CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/pypi-google-cloud-resource-manager

Google Cloud Resource Manager API client library for managing projects, folders, organizations, and tags in Google Cloud Platform

Pending
Overview
Eval results
Files

organizations.mddocs/

Organizations Management

Read-only access to organization information and search capabilities. Organizations represent the root-level container in the Google Cloud resource hierarchy, providing the foundation for managing all Google Cloud resources within an enterprise or domain.

Capabilities

Organization Retrieval

Retrieve detailed information about a specific organization using its resource name.

def get_organization(
    self,
    request: GetOrganizationRequest = None,
    *,
    name: str = None,
    retry: OptionalRetry = gapic_v1.method.DEFAULT,
    timeout: Union[float, object] = gapic_v1.method.DEFAULT,
    metadata: Sequence[Tuple[str, Union[str, bytes]]] = ()
) -> Organization:
    """
    Retrieves an organization identified by the specified resource name.

    Args:
        name (str): The resource name of the organization to retrieve.
            Format: organizations/{organization_id}
        retry: Retry configuration for the request
        timeout: Request timeout in seconds
        metadata: Additional metadata to send with the request

    Returns:
        Organization: The requested organization resource

    Raises:
        google.api_core.exceptions.NotFound: If the organization doesn't exist
        google.api_core.exceptions.PermissionDenied: If access is denied
    """

Usage example:

from google.cloud.resourcemanager import OrganizationsClient

client = OrganizationsClient()
org = client.get_organization(name="organizations/123456789")
print(f"Organization: {org.display_name}")
print(f"Directory Customer ID: {org.directory_customer_id}")

Organization Search

Search for organizations using flexible query expressions. This is typically used to find organizations associated with a domain or user.

def search_organizations(
    self,
    request: SearchOrganizationsRequest = None,
    *,
    query: str = None,
    retry: OptionalRetry = gapic_v1.method.DEFAULT,
    timeout: Union[float, object] = gapic_v1.method.DEFAULT,
    metadata: Sequence[Tuple[str, Union[str, bytes]]] = ()
) -> pagers.SearchOrganizationsPager:
    """
    Search for organizations using a flexible query language.

    Args:
        query (str): Query expression for filtering organizations.
            Examples: 'domain:example.com', 'displayName:ACME*',
                     'lifecycleState:ACTIVE'
        retry: Retry configuration for the request
        timeout: Request timeout in seconds
        metadata: Additional metadata to send with the request

    Returns:
        SearchOrganizationsPager: An iterator over matching organizations
    """

Usage example:

client = OrganizationsClient()

# Search for organizations by domain
for org in client.search_organizations(query="domain:example.com"):
    print(f"Found organization: {org.display_name} ({org.name})")

# Search for active organizations with specific display name pattern
for org in client.search_organizations(query="displayName:ACME* AND lifecycleState:ACTIVE"):
    print(f"Found: {org.display_name}")

IAM Policy Management

Manage IAM (Identity and Access Management) policies for organizations, controlling who has access and what permissions they have at the organization level.

def get_iam_policy(
    self,
    request: iam_policy_pb2.GetIamPolicyRequest = None,
    *,
    resource: str = None,
    retry: OptionalRetry = gapic_v1.method.DEFAULT,
    timeout: Union[float, object] = gapic_v1.method.DEFAULT,
    metadata: Sequence[Tuple[str, Union[str, bytes]]] = ()
) -> policy_pb2.Policy:
    """
    Gets the IAM access control policy for an organization.

    Args:
        resource (str): Resource name of the organization.
                       Format: organizations/{organization_id}

    Returns:
        Policy: The IAM policy for the organization
    """

def set_iam_policy(
    self,
    request: iam_policy_pb2.SetIamPolicyRequest = None,
    *,
    resource: str = None,
    policy: policy_pb2.Policy = None,
    retry: OptionalRetry = gapic_v1.method.DEFAULT,
    timeout: Union[float, object] = gapic_v1.method.DEFAULT,
    metadata: Sequence[Tuple[str, Union[str, bytes]]] = ()
) -> policy_pb2.Policy:
    """
    Sets the IAM access control policy for an organization.

    Args:
        resource (str): Resource name of the organization
        policy (Policy): The new IAM policy

    Returns:
        Policy: The updated IAM policy
    """

def test_iam_permissions(
    self,
    request: iam_policy_pb2.TestIamPermissionsRequest = None,
    *,
    resource: str = None,
    permissions: MutableSequence[str] = None,
    retry: OptionalRetry = gapic_v1.method.DEFAULT,
    timeout: Union[float, object] = gapic_v1.method.DEFAULT,
    metadata: Sequence[Tuple[str, Union[str, bytes]]] = ()
) -> iam_policy_pb2.TestIamPermissionsResponse:
    """
    Tests the specified permissions against the IAM policy for an organization.

    Args:
        resource (str): Resource name of the organization
        permissions (Sequence[str]): List of permissions to test

    Returns:
        TestIamPermissionsResponse: Results of the permission test
    """

Usage example:

from google.iam.v1 import iam_policy_pb2, policy_pb2

client = OrganizationsClient()

# Get current IAM policy
current_policy = client.get_iam_policy(
    resource="organizations/123456789"
)

# Test specific permissions
test_result = client.test_iam_permissions(
    resource="organizations/123456789",
    permissions=[
        "resourcemanager.organizations.get",
        "resourcemanager.projects.create"
    ]
)
print(f"Allowed permissions: {test_result.permissions}")

Types

class Organization:
    name: str  # Resource name: organizations/{organization_id}
    display_name: str  # Human-readable organization name
    directory_customer_id: str  # Directory customer ID from Google Admin Console
    state: Organization.State  # Current lifecycle state
    create_time: timestamp_pb2.Timestamp  # Creation timestamp
    update_time: timestamp_pb2.Timestamp  # Last update timestamp
    delete_time: timestamp_pb2.Timestamp  # Deletion timestamp (if deleted)
    etag: str  # Entity tag for optimistic concurrency

    class State(proto.Enum):
        STATE_UNSPECIFIED = 0
        ACTIVE = 1
        DELETE_REQUESTED = 2

# Request/Response types
class GetOrganizationRequest:
    name: str

class SearchOrganizationsRequest:
    query: str
    page_token: str
    page_size: int

class SearchOrganizationsResponse:
    organizations: MutableSequence[Organization]
    next_page_token: str

# Metadata types for long-running operations (read-only, but included for completeness)
class DeleteOrganizationMetadata:
    # Empty metadata message

class UndeleteOrganizationMetadata:
    # Empty metadata message

Notes

Organizations are read-only resources in the Resource Manager API. They cannot be created, updated, moved, or deleted through this API. Organization management is typically handled through Google Admin Console or Google Cloud Console with appropriate administrative privileges.

The primary use cases for the Organizations API are:

  • Retrieving organization information for resource hierarchy navigation
  • Searching for organizations accessible to the current user
  • Managing IAM policies at the organization level
  • Serving as the root parent for folders and projects

Install with Tessl CLI

npx tessl i tessl/pypi-google-cloud-resource-manager

docs

folders.md

index.md

organizations.md

projects.md

tag-bindings.md

tag-holds.md

tag-keys.md

tag-values.md

tile.json