FoldersClient(*, credentials: Optional[google.auth.credentials.Credentials] = None, transport: Optional[Union[str, google.cloud.resourcemanager_v3.services.folders.transports.base.FoldersTransport]] = None, client_options: Optional[google.api_core.client_options.ClientOptions] = None, client_info: google.api_core.gapic_v1.client_info.ClientInfo = <google.api_core.gapic_v1.client_info.ClientInfo object>)
Manages Cloud Platform folder resources. Folders can be used to organize the resources under an organization and to control the policies applied to groups of resources.
Properties
transport
Returns the transport used by the client instance.
Type | Description |
FoldersTransport | The transport used by the client instance. |
Methods
FoldersClient
FoldersClient(*, credentials: Optional[google.auth.credentials.Credentials] = None, transport: Optional[Union[str, google.cloud.resourcemanager_v3.services.folders.transports.base.FoldersTransport]] = None, client_options: Optional[google.api_core.client_options.ClientOptions] = None, client_info: google.api_core.gapic_v1.client_info.ClientInfo = <google.api_core.gapic_v1.client_info.ClientInfo object>)
Instantiates the folders client.
Name | Description |
credentials |
Optional[google.auth.credentials.Credentials]
The authorization credentials to attach to requests. These credentials identify the application to the service; if none are specified, the client will attempt to ascertain the credentials from the environment. |
transport |
Union[str, FoldersTransport]
The transport to use. If set to None, a transport is chosen automatically. |
client_options |
google.api_core.client_options.ClientOptions
Custom options for the client. It won't take effect if a |
client_info |
google.api_core.gapic_v1.client_info.ClientInfo
The client info used to send a user-agent string along with API requests. If |
Type | Description |
google.auth.exceptions.MutualTLSChannelError | If mutual TLS transport creation failed for any reason. |
__exit__
__exit__(type, value, traceback)
Releases underlying transport's resources.
common_billing_account_path
common_billing_account_path(billing_account: str)
Returns a fully-qualified billing_account string.
common_folder_path
common_folder_path(folder: str)
Returns a fully-qualified folder string.
common_location_path
common_location_path(project: str, location: str)
Returns a fully-qualified location string.
common_organization_path
common_organization_path(organization: str)
Returns a fully-qualified organization string.
common_project_path
common_project_path(project: str)
Returns a fully-qualified project string.
create_folder
create_folder(request: Optional[Union[google.cloud.resourcemanager_v3.types.folders.CreateFolderRequest, dict]] = None, *, folder: Optional[google.cloud.resourcemanager_v3.types.folders.Folder] = None, retry: google.api_core.retry.Retry = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())
Creates a folder in the resource hierarchy. Returns an
Operation
which can be used to track the progress of the
folder creation workflow. Upon success, the
Operation.response
field will be populated with the created
Folder.
In order to succeed, the addition of this new folder must not violate the folder naming, height, or fanout constraints.
- The folder's
display_name
must be distinct from all other folders that share its parent. - The addition of the folder must not cause the active folder hierarchy to exceed a height of 10. Note, the full active + deleted folder hierarchy is allowed to reach a height of 20; this provides additional headroom when moving folders that contain deleted folders.
- The addition of the folder must not cause the total number of folders under its parent to exceed 300.
If the operation fails due to a folder constraint violation,
some errors may be returned by the CreateFolder
request,
with status code FAILED_PRECONDITION
and an error
description. Other folder constraint violations will be
communicated in the Operation
, with the specific
PreconditionFailure
returned in the details list in the
Operation.error
field.
The caller must have resourcemanager.folders.create
permission on the identified parent.
Name | Description |
request |
Union[google.cloud.resourcemanager_v3.types.CreateFolderRequest, dict]
The request object. The CreateFolder request message. |
folder |
google.cloud.resourcemanager_v3.types.Folder
Required. The folder being created, only the display name and parent will be consulted. All other fields will be ignored. This corresponds to the |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.api_core.operation.Operation | An object representing a long-running operation. The result type for the operation will be Folder A folder in an organization's resource hierarchy, used to organize that organization's resources. |
delete_folder
delete_folder(request: Optional[Union[google.cloud.resourcemanager_v3.types.folders.DeleteFolderRequest, dict]] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())
Requests deletion of a folder. The folder is moved into the
xref_DELETE_REQUESTED
state immediately, and is deleted approximately 30 days later.
This method may only be called on an empty folder, where a
folder is empty if it doesn't contain any folders or projects in
the
xref_ACTIVE
state. If called on a folder in
xref_DELETE_REQUESTED
state the operation will result in a no-op success. The caller
must have resourcemanager.folders.delete
permission on the
identified folder.
Name | Description |
request |
Union[google.cloud.resourcemanager_v3.types.DeleteFolderRequest, dict]
The request object. The DeleteFolder request message. |
name |
str
Required. The resource name of the folder to be deleted. Must be of the form |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.api_core.operation.Operation | An object representing a long-running operation. The result type for the operation will be Folder A folder in an organization's resource hierarchy, used to organize that organization's resources. |
folder_path
folder_path(folder: str)
Returns a fully-qualified folder string.
from_service_account_file
from_service_account_file(filename: str, *args, **kwargs)
Creates an instance of this client using the provided credentials file.
Name | Description |
filename |
str
The path to the service account private key json file. |
Type | Description |
FoldersClient | The constructed client. |
from_service_account_info
from_service_account_info(info: dict, *args, **kwargs)
Creates an instance of this client using the provided credentials info.
Name | Description |
info |
dict
The service account private key info. |
Type | Description |
FoldersClient | The constructed client. |
from_service_account_json
from_service_account_json(filename: str, *args, **kwargs)
Creates an instance of this client using the provided credentials file.
Name | Description |
filename |
str
The path to the service account private key json file. |
Type | Description |
FoldersClient | The constructed client. |
get_folder
get_folder(request: Optional[Union[google.cloud.resourcemanager_v3.types.folders.GetFolderRequest, dict]] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())
Retrieves a folder identified by the supplied resource name.
Valid folder resource names have the format
folders/{folder_id}
(for example, folders/1234
). The
caller must have resourcemanager.folders.get
permission on
the identified folder.
Name | Description |
request |
Union[google.cloud.resourcemanager_v3.types.GetFolderRequest, dict]
The request object. The GetFolder request message. |
name |
str
Required. The resource name of the folder to retrieve. Must be of the form |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.cloud.resourcemanager_v3.types.Folder | A folder in an organization's resource hierarchy, used to organize that organization's resources. |
get_iam_policy
get_iam_policy(request: Optional[Union[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest, dict]] = None, *, resource: Optional[str] = None, retry: google.api_core.retry.Retry = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())
Gets the access control policy for a folder. The returned policy
may be empty if no such policy or resource exists. The
resource
field should be the folder's resource name, for
example: "folders/1234". The caller must have
resourcemanager.folders.getIamPolicy
permission on the
identified folder.
Name | Description |
request |
Union[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest, dict]
The request object. Request message for |
resource |
str
REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. This corresponds to the |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.iam.v1.policy_pb2.Policy | Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources. A Policy is a collection of bindings. A binding binds one or more members to a single role. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions (defined by IAM or configured by users). A binding can optionally specify a condition, which is a logic expression that further constrains the role binding based on attributes about the request and/or target resource. **JSON Example** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": ["user:eve@example.com"], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01t00:00:00.000z')",="" }="" }="" ]="" }="" **yaml="" example**="" bindings:="" -="" members:="" -="" user:\="" mike@example.com="" -="" group:\="" admins@example.com="" -="" domain:google.com="" -="" serviceaccount:\="" my-project-id@appspot.gserviceaccount.com="" role:="" roles/resourcemanager.organizationadmin="" -="" members:="" -="" user:\="" eve@example.com="" role:="" roles/resourcemanager.organizationviewer="" condition:="" title:="" expirable="" access="" description:="" does="" not="" grant="" access="" after="" sep="" 2020="" expression:="" request.time="">< timestamp('2020-10-01t00:00:00.000z')="" for="" a="" description="" of="" iam="" and="" its="" features,="" see="" the="" [iam="" developer's="" guide](\=""> |
list_folders
list_folders(request: Optional[Union[google.cloud.resourcemanager_v3.types.folders.ListFoldersRequest, dict]] = None, *, parent: Optional[str] = None, retry: google.api_core.retry.Retry = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())
Lists the folders that are direct descendants of supplied parent
resource. list()
provides a strongly consistent view of the
folders underneath the specified parent resource. list()
returns folders sorted based upon the (ascending) lexical
ordering of their display_name. The caller must have
resourcemanager.folders.list
permission on the identified
parent.
Name | Description |
request |
Union[google.cloud.resourcemanager_v3.types.ListFoldersRequest, dict]
The request object. The ListFolders request message. |
parent |
str
Required. The resource name of the organization or folder whose folders are being listed. Must be of the form |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.cloud.resourcemanager_v3.services.folders.pagers.ListFoldersPager | The ListFolders response message. Iterating over this object will yield results and resolve additional pages automatically. |
move_folder
move_folder(request: Optional[Union[google.cloud.resourcemanager_v3.types.folders.MoveFolderRequest, dict]] = None, *, name: Optional[str] = None, destination_parent: Optional[str] = None, retry: google.api_core.retry.Retry = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())
Moves a folder under a new resource parent. Returns an
Operation
which can be used to track the progress of the
folder move workflow. Upon success, the Operation.response
field will be populated with the moved folder. Upon failure, a
FolderOperationError
categorizing the failure cause will be
returned - if the failure occurs synchronously then the
FolderOperationError
will be returned in the
Status.details
field. If it occurs asynchronously, then the
FolderOperation will be returned in the Operation.error
field. In addition, the Operation.metadata
field will be
populated with a FolderOperation
message as an aid to
stateless clients. Folder moves will be rejected if they violate
either the naming, height, or fanout constraints described in
the
xref_CreateFolder
documentation. The caller must have
resourcemanager.folders.move
permission on the folder's
current and proposed new parent.
Name | Description |
request |
Union[google.cloud.resourcemanager_v3.types.MoveFolderRequest, dict]
The request object. The MoveFolder request message. |
name |
str
Required. The resource name of the Folder to move. Must be of the form folders/{folder_id} This corresponds to the |
destination_parent |
str
Required. The resource name of the folder or organization which should be the folder's new parent. Must be of the form |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.api_core.operation.Operation | An object representing a long-running operation. The result type for the operation will be Folder A folder in an organization's resource hierarchy, used to organize that organization's resources. |
parse_common_billing_account_path
parse_common_billing_account_path(path: str)
Parse a billing_account path into its component segments.
parse_common_folder_path
parse_common_folder_path(path: str)
Parse a folder path into its component segments.
parse_common_location_path
parse_common_location_path(path: str)
Parse a location path into its component segments.
parse_common_organization_path
parse_common_organization_path(path: str)
Parse a organization path into its component segments.
parse_common_project_path
parse_common_project_path(path: str)
Parse a project path into its component segments.
parse_folder_path
parse_folder_path(path: str)
Parses a folder path into its component segments.
search_folders
search_folders(request: Optional[Union[google.cloud.resourcemanager_v3.types.folders.SearchFoldersRequest, dict]] = None, *, query: Optional[str] = None, retry: google.api_core.retry.Retry = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())
Search for folders that match specific filter criteria.
search()
provides an eventually consistent view of the
folders a user has access to which meet the specified filter
criteria.
This will only return folders on which the caller has the
permission resourcemanager.folders.get
.
Name | Description |
request |
Union[google.cloud.resourcemanager_v3.types.SearchFoldersRequest, dict]
The request object. The request message for searching folders. |
query |
str
Optional. Search criteria used to select the folders to return. If no search criteria is specified then all accessible folders will be returned. Query expressions can be used to restrict results based upon displayName, state and parent, where the operators |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.cloud.resourcemanager_v3.services.folders.pagers.SearchFoldersPager | The response message for searching folders. Iterating over this object will yield results and resolve additional pages automatically. |
set_iam_policy
set_iam_policy(request: Optional[Union[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest, dict]] = None, *, resource: Optional[str] = None, retry: google.api_core.retry.Retry = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())
Sets the access control policy on a folder, replacing any
existing policy. The resource
field should be the folder's
resource name, for example: "folders/1234". The caller must have
resourcemanager.folders.setIamPolicy
permission on the
identified folder.
Name | Description |
request |
Union[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest, dict]
The request object. Request message for |
resource |
str
REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field. This corresponds to the |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.iam.v1.policy_pb2.Policy | Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources. A Policy is a collection of bindings. A binding binds one or more members to a single role. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions (defined by IAM or configured by users). A binding can optionally specify a condition, which is a logic expression that further constrains the role binding based on attributes about the request and/or target resource. **JSON Example** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": ["user:eve@example.com"], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01t00:00:00.000z')",="" }="" }="" ]="" }="" **yaml="" example**="" bindings:="" -="" members:="" -="" user:\="" mike@example.com="" -="" group:\="" admins@example.com="" -="" domain:google.com="" -="" serviceaccount:\="" my-project-id@appspot.gserviceaccount.com="" role:="" roles/resourcemanager.organizationadmin="" -="" members:="" -="" user:\="" eve@example.com="" role:="" roles/resourcemanager.organizationviewer="" condition:="" title:="" expirable="" access="" description:="" does="" not="" grant="" access="" after="" sep="" 2020="" expression:="" request.time="">< timestamp('2020-10-01t00:00:00.000z')="" for="" a="" description="" of="" iam="" and="" its="" features,="" see="" the="" [iam="" developer's="" guide](\=""> |
test_iam_permissions
test_iam_permissions(request: Optional[Union[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest, dict]] = None, *, resource: Optional[str] = None, permissions: Optional[Sequence[str]] = None, retry: google.api_core.retry.Retry = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())
Returns permissions that a caller has on the specified folder.
The resource
field should be the folder's resource name, for
example: "folders/1234".
There are no permissions required for making this API call.
Name | Description |
request |
Union[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest, dict]
The request object. Request message for |
resource |
str
REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field. This corresponds to the |
permissions |
Sequence[str]
The set of permissions to check for the |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse | Response message for TestIamPermissions method. |
undelete_folder
undelete_folder(request: Optional[Union[google.cloud.resourcemanager_v3.types.folders.UndeleteFolderRequest, dict]] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())
Cancels the deletion request for a folder. This method may be
called on a folder in any state. If the folder is in the
xref_ACTIVE
state the result will be a no-op success. In order to succeed,
the folder's parent must be in the
xref_ACTIVE
state. In addition, reintroducing the folder into the tree must
not violate folder naming, height, and fanout constraints
described in the
xref_CreateFolder
documentation. The caller must have
resourcemanager.folders.undelete
permission on the
identified folder.
Name | Description |
request |
Union[google.cloud.resourcemanager_v3.types.UndeleteFolderRequest, dict]
The request object. The UndeleteFolder request message. |
name |
str
Required. The resource name of the folder to undelete. Must be of the form |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.api_core.operation.Operation | An object representing a long-running operation. The result type for the operation will be Folder A folder in an organization's resource hierarchy, used to organize that organization's resources. |
update_folder
update_folder(request: Optional[Union[google.cloud.resourcemanager_v3.types.folders.UpdateFolderRequest, dict]] = None, *, folder: Optional[google.cloud.resourcemanager_v3.types.folders.Folder] = None, update_mask: Optional[google.protobuf.field_mask_pb2.FieldMask] = None, retry: google.api_core.retry.Retry = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())
Updates a folder, changing its display_name
. Changes to the
folder display_name
will be rejected if they violate either
the display_name
formatting rules or the naming constraints
described in the
xref_CreateFolder
documentation.
The folder's display_name
must start and end with a letter
or digit, may contain letters, digits, spaces, hyphens and
underscores and can be between 3 and 30 characters. This is
captured by the regular expression:
[\p{L}\p{N}][\p{L}\p{N}_- ]{1,28}[\p{L}\p{N}]
. The caller
must have resourcemanager.folders.update
permission on the
identified folder.
If the update fails due to the unique name constraint then a
PreconditionFailure
explaining this violation will be
returned in the Status.details field.
Name | Description |
request |
Union[google.cloud.resourcemanager_v3.types.UpdateFolderRequest, dict]
The request object. The request sent to the UpdateFolder method. Only the |
folder |
google.cloud.resourcemanager_v3.types.Folder
Required. The new definition of the Folder. It must include the |
update_mask |
google.protobuf.field_mask_pb2.FieldMask
Required. Fields to be updated. Only the |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.api_core.operation.Operation | An object representing a long-running operation. The result type for the operation will be Folder A folder in an organization's resource hierarchy, used to organize that organization's resources. |