// of the Organization resource. This may be sent on update and delete
// requests to ensure the client has an up-to-date value before proceeding.
string etag = 8 [(google.api.field_behavior) = OUTPUT_ONLY];
}
// The request sent to the `GetOrganization` method. The `name` field is
// required. `organization_id` is no longer accepted.
message GetOrganizationRequest {
// Required. The resource name of the Organization to fetch. This is the
// organization's relative path in the API, formatted as
// "organizations/[organizationId]". For example, "organizations/1234".
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = {
type: "cloudresourcemanager.googleapis.com/Organization"
}
];
}
// The request sent to the `SearchOrganizations` method.
message SearchOrganizationsRequest {
// Optional. The maximum number of organizations to return in the response.
// The server can return fewer organizations than requested. If unspecified,
// server picks an appropriate default.
int32 page_size = 1 [(google.api.field_behavior) = OPTIONAL];
// Optional. A pagination token returned from a previous call to
// `SearchOrganizations` that indicates from where listing should continue.
string page_token = 2 [(google.api.field_behavior) = OPTIONAL];
// Optional. An optional query string used to filter the Organizations to
// return in the response. Query rules are case-insensitive.
//
//
// ```
// | Field | Description |
// |------------------|--------------------------------------------|
// | directoryCustomerId, owner.directoryCustomerId | Filters by directory
// customer id. |
// | domain | Filters by domain. |
// ```
//
// Organizations may be queried by `directoryCustomerId` or by
// `domain`, where the domain is a G Suite domain, for example:
//
// * Query `directorycustomerid:123456789` returns Organization
// resources with `owner.directory_customer_id` equal to `123456789`.
// * Query `domain:google.com` returns Organization resources corresponding
// to the domain `google.com`.
string query = 3 [(google.api.field_behavior) = OPTIONAL];
}
// The response returned from the `SearchOrganizations` method.
message SearchOrganizationsResponse {
// The list of Organizations that matched the search query, possibly
// paginated.
repeated Organization organizations = 1;
// A pagination token to be used to retrieve the next page of results. If the
// result is too large to fit within the page size specified in the request,
// this field will be set with a token that can be used to fetch the next page
// of results. If this field is empty, it indicates that this response
// contains the last page of results.
string next_page_token = 2;
}
// A status object which is used as the `metadata` field for the operation
// returned by DeleteOrganization.
message DeleteOrganizationMetadata {}
// A status object which is used as the `metadata` field for the Operation
// returned by UndeleteOrganization.
message UndeleteOrganizationMetadata {}