Namespace Google.Apis.CloudResourceManager.v3
Classes
CloudResourceManagerBaseServiceRequest<TResponse>
A base abstract class for CloudResourceManager requests.
CloudResourceManagerService
The CloudResourceManager Service.
CloudResourceManagerService.Scope
Available OAuth 2.0 scopes for use with the Cloud Resource Manager API.
CloudResourceManagerService.ScopeConstants
Available OAuth 2.0 scope constants for use with the Cloud Resource Manager API.
FoldersResource
The "folders" collection of methods.
FoldersResource.CreateRequest
Creates a Folder in the resource hierarchy. Returns an Operation which can be used to track the progress of
the folder creation workflow. Upon success the Operation.response field will be populated with the created
Folder. In order to succeed, the addition of this new Folder must not violate the Folder naming, height or
fanout constraints. + The Folder's display_name must be distinct from all other Folders that share its
parent. + The addition of the Folder must not cause the active Folder hierarchy to exceed a height of 10.
Note, the full active + deleted Folder hierarchy is allowed to reach a height of 20; this provides
additional headroom when moving folders that contain deleted folders. + The addition of the Folder must not
cause the total number of Folders under its parent to exceed 300. If the operation fails due to a folder
constraint violation, some errors may be returned by the CreateFolder request, with status code
FAILED_PRECONDITION and an error description. Other folder constraint violations will be communicated in the
Operation, with the specific PreconditionFailure returned via the details list in the Operation.error field.
The caller must have resourcemanager.folders.create permission on the identified parent.
FoldersResource.DeleteRequest
Requests deletion of a Folder. The Folder is moved into the DELETE_REQUESTED state immediately, and is
deleted approximately 30 days later. This method may only be called on an empty Folder, where a Folder is
empty if it doesn't contain any Folders or Projects in the ACTIVE state. If called on a folder in
DELETE_REQUESTED state the result will be a no-op success. The caller must have
resourcemanager.folders.delete permission on the identified folder.
FoldersResource.GetIamPolicyRequest
Gets the access control policy for a Folder. The returned policy may be empty if no such policy or resource
exists. The resource field should be the Folder's resource name, e.g. "folders/1234". The caller must have
resourcemanager.folders.getIamPolicy permission on the identified folder.
FoldersResource.GetRequest
Retrieves a Folder identified by the supplied resource name. Valid Folder resource names have the format
folders/{folder_id} (for example, folders/1234). The caller must have resourcemanager.folders.get
permission on the identified folder.
FoldersResource.ListRequest
Lists the Folders that are direct descendants of supplied parent resource. List provides a strongly
consistent view of the Folders underneath the specified parent resource. List returns Folders sorted based
upon the (ascending) lexical ordering of their display_name. The caller must have
resourcemanager.folders.list permission on the identified parent.
FoldersResource.MoveRequest
Moves a Folder under a new resource parent. Returns an Operation which can be used to track the progress of
the folder move workflow. Upon success the Operation.response field will be populated with the moved Folder.
Upon failure, a FolderOperationError categorizing the failure cause will be returned - if the failure occurs
synchronously then the FolderOperationError will be returned via the Status.details field and if it occurs
asynchronously then the FolderOperation will be returned via the Operation.error field. In addition, the
Operation.metadata field will be populated with a FolderOperation message as an aid to stateless clients.
Folder moves will be rejected if they violate either the naming, height or fanout constraints described in
the CreateFolder documentation. The caller must have resourcemanager.folders.move permission on the
folder's current and proposed new parent.
FoldersResource.PatchRequest
Updates a Folder, changing its display_name. Changes to the folder display_name will be rejected if they
violate either the display_name formatting rules or naming constraints described in the CreateFolder
documentation. The Folder's display_name must start and end with a letter or digit, may contain letters,
digits, spaces, hyphens and underscores and can be between 3 and 30 characters. This is captured by the
regular expression: \p{L}\p{N}{1,28}[\p{L}\p{N}]. The caller must have resourcemanager.folders.update
permission on the identified folder. If the update fails due to the unique name constraint then a
PreconditionFailure explaining this violation will be returned in the Status.details field.
FoldersResource.SearchRequest
Search for folders that match specific filter criteria. Search provides an eventually consistent view of the
folders a user has access to which meet the specified filter criteria. This will only return folders on
which the caller has the permission resourcemanager.folders.get.
FoldersResource.SetIamPolicyRequest
Sets the access control policy on a Folder, replacing any existing policy. The resource field should be
the Folder's resource name, e.g. "folders/1234". The caller must have resourcemanager.folders.setIamPolicy
permission on the identified folder.
FoldersResource.TestIamPermissionsRequest
Returns permissions that a caller has on the specified Folder. The resource field should be the Folder's
resource name, e.g. "folders/1234". There are no permissions required for making this API call.
FoldersResource.UndeleteRequest
Cancels the deletion request for a Folder. This method may be called on a Folder in any state. If Folder is
in ACTIVE state the result will be a no-op success. In order to succeed, the Folder's parent must be in the
ACTIVE state. In addition, reintroducing the folder into the tree must not violate folder naming, height and
fanout constraints described in the CreateFolder documentation. The caller must have
resourcemanager.folders.undelete permission on the identified folder.
LiensResource
The "liens" collection of methods.
LiensResource.CreateRequest
Create a Lien which applies to the resource denoted by the parent field. Callers of this method will
require permission on the parent resource. For example, applying to projects/1234 requires permission
resourcemanager.projects.updateLiens. NOTE: Some resources may limit the number of Liens which may be
applied.
LiensResource.DeleteRequest
Delete a Lien by name. Callers of this method will require permission on the parent resource. For
example, a Lien with a parent of projects/1234 requires permission
resourcemanager.projects.updateLiens.
LiensResource.GetRequest
Retrieve a Lien by name. Callers of this method will require permission on the parent resource. For
example, a Lien with a parent of projects/1234 requires permission resourcemanager.projects.get
LiensResource.ListRequest
List all Liens applied to the parent resource. Callers of this method will require permission on the
parent resource. For example, a Lien with a parent of projects/1234 requires permission
resourcemanager.projects.get.
OperationsResource
The "operations" collection of methods.
OperationsResource.GetRequest
Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.
OrganizationsResource
The "organizations" collection of methods.
OrganizationsResource.GetIamPolicyRequest
Gets the access control policy for an Organization resource. May be empty if no such policy or resource
exists. The resource field should be the organization's resource name, e.g. "organizations/123".
Authorization requires the Google IAM permission resourcemanager.organizations.getIamPolicy on the
specified organization
OrganizationsResource.GetRequest
Fetches an Organization resource identified by the specified resource name.
OrganizationsResource.SearchRequest
Searches Organization resources that are visible to the user and satisfy the specified filter. This method
returns Organizations in an unspecified order. New Organizations do not necessarily appear at the end of the
results, and may take a small amount of time to appear. Search will only return organizations on which the
user has the permission resourcemanager.organizations.get
OrganizationsResource.SetIamPolicyRequest
Sets the access control policy on an Organization resource. Replaces any existing policy. The resource
field should be the organization's resource name, e.g. "organizations/123". Authorization requires the
Google IAM permission resourcemanager.organizations.setIamPolicy on the specified organization
OrganizationsResource.TestIamPermissionsRequest
Returns permissions that a caller has on the specified Organization. The resource field should be the
organization's resource name, e.g. "organizations/123". There are no permissions required for making this
API call.
ProjectsResource
The "projects" collection of methods.
ProjectsResource.CreateRequest
Request that a new Project be created. The result is an Operation which can be used to track the creation process. This process usually takes a few seconds, but can sometimes take much longer. The tracking Operation is automatically deleted after a few hours, so there is no need to call DeleteOperation.
ProjectsResource.DeleteRequest
Marks the Project identified by the specified name (for example, projects/415104041262) for deletion.
This method will only affect the Project if it has a lifecycle state of ACTIVE. This method changes the
Project's lifecycle state from ACTIVE to DELETE_REQUESTED. The deletion starts at an unspecified time, at
which point the Project is no longer accessible. Until the deletion completes, you can check the lifecycle
state checked by retrieving the Project with GetProject, and the Project remains visible to ListProjects.
However, you cannot update the project. After the deletion completes, the Project is not retrievable by the
GetProject, ListProjects, and SearchProjects methods. This method behaves idempotently (eg., deleting a
DELETE_REQUESTED project will not be an error, but also won't do anything). The caller must have delete
permissions for this Project.
ProjectsResource.GetIamPolicyRequest
Returns the IAM access control policy for the specified Project. Permission is denied if the policy or the resource does not exist.
ProjectsResource.GetRequest
Retrieves the Project identified by the specified name (for example, projects/415104041262). The caller
must have read permissions for this Project.
ProjectsResource.ListRequest
Lists Projects that are direct children of the specified folder or organization resource. List provides a
strongly consistent view of the Projects underneath the specified parent resource. List returns Projects
sorted based upon the (ascending) lexical ordering of their display_name. The caller must have
resourcemanager.projects.list permission on the identified parent.
ProjectsResource.MoveRequest
Move a Project under a new resource parent. Returns an operation which can be used to track the process of
the Project move workflow. Upon success, the Operation.response field will be populated with the moved
Project. The caller must have resourcemanager.projects.update permission on the Project and have
resourcemanager.projects.move permission on the Project's current and proposed new parent.
ProjectsResource.PatchRequest
Updates the attributes of the Project identified by the specified name (for example,
projects/415104041262). At present this is only useful for updating the display_name and labels. Deleting
all labels requires an update mask for labels field. The caller must have modify permissions for this
Project.
ProjectsResource.SearchRequest
Search for Projects that the caller has the resourcemanager.projects.get permission on and satisfy the
specified query. This method returns Projects in an unspecified order. This method is eventually consistent
with project mutations; this means that a newly created project may not appear in the results or recent
updates to an existing project may not be reflected in the results. To retrieve the latest state of a
project, use the GetProject method.
ProjectsResource.SetIamPolicyRequest
Sets the IAM access control policy for the specified Project. CAUTION: This method will replace the existing
policy, and cannot be used to append additional IAM settings. NOTE: Removing service accounts from policies
or changing their roles can render services completely inoperable. It is important to understand how the
service account is being used before removing or updating its roles. The following constraints apply when
using setIamPolicy(): + Project does not support allUsers and allAuthenticatedUsers as members in a
Binding of a Policy. + The owner role can be granted to a user, serviceAccount, or a group that is
part of an organization. For example, group@myownpersonaldomain.com could be added as an owner to a project
in the myownpersonaldomain.com organization, but not the examplepetstore.com organization. + Service
accounts can be made owners of a project directly without any restrictions. However, to be added as an
owner, a user must be invited via Cloud Platform console and must accept the invitation. + A user cannot be
granted the owner role using setIamPolicy(). The user must be granted the owner role using the Cloud
Platform Console and must explicitly accept the invitation. + Invitations to grant the owner role cannot be
sent using setIamPolicy(); they must be sent only using the Cloud Platform Console. + Membership changes
that leave the project without any owners that have accepted the Terms of Service (ToS) will be rejected. +
If the project is not part of an organization, there must be at least one owner who has accepted the Terms
of Service (ToS) agreement in the policy. Calling setIamPolicy() to remove the last ToS-accepted owner
from the policy will fail. This restriction also applies to legacy projects that no longer have owners who
have accepted the ToS. Edits to IAM policies will be rejected until the lack of a ToS-accepting owner is
rectified. + Calling this method requires enabling the App Engine Admin API.
ProjectsResource.TestIamPermissionsRequest
Returns permissions that a caller has on the specified Project.
ProjectsResource.UndeleteRequest
Restores the Project identified by the specified name (for example, projects/415104041262). You can only
use this method for a Project that has a lifecycle state of DELETE_REQUESTED. After deletion starts, the
Project cannot be restored. The caller must have undelete permissions for this Project.
TagBindingsResource
The "tagBindings" collection of methods.
TagBindingsResource.CreateRequest
Creates a TagBinding between a TagValue and a cloud resource (currently project, folder, or organization).
TagBindingsResource.DeleteRequest
Deletes a TagBinding.
TagBindingsResource.ListRequest
Lists the TagBindings for the given cloud resource, as specified with parent. NOTE: The parent field is
expected to be a full resource name: https://cloud.google.com/apis/design/resource_names#full_resource_name
TagKeysResource
The "tagKeys" collection of methods.
TagKeysResource.CreateRequest
Creates a new TagKey. If another request with the same parameters is sent while the original request is in process, the second request will receive an error. A maximum of 300 TagKeys can exist under a parent at any given time.
TagKeysResource.DeleteRequest
Deletes a TagKey. The TagKey cannot be deleted if it has any child TagValues.
TagKeysResource.GetIamPolicyRequest
Gets the access control policy for a TagKey. The returned policy may be empty if no such policy or resource
exists. The resource field should be the TagKey's resource name. For example, "tagKeys/1234". The caller
must have cloudresourcemanager.googleapis.com/tagKeys.getIamPolicy permission on the specified TagKey.
TagKeysResource.GetRequest
Retrieves a TagKey. This method will return PERMISSION_DENIED if the key does not exist or the user does
not have permission to view it.
TagKeysResource.ListRequest
Lists all TagKeys for a parent resource.
TagKeysResource.PatchRequest
Updates the attributes of the TagKey resource.
TagKeysResource.SetIamPolicyRequest
Sets the access control policy on a TagKey, replacing any existing policy. The resource field should be
the TagKey's resource name. For example, "tagKeys/1234". The caller must have
resourcemanager.tagKeys.setIamPolicy permission on the identified tagValue.
TagKeysResource.TestIamPermissionsRequest
Returns permissions that a caller has on the specified TagKey. The resource field should be the TagKey's
resource name. For example, "tagKeys/1234". There are no permissions required for making this API call.
TagValuesResource
The "tagValues" collection of methods.
TagValuesResource.CreateRequest
Creates a TagValue as a child of the specified TagKey. If a another request with the same parameters is sent while the original request is in process the second request will receive an error. A maximum of 300 TagValues can exist under a TagKey at any given time.
TagValuesResource.DeleteRequest
Deletes a TagValue. The TagValue cannot have any bindings when it is deleted.
TagValuesResource.GetIamPolicyRequest
Gets the access control policy for a TagValue. The returned policy may be empty if no such policy or
resource exists. The resource field should be the TagValue's resource name. For example: tagValues/1234.
The caller must have the cloudresourcemanager.googleapis.com/tagValues.getIamPolicy permission on the
identified TagValue to get the access control policy.
TagValuesResource.GetRequest
Retrieves TagValue. If the TagValue or namespaced name does not exist, or if the user does not have
permission to view it, this method will return PERMISSION_DENIED.
TagValuesResource.ListRequest
Lists all TagValues for a specific TagKey.
TagValuesResource.PatchRequest
Updates the attributes of the TagValue resource.
TagValuesResource.SetIamPolicyRequest
Sets the access control policy on a TagValue, replacing any existing policy. The resource field should be
the TagValue's resource name. For example: tagValues/1234. The caller must have
resourcemanager.tagValues.setIamPolicy permission on the identified tagValue.
TagValuesResource.TestIamPermissionsRequest
Returns permissions that a caller has on the specified TagValue. The resource field should be the
TagValue's resource name. For example: tagValues/1234. There are no permissions required for making this
API call.
Enums
CloudResourceManagerBaseServiceRequest<TResponse>.AltEnum
Data format for response.
CloudResourceManagerBaseServiceRequest<TResponse>.XgafvEnum
V1 error format.