googleapis

/** * Copyright 2015 Google Inc. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ import { AxiosPromise } from 'axios'; import { GoogleApis } from '../..'; import { BodyResponseCallback, GlobalOptions, MethodOptions } from '../../lib/api'; /** * Cloud Resource Manager API * * The Google Cloud Resource Manager API provides methods for creating, reading, * and updating project metadata. * * @example * const google = require('googleapis'); * const cloudresourcemanager = google.cloudresourcemanager('v1'); * * @namespace cloudresourcemanager * @type {Function} * @version v1 * @variation v1 * @param {object=} options Options for Cloudresourcemanager */ export declare class Cloudresourcemanager { _options: GlobalOptions; google: GoogleApis; root: this; folders: Resource$Folders; liens: Resource$Liens; operations: Resource$Operations; organizations: Resource$Organizations; projects: Resource$Projects; constructor(options: GlobalOptions, google: GoogleApis); getRoot(): this; } /** * Identifying information for a single ancestor of a project. */ export interface Schema$Ancestor { /** * Resource id of the ancestor. */ resourceId: Schema$ResourceId; } /** * Specifies the audit configuration for a service. The configuration determines * which permission types are logged, and what identities, if any, are exempted * from logging. An AuditConfig must have one or more AuditLogConfigs. If there * are AuditConfigs for both `allServices` and a specific service, the union of * the two AuditConfigs is used for that service: the log_types specified in * each AuditConfig are enabled, and the exempted_members in each AuditLogConfig * are exempted. Example Policy with multiple AuditConfigs: { * "audit_configs": [ { "service": * "allServices" "audit_log_configs": [ { * "log_type": "DATA_READ", "exempted_members": [ * "user:foo@gmail.com" ] }, { * "log_type": "DATA_WRITE", }, { * "log_type": "ADMIN_READ", } ] }, { * "service": "fooservice.googleapis.com" * "audit_log_configs": [ { "log_type": * "DATA_READ", }, { "log_type": * "DATA_WRITE", "exempted_members": [ * "user:bar@gmail.com" ] } ] } ] * } For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ * logging. It also exempts foo@gmail.com from DATA_READ logging, and * bar@gmail.com from DATA_WRITE logging. */ export interface Schema$AuditConfig { /** * The configuration for logging of each type of permission. */ auditLogConfigs: Schema$AuditLogConfig[]; /** * Specifies a service that will be enabled for audit logging. For example, * `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a * special value that covers all services. */ service: string; } /** * Provides the configuration for logging a type of permissions. Example: { * "audit_log_configs": [ { "log_type": * "DATA_READ", "exempted_members": [ * "user:foo@gmail.com" ] }, { * "log_type": "DATA_WRITE", } ] } This * enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting * foo@gmail.com from DATA_READ logging. */ export interface Schema$AuditLogConfig { /** * Specifies the identities that do not cause logging for this type of * permission. Follows the same format of Binding.members. */ exemptedMembers: string[]; /** * The log type that this config enables. */ logType: string; } /** * Associates `members` with a `role`. */ export interface Schema$Binding { /** * Specifies the identities requesting access for a Cloud Platform resource. * `members` can have the following values: * `allUsers`: A special * identifier that represents anyone who is on the internet; with or * without a Google account. * `allAuthenticatedUsers`: A special identifier * that represents anyone who is authenticated with a Google account or a * service account. * `user:{emailid}`: An email address that represents a * specific Google account. For example, `alice@gmail.com` or * `joe@example.com`. * `serviceAccount:{emailid}`: An email address that * represents a service account. For example, * `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email * address that represents a Google group. For example, * `admins@example.com`. * `domain:{domain}`: A Google Apps domain name that * represents all the users of that domain. For example, `google.com` or * `example.com`. */ members: string[]; /** * Role that is assigned to `members`. For example, `roles/viewer`, * `roles/editor`, or `roles/owner`. Required */ role: string; } /** * A `Constraint` that is either enforced or not. For example a constraint * `constraints/compute.disableSerialPortAccess`. If it is enforced on a VM * instance, serial port connections will not be opened to that instance. */ export interface Schema$BooleanConstraint { } /** * Used in `policy_type` to specify how `boolean_policy` will behave at this * resource. */ export interface Schema$BooleanPolicy { /** * If `true`, then the `Policy` is enforced. If `false`, then any * configuration is acceptable. Suppose you have a `Constraint` * `constraints/compute.disableSerialPortAccess` with `constraint_default` set * to `ALLOW`. A `Policy` for that `Constraint` exhibits the following * behavior: - If the `Policy` at this resource has enforced set to `false`, * serial port connection attempts will be allowed. - If the `Policy` at * this resource has enforced set to `true`, serial port connection * attempts will be refused. - If the `Policy` at this resource is * `RestoreDefault`, serial port connection attempts will be allowed. - * If no `Policy` is set at this resource or anywhere higher in the resource * hierarchy, serial port connection attempts will be allowed. - If no * `Policy` is set at this resource, but one exists higher in the resource * hierarchy, the behavior is as if the`Policy` were set at this resource. * The following examples demonstrate the different possible layerings: * Example 1 (nearest `Constraint` wins): `organizations/foo` has a `Policy` * with: {enforced: false} `projects/bar` has no `Policy` set. The * constraint at `projects/bar` and `organizations/foo` will not be enforced. * Example 2 (enforcement gets replaced): `organizations/foo` has a `Policy` * with: {enforced: false} `projects/bar` has a `Policy` with: * {enforced: true} The constraint at `organizations/foo` is not enforced. The * constraint at `projects/bar` is enforced. Example 3 (RestoreDefault): * `organizations/foo` has a `Policy` with: {enforced: true} * `projects/bar` has a `Policy` with: {RestoreDefault: {}} The constraint * at `organizations/foo` is enforced. The constraint at `projects/bar` is not * enforced, because `constraint_default` for the `Constraint` is `ALLOW`. */ enforced: boolean; } /** * The request sent to the ClearOrgPolicy method. */ export interface Schema$ClearOrgPolicyRequest { /** * Name of the `Constraint` of the `Policy` to clear. */ constraint: string; /** * The current version, for concurrency control. Not sending an `etag` will * cause the `Policy` to be cleared blindly. */ etag: string; } /** * A `Constraint` describes a way in which a resource's configuration can be * restricted. For example, it controls which cloud services can be activated * across an organization, or whether a Compute Engine instance can have serial * port connections established. `Constraints` can be configured by the * organization's policy adminstrator to fit the needs of the organzation by * setting Policies for `Constraints` at different locations in the * organization's resource hierarchy. Policies are inherited down the * resource hierarchy from higher levels, but can also be overridden. For * details about the inheritance rules please read about Policies. `Constraints` * have a default behavior determined by the `constraint_default` field, which * is the enforcement behavior that is used in the absence of a `Policy` being * defined or inherited for the resource in question. */ export interface Schema$Constraint { /** * Defines this constraint as being a BooleanConstraint. */ booleanConstraint: Schema$BooleanConstraint; /** * The evaluation behavior of this constraint in the absense of * 'Policy'. */ constraintDefault: string; /** * Detailed description of what this `Constraint` controls as well as how and * where it is enforced. Mutable. */ description: string; /** * The human readable name. Mutable. */ displayName: string; /** * Defines this constraint as being a ListConstraint. */ listConstraint: Schema$ListConstraint; /** * Immutable value, required to globally be unique. For example, * `constraints/serviceuser.services` */ name: string; /** * Version of the `Constraint`. Default version is 0; */ version: number; } /** * A generic empty message that you can re-use to avoid defining duplicated * empty messages in your APIs. A typical example is to use it as the request or * the response type of an API method. For instance: service Foo { rpc * Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON * representation for `Empty` is empty JSON object `{}`. */ export interface Schema$Empty { } /** * Metadata describing a long running folder operation */ export interface Schema$FolderOperation { /** * The resource name of the folder or organization we are either creating the * folder under or moving the folder to. */ destinationParent: string; /** * The display name of the folder. */ displayName: string; /** * The type of this operation. */ operationType: string; /** * The resource name of the folder's parent. Only applicable when the * operation_type is MOVE. */ sourceParent: string; } /** * A classification of the Folder Operation error. */ export interface Schema$FolderOperationError { /** * The type of operation error experienced. */ errorMessageId: string; } /** * The request sent to the GetAncestry method. */ export interface Schema$GetAncestryRequest { } /** * Response from the GetAncestry method. */ export interface Schema$GetAncestryResponse { /** * Ancestors are ordered from bottom to top of the resource hierarchy. The * first ancestor is the project itself, followed by the project's parent, * etc. */ ancestor: Schema$Ancestor[]; } /** * The request sent to the GetEffectiveOrgPolicy method. */ export interface Schema$GetEffectiveOrgPolicyRequest { /** * The name of the `Constraint` to compute the effective `Policy`. */ constraint: string; } /** * Request message for `GetIamPolicy` method. */ export interface Schema$GetIamPolicyRequest { } /** * The request sent to the GetOrgPolicy method. */ export interface Schema$GetOrgPolicyRequest { /** * Name of the `Constraint` to get the `Policy`. */ constraint: string; } /** * A Lien represents an encumbrance on the actions that can be performed on a * resource. */ export interface Schema$Lien { /** * The creation time of this Lien. */ createTime: string; /** * A system-generated unique identifier for this Lien. Example: * `liens/1234abcd` */ name: string; /** * A stable, user-visible/meaningful string identifying the origin of the * Lien, intended to be inspected programmatically. Maximum length of 200 * characters. Example: 'compute.googleapis.com' */ origin: string; /** * A reference to the resource this Lien is attached to. The server will * validate the parent against those for which Liens are supported. Example: * `projects/1234` */ parent: string; /** * Concise user-visible strings indicating why an action cannot be performed * on a resource. Maximum lenth of 200 characters. Example: 'Holds * production API key' */ reason: string; /** * The types of operations which should be blocked as a result of this Lien. * Each value should correspond to an IAM permission. The server will validate * the permissions against those for which Liens are supported. An empty list * is meaningless and will be rejected. Example: * ['resourcemanager.projects.delete'] */ restrictions: string[]; } /** * The request sent to the [ListAvailableOrgPolicyConstraints] * google.cloud.OrgPolicy.v1.ListAvailableOrgPolicyConstraints] method. */ export interface Schema$ListAvailableOrgPolicyConstraintsRequest { /** * Size of the pages to be returned. This is currently unsupported and will be * ignored. The server may at any point start using this field to limit page * size. */ pageSize: number; /** * Page token used to retrieve the next page. This is currently unsupported * and will be ignored. The server may at any point start using this field. */ pageToken: string; } /** * The response returned from the ListAvailableOrgPolicyConstraints method. * Returns all `Constraints` that could be set at this level of the hierarchy * (contrast with the response from `ListPolicies`, which returns all policies * which are set). */ export interface Schema$ListAvailableOrgPolicyConstraintsResponse { /** * The collection of constraints that are settable on the request resource. */ constraints: Schema$Constraint[]; /** * Page token used to retrieve the next page. This is currently not used. */ nextPageToken: string; } /** * A `Constraint` that allows or disallows a list of string values, which are * configured by an Organization's policy administrator with a `Policy`. */ export interface Schema$ListConstraint { /** * Optional. The Google Cloud Console will try to default to a configuration * that matches the value specified in this `Constraint`. */ suggestedValue: string; } /** * The response message for Liens.ListLiens. */ export interface Schema$ListLiensResponse { /** * A list of Liens. */ liens: Schema$Lien[]; /** * Token to retrieve the next page of results, or empty if there are no more * results in the list. */ nextPageToken: string; } /** * The request sent to the ListOrgPolicies method. */ export interface Schema$ListOrgPoliciesRequest { /** * Size of the pages to be returned. This is currently unsupported and will be * ignored. The server may at any point start using this field to limit page * size. */ pageSize: number; /** * Page token used to retrieve the next page. This is currently unsupported * and will be ignored. The server may at any point start using this field. */ pageToken: string; } /** * The response returned from the ListOrgPolicies method. It will be empty if no * `Policies` are set on the resource. */ export interface Schema$ListOrgPoliciesResponse { /** * Page token used to retrieve the next page. This is currently not used, but * the server may at any point start supplying a valid token. */ nextPageToken: string; /** * The `Policies` that are set on the resource. It will be empty if no * `Policies` are set. */ policies: Schema$OrgPolicy[]; } /** * Used in `policy_type` to specify how `list_policy` behaves at this resource. * A `ListPolicy` can define specific values that are allowed or denied by * setting either the `allowed_values` or `denied_values` fields. It can also be * used to allow or deny all values, by setting the `all_values` field. If * `all_values` is `ALL_VALUES_UNSPECIFIED`, exactly one of `allowed_values` or * `denied_values` must be set (attempting to set both or neither will result in * a failed request). If `all_values` is set to either `ALLOW` or `DENY`, * `allowed_values` and `denied_values` must be unset. */ export interface Schema$ListPolicy { /** * List of values allowed at this resource. Can only be set if no values are * set for `denied_values` and `all_values` is set to * `ALL_VALUES_UNSPECIFIED`. */ allowedValues: string[]; /** * The policy all_values state. */ allValues: string; /** * List of values denied at this resource. Can only be set if no values are * set for `allowed_values` and `all_values` is set to * `ALL_VALUES_UNSPECIFIED`. */ deniedValues: string[]; /** * Determines the inheritance behavior for this `Policy`. By default, a * `ListPolicy` set at a resource supercedes any `Policy` set anywhere up the * resource hierarchy. However, if `inherit_from_parent` is set to `true`, * then the values from the effective `Policy` of the parent resource are * inherited, meaning the values set in this `Policy` are added to the values * inherited up the hierarchy. Setting `Policy` hierarchies that inherit both * allowed values and denied values isn't recommended in most * circumstances to keep the configuration simple and understandable. However, * it is possible to set a `Policy` with `allowed_values` set that inherits a * `Policy` with `denied_values` set. In this case, the values that are * allowed must be in `allowed_values` and not present in `denied_values`. For * example, suppose you have a `Constraint` * `constraints/serviceuser.services`, which has a `constraint_type` of * `list_constraint`, and with `constraint_default` set to `ALLOW`. Suppose * that at the Organization level, a `Policy` is applied that restricts the * allowed API activations to {`E1`, `E2`}. Then, if a `Policy` is applied to * a project below the Organization that has `inherit_from_parent` set to * `false` and field all_values set to DENY, then an attempt to activate any * API will be denied. The following examples demonstrate different possible * layerings: Example 1 (no inherited values): `organizations/foo` has a * `Policy` with values: {allowed_values: “E1” allowed_values:”E2”} * ``projects/bar`` has `inherit_from_parent` `false` and values: * {allowed_values: "E3" allowed_values: "E4"} The * accepted values at `organizations/foo` are `E1`, `E2`. The accepted values * at `projects/bar` are `E3`, and `E4`. Example 2 (inherited values): * `organizations/foo` has a `Policy` with values: {allowed_values: “E1” * allowed_values:”E2”} `projects/bar` has a `Policy` with values: {value: * “E3” value: ”E4” inherit_from_parent: true} The accepted values at * `organizations/foo` are `E1`, `E2`. The accepted values at `projects/bar` * are `E1`, `E2`, `E3`, and `E4`. Example 3 (inheriting both allowed and * denied values): `organizations/foo` has a `Policy` with values: * {allowed_values: "E1" allowed_values: "E2"} * `projects/bar` has a `Policy` with: {denied_values: "E1"} The * accepted values at `organizations/foo` are `E1`, `E2`. The value accepted * at `projects/bar` is `E2`. Example 4 (RestoreDefault): `organizations/foo` * has a `Policy` with values: {allowed_values: “E1” allowed_values:”E2”} * `projects/bar` has a `Policy` with values: {RestoreDefault: {}} The * accepted values at `organizations/foo` are `E1`, `E2`. The accepted values * at `projects/bar` are either all or none depending on the value of * `constraint_default` (if `ALLOW`, all; if `DENY`, none). Example 5 (no * policy inherits parent policy): `organizations/foo` has no `Policy` set. * `projects/bar` has no `Policy` set. The accepted values at both levels are * either all or none depending on the value of `constraint_default` (if * `ALLOW`, all; if `DENY`, none). Example 6 (ListConstraint allowing all): * `organizations/foo` has a `Policy` with values: {allowed_values: “E1” * allowed_values: ”E2”} `projects/bar` has a `Policy` with: {all: * ALLOW} The accepted values at `organizations/foo` are `E1`, E2`. Any value * is accepted at `projects/bar`. Example 7 (ListConstraint allowing none): * `organizations/foo` has a `Policy` with values: {allowed_values: “E1” * allowed_values: ”E2”} `projects/bar` has a `Policy` with: {all: DENY} * The accepted values at `organizations/foo` are `E1`, E2`. No value is * accepted at `projects/bar`. */ inheritFromParent: boolean; /** * Optional. The Google Cloud Console will try to default to a configuration * that matches the value specified in this `Policy`. If `suggested_value` is * not set, it will inherit the value specified higher in the hierarchy, * unless `inherit_from_parent` is `false`. */ suggestedValue: string; } /** * A page of the response received from the ListProjects method. A paginated * response where more pages are available has `next_page_token` set. This token * can be used in a subsequent request to retrieve the next request page. */ export interface Schema$ListProjectsResponse { /** * Pagination token. If the result set is too large to fit in a single * response, this token is returned. It encodes the position of the current * result cursor. Feeding this value into a new list request with the * `page_token` parameter gives the next page of the results. When * `next_page_token` is not filled in, there is no next page and the list * returned is the last page in the result set. Pagination tokens have a * limited lifetime. */ nextPageToken: string; /** * The list of Projects that matched the list filter. This list can be * paginated. */ projects: Schema$Project[]; } /** * This resource represents a long-running operation that is the result of a * network API call. */ export interface Schema$Operation { /** * If the value is `false`, it means the operation is still in progress. If * `true`, the operation is completed, and either `error` or `response` is * available. */ done: boolean; /** * The error result of the operation in case of failure or cancellation. */ error: Schema$Status; /** * Service-specific metadata associated with the operation. It typically * contains progress information and common metadata such as create time. Some * services might not provide such metadata. Any method that returns a * long-running operation should document the metadata type, if any. */ metadata: any; /** * The server-assigned name, which is only unique within the same service that * originally returns it. If you use the default HTTP mapping, the `name` * should have the format of `operations/some/unique/name`. */ name: string; /** * The normal response of the operation in case of success. If the original * method returns no data on success, such as `Delete`, the response is * `google.protobuf.Empty`. If the original method is standard * `Get`/`Create`/`Update`, the response should be the resource. For other * methods, the response should have the type `XxxResponse`, where `Xxx` is * the original method name. For example, if the original method name is * `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. */ response: any; } /** * The root node in the resource hierarchy to which a particular entity's * (e.g., company) resources belong. */ export interface Schema$Organization { /** * Timestamp when the Organization was created. Assigned by the server. * @OutputOnly */ creationTime: string; /** * A human-readable string that refers to the Organization in the GCP Console * UI. This string is set by the server and cannot be changed. The string will * be set to the primary domain (for example, "google.com") of the G * Suite customer that owns the organization. @OutputOnly */ displayName: string; /** * The organization's current lifecycle state. Assigned by the server. * @OutputOnly */ lifecycleState: string; /** * Output Only. The resource name of the organization. This is the * organization's relative path in the API. Its format is * "organizations/[organization_id]". For example, * "organizations/1234". */ name: string; /** * The owner of this Organization. The owner should be specified on creation. * Once set, it cannot be changed. This field is required. */ owner: Schema$OrganizationOwner; } /** * The entity that owns an Organization. The lifetime of the Organization and * all of its descendants are bound to the `OrganizationOwner`. If the * `OrganizationOwner` is deleted, the Organization and all its descendants will * be deleted. */ export interface Schema$OrganizationOwner { /** * The G Suite customer id used in the Directory API. */ directoryCustomerId: string; } /** * Defines a Cloud Organization `Policy` which is used to specify `Constraints` * for configurations of Cloud Platform resources. */ export interface Schema$OrgPolicy { /** * For boolean `Constraints`, whether to enforce the `Constraint` or not. */ booleanPolicy: Schema$BooleanPolicy; /** * The name of the `Constraint` the `Policy` is configuring, for example, * `constraints/serviceuser.services`. Immutable after creation. */ constraint: string; /** * An opaque tag indicating the current version of the `Policy`, used for * concurrency control. When the `Policy` is returned from either a * `GetPolicy` or a `ListOrgPolicy` request, this `etag` indicates the version * of the current `Policy` to use when executing a read-modify-write loop. * When the `Policy` is returned from a `GetEffectivePolicy` request, the * `etag` will be unset. When the `Policy` is used in a `SetOrgPolicy` * method, use the `etag` value that was returned from a `GetOrgPolicy` * request as part of a read-modify-write loop for concurrency control. Not * setting the `etag`in a `SetOrgPolicy` request will result in an * unconditional write of the `Policy`. */ etag: string; /** * List of values either allowed or disallowed. */ listPolicy: Schema$ListPolicy; /** * Restores the default behavior of the constraint; independent of * `Constraint` type. */ restoreDefault: Schema$RestoreDefault; /** * The time stamp the `Policy` was previously updated. This is set by the * server, not specified by the caller, and represents the last time a call to * `SetOrgPolicy` was made for that `Policy`. Any value set by the client will * be ignored. */ updateTime: string; /** * Version of the `Policy`. Default version is 0; */ version: number; } /** * Defines an Identity and Access Management (IAM) policy. It is used to specify * access control policies for Cloud Platform resources. A `Policy` consists * of a list of `bindings`. A `Binding` binds a list of `members` to a `role`, * where the members can be user accounts, Google groups, Google domains, and * service accounts. A `role` is a named list of permissions defined by IAM. * **Example** { "bindings": [ { "role": * "roles/owner", "members": [ * "user:mike@example.com", "group:admins@example.com", * "domain:google.com", * "serviceAccount:my-other-app@appspot.gserviceaccount.com", ] }, { * "role": "roles/viewer", "members": * ["user:sean@example.com"] } ] } For a * description of IAM and its features, see the [IAM developer's * guide](https://cloud.google.com/iam/docs). */ export interface Schema$Policy { /** * Specifies cloud audit logging configuration for this policy. */ auditConfigs: Schema$AuditConfig[]; /** * Associates a list of `members` to a `role`. `bindings` with no members will * result in an error. */ bindings: Schema$Binding[]; /** * `etag` is used for optimistic concurrency control as a way to help prevent * simultaneous updates of a policy from overwriting each other. It is * strongly suggested that systems make use of the `etag` in the * read-modify-write cycle to perform policy updates in order to avoid race * conditions: An `etag` is returned in the response to `getIamPolicy`, and * systems are expected to put that etag in the request to `setIamPolicy` to * ensure that their change will be applied to the same version of the policy. * If no `etag` is provided in the call to `setIamPolicy`, then the existing * policy is overwritten blindly. */ etag: string; /** * Deprecated. */ version: number; } /** * A Project is a high-level Google Cloud Platform entity. It is a container * for ACLs, APIs, App Engine Apps, VMs, and other Google Cloud Platform * resources. */ export interface Schema$Project { /** * Creation time. Read-only. */ createTime: string; /** * The labels associated with this Project. Label keys must be between 1 and * 63 characters long and must conform to the following regular expression: * \[a-z\](\[-a-z0-9\]*\[a-z0-9\])?. Label values must be between 0 and 63 * characters long and must conform to the regular expression * (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?. No more than 256 labels can be * associated with a given resource. Clients should store labels in a * representation such as JSON that does not depend on specific characters * being disallowed. Example: <code>"environment" : * "dev"</code> Read-write. */ labels: any; /** * The Project lifecycle state. Read-only. */ lifecycleState: string; /** * The user-assigned display name of the Project. It must be 4 to 30 * characters. Allowed characters are: lowercase and uppercase letters, * numbers, hyphen, single-quote, double-quote, space, and exclamation point. * Example: <code>My Project</code> Read-write. */ name: string; /** * An optional reference to a parent Resource. Supported parent types include * "organization" and "folder". Once set, the parent * cannot be cleared. The `parent` can be set on creation or using the * `UpdateProject` method; the end user must have the * `resourcemanager.projects.create` permission on the parent. Read-write. */ parent: Schema$ResourceId; /** * The unique, user-assigned ID of the Project. It must be 6 to 30 lowercase * letters, digits, or hyphens. It must start with a letter. Trailing hyphens * are prohibited. Example: <code>tokyo-rain-123</code> Read-only * after creation. */ projectId: string; /** * The number uniquely identifying the project. Example: * <code>415104041262</code> Read-only. */ projectNumber: string; } /** * A status object which is used as the `metadata` field for the Operation * returned by CreateProject. It provides insight for when significant phases of * Project creation have completed. */ export interface Schema$ProjectCreationStatus { /** * Creation time of the project creation workflow. */ createTime: string; /** * True if the project can be retrieved using GetProject. No other operations * on the project are guaranteed to work until the project creation is * complete. */ gettable: boolean; /** * True if the project creation process is complete. */ ready: boolean; } /** * A container to reference an id for any resource type. A `resource` in Google * Cloud Platform is a generic term for something you (a developer) may want to * interact with through one of our API's. Some examples are an App Engine * app, a Compute Engine instance, a Cloud SQL database, and so on. */ export interface Schema$ResourceId { /** * Required field for the type-specific id. This should correspond to the id * used in the type-specific API's. */ id: string; /** * Required field representing the resource type this id is for. At present, * the valid types are: "organization" */ type: string; } /** * Ignores policies set above this resource and restores the * `constraint_default` enforcement behavior of the specific `Constraint` at * this resource. Suppose that `constraint_default` is set to `ALLOW` for the * `Constraint` `constraints/serviceuser.services`. Suppose that organization * foo.com sets a `Policy` at their Organization resource node that restricts * the allowed service activations to deny all service activations. They could * then set a `Policy` with the `policy_type` `restore_default` on several * experimental projects, restoring the `constraint_default` enforcement of the * `Constraint` for only those projects, allowing those projects to have all * services activated. */ export interface Schema$RestoreDefault { } /** * The request sent to the `SearchOrganizations` method. */ export interface Schema$SearchOrganizationsRequest { /** * An optional query string used to filter the Organizations to return in the * response. Filter rules are case-insensitive. Organizations may be * filtered by `owner.directoryCustomerId` or by `domain`, where the domain is * a G Suite domain, for example: |Filter|Description| |------|-----------| * |owner.directorycustomerid:123456789|Organizations with * `owner.directory_customer_id` equal to `123456789`.| * |domain:google.com|Organizations corresponding to the domain `google.com`.| * This field is optional. */ filter: string; /** * The maximum number of Organizations to return in the response. This field * is optional. */ pageSize: number; /** * A pagination token returned from a previous call to `SearchOrganizations` * that indicates from where listing should continue. This field is optional. */ pageToken: string; } /** * The response returned from the `SearchOrganizations` method. */ export interface Schema$SearchOrganizationsResponse { /** * A pagination token to be used to retrieve the next page of results. If the * result is too large to fit within the page size specified in the request, * this field will be set with a token that can be used to fetch the next page * of results. If this field is empty, it indicates that this response * contains the last page of results. */ nextPageToken: string; /** * The list of Organizations that matched the search query, possibly * paginated. */ organizations: Schema$Organization[]; } /** * Request message for `SetIamPolicy` method. */ export interface Schema$SetIamPolicyRequest { /** * REQUIRED: The complete policy to be applied to the `resource`. The size of * the policy is limited to a few 10s of KB. An empty policy is a valid policy * but certain Cloud Platform services (such as Projects) might reject them. */ policy: Schema$Policy; /** * OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only * the fields in the mask will be modified. If no mask is provided, the * following default mask is used: paths: "bindings, etag" This * field is only used by Cloud IAM. */ updateMask: string; } /** * The request sent to the SetOrgPolicyRequest method. */ export interface Schema$SetOrgPolicyRequest { /** * `Policy` to set on the resource. */ policy: Schema$OrgPolicy; } /** * The `Status` type defines a logical error model that is suitable for * different programming environments, including REST APIs and RPC APIs. It is * used by [gRPC](https://github.com/grpc). The error model is designed to be: * - Simple to use and understand for most users - Flexible enough to meet * unexpected needs # Overview The `Status` message contains three pieces of * data: error code, error message, and error details. The error code should be * an enum value of google.rpc.Code, but it may accept additional error codes if * needed. The error message should be a developer-facing English message that * helps developers *understand* and *resolve* the error. If a localized * user-facing error message is needed, put the localized message in the error * details or localize it in the client. The optional error details may contain * arbitrary information about the error. There is a predefined set of error * detail types in the package `google.rpc` that can be used for common error * conditions. # Language mapping The `Status` message is the logical * representation of the error model, but it is not necessarily the actual wire * format. When the `Status` message is exposed in different client libraries * and different wire protocols, it can be mapped differently. For example, it * will likely be mapped to some exceptions in Java, but more likely mapped to * some error codes in C. # Other uses The error model and the `Status` * message can be used in a variety of environments, either with or without * APIs, to provide a consistent developer experience across different * environments. Example uses of this error model include: - Partial errors. * If a service needs to return partial errors to the client, it may embed * the `Status` in the normal response to indicate the partial errors. - * Workflow errors. A typical workflow has multiple steps. Each step may have a * `Status` message for error reporting. - Batch operations. If a client uses * batch request and batch response, the `Status` message should be used * directly inside batch response, one for each error sub-response. - * Asynchronous operations. If an API call embeds asynchronous operation results * in its response, the status of those operations should be represented * directly using the `Status` message. - Logging. If some API errors are * stored in logs, the message `Status` could be used directly after any * stripping needed for security/privacy reasons. */ export interface Schema$Status { /** * The status code, which should be an enum value of google.rpc.Code. */ code: number; /** * A list of messages that carry the error details. There is a common set of * message types for APIs to use. */ details: any[]; /** * A developer-facing error message, which should be in English. Any * user-facing error message should be localized and sent in the * google.rpc.Status.details field, or localized by the client. */ message: string; } /** * Request message for `TestIamPermissions` method. */ export interface Schema$TestIamPermissionsRequest { /** * The set of permissions to check for the `resource`. Permissions with * wildcards (such as '*' or 'storage.*') are not allowed. For * more information see [IAM * Overview](https://cloud.google.com/iam/docs/overview#permissions). */ permissions: string[]; } /** * Response message for `TestIamPermissions` method. */ export interface Schema$TestIamPermissionsResponse { /** * A subset of `TestPermissionsRequest.permissions` that the caller is * allowed. */ permissions: string[]; } /** * The request sent to the UndeleteProject method. */ export interface Schema$UndeleteProjectRequest { } export declare class Resource$Folders { root: Cloudresourcemanager; constructor(root: Cloudresourcemanager); getRoot(): Cloudresourcemanager; /** * cloudresourcemanager.folders.clearOrgPolicy * @desc Clears a `Policy` from a resource. * @example * * // BEFORE RUNNING: * // --------------- * // 1. If not already done, enable the Google Cloud Resource Manager API * // and check the quota for your project at * // https://console.developers.google.com/apis/api/cloudresourcemanager * // 2. This sample uses Application Default Credentials for authentication. * // If not already done, install the gcloud CLI from * // https://cloud.google.com/sdk and run * // `gcloud beta auth application-default login`. * // For more information, see * // * https://developers.google.com/identity/protocols/application-default-credentials * // 3. Install the Node.js client library by running * // `npm install googleapis --save` * * var google = require('googleapis'); * var cloudResourceManager = google.cloudresourcemanager('v1'); * * authorize(function(authClient) { * var request = { * // Name of the resource for the `Policy` to clear. * resource_: 'folders/my-folder', // TODO: Update placeholder value. * * resource: { * // TODO: Add desired properties to the request body. * }, * * auth: authClient, * }; * * cloudResourceManager.folders.clearOrgPolicy(request, function(err) { * if (err) { * console.error(err); * return; * } * }); * }); * * function authorize(callback) { * google.auth.getApplicationDefault(function(err, authClient) { * if (err) { * console.error('authentication failed: ', err); * return; * } * if (authClient.createScopedRequired && * authClient.createScopedRequired()) { var scopes = * ['https://www.googleapis.com/auth/cloud-platform']; authClient = * authClient.createScoped(scopes); * } * callback(authClient); * }); * } * @alias cloudresourcemanager.folders.clearOrgPolicy * @memberOf! () * * @param {object} params Parameters for request * @param {string} params.resource_ Name of the resource for the `Policy` to clear. * @param {().ClearOrgPolicyRequest} params.resource Request body data * @param {object} [options] Optionally override request options, such as `url`, `method`, and `encoding`. * @param {callback} callback The callback that handles the response. * @return {object} Request object */ clearOrgPolicy(params?: any, options?: MethodOptions): AxiosPromise<Schema$Empty>; clearOrgPolicy(params?: any, options?: MethodOptions | BodyResponseCallback<Schema$Empty>, callback?: BodyResponseCallback<Schema$Empty>): void; /** * cloudresourcemanager.folders.getEffectiveOrgPolicy * @desc Gets the effective `Policy` on a resource. This is the result of * merging `Policies` in the resource hierarchy. The returned `Policy` will * not have an `etag`set because it is a computed `Policy` across multiple * resources. * @example * * // BEFORE RUNNING: * // --------------- * // 1. If not already done, enable the Google Cloud Resource Manager API * // and check the quota for your project at * // https://console.developers.google.com/apis/api/cloudresourcemanager * // 2. This sample uses Application Default Credentials for authentication. * // If not already done, install the gcloud CLI from * // https://cloud.google.com/sdk and run * // `gcloud beta auth application-default login`. * // For more information, see * // * https://developers.google.com/identity/protocols/application-default-credentials * // 3. Install the Node.js client library by running * // `npm install googleapis --save` * * var google = require('googleapis'); * var cloudResourceManager = google.cloudresourcemanager('v1'); * * authorize(function(authClient) { * var request = { * // The name of the resource to start computing the effective `Policy`. * resource_: 'folders/my-folder', // TODO: Update placeholder value. * * resource: { * // TODO: Add desired properties to the request body. * }, * * auth: authClient, * }; * * cloudResourceManager.folders.getEffectiveOrgPolicy(request, function(err, * response) { if (err) { console.error(err); return; * } * * // TODO: Change code below to process the `response` object: * console.log(JSON.stringify(response, null, 2)); * }); * }); * * function authorize(callback) { * google.auth.getApplicationDefault(function(err, authClient) { * if (err) { * console.error('authentication failed: ', err); * return; * } * if (authClient.createScopedRequired && * authClient.createScopedRequired()) { var scopes = * ['https://www.googleapis.com/auth/cloud-platform']; authClient = * authClient.createScoped(scopes); * } * callback(authClient); * }); * } * @alias cloudresourcemanager.folders.getEffectiveOrgPolicy * @memberOf! () * * @param {object} params Parameters for request * @param {string} params.resource_ The name of the resource to start computing the effective `Policy`. * @param {().GetEffectiveOrgPolicyRequest} params.resource Request body data * @param {object} [options] Optionally override request options, such as `url`, `method`, and `encoding`. * @param {callback} callback The callback that handles the response. * @return {object} Request object */ getEffectiveOrgPolicy(params?: any, options?: MethodOptions): AxiosPromise<Schema$OrgPolicy>; getEffectiveOrgPolicy(params?: any, options?: MethodOptions | BodyResponseCallback<Schema$OrgPolicy>, callback?: BodyResponseCallback<Schema$OrgPolicy>): void; /** * cloudresourcemanager.folders.getOrgPolicy * @desc Gets a `Policy` on a resource. If no `Policy` is set on the * resource, a `Policy` is returned with default values including * `POLICY_TYPE_NOT_SET` for the `policy_type oneof`. The `etag` value can be * used with `SetOrgPolicy()` to create or update a `Policy` during * read-modify-write. * @example * * // BEFORE RUNNING: * // --------------- * // 1. If not already done, enable the Google Cloud Resource Manager API * // and check the quota for your project at * // https://console.developers.google.com/apis/api/cloudresourcemanager * // 2. This sample uses Application Default Credentials for authentication. * // If not already done, install the gcloud CLI from * // https://cloud.google.com/sdk and run * // `gcloud beta auth application-default login`. * // For more information, see * // * https://developers.google.com/identity/protocols/application-default-credentials * // 3. Install the Node.js client library by running * // `npm install googleapis --save` * * var google = require('googleapis'); * var cloudResourceManager = google.cloudresourcemanager('v1'); * * authorize(function(authClient) { * var request = { * // Name of the resource the `Policy` is set on. * resource_: 'folders/my-folder', // TODO: Update placeholder value. * * resource: { * // TODO: Add desired properties to the request body. * }, * * auth: authClient, * }; * * cloudResourceManager.folders.getOrgPolicy(request, function(err, * response) { if (err) { console.error(err); return; * } * * // TODO: Change code below to process the `response` object: * console.log(JSON.stringify(response, null, 2)); * });