summaryrefslogtreecommitdiff
path: root/third_party/googleapis/google/cloud/resourcemanager/v3/organizations.proto
diff options
context:
space:
mode:
Diffstat (limited to 'third_party/googleapis/google/cloud/resourcemanager/v3/organizations.proto')
-rw-r--r--third_party/googleapis/google/cloud/resourcemanager/v3/organizations.proto236
1 files changed, 236 insertions, 0 deletions
diff --git a/third_party/googleapis/google/cloud/resourcemanager/v3/organizations.proto b/third_party/googleapis/google/cloud/resourcemanager/v3/organizations.proto
new file mode 100644
index 0000000..0e99a15
--- /dev/null
+++ b/third_party/googleapis/google/cloud/resourcemanager/v3/organizations.proto
@@ -0,0 +1,236 @@
+// Copyright 2021 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.resourcemanager.v3;
+
+import "google/api/annotations.proto";
+import "google/api/client.proto";
+import "google/api/field_behavior.proto";
+import "google/api/resource.proto";
+import "google/iam/v1/iam_policy.proto";
+import "google/iam/v1/policy.proto";
+import "google/protobuf/timestamp.proto";
+
+option csharp_namespace = "Google.Cloud.ResourceManager.V3";
+option go_package = "google.golang.org/genproto/googleapis/cloud/resourcemanager/v3;resourcemanager";
+option java_multiple_files = true;
+option java_outer_classname = "OrganizationsProto";
+option java_package = "com.google.cloud.resourcemanager.v3";
+option php_namespace = "Google\\Cloud\\ResourceManager\\V3";
+option ruby_package = "Google::Cloud::ResourceManager::V3";
+
+// Allows users to manage their organization resources.
+service Organizations {
+ option (google.api.default_host) = "cloudresourcemanager.googleapis.com";
+ option (google.api.oauth_scopes) =
+ "https://www.googleapis.com/auth/cloud-platform,"
+ "https://www.googleapis.com/auth/cloud-platform.read-only";
+
+ // Fetches an organization resource identified by the specified resource name.
+ rpc GetOrganization(GetOrganizationRequest) returns (Organization) {
+ option (google.api.http) = {
+ get: "/v3/{name=organizations/*}"
+ };
+ option (google.api.method_signature) = "name";
+ }
+
+ // Searches organization resources that are visible to the user and satisfy
+ // the specified filter. This method returns organizations in an unspecified
+ // order. New organizations do not necessarily appear at the end of the
+ // results, and may take a small amount of time to appear.
+ //
+ // Search will only return organizations on which the user has the permission
+ // `resourcemanager.organizations.get`
+ rpc SearchOrganizations(SearchOrganizationsRequest) returns (SearchOrganizationsResponse) {
+ option (google.api.http) = {
+ get: "/v3/organizations:search"
+ };
+ option (google.api.method_signature) = "query";
+ }
+
+ // Gets the access control policy for an organization resource. The policy may
+ // be empty if no such policy or resource exists. The `resource` field should
+ // be the organization's resource name, for example: "organizations/123".
+ //
+ // Authorization requires the IAM permission
+ // `resourcemanager.organizations.getIamPolicy` on the specified organization.
+ rpc GetIamPolicy(google.iam.v1.GetIamPolicyRequest) returns (google.iam.v1.Policy) {
+ option (google.api.http) = {
+ post: "/v3/{resource=organizations/*}:getIamPolicy"
+ body: "*"
+ };
+ option (google.api.method_signature) = "resource";
+ }
+
+ // Sets the access control policy on an organization resource. Replaces any
+ // existing policy. The `resource` field should be the organization's resource
+ // name, for example: "organizations/123".
+ //
+ // Authorization requires the IAM permission
+ // `resourcemanager.organizations.setIamPolicy` on the specified organization.
+ rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest) returns (google.iam.v1.Policy) {
+ option (google.api.http) = {
+ post: "/v3/{resource=organizations/*}:setIamPolicy"
+ body: "*"
+ };
+ option (google.api.method_signature) = "resource";
+ }
+
+ // Returns the permissions that a caller has on the specified organization.
+ // The `resource` field should be the organization's resource name,
+ // for example: "organizations/123".
+ //
+ // There are no permissions required for making this API call.
+ rpc TestIamPermissions(google.iam.v1.TestIamPermissionsRequest) returns (google.iam.v1.TestIamPermissionsResponse) {
+ option (google.api.http) = {
+ post: "/v3/{resource=organizations/*}:testIamPermissions"
+ body: "*"
+ };
+ option (google.api.method_signature) = "resource,permissions";
+ }
+}
+
+// The root node in the resource hierarchy to which a particular entity's
+// (a company, for example) resources belong.
+message Organization {
+ option (google.api.resource) = {
+ type: "cloudresourcemanager.googleapis.com/Organization"
+ pattern: "organizations/{organization}"
+ style: DECLARATIVE_FRIENDLY
+ };
+
+ // Organization lifecycle states.
+ enum State {
+ // Unspecified state. This is only useful for distinguishing unset values.
+ STATE_UNSPECIFIED = 0;
+
+ // The normal and active state.
+ ACTIVE = 1;
+
+ // The organization has been marked for deletion by the user.
+ DELETE_REQUESTED = 2;
+ }
+
+ // Output only. The resource name of the organization. This is the
+ // organization's relative path in the API. Its format is
+ // "organizations/[organization_id]". For example, "organizations/1234".
+ string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+ // Output only. A human-readable string that refers to the organization in the
+ // Google Cloud Console. This string is set by the server and cannot be
+ // changed. The string will be set to the primary domain (for example,
+ // "google.com") of the Google Workspace customer that owns the organization.
+ string display_name = 2 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+ // The owner of this organization. The owner should be specified on
+ // creation. Once set, it cannot be changed.
+ //
+ // The lifetime of the organization and all of its descendants are bound to
+ // the owner. If the owner is deleted, the organization and all its
+ // descendants will be deleted.
+ oneof owner {
+ // Immutable. The G Suite / Workspace customer id used in the Directory API.
+ string directory_customer_id = 3 [(google.api.field_behavior) = IMMUTABLE];
+ }
+
+ // Output only. The organization's current lifecycle state.
+ State state = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+ // Output only. Timestamp when the Organization was created.
+ google.protobuf.Timestamp create_time = 5 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+ // Output only. Timestamp when the Organization was last modified.
+ google.protobuf.Timestamp update_time = 6 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+ // Output only. Timestamp when the Organization was requested for deletion.
+ google.protobuf.Timestamp delete_time = 7 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+ // Output only. A checksum computed by the server based on the current value of the
+ // Organization resource. This may be sent on update and delete requests to
+ // ensure the client has an up-to-date value before proceeding.
+ string etag = 8 [(google.api.field_behavior) = OUTPUT_ONLY];
+}
+
+// The request sent to the `GetOrganization` method. The `name` field is
+// required. `organization_id` is no longer accepted.
+message GetOrganizationRequest {
+ // Required. The resource name of the Organization to fetch. This is the organization's
+ // relative path in the API, formatted as "organizations/[organizationId]".
+ // For example, "organizations/1234".
+ string name = 1 [
+ (google.api.field_behavior) = REQUIRED,
+ (google.api.resource_reference) = {
+ type: "cloudresourcemanager.googleapis.com/Organization"
+ }
+ ];
+}
+
+// The request sent to the `SearchOrganizations` method.
+message SearchOrganizationsRequest {
+ // Optional. The maximum number of organizations to return in the response.
+ // If unspecified, server picks an appropriate default.
+ int32 page_size = 1 [(google.api.field_behavior) = OPTIONAL];
+
+ // Optional. A pagination token returned from a previous call to `SearchOrganizations`
+ // that indicates from where listing should continue.
+ string page_token = 2 [(google.api.field_behavior) = OPTIONAL];
+
+ // Optional. An optional query string used to filter the Organizations to return in
+ // the response. Query rules are case-insensitive.
+ //
+ // ```
+ // | Field | Description |
+ // |------------------|--------------------------------------------|
+ // | directoryCustomerId, owner.directoryCustomerId | Filters by directory
+ // customer id. |
+ // | domain | Filters by domain. |
+ // ```
+ //
+ // Organizations may be queried by `directoryCustomerId` or by
+ // `domain`, where the domain is a G Suite domain, for example:
+ //
+ // * Query `directorycustomerid:123456789` returns Organization
+ // resources with `owner.directory_customer_id` equal to `123456789`.
+ // * Query `domain:google.com` returns Organization resources corresponding
+ // to the domain `google.com`.
+ string query = 3 [(google.api.field_behavior) = OPTIONAL];
+}
+
+// The response returned from the `SearchOrganizations` method.
+message SearchOrganizationsResponse {
+ // The list of Organizations that matched the search query, possibly
+ // paginated.
+ repeated Organization organizations = 1;
+
+ // A pagination token to be used to retrieve the next page of results. If the
+ // result is too large to fit within the page size specified in the request,
+ // this field will be set with a token that can be used to fetch the next page
+ // of results. If this field is empty, it indicates that this response
+ // contains the last page of results.
+ string next_page_token = 2;
+}
+
+// A status object which is used as the `metadata` field for the operation
+// returned by DeleteOrganization.
+message DeleteOrganizationMetadata {
+
+}
+
+// A status object which is used as the `metadata` field for the Operation
+// returned by UndeleteOrganization.
+message UndeleteOrganizationMetadata {
+
+}