@dataroadinc/setup-auth/dist/providers/gcp/iam/constants.js

CLI tool and programmatic API for automated OAuth setup across cloud platforms

export const REQUIRED_SERVICES = {
    RESOURCE_MANAGER: "cloudresourcemanager.googleapis.com",
    SERVICE_USAGE: "serviceusage.googleapis.com",
    IAM: "iam.googleapis.com",
    CREDENTIALS: "iamcredentials.googleapis.com",
    ORG_POLICY: "orgpolicy.googleapis.com",
    OAUTH2: "oauth2.googleapis.com",
    IAP: "iap.googleapis.com",
    BILLING: "cloudbilling.googleapis.com",
    ACCESS_CONTEXT_MANAGER: "accesscontextmanager.googleapis.com",
    SERVICE_MANAGEMENT: "servicemanagement.googleapis.com",
};
export const PUBLIC_SERVICES = [
    REQUIRED_SERVICES.OAUTH2,
];
export const GLOBAL_PERMISSIONS = {
    LIST_ORGANIZATIONS: "resourcemanager.organizations.list",
    LIST_FOLDERS: "resourcemanager.folders.list",
    CREATE_PROJECT: "resourcemanager.projects.create",
    LIST_BILLING_ACCOUNTS: "billing.accounts.list",
};
export const ORGANIZATION_PERMISSIONS = {
    GET_ORGANIZATION: "resourcemanager.organizations.get",
    UPDATE_ORGANIZATION: "resourcemanager.organizations.update",
    GET_IAM_POLICY: "resourcemanager.organizations.getIamPolicy",
    SET_IAM_POLICY: "resourcemanager.organizations.setIamPolicy",
    LIST_PROJECTS: "resourcemanager.projects.list",
    PROJECTS_SET_IAM_POLICY: "resourcemanager.projects.setIamPolicy",
    ORG_POLICY_GET: "orgpolicy.policy.get",
    ORG_POLICY_SET: "orgpolicy.policy.set",
};
export const PROJECT_PERMISSIONS = {
    GET_PROJECT: "resourcemanager.projects.get",
    UPDATE_PROJECT: "resourcemanager.projects.update",
    GET_IAM_POLICY: "resourcemanager.projects.getIamPolicy",
    SET_IAM_POLICY: "resourcemanager.projects.setIamPolicy",
    ENABLE_SERVICE: "serviceusage.services.enable",
    GET_SERVICE: "serviceusage.services.get",
    LIST_SERVICES: "serviceusage.services.list",
    USE_SERVICE: "serviceusage.services.use",
};
export const ORGANIZATION_ROLES = {
    OWNER: "roles/owner",
    EDITOR: "roles/editor",
    VIEWER: "roles/viewer",
    ORG_ADMIN: "roles/resourcemanager.organizationAdmin",
    FOLDER_ADMIN: "roles/resourcemanager.folderAdmin",
    PROJECT_CREATOR: "roles/resourcemanager.projectCreator",
    BILLING_ADMIN: "roles/billing.admin",
    ORG_POLICY_ADMIN: "roles/orgpolicy.policyAdmin",
};
export const PROJECT_ROLES = {
    OWNER: "roles/owner",
    EDITOR: "roles/editor",
    VIEWER: "roles/viewer",
    SERVICE_USAGE_ADMIN: "roles/serviceusage.serviceUsageAdmin",
    SERVICE_USAGE_CONSUMER: "roles/serviceusage.serviceUsageConsumer",
    SERVICE_ACCOUNT_ADMIN: "roles/iam.serviceAccountAdmin",
    SERVICE_ACCOUNT_USER: "roles/iam.serviceAccountUser",
    SERVICE_ACCOUNT_KEY_ADMIN: "roles/iam.serviceAccountKeyAdmin",
    IAP_SETTINGS_ADMIN: "roles/iap.settingsAdmin",
    IAP_SECURED_USER: "roles/iap.securedUser",
    SERVICE_MANAGEMENT_ADMIN: "roles/servicemanagement.admin",
    LOGGING_WRITER: "roles/logging.logWriter",
};