vendor_fabric.google.cloud¶
Google Cloud Platform resource management operations.
This module provides operations for managing Google Cloud organizations, folders, projects, and IAM.
Module Contents¶
Classes¶
Mixin providing Google Cloud Platform operations. |
API¶
- class vendor_fabric.google.cloud.GoogleCloudMixin¶
Mixin providing Google Cloud Platform operations.
This mixin requires the base GoogleConnector class to provide:
get_cloud_resource_manager_service()
get_iam_service()
logger
- get_organization_id() extended_data.containers.ExtendedString¶
Get the Google Cloud organization ID.
Returns: The organization ID (numeric string).
Raises: RuntimeError: If no organization is found.
- get_organization() extended_data.containers.ExtendedDict¶
Get the Google Cloud organization details.
Returns: Organization dictionary.
Raises: RuntimeError: If no organization is found.
- list_projects(parent: str | None = None, filter_query: str | None = None, unhump_projects: bool = False) extended_data.containers.ExtendedList[extended_data.containers.ExtendedDict]¶
List Google Cloud projects.
Args: parent: Parent resource (organizations/ORG_ID or folders/FOLDER_ID). filter_query: Optional filter query string. unhump_projects: Convert keys to snake_case. Defaults to False.
Returns: List of project dictionaries.
- get_project(project_id: str) extended_data.containers.ExtendedDict | None¶
Get a specific Google Cloud project.
Args: project_id: The project ID.
Returns: Project dictionary or None if not found.
- create_project(project_id: str, display_name: str, parent: str | None = None, labels: dict[str, str] | None = None) extended_data.containers.ExtendedDict¶
Create a Google Cloud project.
Args: project_id: Unique project ID. display_name: Human-readable project name. parent: Parent resource (organizations/ORG_ID or folders/FOLDER_ID). labels: Optional project labels.
Returns: Operation response dictionary.
- delete_project(project_id: str) extended_data.containers.ExtendedDict¶
Delete a Google Cloud project.
Args: project_id: The project ID to delete.
Returns: Operation response dictionary.
- move_project(project_id: str, destination_parent: str) extended_data.containers.ExtendedDict¶
Move a project to a different folder/organization.
Args: project_id: The project ID to move. destination_parent: Destination (organizations/ORG_ID or folders/FOLDER_ID).
Returns: Operation response dictionary.
- list_folders(parent: str, unhump_folders: bool = False) extended_data.containers.ExtendedList[extended_data.containers.ExtendedDict]¶
List folders under a parent.
Args: parent: Parent resource (organizations/ORG_ID or folders/FOLDER_ID). unhump_folders: Convert keys to snake_case. Defaults to False.
Returns: List of folder dictionaries.
- get_org_policy(resource: str, constraint: str) extended_data.containers.ExtendedDict | None¶
Get an organization policy.
Args: resource: Resource name (organizations/ORG_ID, folders/FOLDER_ID, projects/PROJECT_ID). constraint: Policy constraint name.
Returns: Policy dictionary or None if not set.
- set_org_policy(resource: str, policy: dict[str, Any]) extended_data.containers.ExtendedDict¶
Set an organization policy.
Args: resource: Resource name (organizations/ORG_ID, folders/FOLDER_ID, projects/PROJECT_ID). policy: Policy dictionary.
Returns: Updated policy dictionary.
- get_iam_policy(resource: str, resource_type: str = 'projects') extended_data.containers.ExtendedDict¶
Get IAM policy for a resource.
Args: resource: Resource ID. resource_type: Type of resource (projects, folders, organizations).
Returns: IAM policy dictionary.
- set_iam_policy(resource: str, policy: collections.abc.Mapping[str, Any], resource_type: str = 'projects') extended_data.containers.ExtendedDict¶
Set IAM policy for a resource.
Args: resource: Resource ID. policy: IAM policy dictionary. resource_type: Type of resource (projects, folders, organizations).
Returns: Updated IAM policy dictionary.
- add_iam_binding(resource: str, role: str, member: str, resource_type: str = 'projects') extended_data.containers.ExtendedDict¶
Add an IAM binding to a resource.
Args: resource: Resource ID. role: IAM role to grant. member: Member to grant role to (user:, group:, serviceAccount:). resource_type: Type of resource (projects, folders, organizations).
Returns: Updated IAM policy dictionary.
- list_service_accounts(project_id: str, unhump_accounts: bool = False) extended_data.containers.ExtendedList[extended_data.containers.ExtendedDict]¶
List service accounts in a project.
Args: project_id: The project ID. unhump_accounts: Convert keys to snake_case. Defaults to False.
Returns: List of service account dictionaries.
- create_service_account(project_id: str, account_id: str, display_name: str, description: str = '') extended_data.containers.ExtendedDict¶
Create a service account in a project.
Args: project_id: The project ID. account_id: Unique account ID (alphanumeric, 6-30 chars). display_name: Human-readable name. description: Optional description.
Returns: Created service account dictionary.