google.cloud.forseti.common.gcp_api.cloud_resource_manager module

Wrapper for Resource Manager API client.

class CloudResourceManagerClient(global_configs, **kwargs)[source]

Bases: object

Resource Manager Client.

get_folder(folder_name)[source]

Get a folder.

Parameters:folder_name (str) – The unique folder name, with the format “folders/{folderId}”.
Returns:The folder API response.
Return type:dict
Raises:ApiExecutionError – An error has occurred when executing the API.
get_folder_iam_policies(folder_id)[source]

Get all the iam policies of a folder.

Parameters:folder_id (int) – The folder id.
Returns:Folder IAM policy for given folder_id.
Return type:dict
Raises:ApiExecutionError – An error has occurred when executing the API.
get_folder_org_policies(folder_id)[source]

Get all the org policies for a given folder.

Parameters:folder_id (int) – The folder id.
Returns:Org policies applied to the folder. https://cloud.google.com/resource-manager/reference/rest/v1/Policy
Return type:list
get_folders(parent=None, show_deleted=False)[source]

Find all folders that the authenticated account has access to.

If no parent is passed in, then all folders the caller has visibility to are returned. This is significantly less efficient then listing by parent.

Parameters:
  • parent (str) – Optional parent resource, either ‘organizations/{org_id}’ or ‘folders/{folder_id}’.
  • show_deleted (bool) – Determines if deleted folders should be returned in the results.
Returns:

A list of Folder dicts as returned by the API.

Return type:

list

Raises:

ApiExecutionError – An error has occurred when executing the API.

get_org_iam_policies(org_id)[source]

Get all the iam policies of an org.

Parameters:org_id (int) – The org id number.
Returns:Organization IAM policy for given org_id. https://cloud.google.com/resource-manager/reference/rest/Shared.Types/Policy
Return type:dict
Raises:ApiExecutionError – An error has occurred when executing the API.
get_org_org_policies(org_id)[source]

Get all the org policies for a given org.

Parameters:org_id (int) – The org id number.
Returns:Org policies applied to the organization. https://cloud.google.com/resource-manager/reference/rest/v1/Policy
Return type:list
get_org_policy(resource_id, constraint, effective_policy=False)[source]

Get a specific org policy constraint for a given resource.

Parameters:
  • resource_id (str) – The organization, folder or project resource to query
  • constraint (str) – The org policy constraint to query.
  • effective_policy (bool) – If set to true, query the effective policy instead of the currently set policy. This takes the resource hierarchy into account.
Returns:

An org policy resource.

Return type:

dict

Raises:

ValueError – Raised if the resource_id is not value.

get_organization(org_name)[source]

Get organization by org_name.

Parameters:org_name (str) – The org name with format “organizations/$ORG_ID”
Returns:The org response object if found, otherwise False.
Return type:dict
get_organizations()[source]

Get organizations that the authenticated account has access to.

Returns:A list of Organization dicts as returned by the API.
Return type:list
get_project(project_id)[source]

Get all the projects from organization.

Parameters:project_id (str) – The project id (not project number).
Returns:The project response object.
Return type:dict
Raises:ApiExecutionError – An error has occurred when executing the API.
get_project_ancestry(project_id)[source]

Get the full folder ancestry for a project.

Parameters:project_id (str) – Either the project number or the project id.
Returns:
The ancesters of the project, in order from direct parent to
root organization id.
Return type:list
get_project_iam_policies(project_id)[source]

Get all the iam policies for a given project.

Parameters:project_id (str) – Either the project number or the project id.
Returns:IAM policies of the project. https://cloud.google.com/resource-manager/reference/rest/Shared.Types/Policy
Return type:list
get_project_liens(project_id)[source]

Get all liens for this project.

Parameters:project_id (str) – the id of the project.
Returns:A list of Lien dicts as returned by the API.
Return type:list
Raises:ApiExecutionError – An error has occurred when executing the API.
get_project_org_policies(project_id)[source]

Get all the org policies for a given project.

Parameters:project_id (str) – Either the project number or the project id.
Returns:Org policies applied to the project. https://cloud.google.com/resource-manager/reference/rest/v1/Policy
Return type:list
get_projects(parent_id=None, parent_type=None, **filterargs)[source]

Get all the projects the authenticated account has access to.

If no parent is passed in, then all projects the caller has visibility to are returned. This is significantly less efficient then listing by parent.

Parameters:
  • parent_id (str) – The id of the organization or folder parent object.
  • parent_type (str) – Either folder or organization.
  • **filterargs (dict) – Extra project filter args.
Yields:

dict – The projects.list() response. https://cloud.google.com/resource-manager/reference/rest/v1/projects/list#response-body

Raises:

ApiExecutionError – An error has occurred when executing the API.

class CloudResourceManagerRepositoryClient(quota_max_calls=None, quota_period=100.0, use_rate_limiter=True)[source]

Bases: google.cloud.forseti.common.gcp_api._base_repository.BaseRepositoryClient

Cloud Resource Manager Respository.

folders

Returns a _ResourceManagerFoldersRepository instance.

folders_v1

Returns a _ResourceManagerFolderV1Repository instance.

liens

Returns a _ResourceManagerLiensRepository instance.

organizations

Returns a _ResourceManagerOrganizationsRepository instance.

projects

Returns a _ResourceManagerProjectsRepository instance.

class _ResourceManagerFolderV1Repository(**kwargs)[source]

Bases: google.cloud.forseti.common.gcp_api.repository_mixins.OrgPolicyQueryMixin, google.cloud.forseti.common.gcp_api._base_repository.GCPRepository

Implementation of Cloud Resource Manager Folders v1 repository.

class _ResourceManagerFoldersRepository(**kwargs)[source]

Bases: google.cloud.forseti.common.gcp_api.repository_mixins.GetQueryMixin, google.cloud.forseti.common.gcp_api.repository_mixins.GetIamPolicyQueryMixin, google.cloud.forseti.common.gcp_api.repository_mixins.ListQueryMixin, google.cloud.forseti.common.gcp_api.repository_mixins.SearchQueryMixin, google.cloud.forseti.common.gcp_api._base_repository.GCPRepository

Implementation of Cloud Resource Manager Folders repository.

static get_name(folder_id)[source]

Format’s an folder_id to pass in to .get().

Parameters:folder_id (str) – The folder id to query, either just the id or the id prefixed with ‘folders/’.
Returns:The formatted resource name.
Return type:str
class _ResourceManagerLiensRepository(**kwargs)[source]

Bases: google.cloud.forseti.common.gcp_api.repository_mixins.ListQueryMixin, google.cloud.forseti.common.gcp_api._base_repository.GCPRepository

Implementation of Cloud Resource Manager Liens repository.

class _ResourceManagerOrganizationsRepository(**kwargs)[source]

Bases: google.cloud.forseti.common.gcp_api.repository_mixins.GetQueryMixin, google.cloud.forseti.common.gcp_api.repository_mixins.GetIamPolicyQueryMixin, google.cloud.forseti.common.gcp_api.repository_mixins.OrgPolicyQueryMixin, google.cloud.forseti.common.gcp_api.repository_mixins.SearchQueryMixin, google.cloud.forseti.common.gcp_api._base_repository.GCPRepository

Implementation of Cloud Resource Manager Organizations repository.

static get_name(organization_id)[source]

Format’s an organization_id to pass in to .get().

Parameters:organization_id (str) – The organization id to query, either just the id or the id prefixed with ‘organizations/’.
Returns:The formatted resource name.
Return type:str
class _ResourceManagerProjectsRepository(**kwargs)[source]

Bases: google.cloud.forseti.common.gcp_api.repository_mixins.GetQueryMixin, google.cloud.forseti.common.gcp_api.repository_mixins.GetIamPolicyQueryMixin, google.cloud.forseti.common.gcp_api.repository_mixins.ListQueryMixin, google.cloud.forseti.common.gcp_api.repository_mixins.OrgPolicyQueryMixin, google.cloud.forseti.common.gcp_api._base_repository.GCPRepository

Implementation of Cloud Resource Manager Projects repository.

get_ancestry(resource, **kwargs)[source]

Get the project ancestory data.

Parameters:
  • resource (str) – The project id or number to query.
  • **kwargs (dict) – Additional parameters to pass through to GetQueryMixin.get().
Returns:

Response from the API.

Return type:

dict

static get_name(project_id)[source]

Format’s an organization_id to pass in to .get().

Parameters:project_id (str) – The project id to query, either just the id or the id prefixed with ‘projects/’.
Returns:The formatted resource name.
Return type:str