vendor_fabric.google.cloud

Google Cloud Platform resource management operations.

This module provides operations for managing Google Cloud organizations, folders, projects, and IAM.

Module Contents

Classes

GoogleCloudMixin

Mixin providing Google Cloud Platform operations.

API

class vendor_fabric.google.cloud.GoogleCloudMixin

Mixin providing Google Cloud Platform operations.

This mixin requires the base GoogleConnector class to provide:

  • get_cloud_resource_manager_service()

  • get_iam_service()

  • logger

get_organization_id() extended_data.containers.ExtendedString

Get the Google Cloud organization ID.

Returns: The organization ID (numeric string).

Raises: RuntimeError: If no organization is found.

get_organization() extended_data.containers.ExtendedDict

Get the Google Cloud organization details.

Returns: Organization dictionary.

Raises: RuntimeError: If no organization is found.

list_projects(parent: str | None = None, filter_query: str | None = None, unhump_projects: bool = False) extended_data.containers.ExtendedList[extended_data.containers.ExtendedDict]

List Google Cloud projects.

Args: parent: Parent resource (organizations/ORG_ID or folders/FOLDER_ID). filter_query: Optional filter query string. unhump_projects: Convert keys to snake_case. Defaults to False.

Returns: List of project dictionaries.

get_project(project_id: str) extended_data.containers.ExtendedDict | None

Get a specific Google Cloud project.

Args: project_id: The project ID.

Returns: Project dictionary or None if not found.

create_project(project_id: str, display_name: str, parent: str | None = None, labels: dict[str, str] | None = None) extended_data.containers.ExtendedDict

Create a Google Cloud project.

Args: project_id: Unique project ID. display_name: Human-readable project name. parent: Parent resource (organizations/ORG_ID or folders/FOLDER_ID). labels: Optional project labels.

Returns: Operation response dictionary.

delete_project(project_id: str) extended_data.containers.ExtendedDict

Delete a Google Cloud project.

Args: project_id: The project ID to delete.

Returns: Operation response dictionary.

move_project(project_id: str, destination_parent: str) extended_data.containers.ExtendedDict

Move a project to a different folder/organization.

Args: project_id: The project ID to move. destination_parent: Destination (organizations/ORG_ID or folders/FOLDER_ID).

Returns: Operation response dictionary.

list_folders(parent: str, unhump_folders: bool = False) extended_data.containers.ExtendedList[extended_data.containers.ExtendedDict]

List folders under a parent.

Args: parent: Parent resource (organizations/ORG_ID or folders/FOLDER_ID). unhump_folders: Convert keys to snake_case. Defaults to False.

Returns: List of folder dictionaries.

get_org_policy(resource: str, constraint: str) extended_data.containers.ExtendedDict | None

Get an organization policy.

Args: resource: Resource name (organizations/ORG_ID, folders/FOLDER_ID, projects/PROJECT_ID). constraint: Policy constraint name.

Returns: Policy dictionary or None if not set.

set_org_policy(resource: str, policy: dict[str, Any]) extended_data.containers.ExtendedDict

Set an organization policy.

Args: resource: Resource name (organizations/ORG_ID, folders/FOLDER_ID, projects/PROJECT_ID). policy: Policy dictionary.

Returns: Updated policy dictionary.

get_iam_policy(resource: str, resource_type: str = 'projects') extended_data.containers.ExtendedDict

Get IAM policy for a resource.

Args: resource: Resource ID. resource_type: Type of resource (projects, folders, organizations).

Returns: IAM policy dictionary.

set_iam_policy(resource: str, policy: collections.abc.Mapping[str, Any], resource_type: str = 'projects') extended_data.containers.ExtendedDict

Set IAM policy for a resource.

Args: resource: Resource ID. policy: IAM policy dictionary. resource_type: Type of resource (projects, folders, organizations).

Returns: Updated IAM policy dictionary.

add_iam_binding(resource: str, role: str, member: str, resource_type: str = 'projects') extended_data.containers.ExtendedDict

Add an IAM binding to a resource.

Args: resource: Resource ID. role: IAM role to grant. member: Member to grant role to (user:, group:, serviceAccount:). resource_type: Type of resource (projects, folders, organizations).

Returns: Updated IAM policy dictionary.

list_service_accounts(project_id: str, unhump_accounts: bool = False) extended_data.containers.ExtendedList[extended_data.containers.ExtendedDict]

List service accounts in a project.

Args: project_id: The project ID. unhump_accounts: Convert keys to snake_case. Defaults to False.

Returns: List of service account dictionaries.

create_service_account(project_id: str, account_id: str, display_name: str, description: str = '') extended_data.containers.ExtendedDict

Create a service account in a project.

Args: project_id: The project ID. account_id: Unique account ID (alphanumeric, 6-30 chars). display_name: Human-readable name. description: Optional description.

Returns: Created service account dictionary.