Подключиться
Yandex Resource Manager

Resource Manager API, gRPC: FolderService

Статья создана

A set of methods for managing Folder resources.

Call Description
Get Returns the specified Folder resource.
List Retrieves the list of Folder resources in the specified cloud.
Create Creates a folder in the specified cloud.
Update Updates the specified folder.
Delete Deletes the specified folder.
ListOperations Lists operations for the specified folder.
ListAccessBindings Lists access bindings for the specified folder.
SetAccessBindings Sets access bindings for the specified folder.
UpdateAccessBindings Updates access bindings for the specified folder.

Calls FolderService

Get

Returns the specified Folder resource.
To get the list of available Folder resources, make a List request.

rpc Get (GetFolderRequest) returns (Folder)

GetFolderRequest

Field Description
folder_id string
Required. ID of the Folder resource to return. To get the folder ID, use a FolderService.List request. The maximum string length in characters is 50.

Folder

Field Description
id string
ID of the folder.
cloud_id string
ID of the cloud that the folder belongs to.
created_at google.protobuf.Timestamp
Creation timestamp.
name string
Name of the folder. The name is unique within the cloud. 3-63 characters long.
description string
Description of the folder. 0-256 characters long.
labels map<string,string>
Resource labels as key:value pairs. Maximum of 64 per resource.
status enum Status
Status of the folder.
  • ACTIVE: The folder is active.
  • DELETING: The folder is being deleted.
  • PENDING_DELETION: Stopping folder resources and waiting for the deletion start timestamp.

List

Retrieves the list of Folder resources in the specified cloud.

rpc List (ListFoldersRequest) returns (ListFoldersResponse)

ListFoldersRequest

Field Description
cloud_id string
Required. ID of the cloud to list folders in. To get the cloud ID, use a yandex.cloud.resourcemanager.v1.CloudService.List request. The maximum string length in characters is 50.
page_size int64
The maximum number of results per page to return. If the number of available results is larger than page_size, the service returns a ListFoldersResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. The maximum value is 1000.
page_token string
Page token. Set page_token to the ListFoldersResponse.next_page_token returned by a previous list request to get the next page of results. The maximum string length in characters is 2000.
filter string
A filter expression that filters resources listed in the response. The expression must specify:
  1. The field name. Currently you can use filtering only on the Folder.name field.
  2. An = operator.
  3. The value in double quotes ("). Must be 3-63 characters long and match the regular expression [a-z][-a-z0-9]{1,61}[a-z0-9].
The maximum string length in characters is 1000.

ListFoldersResponse

Field Description
folders[] Folder
List of Folder resources.
next_page_token string
This token allows you to get the next page of results for list requests. If the number of results is larger than ListFoldersRequest.page_size, use the next_page_token as the value for the ListFoldersRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results.

Folder

Field Description
id string
ID of the folder.
cloud_id string
ID of the cloud that the folder belongs to.
created_at google.protobuf.Timestamp
Creation timestamp.
name string
Name of the folder. The name is unique within the cloud. 3-63 characters long.
description string
Description of the folder. 0-256 characters long.
labels map<string,string>
Resource labels as key:value pairs. Maximum of 64 per resource.
status enum Status
Status of the folder.
  • ACTIVE: The folder is active.
  • DELETING: The folder is being deleted.
  • PENDING_DELETION: Stopping folder resources and waiting for the deletion start timestamp.

Create

Creates a folder in the specified cloud.

rpc Create (CreateFolderRequest) returns (operation.Operation)

Metadata and response of Operation:

    Operation.metadata:CreateFolderMetadata

    Operation.response:Folder

CreateFolderRequest

Field Description
cloud_id string
Required. ID of the cloud to create a folder in. To get the cloud ID, use a yandex.cloud.resourcemanager.v1.CloudService.List request. The maximum string length in characters is 50.
name string
Required. Name of the folder. The name must be unique within the cloud. Value must match the regular expression |[a-z][-a-z0-9]{1,61}[a-z0-9].
description string
Description of the folder. The maximum string length in characters is 256.
labels map<string,string>
Resource labels as key:value pairs. No more than 64 per resource. The maximum string length in characters for each value is 63. Each value must match the regular expression [-_0-9a-z]*. The string length in characters for each key must be 1-63. Each key must match the regular expression [a-z][-_0-9a-z]*.

Operation

Field Description
id string
ID of the operation.
description string
Description of the operation. 0-256 characters long.
created_at google.protobuf.Timestamp
Creation timestamp.
created_by string
ID of the user or service account who initiated the operation.
modified_at google.protobuf.Timestamp
The time when the Operation resource was last modified.
done bool
If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata google.protobuf.Any<CreateFolderMetadata>
Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result oneof: error or response
The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
  error google.rpc.Status
The error result of the operation in case of failure or cancellation.
  response google.protobuf.Any<Folder>
if operation finished successfully.

CreateFolderMetadata

Field Description
folder_id string
ID of the folder that is being created.

Folder

Field Description
id string
ID of the folder.
cloud_id string
ID of the cloud that the folder belongs to.
created_at google.protobuf.Timestamp
Creation timestamp.
name string
Name of the folder. The name is unique within the cloud. 3-63 characters long.
description string
Description of the folder. 0-256 characters long.
labels map<string,string>
Resource labels as key:value pairs. Maximum of 64 per resource.
status enum Status
Status of the folder.
  • ACTIVE: The folder is active.
  • DELETING: The folder is being deleted.
  • PENDING_DELETION: Stopping folder resources and waiting for the deletion start timestamp.

Update

Updates the specified folder.

rpc Update (UpdateFolderRequest) returns (operation.Operation)

Metadata and response of Operation:

    Operation.metadata:UpdateFolderMetadata

    Operation.response:Folder

UpdateFolderRequest

Field Description
folder_id string
Required. ID of the Folder resource to update. To get the folder ID, use a FolderService.List request. The maximum string length in characters is 50.
update_mask google.protobuf.FieldMask
Field mask that specifies which fields of the Folder resource are going to be updated.
name string
Required. Name of the folder. The name must be unique within the cloud. Value must match the regular expression |[a-z][-a-z0-9]{1,61}[a-z0-9].
description string
Description of the folder. The maximum string length in characters is 256.
labels map<string,string>
Resource labels as key:value pairs. No more than 64 per resource. The maximum string length in characters for each value is 63. Each value must match the regular expression [-_0-9a-z]*. The string length in characters for each key must be 1-63. Each key must match the regular expression [a-z][-_0-9a-z]*.

Operation

Field Description
id string
ID of the operation.
description string
Description of the operation. 0-256 characters long.
created_at google.protobuf.Timestamp
Creation timestamp.
created_by string
ID of the user or service account who initiated the operation.
modified_at google.protobuf.Timestamp
The time when the Operation resource was last modified.
done bool
If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata google.protobuf.Any<UpdateFolderMetadata>
Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result oneof: error or response
The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
  error google.rpc.Status
The error result of the operation in case of failure or cancellation.
  response google.protobuf.Any<Folder>
if operation finished successfully.

UpdateFolderMetadata

Field Description
folder_id string
ID of the Folder resource that is being updated.

Folder

Field Description
id string
ID of the folder.
cloud_id string
ID of the cloud that the folder belongs to.
created_at google.protobuf.Timestamp
Creation timestamp.
name string
Name of the folder. The name is unique within the cloud. 3-63 characters long.
description string
Description of the folder. 0-256 characters long.
labels map<string,string>
Resource labels as key:value pairs. Maximum of 64 per resource.
status enum Status
Status of the folder.
  • ACTIVE: The folder is active.
  • DELETING: The folder is being deleted.
  • PENDING_DELETION: Stopping folder resources and waiting for the deletion start timestamp.

Delete

Deletes the specified folder.

rpc Delete (DeleteFolderRequest) returns (operation.Operation)

Metadata and response of Operation:

    Operation.metadata:DeleteFolderMetadata

    Operation.response:google.protobuf.Empty

DeleteFolderRequest

Field Description
folder_id string
Required. ID of the folder to delete. To get the folder ID, use a FolderService.List request. The maximum string length in characters is 50.
delete_after google.protobuf.Timestamp
The timestamp after which the process of deleting the folder should begin. Until this timestamp, the folder goes into the Folder.Status.PENDING_DELETION state and all resources in this folder are stopped. In this state, it is possible to cancel the delete operation without any loss. After this timestamp, the status of the folder will become Folder.Status.DELETING and the process of deleting all the resources of the folder will be started. If delete_after is not specified it will be (now + 24 hours). To initiate an immediate deletion delete_after must be <= now.

Operation

Field Description
id string
ID of the operation.
description string
Description of the operation. 0-256 characters long.
created_at google.protobuf.Timestamp
Creation timestamp.
created_by string
ID of the user or service account who initiated the operation.
modified_at google.protobuf.Timestamp
The time when the Operation resource was last modified.
done bool
If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata google.protobuf.Any<DeleteFolderMetadata>
Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result oneof: error or response
The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
  error google.rpc.Status
The error result of the operation in case of failure or cancellation.
  response google.protobuf.Any<google.protobuf.Empty>
if operation finished successfully.

DeleteFolderMetadata

Field Description
folder_id string
ID of the folder that is being deleted.
delete_after google.protobuf.Timestamp
The timestamp after which the process of deleting the folder should begin.

ListOperations

Lists operations for the specified folder.

rpc ListOperations (ListFolderOperationsRequest) returns (ListFolderOperationsResponse)

ListFolderOperationsRequest

Field Description
folder_id string
Required. ID of the Folder resource to list operations for. The maximum string length in characters is 50.
page_size int64
The maximum number of results per page to return. If the number of available results is larger than page_size, the service returns a ListFolderOperationsResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. The maximum value is 1000.
page_token string
Page token. Set page_token to the ListFolderOperationsResponse.next_page_token returned by a previous list request to get the next page of results. The maximum string length in characters is 2000.

ListFolderOperationsResponse

Field Description
operations[] operation.Operation
List of operations for the specified folder.
next_page_token string
This token allows you to get the next page of results for list requests. If the number of results is larger than ListFolderOperationsRequest.page_size, use the next_page_token as the value for the ListFolderOperationsRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results.

Operation

Field Description
id string
ID of the operation.
description string
Description of the operation. 0-256 characters long.
created_at google.protobuf.Timestamp
Creation timestamp.
created_by string
ID of the user or service account who initiated the operation.
modified_at google.protobuf.Timestamp
The time when the Operation resource was last modified.
done bool
If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata google.protobuf.Any
Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result oneof: error or response
The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
  error google.rpc.Status
The error result of the operation in case of failure or cancellation.
  response google.protobuf.Any
The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty. If the original method is the standard Create/Update, the response should be the target resource of the operation. Any method that returns a long-running operation should document the response type, if any.

ListAccessBindings

Lists access bindings for the specified folder.

rpc ListAccessBindings (ListAccessBindingsRequest) returns (ListAccessBindingsResponse)

ListAccessBindingsRequest

Field Description
resource_id string
Required. ID of the resource to list access bindings for.
To get the resource ID, use a corresponding List request. For example, use the yandex.cloud.resourcemanager.v1.CloudService.List request to get the Cloud resource ID. The maximum string length in characters is 50.
page_size int64
The maximum number of results per page that should be returned. If the number of available results is larger than page_size, the service returns a ListAccessBindingsResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. The maximum value is 1000.
page_token string
Page token. Set page_token to the ListAccessBindingsResponse.next_page_token returned by a previous list request to get the next page of results. The maximum string length in characters is 100.

ListAccessBindingsResponse

Field Description
access_bindings[] AccessBinding
List of access bindings for the specified resource.
next_page_token string
This token allows you to get the next page of results for list requests. If the number of results is larger than ListAccessBindingsRequest.page_size, use the next_page_token as the value for the ListAccessBindingsRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results.

AccessBinding

Field Description
role_id string
Required. ID of the yandex.cloud.iam.v1.Role that is assigned to the subject. The maximum string length in characters is 50.
subject Subject
Required. Identity for which access binding is being created. It can represent an account with a unique ID or several accounts with a system identifier.

Subject

Field Description
id string
Required. ID of the subject.
It can contain one of the following values:
  • allAuthenticatedUsers: A special system identifier that represents anyone
who is authenticated. It can be used only if the type is system.
  • allUsers: A special system identifier that represents anyone. No authentication is required.
For example, you don't need to specify the IAM token in an API query.
  • <cloud generated id>: An identifier that represents a user account.
It can be used only if the type is userAccount, federatedUser or serviceAccount. The maximum string length in characters is 50.
type string
Required. Type of the subject.
It can contain one of the following values:
  • userAccount: An account on Yandex or Yandex.Connect, added to Yandex.Cloud.
  • serviceAccount: A service account. This type represents the yandex.cloud.iam.v1.ServiceAccount resource.
  • federatedUser: A federated account. This type represents a user from an identity federation, like Active Directory.
  • system: System group. This type represents several accounts with a common system identifier.

For more information, see Subject to which the role is assigned. The maximum string length in characters is 100.

SetAccessBindings

Sets access bindings for the specified folder.

rpc SetAccessBindings (SetAccessBindingsRequest) returns (operation.Operation)

Metadata and response of Operation:

    Operation.metadata:SetAccessBindingsMetadata

    Operation.response:google.protobuf.Empty

SetAccessBindingsRequest

Field Description
resource_id string
Required. ID of the resource for which access bindings are being set.
To get the resource ID, use a corresponding List request. The maximum string length in characters is 50.
access_bindings[] AccessBinding
Required. Access bindings to be set. For more information, see Access Bindings.

AccessBinding

Field Description
role_id string
Required. ID of the yandex.cloud.iam.v1.Role that is assigned to the subject. The maximum string length in characters is 50.
subject Subject
Required. Identity for which access binding is being created. It can represent an account with a unique ID or several accounts with a system identifier.

Subject

Field Description
id string
Required. ID of the subject.
It can contain one of the following values:
  • allAuthenticatedUsers: A special system identifier that represents anyone
who is authenticated. It can be used only if the type is system.
  • allUsers: A special system identifier that represents anyone. No authentication is required.
For example, you don't need to specify the IAM token in an API query.
  • <cloud generated id>: An identifier that represents a user account.
It can be used only if the type is userAccount, federatedUser or serviceAccount. The maximum string length in characters is 50.
type string
Required. Type of the subject.
It can contain one of the following values:
  • userAccount: An account on Yandex or Yandex.Connect, added to Yandex.Cloud.
  • serviceAccount: A service account. This type represents the yandex.cloud.iam.v1.ServiceAccount resource.
  • federatedUser: A federated account. This type represents a user from an identity federation, like Active Directory.
  • system: System group. This type represents several accounts with a common system identifier.

For more information, see Subject to which the role is assigned. The maximum string length in characters is 100.

Operation

Field Description
id string
ID of the operation.
description string
Description of the operation. 0-256 characters long.
created_at google.protobuf.Timestamp
Creation timestamp.
created_by string
ID of the user or service account who initiated the operation.
modified_at google.protobuf.Timestamp
The time when the Operation resource was last modified.
done bool
If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata google.protobuf.Any<SetAccessBindingsMetadata>
Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result oneof: error or response
The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
  error google.rpc.Status
The error result of the operation in case of failure or cancellation.
  response google.protobuf.Any<google.protobuf.Empty>
if operation finished successfully.

SetAccessBindingsMetadata

Field Description
resource_id string
ID of the resource for which access bindings are being set.

UpdateAccessBindings

Updates access bindings for the specified folder.

rpc UpdateAccessBindings (UpdateAccessBindingsRequest) returns (operation.Operation)

Metadata and response of Operation:

    Operation.metadata:UpdateAccessBindingsMetadata

    Operation.response:google.protobuf.Empty

UpdateAccessBindingsRequest

Field Description
resource_id string
Required. ID of the resource for which access bindings are being updated. The maximum string length in characters is 50.
access_binding_deltas[] AccessBindingDelta
Required. Updates to access bindings. The number of elements must be greater than 0.

AccessBindingDelta

Field Description
action enum AccessBindingAction
Required. The action that is being performed on an access binding.
  • ADD: Addition of an access binding.
  • REMOVE: Removal of an access binding.
access_binding AccessBinding
Required. Access binding. For more information, see Access Bindings.

AccessBinding

Field Description
role_id string
Required. ID of the yandex.cloud.iam.v1.Role that is assigned to the subject. The maximum string length in characters is 50.
subject Subject
Required. Identity for which access binding is being created. It can represent an account with a unique ID or several accounts with a system identifier.

Subject

Field Description
id string
Required. ID of the subject.
It can contain one of the following values:
  • allAuthenticatedUsers: A special system identifier that represents anyone
who is authenticated. It can be used only if the type is system.
  • allUsers: A special system identifier that represents anyone. No authentication is required.
For example, you don't need to specify the IAM token in an API query.
  • <cloud generated id>: An identifier that represents a user account.
It can be used only if the type is userAccount, federatedUser or serviceAccount. The maximum string length in characters is 50.
type string
Required. Type of the subject.
It can contain one of the following values:
  • userAccount: An account on Yandex or Yandex.Connect, added to Yandex.Cloud.
  • serviceAccount: A service account. This type represents the yandex.cloud.iam.v1.ServiceAccount resource.
  • federatedUser: A federated account. This type represents a user from an identity federation, like Active Directory.
  • system: System group. This type represents several accounts with a common system identifier.

For more information, see Subject to which the role is assigned. The maximum string length in characters is 100.

Operation

Field Description
id string
ID of the operation.
description string
Description of the operation. 0-256 characters long.
created_at google.protobuf.Timestamp
Creation timestamp.
created_by string
ID of the user or service account who initiated the operation.
modified_at google.protobuf.Timestamp
The time when the Operation resource was last modified.
done bool
If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata google.protobuf.Any<UpdateAccessBindingsMetadata>
Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result oneof: error or response
The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
  error google.rpc.Status
The error result of the operation in case of failure or cancellation.
  response google.protobuf.Any<google.protobuf.Empty>
if operation finished successfully.

UpdateAccessBindingsMetadata

Field Description
resource_id string
ID of the resource for which access bindings are being updated.
В этой статье: