Cloud Organization API, gRPC: GroupService
A set of methods for managing groups.
Call | Description |
---|---|
Get | Returns the specified Group resource. |
List | Retrieves the list of group resources. |
Create | Creates a group in the specified organization. |
Update | Updates the specified group. |
Delete | Deletes the specified group. |
ListOperations | Lists operations for the specified group. |
ListMembers | List group active members. |
UpdateMembers | Update group members. |
ListAccessBindings | Lists access bindings for the specified group. |
SetAccessBindings | Sets access bindings for the specified group. |
UpdateAccessBindings | Updates access bindings for the specified group. |
Calls GroupService
Get
Returns the specified Group resource.
To get the list of available Group resources, make a List request.
rpc Get (GetGroupRequest) returns (Group)
GetGroupRequest
Field | Description |
---|---|
group_id | string Required. ID of the Group resource to return. To get the group ID, use a GroupService.List request. The maximum string length in characters is 50. |
Group
Field | Description |
---|---|
id | string ID of the group. |
organization_id | string ID of the organization that the group belongs to. |
created_at | google.protobuf.Timestamp Creation timestamp. |
name | string Name of the group. |
description | string Description of the group. |
List
Retrieves the list of group resources.
rpc List (ListGroupsRequest) returns (ListGroupsResponse)
ListGroupsRequest
Field | Description |
---|---|
organization_id | string Required. ID of the organization to list groups in. To get the organization ID, use a yandex.cloud.organizationmanager.v1.OrganizationService.List request. The maximum string length in characters is 50. |
page_size | int64 The maximum number of results per page to return. If the number of available results is larger than page_size , the service returns a ListGroupsResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. Acceptable values are 0 to 1000, inclusive. |
page_token | string Page token. Set page_token to the ListGroupsResponse.next_page_token returned by a previous list request to get the next page of results. The maximum string length in characters is 2000. |
filter | string A filter expression that filters resources listed in the response. The expression must specify:
|
ListGroupsResponse
Field | Description |
---|---|
groups[] | Group List of Group resources. |
next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is larger than ListGroupsRequest.page_size, use the next_page_token as the value for the ListGroupsRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
Group
Field | Description |
---|---|
id | string ID of the group. |
organization_id | string ID of the organization that the group belongs to. |
created_at | google.protobuf.Timestamp Creation timestamp. |
name | string Name of the group. |
description | string Description of the group. |
Create
Creates a group in the specified organization.
rpc Create (CreateGroupRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:CreateGroupMetadata
Operation.response:Group
CreateGroupRequest
Field | Description |
---|---|
organization_id | string Required. ID of the organization to create a group in. To get the organization ID, use a yandex.cloud.organizationmanager.v1.OrganizationService.List request. The maximum string length in characters is 50. |
name | string Required. Name of the group. The name must be unique within the organization. Value must match the regular expression [a-z]([-a-z0-9]{0,61}[a-z0-9])? . |
description | string Description of the group. The maximum string length in characters is 256. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
CreateGroupMetadata
Field | Description |
---|---|
group_id | string ID of the group that is being created. |
Group
Field | Description |
---|---|
id | string ID of the group. |
organization_id | string ID of the organization that the group belongs to. |
created_at | google.protobuf.Timestamp Creation timestamp. |
name | string Name of the group. |
description | string Description of the group. |
Update
Updates the specified group.
rpc Update (UpdateGroupRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:UpdateGroupMetadata
Operation.response:Group
UpdateGroupRequest
Field | Description |
---|---|
group_id | string Required. ID of the Group resource to update. To get the group ID, use a GroupService.List request. The maximum string length in characters is 50. |
update_mask | google.protobuf.FieldMask Field mask that specifies which fields of the Group resource are going to be updated. |
name | string Name of the group. The name must be unique within the organization. Value must match the regular expression |[a-z]([-a-z0-9]{0,61}[a-z0-9])? . |
description | string Description of the group. The maximum string length in characters is 256. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
UpdateGroupMetadata
Field | Description |
---|---|
group_id | string ID of the Group resource that is being updated. |
Group
Field | Description |
---|---|
id | string ID of the group. |
organization_id | string ID of the organization that the group belongs to. |
created_at | google.protobuf.Timestamp Creation timestamp. |
name | string Name of the group. |
description | string Description of the group. |
Delete
Deletes the specified group.
rpc Delete (DeleteGroupRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:DeleteGroupMetadata
Operation.response:google.protobuf.Empty
DeleteGroupRequest
Field | Description |
---|---|
group_id | string Required. ID of the group to delete. To get the group ID, use a GroupService.List request. The maximum string length in characters is 50. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
DeleteGroupMetadata
Field | Description |
---|---|
group_id | string ID of the group that is being deleted. |
ListOperations
Lists operations for the specified group.
rpc ListOperations (ListGroupOperationsRequest) returns (ListGroupOperationsResponse)
ListGroupOperationsRequest
Field | Description |
---|---|
group_id | string Required. ID of the Group resource to list operations for. The maximum string length in characters is 50. |
page_size | int64 The maximum number of results per page to return. If the number of available results is larger than page_size , the service returns a ListGroupOperationsResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. Acceptable values are 0 to 1000, inclusive. |
page_token | string Page token. Set page_token to the ListGroupOperationsResponse.next_page_token returned by a previous list request to get the next page of results. The maximum string length in characters is 2000. |
ListGroupOperationsResponse
Field | Description |
---|---|
operations[] | operation.Operation List of operations for the specified group. |
next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is larger than ListGroupOperationsRequest.page_size, use the next_page_token as the value for the ListGroupOperationsRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty |
ListMembers
List group active members.
rpc ListMembers (ListGroupMembersRequest) returns (ListGroupMembersResponse)
ListGroupMembersRequest
Field | Description |
---|---|
group_id | string Required. ID of the Group resource to list members for. The maximum string length in characters is 50. |
page_size | int64 The maximum number of results per page to return. If the number of available results is larger than page_size , the service returns a ListGroupMembersResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 1000, inclusive. Default value: 100. Acceptable values are 0 to 1000, inclusive. |
page_token | string Page token. Set page_token to the ListGroupMembersResponse.next_page_token returned by a previous list request to get the next page of results. The maximum string length in characters is 2000. |
ListGroupMembersResponse
Field | Description |
---|---|
members[] | GroupMember List of members for the specified group. |
next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is larger than ListGroupMembersRequest.page_size, use the next_page_token as the value for the ListGroupMembersRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
GroupMember
Field | Description |
---|---|
subject_id | string ID of the subject. |
subject_type | string Type of the subject. It can contain one of the following values:
|
UpdateMembers
Update group members.
rpc UpdateMembers (UpdateGroupMembersRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:UpdateGroupMembersMetadata
Operation.response:google.protobuf.Empty
UpdateGroupMembersRequest
Field | Description |
---|---|
group_id | string Required. ID of the group to update. To get the group ID, use a GroupService.List request. The maximum string length in characters is 50. |
member_deltas[] | MemberDelta Updates to group members. The number of elements must be in the range 1-1000. |
MemberDelta
Field | Description |
---|---|
action | enum MemberAction Required. The action that is being performed on a group member.
|
subject_id | string Required. ID of the subject that is being added or removed from a group. Subject type can be one of following values:
|
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
UpdateGroupMembersMetadata
Field | Description |
---|---|
group_id | string ID of the group that is being updated. |
ListAccessBindings
Lists access bindings for the specified group.
rpc ListAccessBindings (ListAccessBindingsRequest) returns (ListAccessBindingsResponse)
ListAccessBindingsRequest
Field | Description |
---|---|
resource_id | string Required. ID of the resource to list access bindings for. To get the resource ID, use a corresponding List request. For example, use the yandex.cloud.resourcemanager.v1.CloudService.List request to get the Cloud resource ID. The maximum string length in characters is 50. |
page_size | int64 The maximum number of results per page that should be returned. If the number of available results is larger than page_size , the service returns a ListAccessBindingsResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. The maximum value is 1000. |
page_token | string Page token. Set page_token to the ListAccessBindingsResponse.next_page_token returned by a previous list request to get the next page of results. The maximum string length in characters is 100. |
ListAccessBindingsResponse
Field | Description |
---|---|
access_bindings[] | AccessBinding List of access bindings for the specified resource. |
next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is larger than ListAccessBindingsRequest.page_size, use the next_page_token as the value for the ListAccessBindingsRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
AccessBinding
Field | Description |
---|---|
role_id | string Required. ID of the yandex.cloud.iam.v1.Role that is assigned to the subject . The maximum string length in characters is 50. |
subject | Subject Required. Identity for which access binding is being created. It can represent an account with a unique ID or several accounts with a system identifier. |
Subject
Field | Description |
---|---|
id | string Required. ID of the subject. It can contain one of the following values:
type is system .
type is userAccount , federatedUser or serviceAccount . The maximum string length in characters is 50. |
type | string Required. Type of the subject. It can contain one of the following values:
For more information, see Subject to which the role is assigned. The maximum string length in characters is 100. |
SetAccessBindings
Sets access bindings for the specified group.
rpc SetAccessBindings (SetAccessBindingsRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:SetAccessBindingsMetadata
Operation.response:AccessBindingsOperationResult
SetAccessBindingsRequest
Field | Description |
---|---|
resource_id | string Required. ID of the resource for which access bindings are being set. To get the resource ID, use a corresponding List request. The maximum string length in characters is 50. |
access_bindings[] | AccessBinding Required. Access bindings to be set. For more information, see Access Bindings. |
AccessBinding
Field | Description |
---|---|
role_id | string Required. ID of the yandex.cloud.iam.v1.Role that is assigned to the subject . The maximum string length in characters is 50. |
subject | Subject Required. Identity for which access binding is being created. It can represent an account with a unique ID or several accounts with a system identifier. |
Subject
Field | Description |
---|---|
id | string Required. ID of the subject. It can contain one of the following values:
type is system .
type is userAccount , federatedUser or serviceAccount . The maximum string length in characters is 50. |
type | string Required. Type of the subject. It can contain one of the following values:
For more information, see Subject to which the role is assigned. The maximum string length in characters is 100. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
SetAccessBindingsMetadata
Field | Description |
---|---|
resource_id | string ID of the resource for which access bindings are being set. |
UpdateAccessBindings
Updates access bindings for the specified group.
rpc UpdateAccessBindings (UpdateAccessBindingsRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:UpdateAccessBindingsMetadata
Operation.response:AccessBindingsOperationResult
UpdateAccessBindingsRequest
Field | Description |
---|---|
resource_id | string Required. ID of the resource for which access bindings are being updated. The maximum string length in characters is 50. |
access_binding_deltas[] | AccessBindingDelta Required. Updates to access bindings. The number of elements must be greater than 0. |
AccessBindingDelta
Field | Description |
---|---|
action | enum AccessBindingAction Required. The action that is being performed on an access binding.
|
access_binding | AccessBinding Required. Access binding. For more information, see Access Bindings. |
AccessBinding
Field | Description |
---|---|
role_id | string Required. ID of the yandex.cloud.iam.v1.Role that is assigned to the subject . The maximum string length in characters is 50. |
subject | Subject Required. Identity for which access binding is being created. It can represent an account with a unique ID or several accounts with a system identifier. |
Subject
Field | Description |
---|---|
id | string Required. ID of the subject. It can contain one of the following values:
type is system .
type is userAccount , federatedUser or serviceAccount . The maximum string length in characters is 50. |
type | string Required. Type of the subject. It can contain one of the following values:
For more information, see Subject to which the role is assigned. The maximum string length in characters is 100. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
UpdateAccessBindingsMetadata
Field | Description |
---|---|
resource_id | string ID of the resource for which access bindings are being updated. |