Documentation ¶
Index ¶
- Variables
- func NewErrPermissionDenied(message string, kv map[string]interface{}, err error) error
- func ValidateProjectIDFormat(projectID string) bool
- type Error
- type Folder
- type IamMember
- type Project
- type ResourceID
- type ResourceManagerService
- func (s *ResourceManagerService) ConvertIamMember(member string) (*IamMember, error)
- func (s *ResourceManagerService) ExistsMemberInGCPProject(ctx context.Context, projectID string, email string, roles ...string) (bool, error)
- func (s *ResourceManagerService) Folders(ctx context.Context, parent string) ([]*Folder, error)
- func (s *ResourceManagerService) GetRelatedProject(ctx context.Context, parentType string, parentID string) ([]*Project, error)
- func (s *ResourceManagerService) Projects(ctx context.Context, parentID string) ([]*Project, error)
Constants ¶
This section is empty.
Variables ¶
var ErrPermissionDenied = &Error{ Code: "PermissionDenied", Message: "permission denied", KV: map[string]interface{}{}, }
ErrPermissionDenied is 権限エラーの時に返す
Functions ¶
func NewErrPermissionDenied ¶
NewErrPermissionDenied is return ErrPermissionDenied
func ValidateProjectIDFormat ¶
ValidateProjectIDFormat is ProjectIDのFormatを検証する
ProjectIDは、6〜30文字の小文字、数字、またはハイフンの一意の文字列である必要があります。 文字で始める必要があり、末尾にハイフンを付けることはできません。 https://cloud.google.com/resource-manager/docs/creating-managing-projects?hl=en#before_you_begin 仕様上、googleなどの文字を含むものは利用できないが、なんのワードが禁止なのか分からないので、チェックしていない。
Types ¶
type Error ¶
type Error struct { Code string Message string KV map[string]interface{} // contains filtered or unexported fields }
Error is Error情報を保持する struct
type Folder ¶
type Folder struct { // CreateTime: Output only. Timestamp when the Folder was created. // Assigned by the server. CreateTime string `json:"createTime,omitempty"` // DisplayName: The folder’s display name. // A folder’s display name must be unique amongst its siblings, // e.g. // no two folders with the same parent can share the same display // name. // The display name must start and end with a letter or digit, may // contain // letters, digits, spaces, hyphens and underscores and can be no // longer // than 30 characters. This is captured by the regular // expression: // [\p{L}\p{N}]([\p{L}\p{N}_- ]{0,28}[\p{L}\p{N}])?. DisplayName string `json:"displayName,omitempty"` // LifecycleState: Output only. The lifecycle state of the // folder. // Updates to the lifecycle_state must be performed via // DeleteFolder and // UndeleteFolder. // // Possible values: // "LIFECYCLE_STATE_UNSPECIFIED" - Unspecified state. // "ACTIVE" - The normal and active state. // "DELETE_REQUESTED" - The folder has been marked for deletion by the // user. LifecycleState string `json:"lifecycleState,omitempty"` // Name: Output only. The resource name of the Folder. // Its format is `folders/{folder_id}`, for example: "folders/1234". Name string `json:"name,omitempty"` // Parent: Required. The Folder’s parent's resource name. // Updates to the folder's parent must be performed via // MoveFolder. Parent string `json:"parent,omitempty"` }
Folder: A Folder in an Organization's resource hierarchy, used to organize that Organization's resources.
type Project ¶
type Project struct { // CreateTime: Creation time. // // Read-only. CreateTime string `json:"createTime,omitempty"` // Labels: The labels associated with this Project. // // Label keys must be between 1 and 63 characters long and must // conform // to the following regular expression: // \[a-z\](\[-a-z0-9\]*\[a-z0-9\])?. // // Label values must be between 0 and 63 characters long and must // conform // to the regular expression (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?. A // label // value can be empty. // // No more than 256 labels can be associated with a given // resource. // // Clients should store labels in a representation such as JSON that // does not // depend on specific characters being disallowed. // // Example: <code>"environment" : "dev"</code> // Read-write. Labels map[string]string `json:"labels,omitempty"` // LifecycleState: The Project lifecycle state. // // Read-only. // // Possible values: // "LIFECYCLE_STATE_UNSPECIFIED" - Unspecified state. This is only // used/useful for distinguishing // unset values. // "ACTIVE" - The normal and active state. // "DELETE_REQUESTED" - The project has been marked for deletion by // the user // (by invoking // DeleteProject) // or by the system (Google Cloud Platform). // This can generally be reversed by invoking UndeleteProject. // "DELETE_IN_PROGRESS" - This lifecycle state is no longer used and // not returned by the API. LifecycleState string `json:"lifecycleState,omitempty"` // Name: The optional user-assigned display name of the Project. // When present it must be between 4 to 30 characters. // Allowed characters are: lowercase and uppercase letters, // numbers, // hyphen, single-quote, double-quote, space, and exclamation // point. // // Example: <code>My Project</code> // Read-write. Name string `json:"name,omitempty"` // Parent: An optional reference to a parent Resource. // // Supported parent types include "organization" and "folder". Once set, // the // parent cannot be cleared. The `parent` can be set on creation or // using the // `UpdateProject` method; the end user must have // the // `resourcemanager.projects.create` permission on the // parent. // // Read-write. Parent *ResourceID `json:"parent,omitempty"` // ProjectId: The unique, user-assigned ID of the Project. // It must be 6 to 30 lowercase letters, digits, or hyphens. // It must start with a letter. // Trailing hyphens are prohibited. // // Example: <code>tokyo-rain-123</code> // Read-only after creation. ProjectID string `json:"projectId,omitempty"` // ProjectNumber: The number uniquely identifying the project. // // Example: <code>415104041262</code> // Read-only. ProjectNumber int64 `json:"projectNumber,omitempty,string"` }
Project: A Project is a high-level Google Cloud Platform entity. It is a container for ACLs, APIs, App Engine Apps, VMs, and other Google Cloud Platform resources.
type ResourceID ¶
type ResourceID struct { // Id: Required field for the type-specific id. This should correspond // to the id // used in the type-specific API's. ID string `json:"id,omitempty"` // Type: Required field representing the resource type this id is // for. // At present, the valid types are: "organization", "folder", and // "project". Type string `json:"type,omitempty"` }
ResourceId: A container to reference an id for any resource type. A `resource` in Google Cloud Platform is a generic term for something you (a developer) may want to interact with through one of our API's. Some examples are an App Engine app, a Compute Engine instance, a Cloud SQL database, and so on.
type ResourceManagerService ¶
type ResourceManagerService struct {
// contains filtered or unexported fields
}
func NewResourceManagerService ¶
func NewResourceManagerService(ctx context.Context, crmv1Service *crmv1.Service, crmv2Service *crmv2.Service) (*ResourceManagerService, error)
NewResourceManagerService is return ResourceManagerService
func (*ResourceManagerService) ConvertIamMember ¶
func (s *ResourceManagerService) ConvertIamMember(member string) (*IamMember, error)
ConvertIamMember is IAM RoleのAPIで取得できるMember文字列をIamMember structに変換して返す 削除済みのメンバーのフォーマットは https://cloud.google.com/iam/docs/policies#handle-deleted-members
func (*ResourceManagerService) ExistsMemberInGCPProject ¶
func (s *ResourceManagerService) ExistsMemberInGCPProject(ctx context.Context, projectID string, email string, roles ...string) (bool, error)
ExistsMemberInGCPProject is GCP Projectに指定したユーザが権限を持っているかを返す defaultだと何らかのroleを持っているかを返す。rolesを指定するといずれか1つ以上を持っているかを返す。
func (*ResourceManagerService) Folders ¶
Folders 指定した parent の下にあるすべてのFolderを返す 階層構造は保持せずにフラットにすべてのFolderを返す parent は `folders/{folder_id}` or `organizations/{org_id}` の形式で指定する 対象のparentの権限がない場合、 ErrPermissionDenied を返す
func (*ResourceManagerService) GetRelatedProject ¶
func (s *ResourceManagerService) GetRelatedProject(ctx context.Context, parentType string, parentID string) ([]*Project, error)
GetRelatedProject is 指定したParent配下のすべてのProjectを返す parentType : folders or organizations 対象のparentの権限がない場合、 ErrPermissionDenied を返す