mirror of
https://github.com/OMGeeky/google-apis-rs.git
synced 2026-02-01 06:44:01 +01:00
1 line
337 KiB
JSON
1 line
337 KiB
JSON
{"config":{"indexing":"full","lang":["en"],"min_search_length":3,"prebuild_index":false,"separator":"[\\s\\-]+"},"docs":[{"location":"","text":"The cloudresourcemanager1 command-line interface (CLI) allows to use most features of the Google Cloud Resource Manager service from the comfort of your terminal. By default all output is printed to standard out, but flags can be set to direct it into a file independent of your shell's capabilities. Errors will be printed to standard error, and cause the program's exit code to be non-zero. If data-structures are requested, these will be returned as pretty-printed JSON, to be useful as input to other tools. Everything else about the Cloud Resource Manager API can be found at the official documentation site . Installation and Source Code Install the command-line interface with cargo using: cargo install google-cloudresourcemanager1-cli Find the source code on github . Usage This documentation was generated from the Cloud Resource Manager API at revision 20240303 . The CLI is at version 5.0.4 . cloudresourcemanager1 [options] folders clear-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] get-effective-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] get-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] list-available-org-policy-constraints <resource> (-r <kv>)... [-p <v>]... [-o <out>] list-org-policies <resource> (-r <kv>)... [-p <v>]... [-o <out>] set-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] liens create (-r <kv>)... [-p <v>]... [-o <out>] delete <name> [-p <v>]... [-o <out>] get <name> [-p <v>]... [-o <out>] list [-p <v>]... [-o <out>] operations get <name> [-p <v>]... [-o <out>] organizations clear-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] get <name> [-p <v>]... [-o <out>] get-effective-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] get-iam-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] get-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] list-available-org-policy-constraints <resource> (-r <kv>)... [-p <v>]... [-o <out>] list-org-policies <resource> (-r <kv>)... [-p <v>]... [-o <out>] search (-r <kv>)... [-p <v>]... [-o <out>] set-iam-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] set-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] test-iam-permissions <resource> (-r <kv>)... [-p <v>]... [-o <out>] projects clear-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] create (-r <kv>)... [-p <v>]... [-o <out>] delete <project-id> [-p <v>]... [-o <out>] get <project-id> [-p <v>]... [-o <out>] get-ancestry <project-id> (-r <kv>)... [-p <v>]... [-o <out>] get-effective-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] get-iam-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] get-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] list [-p <v>]... [-o <out>] list-available-org-policy-constraints <resource> (-r <kv>)... [-p <v>]... [-o <out>] list-org-policies <resource> (-r <kv>)... [-p <v>]... [-o <out>] set-iam-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] set-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] test-iam-permissions <resource> (-r <kv>)... [-p <v>]... [-o <out>] undelete <project-id> (-r <kv>)... [-p <v>]... [-o <out>] update <project-id> (-r <kv>)... [-p <v>]... [-o <out>] cloudresourcemanager1 --help Configuration: [--scope <url>]... Specify the authentication a method should be executed in. Each scope requires the user to grant this application permission to use it. If unset, it defaults to the shortest scope url for a particular method. --config-dir <folder> A directory into which we will store our persistent data. Defaults to a user-writable directory that we will create during the first invocation. [default: ~/.google-service-cli] Configuration The program will store all persistent data in the ~/.google-service-cli directory in JSON files prefixed with cloudresourcemanager1- . You can change the directory used to store configuration with the --config-dir flag on a per-invocation basis. More information about the various kinds of persistent data are given in the following paragraphs. Authentication Most APIs require a user to authenticate any request. If this is the case, the scope determines the set of permissions granted. The granularity of these is usually no more than read-only or full-access . If not set, the system will automatically select the smallest feasible scope, e.g. when invoking a method that is read-only, it will ask only for a read-only scope. You may use the --scope flag to specify a scope directly. All applicable scopes are documented in the respective method's CLI documentation. The first time a scope is used, the user is asked for permission. Follow the instructions given by the CLI to grant permissions, or to decline. If a scope was authenticated by the user, the respective information will be stored as JSON in the configuration directory, e.g. ~/.google-service-cli/cloudresourcemanager1-token-<scope-hash>.json . No manual management of these tokens is necessary. To revoke granted authentication, please refer to the official documentation . Application Secrets In order to allow any application to use Google services, it will need to be registered using the Google Developer Console . APIs the application may use are then enabled for it one by one. Most APIs can be used for free and have a daily quota. To allow more comfortable usage of the CLI without forcing anyone to register an own application, the CLI comes with a default application secret that is configured accordingly. This also means that heavy usage all around the world may deplete the daily quota. You can workaround this limitation by putting your own secrets file at this location: ~/.google-service-cli/cloudresourcemanager1-secret.json , assuming that the required cloudresourcemanager API was enabled for it. Such a secret file can be downloaded in the Google Developer Console at APIs & auth -> Credentials -> Download JSON and used as is. Learn more about how to setup Google projects and enable APIs using the official documentation . Debugging Even though the CLI does its best to provide usable error messages, sometimes it might be desirable to know what exactly led to a particular issue. This is done by allowing all client-server communication to be output to standard error as-is . The --debug flag will print errors using the Debug representation to standard error. You may consider redirecting standard error into a file for ease of use, e.g. cloudresourcemanager1 --debug <resource> <method> [options] 2>debug.txt .","title":"Home"},{"location":"#installation-and-source-code","text":"Install the command-line interface with cargo using: cargo install google-cloudresourcemanager1-cli Find the source code on github .","title":"Installation and Source Code"},{"location":"#usage","text":"This documentation was generated from the Cloud Resource Manager API at revision 20240303 . The CLI is at version 5.0.4 . cloudresourcemanager1 [options] folders clear-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] get-effective-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] get-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] list-available-org-policy-constraints <resource> (-r <kv>)... [-p <v>]... [-o <out>] list-org-policies <resource> (-r <kv>)... [-p <v>]... [-o <out>] set-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] liens create (-r <kv>)... [-p <v>]... [-o <out>] delete <name> [-p <v>]... [-o <out>] get <name> [-p <v>]... [-o <out>] list [-p <v>]... [-o <out>] operations get <name> [-p <v>]... [-o <out>] organizations clear-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] get <name> [-p <v>]... [-o <out>] get-effective-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] get-iam-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] get-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] list-available-org-policy-constraints <resource> (-r <kv>)... [-p <v>]... [-o <out>] list-org-policies <resource> (-r <kv>)... [-p <v>]... [-o <out>] search (-r <kv>)... [-p <v>]... [-o <out>] set-iam-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] set-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] test-iam-permissions <resource> (-r <kv>)... [-p <v>]... [-o <out>] projects clear-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] create (-r <kv>)... [-p <v>]... [-o <out>] delete <project-id> [-p <v>]... [-o <out>] get <project-id> [-p <v>]... [-o <out>] get-ancestry <project-id> (-r <kv>)... [-p <v>]... [-o <out>] get-effective-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] get-iam-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] get-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] list [-p <v>]... [-o <out>] list-available-org-policy-constraints <resource> (-r <kv>)... [-p <v>]... [-o <out>] list-org-policies <resource> (-r <kv>)... [-p <v>]... [-o <out>] set-iam-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] set-org-policy <resource> (-r <kv>)... [-p <v>]... [-o <out>] test-iam-permissions <resource> (-r <kv>)... [-p <v>]... [-o <out>] undelete <project-id> (-r <kv>)... [-p <v>]... [-o <out>] update <project-id> (-r <kv>)... [-p <v>]... [-o <out>] cloudresourcemanager1 --help Configuration: [--scope <url>]... Specify the authentication a method should be executed in. Each scope requires the user to grant this application permission to use it. If unset, it defaults to the shortest scope url for a particular method. --config-dir <folder> A directory into which we will store our persistent data. Defaults to a user-writable directory that we will create during the first invocation. [default: ~/.google-service-cli]","title":"Usage"},{"location":"#configuration","text":"The program will store all persistent data in the ~/.google-service-cli directory in JSON files prefixed with cloudresourcemanager1- . You can change the directory used to store configuration with the --config-dir flag on a per-invocation basis. More information about the various kinds of persistent data are given in the following paragraphs.","title":"Configuration"},{"location":"#authentication","text":"Most APIs require a user to authenticate any request. If this is the case, the scope determines the set of permissions granted. The granularity of these is usually no more than read-only or full-access . If not set, the system will automatically select the smallest feasible scope, e.g. when invoking a method that is read-only, it will ask only for a read-only scope. You may use the --scope flag to specify a scope directly. All applicable scopes are documented in the respective method's CLI documentation. The first time a scope is used, the user is asked for permission. Follow the instructions given by the CLI to grant permissions, or to decline. If a scope was authenticated by the user, the respective information will be stored as JSON in the configuration directory, e.g. ~/.google-service-cli/cloudresourcemanager1-token-<scope-hash>.json . No manual management of these tokens is necessary. To revoke granted authentication, please refer to the official documentation .","title":"Authentication"},{"location":"#application-secrets","text":"In order to allow any application to use Google services, it will need to be registered using the Google Developer Console . APIs the application may use are then enabled for it one by one. Most APIs can be used for free and have a daily quota. To allow more comfortable usage of the CLI without forcing anyone to register an own application, the CLI comes with a default application secret that is configured accordingly. This also means that heavy usage all around the world may deplete the daily quota. You can workaround this limitation by putting your own secrets file at this location: ~/.google-service-cli/cloudresourcemanager1-secret.json , assuming that the required cloudresourcemanager API was enabled for it. Such a secret file can be downloaded in the Google Developer Console at APIs & auth -> Credentials -> Download JSON and used as is. Learn more about how to setup Google projects and enable APIs using the official documentation .","title":"Application Secrets"},{"location":"#debugging","text":"Even though the CLI does its best to provide usable error messages, sometimes it might be desirable to know what exactly led to a particular issue. This is done by allowing all client-server communication to be output to standard error as-is . The --debug flag will print errors using the Debug representation to standard error. You may consider redirecting standard error into a file for ease of use, e.g. cloudresourcemanager1 --debug <resource> <method> [options] 2>debug.txt .","title":"Debugging"},{"location":"folders_clear-org-policy/","text":"Clears a Policy from a resource. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> folders clear-org-policy ... Required Scalar Argument <resource> (string) Name of the resource for the Policy to clear. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ClearOrgPolicyRequest: constraint: string etag: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=et Name of the Constraint of the Policy to clear. etag=magna The current version, for concurrency control. Not sending an etag will cause the Policy to be cleared blindly. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Clear Org Policy"},{"location":"folders_clear-org-policy/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> folders clear-org-policy ...","title":"Scopes"},{"location":"folders_clear-org-policy/#required-scalar-argument","text":"<resource> (string) Name of the resource for the Policy to clear.","title":"Required Scalar Argument"},{"location":"folders_clear-org-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ClearOrgPolicyRequest: constraint: string etag: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=et Name of the Constraint of the Policy to clear. etag=magna The current version, for concurrency control. Not sending an etag will cause the Policy to be cleared blindly.","title":"Required Request Value"},{"location":"folders_clear-org-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"folders_clear-org-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"folders_clear-org-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"folders_get-effective-org-policy/","text":"Gets the effective Policy on a resource. This is the result of merging Policies in the resource hierarchy. The returned Policy will not have an etag set because it is a computed Policy across multiple resources. Subtrees of Resource Manager resource hierarchy with 'under:' prefix will not be expanded. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> folders get-effective-org-policy ... Required Scalar Argument <resource> (string) The name of the resource to start computing the effective Policy . Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetEffectiveOrgPolicyRequest: constraint: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=no The name of the Constraint to compute the effective Policy . About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Get Effective Org Policy"},{"location":"folders_get-effective-org-policy/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> folders get-effective-org-policy ...","title":"Scopes"},{"location":"folders_get-effective-org-policy/#required-scalar-argument","text":"<resource> (string) The name of the resource to start computing the effective Policy .","title":"Required Scalar Argument"},{"location":"folders_get-effective-org-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetEffectiveOrgPolicyRequest: constraint: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=no The name of the Constraint to compute the effective Policy .","title":"Required Request Value"},{"location":"folders_get-effective-org-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"folders_get-effective-org-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"folders_get-effective-org-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"folders_get-org-policy/","text":"Gets a Policy on a resource. If no Policy is set on the resource, a Policy is returned with default values including POLICY_TYPE_NOT_SET for the policy_type oneof . The etag value can be used with SetOrgPolicy() to create or update a Policy during read-modify-write. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> folders get-org-policy ... Required Scalar Argument <resource> (string) Name of the resource the Policy is set on. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetOrgPolicyRequest: constraint: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=ipsum Name of the Constraint to get the Policy . About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Get Org Policy"},{"location":"folders_get-org-policy/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> folders get-org-policy ...","title":"Scopes"},{"location":"folders_get-org-policy/#required-scalar-argument","text":"<resource> (string) Name of the resource the Policy is set on.","title":"Required Scalar Argument"},{"location":"folders_get-org-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetOrgPolicyRequest: constraint: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=ipsum Name of the Constraint to get the Policy .","title":"Required Request Value"},{"location":"folders_get-org-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"folders_get-org-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"folders_get-org-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"folders_list-available-org-policy-constraints/","text":"Lists Constraints that could be applied on the specified resource. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> folders list-available-org-policy-constraints ... Required Scalar Argument <resource> (string) Name of the resource to list Constraints for. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ListAvailableOrgPolicyConstraintsRequest: page-size: integer page-token: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . page-size=73 Size of the pages to be returned. This is currently unsupported and will be ignored. The server may at any point start using this field to limit page size. page-token=at Page token used to retrieve the next page. This is currently unsupported and will be ignored. The server may at any point start using this field. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"List Available Org Policy Constraints"},{"location":"folders_list-available-org-policy-constraints/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> folders list-available-org-policy-constraints ...","title":"Scopes"},{"location":"folders_list-available-org-policy-constraints/#required-scalar-argument","text":"<resource> (string) Name of the resource to list Constraints for.","title":"Required Scalar Argument"},{"location":"folders_list-available-org-policy-constraints/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ListAvailableOrgPolicyConstraintsRequest: page-size: integer page-token: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . page-size=73 Size of the pages to be returned. This is currently unsupported and will be ignored. The server may at any point start using this field to limit page size. page-token=at Page token used to retrieve the next page. This is currently unsupported and will be ignored. The server may at any point start using this field.","title":"Required Request Value"},{"location":"folders_list-available-org-policy-constraints/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"folders_list-available-org-policy-constraints/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"folders_list-available-org-policy-constraints/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"folders_list-org-policies/","text":"Lists all the Policies set for a particular resource. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> folders list-org-policies ... Required Scalar Argument <resource> (string) Name of the resource to list Policies for. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ListOrgPoliciesRequest: page-size: integer page-token: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . page-size=93 Size of the pages to be returned. This is currently unsupported and will be ignored. The server may at any point start using this field to limit page size. page-token=sed Page token used to retrieve the next page. This is currently unsupported and will be ignored. The server may at any point start using this field. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"List Org Policies"},{"location":"folders_list-org-policies/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> folders list-org-policies ...","title":"Scopes"},{"location":"folders_list-org-policies/#required-scalar-argument","text":"<resource> (string) Name of the resource to list Policies for.","title":"Required Scalar Argument"},{"location":"folders_list-org-policies/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ListOrgPoliciesRequest: page-size: integer page-token: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . page-size=93 Size of the pages to be returned. This is currently unsupported and will be ignored. The server may at any point start using this field to limit page size. page-token=sed Page token used to retrieve the next page. This is currently unsupported and will be ignored. The server may at any point start using this field.","title":"Required Request Value"},{"location":"folders_list-org-policies/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"folders_list-org-policies/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"folders_list-org-policies/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"folders_set-org-policy/","text":"Updates the specified Policy on the resource. Creates a new Policy for that Constraint on the resource if one does not exist. Not supplying an etag on the request Policy results in an unconditional write of the Policy . Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> folders set-org-policy ... Required Scalar Argument <resource> (string) Resource name of the resource to attach the Policy . Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: SetOrgPolicyRequest: policy: boolean-policy: enforced: boolean constraint: string etag: string list-policy: all-values: string allowed-values: [string] denied-values: [string] inherit-from-parent: boolean suggested-value: string update-time: string version: integer can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .policy.boolean-policy enforced=true If true , then the Policy is enforced. If false , then any configuration is acceptable. Suppose you have a Constraint constraints/compute.disableSerialPortAccess with constraint_default set to ALLOW . A Policy for that Constraint exhibits the following behavior: - If the Policy at this resource has enforced set to false , serial port connection attempts will be allowed. - If the Policy at this resource has enforced set to true , serial port connection attempts will be refused. - If the Policy at this resource is RestoreDefault , serial port connection attempts will be allowed. - If no Policy is set at this resource or anywhere higher in the resource hierarchy, serial port connection attempts will be allowed. - If no Policy is set at this resource, but one exists higher in the resource hierarchy, the behavior is as if the Policy were set at this resource. The following examples demonstrate the different possible layerings: Example 1 (nearest Constraint wins): organizations/foo has a Policy with: {enforced: false} projects/bar has no Policy set. The constraint at projects/bar and organizations/foo will not be enforced. Example 2 (enforcement gets replaced): organizations/foo has a Policy with: {enforced: false} projects/bar has a Policy with: {enforced: true} The constraint at organizations/foo is not enforced. The constraint at projects/bar is enforced. Example 3 (RestoreDefault): organizations/foo has a Policy with: {enforced: true} projects/bar has a Policy with: {RestoreDefault: {}} The constraint at organizations/foo is enforced. The constraint at projects/bar is not enforced, because constraint_default for the Constraint is ALLOW . .. constraint=amet. The name of the Constraint the Policy is configuring, for example, constraints/serviceuser.services . A list of available constraints is available. Immutable after creation. etag=duo An opaque tag indicating the current version of the Policy , used for concurrency control. When the Policy is returned from either a GetPolicy or a ListOrgPolicy request, this etag indicates the version of the current Policy to use when executing a read-modify-write loop. When the Policy is returned from a GetEffectivePolicy request, the etag will be unset. When the Policy is used in a SetOrgPolicy method, use the etag value that was returned from a GetOrgPolicy request as part of a read-modify-write loop for concurrency control. Not setting the etag in a SetOrgPolicy request will result in an unconditional write of the Policy . list-policy all-values=ipsum The policy all_values state. allowed-values=gubergren List of values allowed at this resource. Can only be set if all_values is set to ALL_VALUES_UNSPECIFIED . Each invocation of this argument appends the given value to the array. denied-values=lorem List of values denied at this resource. Can only be set if all_values is set to ALL_VALUES_UNSPECIFIED . Each invocation of this argument appends the given value to the array. inherit-from-parent=false Determines the inheritance behavior for this Policy . By default, a ListPolicy set at a resource supersedes any Policy set anywhere up the resource hierarchy. However, if inherit_from_parent is set to true , then the values from the effective Policy of the parent resource are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy. Setting Policy hierarchies that inherit both allowed values and denied values isn't recommended in most circumstances to keep the configuration simple and understandable. However, it is possible to set a Policy with allowed_values set that inherits a Policy with denied_values set. In this case, the values that are allowed must be in allowed_values and not present in denied_values . For example, suppose you have a Constraint constraints/serviceuser.services , which has a constraint_type of list_constraint , and with constraint_default set to ALLOW . Suppose that at the Organization level, a Policy is applied that restricts the allowed API activations to { E1 , E2 }. Then, if a Policy is applied to a project below the Organization that has inherit_from_parent set to false and field all_values set to DENY, then an attempt to activate any API will be denied. The following examples demonstrate different possible layerings for projects/bar parented by organizations/foo : Example 1 (no inherited values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has inherit_from_parent false and values: {allowed_values: \"E3\" allowed_values: \"E4\"} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are E3 , and E4 . Example 2 (inherited values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has a Policy with values: {value: \"E3\" value: \"E4\" inherit_from_parent: true} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are E1 , E2 , E3 , and E4 . Example 3 (inheriting both allowed and denied values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values: \"E2\"} projects/bar has a Policy with: {denied_values: \"E1\"} The accepted values at organizations/foo are E1 , E2 . The value accepted at projects/bar is E2 . Example 4 (RestoreDefault): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has a Policy with values: {RestoreDefault: {}} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are either all or none depending on the value of constraint_default (if ALLOW , all; if DENY , none). Example 5 (no policy inherits parent policy): organizations/foo has no Policy set. projects/bar has no Policy set. The accepted values at both levels are either all or none depending on the value of constraint_default (if ALLOW , all; if DENY , none). Example 6 (ListConstraint allowing all): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values: \"E2\"} projects/bar has a Policy with: {all: ALLOW} The accepted values at organizations/foo are E1 , E2 . Any value is accepted at projects/bar . Example 7 (ListConstraint allowing none): organizations/foo has a Policy with values: {allowed_values: "E1" allowed_values: "E2"} projects/bar has a Policy with: {all: DENY} The accepted values at organizations/foo are E1 , E2 . No value is accepted at projects/bar . Example 10 (allowed and denied subtrees of Resource Manager hierarchy): Given the following resource hierarchy O1->{F1, F2}; F1->{P1}; F2->{P2, P3}, organizations/foo has a Policy with values: {allowed_values: \"under:organizations/O1\"} projects/bar has a Policy with: {allowed_values: \"under:projects/P3\"} {denied_values: \"under:folders/F2\"} The accepted values at organizations/foo are organizations/O1 , folders/F1 , folders/F2 , projects/P1 , projects/P2 , projects/P3 . The accepted values at projects/bar are organizations/O1 , folders/F1 , projects/P1 . suggested-value=dolor Optional. The Google Cloud Console will try to default to a configuration that matches the value specified in this Policy . If suggested_value is not set, it will inherit the value specified higher in the hierarchy, unless inherit_from_parent is false . .. update-time=ea The time stamp the Policy was previously updated. This is set by the server, not specified by the caller, and represents the last time a call to SetOrgPolicy was made for that Policy . Any value set by the client will be ignored. version=46 Version of the Policy . Default version is 0; About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Set Org Policy"},{"location":"folders_set-org-policy/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> folders set-org-policy ...","title":"Scopes"},{"location":"folders_set-org-policy/#required-scalar-argument","text":"<resource> (string) Resource name of the resource to attach the Policy .","title":"Required Scalar Argument"},{"location":"folders_set-org-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: SetOrgPolicyRequest: policy: boolean-policy: enforced: boolean constraint: string etag: string list-policy: all-values: string allowed-values: [string] denied-values: [string] inherit-from-parent: boolean suggested-value: string update-time: string version: integer can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .policy.boolean-policy enforced=true If true , then the Policy is enforced. If false , then any configuration is acceptable. Suppose you have a Constraint constraints/compute.disableSerialPortAccess with constraint_default set to ALLOW . A Policy for that Constraint exhibits the following behavior: - If the Policy at this resource has enforced set to false , serial port connection attempts will be allowed. - If the Policy at this resource has enforced set to true , serial port connection attempts will be refused. - If the Policy at this resource is RestoreDefault , serial port connection attempts will be allowed. - If no Policy is set at this resource or anywhere higher in the resource hierarchy, serial port connection attempts will be allowed. - If no Policy is set at this resource, but one exists higher in the resource hierarchy, the behavior is as if the Policy were set at this resource. The following examples demonstrate the different possible layerings: Example 1 (nearest Constraint wins): organizations/foo has a Policy with: {enforced: false} projects/bar has no Policy set. The constraint at projects/bar and organizations/foo will not be enforced. Example 2 (enforcement gets replaced): organizations/foo has a Policy with: {enforced: false} projects/bar has a Policy with: {enforced: true} The constraint at organizations/foo is not enforced. The constraint at projects/bar is enforced. Example 3 (RestoreDefault): organizations/foo has a Policy with: {enforced: true} projects/bar has a Policy with: {RestoreDefault: {}} The constraint at organizations/foo is enforced. The constraint at projects/bar is not enforced, because constraint_default for the Constraint is ALLOW . .. constraint=amet. The name of the Constraint the Policy is configuring, for example, constraints/serviceuser.services . A list of available constraints is available. Immutable after creation. etag=duo An opaque tag indicating the current version of the Policy , used for concurrency control. When the Policy is returned from either a GetPolicy or a ListOrgPolicy request, this etag indicates the version of the current Policy to use when executing a read-modify-write loop. When the Policy is returned from a GetEffectivePolicy request, the etag will be unset. When the Policy is used in a SetOrgPolicy method, use the etag value that was returned from a GetOrgPolicy request as part of a read-modify-write loop for concurrency control. Not setting the etag in a SetOrgPolicy request will result in an unconditional write of the Policy . list-policy all-values=ipsum The policy all_values state. allowed-values=gubergren List of values allowed at this resource. Can only be set if all_values is set to ALL_VALUES_UNSPECIFIED . Each invocation of this argument appends the given value to the array. denied-values=lorem List of values denied at this resource. Can only be set if all_values is set to ALL_VALUES_UNSPECIFIED . Each invocation of this argument appends the given value to the array. inherit-from-parent=false Determines the inheritance behavior for this Policy . By default, a ListPolicy set at a resource supersedes any Policy set anywhere up the resource hierarchy. However, if inherit_from_parent is set to true , then the values from the effective Policy of the parent resource are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy. Setting Policy hierarchies that inherit both allowed values and denied values isn't recommended in most circumstances to keep the configuration simple and understandable. However, it is possible to set a Policy with allowed_values set that inherits a Policy with denied_values set. In this case, the values that are allowed must be in allowed_values and not present in denied_values . For example, suppose you have a Constraint constraints/serviceuser.services , which has a constraint_type of list_constraint , and with constraint_default set to ALLOW . Suppose that at the Organization level, a Policy is applied that restricts the allowed API activations to { E1 , E2 }. Then, if a Policy is applied to a project below the Organization that has inherit_from_parent set to false and field all_values set to DENY, then an attempt to activate any API will be denied. The following examples demonstrate different possible layerings for projects/bar parented by organizations/foo : Example 1 (no inherited values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has inherit_from_parent false and values: {allowed_values: \"E3\" allowed_values: \"E4\"} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are E3 , and E4 . Example 2 (inherited values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has a Policy with values: {value: \"E3\" value: \"E4\" inherit_from_parent: true} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are E1 , E2 , E3 , and E4 . Example 3 (inheriting both allowed and denied values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values: \"E2\"} projects/bar has a Policy with: {denied_values: \"E1\"} The accepted values at organizations/foo are E1 , E2 . The value accepted at projects/bar is E2 . Example 4 (RestoreDefault): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has a Policy with values: {RestoreDefault: {}} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are either all or none depending on the value of constraint_default (if ALLOW , all; if DENY , none). Example 5 (no policy inherits parent policy): organizations/foo has no Policy set. projects/bar has no Policy set. The accepted values at both levels are either all or none depending on the value of constraint_default (if ALLOW , all; if DENY , none). Example 6 (ListConstraint allowing all): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values: \"E2\"} projects/bar has a Policy with: {all: ALLOW} The accepted values at organizations/foo are E1 , E2 . Any value is accepted at projects/bar . Example 7 (ListConstraint allowing none): organizations/foo has a Policy with values: {allowed_values: "E1" allowed_values: "E2"} projects/bar has a Policy with: {all: DENY} The accepted values at organizations/foo are E1 , E2 . No value is accepted at projects/bar . Example 10 (allowed and denied subtrees of Resource Manager hierarchy): Given the following resource hierarchy O1->{F1, F2}; F1->{P1}; F2->{P2, P3}, organizations/foo has a Policy with values: {allowed_values: \"under:organizations/O1\"} projects/bar has a Policy with: {allowed_values: \"under:projects/P3\"} {denied_values: \"under:folders/F2\"} The accepted values at organizations/foo are organizations/O1 , folders/F1 , folders/F2 , projects/P1 , projects/P2 , projects/P3 . The accepted values at projects/bar are organizations/O1 , folders/F1 , projects/P1 . suggested-value=dolor Optional. The Google Cloud Console will try to default to a configuration that matches the value specified in this Policy . If suggested_value is not set, it will inherit the value specified higher in the hierarchy, unless inherit_from_parent is false . .. update-time=ea The time stamp the Policy was previously updated. This is set by the server, not specified by the caller, and represents the last time a call to SetOrgPolicy was made for that Policy . Any value set by the client will be ignored. version=46 Version of the Policy . Default version is 0;","title":"Required Request Value"},{"location":"folders_set-org-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"folders_set-org-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"folders_set-org-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"liens_create/","text":"Create a Lien which applies to the resource denoted by the parent field. Callers of this method will require permission on the parent resource. For example, applying to projects/1234 requires permission resourcemanager.projects.updateLiens . NOTE: Some resources may limit the number of Liens which may be applied. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> liens create ... Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: Lien: create-time: string name: string origin: string parent: string reason: string restrictions: [string] can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . create-time=invidunt The creation time of this Lien. name=amet A system-generated unique identifier for this Lien. Example: liens/1234abcd origin=duo A stable, user-visible/meaningful string identifying the origin of the Lien, intended to be inspected programmatically. Maximum length of 200 characters. Example: 'compute.googleapis.com' parent=ipsum A reference to the resource this Lien is attached to. The server will validate the parent against those for which Liens are supported. Example: projects/1234 reason=sed Concise user-visible strings indicating why an action cannot be performed on a resource. Maximum length of 200 characters. Example: 'Holds production API key' restrictions=ut The types of operations which should be blocked as a result of this Lien. Each value should correspond to an IAM permission. The server will validate the permissions against those for which Liens are supported. An empty list is meaningless and will be rejected. Example: ['resourcemanager.projects.delete'] Each invocation of this argument appends the given value to the array. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Create"},{"location":"liens_create/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> liens create ...","title":"Scopes"},{"location":"liens_create/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: Lien: create-time: string name: string origin: string parent: string reason: string restrictions: [string] can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . create-time=invidunt The creation time of this Lien. name=amet A system-generated unique identifier for this Lien. Example: liens/1234abcd origin=duo A stable, user-visible/meaningful string identifying the origin of the Lien, intended to be inspected programmatically. Maximum length of 200 characters. Example: 'compute.googleapis.com' parent=ipsum A reference to the resource this Lien is attached to. The server will validate the parent against those for which Liens are supported. Example: projects/1234 reason=sed Concise user-visible strings indicating why an action cannot be performed on a resource. Maximum length of 200 characters. Example: 'Holds production API key' restrictions=ut The types of operations which should be blocked as a result of this Lien. Each value should correspond to an IAM permission. The server will validate the permissions against those for which Liens are supported. An empty list is meaningless and will be rejected. Example: ['resourcemanager.projects.delete'] Each invocation of this argument appends the given value to the array.","title":"Required Request Value"},{"location":"liens_create/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"liens_create/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"liens_create/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"liens_delete/","text":"Delete a Lien by name . Callers of this method will require permission on the parent resource. For example, a Lien with a parent of projects/1234 requires permission resourcemanager.projects.updateLiens . Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> liens delete ... Required Scalar Argument <name> (string) Required. The name/identifier of the Lien to delete. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Delete"},{"location":"liens_delete/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> liens delete ...","title":"Scopes"},{"location":"liens_delete/#required-scalar-argument","text":"<name> (string) Required. The name/identifier of the Lien to delete.","title":"Required Scalar Argument"},{"location":"liens_delete/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"liens_delete/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"liens_get/","text":"Retrieve a Lien by name . Callers of this method will require permission on the parent resource. For example, a Lien with a parent of projects/1234 requires permission resourcemanager.projects.get Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> liens get ... Required Scalar Argument <name> (string) Required. The name/identifier of the Lien. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Get"},{"location":"liens_get/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> liens get ...","title":"Scopes"},{"location":"liens_get/#required-scalar-argument","text":"<name> (string) Required. The name/identifier of the Lien.","title":"Required Scalar Argument"},{"location":"liens_get/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"liens_get/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"liens_list/","text":"List all Liens applied to the parent resource. Callers of this method will require permission on the parent resource. For example, a Lien with a parent of projects/1234 requires permission resourcemanager.projects.get . Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> liens list ... Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional Method Properties You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p page-size=integer The maximum number of items to return. This is a suggestion for the server. The server can return fewer liens than requested. If unspecified, server picks an appropriate default. -p page-token=string The next_page_token value returned from a previous List request, if any. -p parent=string Required. The name of the resource to list all attached Liens. For example, projects/1234 . (google.api.field_policy).resource_type annotation is not set since the parent depends on the meta api implementation. This field could be a project or other sub project resources. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"List"},{"location":"liens_list/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> liens list ...","title":"Scopes"},{"location":"liens_list/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"liens_list/#optional-method-properties","text":"You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p page-size=integer The maximum number of items to return. This is a suggestion for the server. The server can return fewer liens than requested. If unspecified, server picks an appropriate default. -p page-token=string The next_page_token value returned from a previous List request, if any. -p parent=string Required. The name of the resource to list all attached Liens. For example, projects/1234 . (google.api.field_policy).resource_type annotation is not set since the parent depends on the meta api implementation. This field could be a project or other sub project resources.","title":"Optional Method Properties"},{"location":"liens_list/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"operations_get/","text":"Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> operations get ... Required Scalar Argument <name> (string) The name of the operation resource. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Get"},{"location":"operations_get/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> operations get ...","title":"Scopes"},{"location":"operations_get/#required-scalar-argument","text":"<name> (string) The name of the operation resource.","title":"Required Scalar Argument"},{"location":"operations_get/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"operations_get/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"organizations_clear-org-policy/","text":"Clears a Policy from a resource. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations clear-org-policy ... Required Scalar Argument <resource> (string) Name of the resource for the Policy to clear. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ClearOrgPolicyRequest: constraint: string etag: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=gubergren Name of the Constraint of the Policy to clear. etag=rebum. The current version, for concurrency control. Not sending an etag will cause the Policy to be cleared blindly. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Clear Org Policy"},{"location":"organizations_clear-org-policy/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations clear-org-policy ...","title":"Scopes"},{"location":"organizations_clear-org-policy/#required-scalar-argument","text":"<resource> (string) Name of the resource for the Policy to clear.","title":"Required Scalar Argument"},{"location":"organizations_clear-org-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ClearOrgPolicyRequest: constraint: string etag: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=gubergren Name of the Constraint of the Policy to clear. etag=rebum. The current version, for concurrency control. Not sending an etag will cause the Policy to be cleared blindly.","title":"Required Request Value"},{"location":"organizations_clear-org-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"organizations_clear-org-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"organizations_clear-org-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"organizations_get-effective-org-policy/","text":"Gets the effective Policy on a resource. This is the result of merging Policies in the resource hierarchy. The returned Policy will not have an etag set because it is a computed Policy across multiple resources. Subtrees of Resource Manager resource hierarchy with 'under:' prefix will not be expanded. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations get-effective-org-policy ... Required Scalar Argument <resource> (string) The name of the resource to start computing the effective Policy . Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetEffectiveOrgPolicyRequest: constraint: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=est The name of the Constraint to compute the effective Policy . About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Get Effective Org Policy"},{"location":"organizations_get-effective-org-policy/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations get-effective-org-policy ...","title":"Scopes"},{"location":"organizations_get-effective-org-policy/#required-scalar-argument","text":"<resource> (string) The name of the resource to start computing the effective Policy .","title":"Required Scalar Argument"},{"location":"organizations_get-effective-org-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetEffectiveOrgPolicyRequest: constraint: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=est The name of the Constraint to compute the effective Policy .","title":"Required Request Value"},{"location":"organizations_get-effective-org-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"organizations_get-effective-org-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"organizations_get-effective-org-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"organizations_get-iam-policy/","text":"Gets the access control policy for an Organization resource. May be empty if no such policy or resource exists. The resource field should be the organization's resource name, e.g. \"organizations/123\". Authorization requires the Google IAM permission resourcemanager.organizations.getIamPolicy on the specified organization Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations get-iam-policy ... Required Scalar Argument <resource> (string) REQUIRED: The resource for which the policy is being requested. See Resource names for the appropriate value for this field. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetIamPolicyRequest: options: requested-policy-version: integer can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .options requested-policy-version=51 Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the IAM documentation . About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Get Iam Policy"},{"location":"organizations_get-iam-policy/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations get-iam-policy ...","title":"Scopes"},{"location":"organizations_get-iam-policy/#required-scalar-argument","text":"<resource> (string) REQUIRED: The resource for which the policy is being requested. See Resource names for the appropriate value for this field.","title":"Required Scalar Argument"},{"location":"organizations_get-iam-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetIamPolicyRequest: options: requested-policy-version: integer can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .options requested-policy-version=51 Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the IAM documentation .","title":"Required Request Value"},{"location":"organizations_get-iam-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"organizations_get-iam-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"organizations_get-iam-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"organizations_get-org-policy/","text":"Gets a Policy on a resource. If no Policy is set on the resource, a Policy is returned with default values including POLICY_TYPE_NOT_SET for the policy_type oneof . The etag value can be used with SetOrgPolicy() to create or update a Policy during read-modify-write. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations get-org-policy ... Required Scalar Argument <resource> (string) Name of the resource the Policy is set on. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetOrgPolicyRequest: constraint: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=ipsum Name of the Constraint to get the Policy . About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Get Org Policy"},{"location":"organizations_get-org-policy/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations get-org-policy ...","title":"Scopes"},{"location":"organizations_get-org-policy/#required-scalar-argument","text":"<resource> (string) Name of the resource the Policy is set on.","title":"Required Scalar Argument"},{"location":"organizations_get-org-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetOrgPolicyRequest: constraint: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=ipsum Name of the Constraint to get the Policy .","title":"Required Request Value"},{"location":"organizations_get-org-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"organizations_get-org-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"organizations_get-org-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"organizations_get/","text":"Fetches an Organization resource identified by the specified resource name. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations get ... Required Scalar Argument <name> (string) The resource name of the Organization to fetch. This is the organization's relative path in the API, formatted as \"organizations/[organizationId]\". For example, \"organizations/1234\". Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Get"},{"location":"organizations_get/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations get ...","title":"Scopes"},{"location":"organizations_get/#required-scalar-argument","text":"<name> (string) The resource name of the Organization to fetch. This is the organization's relative path in the API, formatted as \"organizations/[organizationId]\". For example, \"organizations/1234\".","title":"Required Scalar Argument"},{"location":"organizations_get/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"organizations_get/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"organizations_list-available-org-policy-constraints/","text":"Lists Constraints that could be applied on the specified resource. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations list-available-org-policy-constraints ... Required Scalar Argument <resource> (string) Name of the resource to list Constraints for. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ListAvailableOrgPolicyConstraintsRequest: page-size: integer page-token: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . page-size=94 Size of the pages to be returned. This is currently unsupported and will be ignored. The server may at any point start using this field to limit page size. page-token=gubergren Page token used to retrieve the next page. This is currently unsupported and will be ignored. The server may at any point start using this field. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"List Available Org Policy Constraints"},{"location":"organizations_list-available-org-policy-constraints/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations list-available-org-policy-constraints ...","title":"Scopes"},{"location":"organizations_list-available-org-policy-constraints/#required-scalar-argument","text":"<resource> (string) Name of the resource to list Constraints for.","title":"Required Scalar Argument"},{"location":"organizations_list-available-org-policy-constraints/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ListAvailableOrgPolicyConstraintsRequest: page-size: integer page-token: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . page-size=94 Size of the pages to be returned. This is currently unsupported and will be ignored. The server may at any point start using this field to limit page size. page-token=gubergren Page token used to retrieve the next page. This is currently unsupported and will be ignored. The server may at any point start using this field.","title":"Required Request Value"},{"location":"organizations_list-available-org-policy-constraints/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"organizations_list-available-org-policy-constraints/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"organizations_list-available-org-policy-constraints/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"organizations_list-org-policies/","text":"Lists all the Policies set for a particular resource. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations list-org-policies ... Required Scalar Argument <resource> (string) Name of the resource to list Policies for. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ListOrgPoliciesRequest: page-size: integer page-token: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . page-size=84 Size of the pages to be returned. This is currently unsupported and will be ignored. The server may at any point start using this field to limit page size. page-token=dolor Page token used to retrieve the next page. This is currently unsupported and will be ignored. The server may at any point start using this field. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"List Org Policies"},{"location":"organizations_list-org-policies/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations list-org-policies ...","title":"Scopes"},{"location":"organizations_list-org-policies/#required-scalar-argument","text":"<resource> (string) Name of the resource to list Policies for.","title":"Required Scalar Argument"},{"location":"organizations_list-org-policies/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ListOrgPoliciesRequest: page-size: integer page-token: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . page-size=84 Size of the pages to be returned. This is currently unsupported and will be ignored. The server may at any point start using this field to limit page size. page-token=dolor Page token used to retrieve the next page. This is currently unsupported and will be ignored. The server may at any point start using this field.","title":"Required Request Value"},{"location":"organizations_list-org-policies/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"organizations_list-org-policies/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"organizations_list-org-policies/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"organizations_search/","text":"Searches Organization resources that are visible to the user and satisfy the specified filter. This method returns Organizations in an unspecified order. New Organizations do not necessarily appear at the end of the results. Search will only return organizations on which the user has the permission resourcemanager.organizations.get or has super admin privileges. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations search ... Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: SearchOrganizationsRequest: filter: string page-size: integer page-token: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . filter=lorem An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Organizations may be filtered by owner.directoryCustomerId or by domain , where the domain is a G Suite domain, for example: * Filter owner.directorycustomerid:123456789 returns Organization resources with owner.directory_customer_id equal to 123456789 . * Filter domain:google.com returns Organization resources corresponding to the domain google.com . This field is optional. page-size=76 The maximum number of Organizations to return in the response. The server can return fewer organizations than requested. If unspecified, server picks an appropriate default. page-token=labore A pagination token returned from a previous call to SearchOrganizations that indicates from where listing should continue. This field is optional. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Search"},{"location":"organizations_search/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations search ...","title":"Scopes"},{"location":"organizations_search/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: SearchOrganizationsRequest: filter: string page-size: integer page-token: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . filter=lorem An optional query string used to filter the Organizations to return in the response. Filter rules are case-insensitive. Organizations may be filtered by owner.directoryCustomerId or by domain , where the domain is a G Suite domain, for example: * Filter owner.directorycustomerid:123456789 returns Organization resources with owner.directory_customer_id equal to 123456789 . * Filter domain:google.com returns Organization resources corresponding to the domain google.com . This field is optional. page-size=76 The maximum number of Organizations to return in the response. The server can return fewer organizations than requested. If unspecified, server picks an appropriate default. page-token=labore A pagination token returned from a previous call to SearchOrganizations that indicates from where listing should continue. This field is optional.","title":"Required Request Value"},{"location":"organizations_search/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"organizations_search/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"organizations_search/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"organizations_set-iam-policy/","text":"Sets the access control policy on an Organization resource. Replaces any existing policy. The resource field should be the organization's resource name, e.g. \"organizations/123\". Authorization requires the Google IAM permission resourcemanager.organizations.setIamPolicy on the specified organization Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations set-iam-policy ... Required Scalar Argument <resource> (string) REQUIRED: The resource for which the policy is being specified. See Resource names for the appropriate value for this field. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: SetIamPolicyRequest: policy: etag: string version: integer update-mask: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .policy etag=sed etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the etag in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An etag is returned in the response to getIamPolicy , and systems are expected to put that etag in the request to setIamPolicy to ensure that their change will be applied to the same version of the policy. Important: If you use IAM Conditions, you must include the etag field whenever you call setIamPolicy . If you omit this field, then IAM allows you to overwrite a version 3 policy with a version 1 policy, and all of the conditions in the version 3 policy are lost. version=31 Specifies the format of the policy. Valid values are 0 , 1 , and 3 . Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version 3 . This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions Important: If you use IAM Conditions, you must include the etag field whenever you call setIamPolicy . If you omit this field, then IAM allows you to overwrite a version 3 policy with a version 1 policy, and all of the conditions in the version 3 policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the IAM documentation . .. update-mask=sed OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: paths: "bindings, etag" About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Set Iam Policy"},{"location":"organizations_set-iam-policy/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations set-iam-policy ...","title":"Scopes"},{"location":"organizations_set-iam-policy/#required-scalar-argument","text":"<resource> (string) REQUIRED: The resource for which the policy is being specified. See Resource names for the appropriate value for this field.","title":"Required Scalar Argument"},{"location":"organizations_set-iam-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: SetIamPolicyRequest: policy: etag: string version: integer update-mask: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .policy etag=sed etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the etag in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An etag is returned in the response to getIamPolicy , and systems are expected to put that etag in the request to setIamPolicy to ensure that their change will be applied to the same version of the policy. Important: If you use IAM Conditions, you must include the etag field whenever you call setIamPolicy . If you omit this field, then IAM allows you to overwrite a version 3 policy with a version 1 policy, and all of the conditions in the version 3 policy are lost. version=31 Specifies the format of the policy. Valid values are 0 , 1 , and 3 . Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version 3 . This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions Important: If you use IAM Conditions, you must include the etag field whenever you call setIamPolicy . If you omit this field, then IAM allows you to overwrite a version 3 policy with a version 1 policy, and all of the conditions in the version 3 policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the IAM documentation . .. update-mask=sed OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: paths: "bindings, etag"","title":"Required Request Value"},{"location":"organizations_set-iam-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"organizations_set-iam-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"organizations_set-iam-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"organizations_set-org-policy/","text":"Updates the specified Policy on the resource. Creates a new Policy for that Constraint on the resource if one does not exist. Not supplying an etag on the request Policy results in an unconditional write of the Policy . Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations set-org-policy ... Required Scalar Argument <resource> (string) Resource name of the resource to attach the Policy . Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: SetOrgPolicyRequest: policy: boolean-policy: enforced: boolean constraint: string etag: string list-policy: all-values: string allowed-values: [string] denied-values: [string] inherit-from-parent: boolean suggested-value: string update-time: string version: integer can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .policy.boolean-policy enforced=true If true , then the Policy is enforced. If false , then any configuration is acceptable. Suppose you have a Constraint constraints/compute.disableSerialPortAccess with constraint_default set to ALLOW . A Policy for that Constraint exhibits the following behavior: - If the Policy at this resource has enforced set to false , serial port connection attempts will be allowed. - If the Policy at this resource has enforced set to true , serial port connection attempts will be refused. - If the Policy at this resource is RestoreDefault , serial port connection attempts will be allowed. - If no Policy is set at this resource or anywhere higher in the resource hierarchy, serial port connection attempts will be allowed. - If no Policy is set at this resource, but one exists higher in the resource hierarchy, the behavior is as if the Policy were set at this resource. The following examples demonstrate the different possible layerings: Example 1 (nearest Constraint wins): organizations/foo has a Policy with: {enforced: false} projects/bar has no Policy set. The constraint at projects/bar and organizations/foo will not be enforced. Example 2 (enforcement gets replaced): organizations/foo has a Policy with: {enforced: false} projects/bar has a Policy with: {enforced: true} The constraint at organizations/foo is not enforced. The constraint at projects/bar is enforced. Example 3 (RestoreDefault): organizations/foo has a Policy with: {enforced: true} projects/bar has a Policy with: {RestoreDefault: {}} The constraint at organizations/foo is enforced. The constraint at projects/bar is not enforced, because constraint_default for the Constraint is ALLOW . .. constraint=stet The name of the Constraint the Policy is configuring, for example, constraints/serviceuser.services . A list of available constraints is available. Immutable after creation. etag=kasd An opaque tag indicating the current version of the Policy , used for concurrency control. When the Policy is returned from either a GetPolicy or a ListOrgPolicy request, this etag indicates the version of the current Policy to use when executing a read-modify-write loop. When the Policy is returned from a GetEffectivePolicy request, the etag will be unset. When the Policy is used in a SetOrgPolicy method, use the etag value that was returned from a GetOrgPolicy request as part of a read-modify-write loop for concurrency control. Not setting the etag in a SetOrgPolicy request will result in an unconditional write of the Policy . list-policy all-values=et The policy all_values state. allowed-values=sed List of values allowed at this resource. Can only be set if all_values is set to ALL_VALUES_UNSPECIFIED . Each invocation of this argument appends the given value to the array. denied-values=et List of values denied at this resource. Can only be set if all_values is set to ALL_VALUES_UNSPECIFIED . Each invocation of this argument appends the given value to the array. inherit-from-parent=true Determines the inheritance behavior for this Policy . By default, a ListPolicy set at a resource supersedes any Policy set anywhere up the resource hierarchy. However, if inherit_from_parent is set to true , then the values from the effective Policy of the parent resource are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy. Setting Policy hierarchies that inherit both allowed values and denied values isn't recommended in most circumstances to keep the configuration simple and understandable. However, it is possible to set a Policy with allowed_values set that inherits a Policy with denied_values set. In this case, the values that are allowed must be in allowed_values and not present in denied_values . For example, suppose you have a Constraint constraints/serviceuser.services , which has a constraint_type of list_constraint , and with constraint_default set to ALLOW . Suppose that at the Organization level, a Policy is applied that restricts the allowed API activations to { E1 , E2 }. Then, if a Policy is applied to a project below the Organization that has inherit_from_parent set to false and field all_values set to DENY, then an attempt to activate any API will be denied. The following examples demonstrate different possible layerings for projects/bar parented by organizations/foo : Example 1 (no inherited values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has inherit_from_parent false and values: {allowed_values: \"E3\" allowed_values: \"E4\"} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are E3 , and E4 . Example 2 (inherited values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has a Policy with values: {value: \"E3\" value: \"E4\" inherit_from_parent: true} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are E1 , E2 , E3 , and E4 . Example 3 (inheriting both allowed and denied values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values: \"E2\"} projects/bar has a Policy with: {denied_values: \"E1\"} The accepted values at organizations/foo are E1 , E2 . The value accepted at projects/bar is E2 . Example 4 (RestoreDefault): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has a Policy with values: {RestoreDefault: {}} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are either all or none depending on the value of constraint_default (if ALLOW , all; if DENY , none). Example 5 (no policy inherits parent policy): organizations/foo has no Policy set. projects/bar has no Policy set. The accepted values at both levels are either all or none depending on the value of constraint_default (if ALLOW , all; if DENY , none). Example 6 (ListConstraint allowing all): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values: \"E2\"} projects/bar has a Policy with: {all: ALLOW} The accepted values at organizations/foo are E1 , E2 . Any value is accepted at projects/bar . Example 7 (ListConstraint allowing none): organizations/foo has a Policy with values: {allowed_values: "E1" allowed_values: "E2"} projects/bar has a Policy with: {all: DENY} The accepted values at organizations/foo are E1 , E2 . No value is accepted at projects/bar . Example 10 (allowed and denied subtrees of Resource Manager hierarchy): Given the following resource hierarchy O1->{F1, F2}; F1->{P1}; F2->{P2, P3}, organizations/foo has a Policy with values: {allowed_values: \"under:organizations/O1\"} projects/bar has a Policy with: {allowed_values: \"under:projects/P3\"} {denied_values: \"under:folders/F2\"} The accepted values at organizations/foo are organizations/O1 , folders/F1 , folders/F2 , projects/P1 , projects/P2 , projects/P3 . The accepted values at projects/bar are organizations/O1 , folders/F1 , projects/P1 . suggested-value=vero Optional. The Google Cloud Console will try to default to a configuration that matches the value specified in this Policy . If suggested_value is not set, it will inherit the value specified higher in the hierarchy, unless inherit_from_parent is false . .. update-time=erat The time stamp the Policy was previously updated. This is set by the server, not specified by the caller, and represents the last time a call to SetOrgPolicy was made for that Policy . Any value set by the client will be ignored. version=8 Version of the Policy . Default version is 0; About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Set Org Policy"},{"location":"organizations_set-org-policy/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations set-org-policy ...","title":"Scopes"},{"location":"organizations_set-org-policy/#required-scalar-argument","text":"<resource> (string) Resource name of the resource to attach the Policy .","title":"Required Scalar Argument"},{"location":"organizations_set-org-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: SetOrgPolicyRequest: policy: boolean-policy: enforced: boolean constraint: string etag: string list-policy: all-values: string allowed-values: [string] denied-values: [string] inherit-from-parent: boolean suggested-value: string update-time: string version: integer can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .policy.boolean-policy enforced=true If true , then the Policy is enforced. If false , then any configuration is acceptable. Suppose you have a Constraint constraints/compute.disableSerialPortAccess with constraint_default set to ALLOW . A Policy for that Constraint exhibits the following behavior: - If the Policy at this resource has enforced set to false , serial port connection attempts will be allowed. - If the Policy at this resource has enforced set to true , serial port connection attempts will be refused. - If the Policy at this resource is RestoreDefault , serial port connection attempts will be allowed. - If no Policy is set at this resource or anywhere higher in the resource hierarchy, serial port connection attempts will be allowed. - If no Policy is set at this resource, but one exists higher in the resource hierarchy, the behavior is as if the Policy were set at this resource. The following examples demonstrate the different possible layerings: Example 1 (nearest Constraint wins): organizations/foo has a Policy with: {enforced: false} projects/bar has no Policy set. The constraint at projects/bar and organizations/foo will not be enforced. Example 2 (enforcement gets replaced): organizations/foo has a Policy with: {enforced: false} projects/bar has a Policy with: {enforced: true} The constraint at organizations/foo is not enforced. The constraint at projects/bar is enforced. Example 3 (RestoreDefault): organizations/foo has a Policy with: {enforced: true} projects/bar has a Policy with: {RestoreDefault: {}} The constraint at organizations/foo is enforced. The constraint at projects/bar is not enforced, because constraint_default for the Constraint is ALLOW . .. constraint=stet The name of the Constraint the Policy is configuring, for example, constraints/serviceuser.services . A list of available constraints is available. Immutable after creation. etag=kasd An opaque tag indicating the current version of the Policy , used for concurrency control. When the Policy is returned from either a GetPolicy or a ListOrgPolicy request, this etag indicates the version of the current Policy to use when executing a read-modify-write loop. When the Policy is returned from a GetEffectivePolicy request, the etag will be unset. When the Policy is used in a SetOrgPolicy method, use the etag value that was returned from a GetOrgPolicy request as part of a read-modify-write loop for concurrency control. Not setting the etag in a SetOrgPolicy request will result in an unconditional write of the Policy . list-policy all-values=et The policy all_values state. allowed-values=sed List of values allowed at this resource. Can only be set if all_values is set to ALL_VALUES_UNSPECIFIED . Each invocation of this argument appends the given value to the array. denied-values=et List of values denied at this resource. Can only be set if all_values is set to ALL_VALUES_UNSPECIFIED . Each invocation of this argument appends the given value to the array. inherit-from-parent=true Determines the inheritance behavior for this Policy . By default, a ListPolicy set at a resource supersedes any Policy set anywhere up the resource hierarchy. However, if inherit_from_parent is set to true , then the values from the effective Policy of the parent resource are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy. Setting Policy hierarchies that inherit both allowed values and denied values isn't recommended in most circumstances to keep the configuration simple and understandable. However, it is possible to set a Policy with allowed_values set that inherits a Policy with denied_values set. In this case, the values that are allowed must be in allowed_values and not present in denied_values . For example, suppose you have a Constraint constraints/serviceuser.services , which has a constraint_type of list_constraint , and with constraint_default set to ALLOW . Suppose that at the Organization level, a Policy is applied that restricts the allowed API activations to { E1 , E2 }. Then, if a Policy is applied to a project below the Organization that has inherit_from_parent set to false and field all_values set to DENY, then an attempt to activate any API will be denied. The following examples demonstrate different possible layerings for projects/bar parented by organizations/foo : Example 1 (no inherited values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has inherit_from_parent false and values: {allowed_values: \"E3\" allowed_values: \"E4\"} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are E3 , and E4 . Example 2 (inherited values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has a Policy with values: {value: \"E3\" value: \"E4\" inherit_from_parent: true} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are E1 , E2 , E3 , and E4 . Example 3 (inheriting both allowed and denied values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values: \"E2\"} projects/bar has a Policy with: {denied_values: \"E1\"} The accepted values at organizations/foo are E1 , E2 . The value accepted at projects/bar is E2 . Example 4 (RestoreDefault): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has a Policy with values: {RestoreDefault: {}} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are either all or none depending on the value of constraint_default (if ALLOW , all; if DENY , none). Example 5 (no policy inherits parent policy): organizations/foo has no Policy set. projects/bar has no Policy set. The accepted values at both levels are either all or none depending on the value of constraint_default (if ALLOW , all; if DENY , none). Example 6 (ListConstraint allowing all): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values: \"E2\"} projects/bar has a Policy with: {all: ALLOW} The accepted values at organizations/foo are E1 , E2 . Any value is accepted at projects/bar . Example 7 (ListConstraint allowing none): organizations/foo has a Policy with values: {allowed_values: "E1" allowed_values: "E2"} projects/bar has a Policy with: {all: DENY} The accepted values at organizations/foo are E1 , E2 . No value is accepted at projects/bar . Example 10 (allowed and denied subtrees of Resource Manager hierarchy): Given the following resource hierarchy O1->{F1, F2}; F1->{P1}; F2->{P2, P3}, organizations/foo has a Policy with values: {allowed_values: \"under:organizations/O1\"} projects/bar has a Policy with: {allowed_values: \"under:projects/P3\"} {denied_values: \"under:folders/F2\"} The accepted values at organizations/foo are organizations/O1 , folders/F1 , folders/F2 , projects/P1 , projects/P2 , projects/P3 . The accepted values at projects/bar are organizations/O1 , folders/F1 , projects/P1 . suggested-value=vero Optional. The Google Cloud Console will try to default to a configuration that matches the value specified in this Policy . If suggested_value is not set, it will inherit the value specified higher in the hierarchy, unless inherit_from_parent is false . .. update-time=erat The time stamp the Policy was previously updated. This is set by the server, not specified by the caller, and represents the last time a call to SetOrgPolicy was made for that Policy . Any value set by the client will be ignored. version=8 Version of the Policy . Default version is 0;","title":"Required Request Value"},{"location":"organizations_set-org-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"organizations_set-org-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"organizations_set-org-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"organizations_test-iam-permissions/","text":"Returns permissions that a caller has on the specified Organization. The resource field should be the organization's resource name, e.g. \"organizations/123\". There are no permissions required for making this API call. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations test-iam-permissions ... Required Scalar Argument <resource> (string) REQUIRED: The resource for which the policy detail is being requested. See Resource names for the appropriate value for this field. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: TestIamPermissionsRequest: permissions: [string] can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . permissions=duo The set of permissions to check for the resource . Permissions with wildcards (such as * or storage.* ) are not allowed. For more information see IAM Overview . Each invocation of this argument appends the given value to the array. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Test Iam Permissions"},{"location":"organizations_test-iam-permissions/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> organizations test-iam-permissions ...","title":"Scopes"},{"location":"organizations_test-iam-permissions/#required-scalar-argument","text":"<resource> (string) REQUIRED: The resource for which the policy detail is being requested. See Resource names for the appropriate value for this field.","title":"Required Scalar Argument"},{"location":"organizations_test-iam-permissions/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: TestIamPermissionsRequest: permissions: [string] can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . permissions=duo The set of permissions to check for the resource . Permissions with wildcards (such as * or storage.* ) are not allowed. For more information see IAM Overview . Each invocation of this argument appends the given value to the array.","title":"Required Request Value"},{"location":"organizations_test-iam-permissions/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"organizations_test-iam-permissions/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"organizations_test-iam-permissions/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_clear-org-policy/","text":"Clears a Policy from a resource. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects clear-org-policy ... Required Scalar Argument <resource> (string) Name of the resource for the Policy to clear. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ClearOrgPolicyRequest: constraint: string etag: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=dolore Name of the Constraint of the Policy to clear. etag=et The current version, for concurrency control. Not sending an etag will cause the Policy to be cleared blindly. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Clear Org Policy"},{"location":"projects_clear-org-policy/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects clear-org-policy ...","title":"Scopes"},{"location":"projects_clear-org-policy/#required-scalar-argument","text":"<resource> (string) Name of the resource for the Policy to clear.","title":"Required Scalar Argument"},{"location":"projects_clear-org-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ClearOrgPolicyRequest: constraint: string etag: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=dolore Name of the Constraint of the Policy to clear. etag=et The current version, for concurrency control. Not sending an etag will cause the Policy to be cleared blindly.","title":"Required Request Value"},{"location":"projects_clear-org-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"projects_clear-org-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_clear-org-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_create/","text":"Request that a new Project be created. The result is an Operation which can be used to track the creation process. This process usually takes a few seconds, but can sometimes take much longer. The tracking Operation is automatically deleted after a few hours, so there is no need to call DeleteOperation. Authorization requires the Google IAM permission resourcemanager.projects.create on the specified parent for the new project. The parent is identified by a specified ResourceId, which must include both an ID and a type, such as organization. This method does not associate the new project with a billing account. You can set or update the billing account associated with a project using the [ projects.updateBillingInfo ] (/billing/reference/rest/v1/projects/updateBillingInfo) method. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects create ... Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: Project: create-time: string labels: { string: string } lifecycle-state: string name: string parent: id: string type: string project-id: string project-number: string tags: { string: string } can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . create-time=voluptua. Creation time. Read-only. labels=key=amet. The labels associated with this Project. Label keys must be between 1 and 63 characters long and must conform to the following regular expression: a-z{0,62}. Label values must be between 0 and 63 characters long and must conform to the regular expression [a-z0-9_-]{0,63}. A label value can be empty. No more than 256 labels can be associated with a given resource. Clients should store labels in a representation such as JSON that does not depend on specific characters being disallowed. Example: \"environment\" : \"dev\" Read-write. the value will be associated with the given key lifecycle-state=consetetur The Project lifecycle state. Read-only. name=diam The optional user-assigned display name of the Project. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, single-quote, double-quote, space, and exclamation point. Example: My Project Read-write. parent id=dolor The type-specific id. This should correspond to the id used in the type-specific API's. type=et The resource type this id is for. At present, the valid types are: \"organization\", \"folder\", and \"project\". .. project-id=et The unique, user-assigned ID of the Project. It must be 6 to 30 lowercase letters, digits, or hyphens. It must start with a letter. Trailing hyphens are prohibited. Example: tokyo-rain-123 Read-only after creation. project-number=sadipscing The number uniquely identifying the project. Example: 415104041262 Read-only. tags=key=stet Optional. Input only. Immutable. Tag keys/values directly bound to this project. Each item in the map must be expressed as \" : \". For example: \"123/environment\" : \"production\", \"123/costCenter\" : \"marketing\" the value will be associated with the given key About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Create"},{"location":"projects_create/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects create ...","title":"Scopes"},{"location":"projects_create/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: Project: create-time: string labels: { string: string } lifecycle-state: string name: string parent: id: string type: string project-id: string project-number: string tags: { string: string } can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . create-time=voluptua. Creation time. Read-only. labels=key=amet. The labels associated with this Project. Label keys must be between 1 and 63 characters long and must conform to the following regular expression: a-z{0,62}. Label values must be between 0 and 63 characters long and must conform to the regular expression [a-z0-9_-]{0,63}. A label value can be empty. No more than 256 labels can be associated with a given resource. Clients should store labels in a representation such as JSON that does not depend on specific characters being disallowed. Example: \"environment\" : \"dev\" Read-write. the value will be associated with the given key lifecycle-state=consetetur The Project lifecycle state. Read-only. name=diam The optional user-assigned display name of the Project. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, single-quote, double-quote, space, and exclamation point. Example: My Project Read-write. parent id=dolor The type-specific id. This should correspond to the id used in the type-specific API's. type=et The resource type this id is for. At present, the valid types are: \"organization\", \"folder\", and \"project\". .. project-id=et The unique, user-assigned ID of the Project. It must be 6 to 30 lowercase letters, digits, or hyphens. It must start with a letter. Trailing hyphens are prohibited. Example: tokyo-rain-123 Read-only after creation. project-number=sadipscing The number uniquely identifying the project. Example: 415104041262 Read-only. tags=key=stet Optional. Input only. Immutable. Tag keys/values directly bound to this project. Each item in the map must be expressed as \" : \". For example: \"123/environment\" : \"production\", \"123/costCenter\" : \"marketing\" the value will be associated with the given key","title":"Required Request Value"},{"location":"projects_create/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"projects_create/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_create/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_delete/","text":"Marks the Project identified by the specified project_id (for example, my-project-123 ) for deletion. This method will only affect the Project if it has a lifecycle state of ACTIVE. This method changes the Project's lifecycle state from ACTIVE to DELETE_REQUESTED. The deletion starts at an unspecified time, at which point the Project is no longer accessible. Until the deletion completes, you can check the lifecycle state checked by retrieving the Project with GetProject, and the Project remains visible to ListProjects. However, you cannot update the project. After the deletion completes, the Project is not retrievable by the GetProject and ListProjects methods. The caller must have delete permissions for this Project. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects delete ... Required Scalar Argument <project-id> (string) The Project ID (for example, foo-bar-123 ). Required. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Delete"},{"location":"projects_delete/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects delete ...","title":"Scopes"},{"location":"projects_delete/#required-scalar-argument","text":"<project-id> (string) The Project ID (for example, foo-bar-123 ). Required.","title":"Required Scalar Argument"},{"location":"projects_delete/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_delete/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_get-ancestry/","text":"Gets a list of ancestors in the resource hierarchy for the Project identified by the specified project_id (for example, my-project-123 ). The caller must have read permissions for this Project. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects get-ancestry ... Required Scalar Argument <project-id> (string) Required. The Project ID (for example, my-project-123 ). Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetAncestryRequest: can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Get Ancestry"},{"location":"projects_get-ancestry/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects get-ancestry ...","title":"Scopes"},{"location":"projects_get-ancestry/#required-scalar-argument","text":"<project-id> (string) Required. The Project ID (for example, my-project-123 ).","title":"Required Scalar Argument"},{"location":"projects_get-ancestry/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetAncestryRequest: can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time.","title":"Required Request Value"},{"location":"projects_get-ancestry/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"projects_get-ancestry/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_get-ancestry/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_get-effective-org-policy/","text":"Gets the effective Policy on a resource. This is the result of merging Policies in the resource hierarchy. The returned Policy will not have an etag set because it is a computed Policy across multiple resources. Subtrees of Resource Manager resource hierarchy with 'under:' prefix will not be expanded. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects get-effective-org-policy ... Required Scalar Argument <resource> (string) The name of the resource to start computing the effective Policy . Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetEffectiveOrgPolicyRequest: constraint: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=dolor The name of the Constraint to compute the effective Policy . About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Get Effective Org Policy"},{"location":"projects_get-effective-org-policy/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects get-effective-org-policy ...","title":"Scopes"},{"location":"projects_get-effective-org-policy/#required-scalar-argument","text":"<resource> (string) The name of the resource to start computing the effective Policy .","title":"Required Scalar Argument"},{"location":"projects_get-effective-org-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetEffectiveOrgPolicyRequest: constraint: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=dolor The name of the Constraint to compute the effective Policy .","title":"Required Request Value"},{"location":"projects_get-effective-org-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"projects_get-effective-org-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_get-effective-org-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_get-iam-policy/","text":"Returns the IAM access control policy for the specified Project. Permission is denied if the policy or the resource does not exist. Authorization requires the Google IAM permission resourcemanager.projects.getIamPolicy on the project. For additional information about resource (e.g. my-project-id) structure and identification, see Resource Names . Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects get-iam-policy ... Required Scalar Argument <resource> (string) REQUIRED: The resource for which the policy is being requested. See Resource names for the appropriate value for this field. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetIamPolicyRequest: options: requested-policy-version: integer can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .options requested-policy-version=81 Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the IAM documentation . About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Get Iam Policy"},{"location":"projects_get-iam-policy/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects get-iam-policy ...","title":"Scopes"},{"location":"projects_get-iam-policy/#required-scalar-argument","text":"<resource> (string) REQUIRED: The resource for which the policy is being requested. See Resource names for the appropriate value for this field.","title":"Required Scalar Argument"},{"location":"projects_get-iam-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetIamPolicyRequest: options: requested-policy-version: integer can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .options requested-policy-version=81 Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the IAM documentation .","title":"Required Request Value"},{"location":"projects_get-iam-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"projects_get-iam-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_get-iam-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_get-org-policy/","text":"Gets a Policy on a resource. If no Policy is set on the resource, a Policy is returned with default values including POLICY_TYPE_NOT_SET for the policy_type oneof . The etag value can be used with SetOrgPolicy() to create or update a Policy during read-modify-write. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects get-org-policy ... Required Scalar Argument <resource> (string) Name of the resource the Policy is set on. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetOrgPolicyRequest: constraint: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=vero Name of the Constraint to get the Policy . About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Get Org Policy"},{"location":"projects_get-org-policy/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects get-org-policy ...","title":"Scopes"},{"location":"projects_get-org-policy/#required-scalar-argument","text":"<resource> (string) Name of the resource the Policy is set on.","title":"Required Scalar Argument"},{"location":"projects_get-org-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: GetOrgPolicyRequest: constraint: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . constraint=vero Name of the Constraint to get the Policy .","title":"Required Request Value"},{"location":"projects_get-org-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"projects_get-org-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_get-org-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_get/","text":"Retrieves the Project identified by the specified project_id (for example, my-project-123 ). The caller must have read permissions for this Project. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects get ... Required Scalar Argument <project-id> (string) Required. The Project ID (for example, my-project-123 ). Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Get"},{"location":"projects_get/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects get ...","title":"Scopes"},{"location":"projects_get/#required-scalar-argument","text":"<project-id> (string) Required. The Project ID (for example, my-project-123 ).","title":"Required Scalar Argument"},{"location":"projects_get/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_get/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_list-available-org-policy-constraints/","text":"Lists Constraints that could be applied on the specified resource. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects list-available-org-policy-constraints ... Required Scalar Argument <resource> (string) Name of the resource to list Constraints for. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ListAvailableOrgPolicyConstraintsRequest: page-size: integer page-token: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . page-size=25 Size of the pages to be returned. This is currently unsupported and will be ignored. The server may at any point start using this field to limit page size. page-token=invidunt Page token used to retrieve the next page. This is currently unsupported and will be ignored. The server may at any point start using this field. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"List Available Org Policy Constraints"},{"location":"projects_list-available-org-policy-constraints/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects list-available-org-policy-constraints ...","title":"Scopes"},{"location":"projects_list-available-org-policy-constraints/#required-scalar-argument","text":"<resource> (string) Name of the resource to list Constraints for.","title":"Required Scalar Argument"},{"location":"projects_list-available-org-policy-constraints/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ListAvailableOrgPolicyConstraintsRequest: page-size: integer page-token: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . page-size=25 Size of the pages to be returned. This is currently unsupported and will be ignored. The server may at any point start using this field to limit page size. page-token=invidunt Page token used to retrieve the next page. This is currently unsupported and will be ignored. The server may at any point start using this field.","title":"Required Request Value"},{"location":"projects_list-available-org-policy-constraints/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"projects_list-available-org-policy-constraints/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_list-available-org-policy-constraints/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_list-org-policies/","text":"Lists all the Policies set for a particular resource. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects list-org-policies ... Required Scalar Argument <resource> (string) Name of the resource to list Policies for. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ListOrgPoliciesRequest: page-size: integer page-token: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . page-size=36 Size of the pages to be returned. This is currently unsupported and will be ignored. The server may at any point start using this field to limit page size. page-token=vero Page token used to retrieve the next page. This is currently unsupported and will be ignored. The server may at any point start using this field. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"List Org Policies"},{"location":"projects_list-org-policies/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects list-org-policies ...","title":"Scopes"},{"location":"projects_list-org-policies/#required-scalar-argument","text":"<resource> (string) Name of the resource to list Policies for.","title":"Required Scalar Argument"},{"location":"projects_list-org-policies/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ListOrgPoliciesRequest: page-size: integer page-token: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . page-size=36 Size of the pages to be returned. This is currently unsupported and will be ignored. The server may at any point start using this field to limit page size. page-token=vero Page token used to retrieve the next page. This is currently unsupported and will be ignored. The server may at any point start using this field.","title":"Required Request Value"},{"location":"projects_list-org-policies/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"projects_list-org-policies/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_list-org-policies/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_list/","text":"Lists Projects that the caller has the resourcemanager.projects.get permission on and satisfy the specified filter. This method returns Projects in an unspecified order. This method is eventually consistent with project mutations; this means that a newly created project may not appear in the results or recent updates to an existing project may not be reflected in the results. To retrieve the latest state of a project, use the GetProject method. NOTE: If the request filter contains a parent.type and parent.id and the caller has the resourcemanager.projects.list permission on the parent, the results will be drawn from an alternate index which provides more consistent results. In future versions of this API, this List method will be split into List and Search to properly capture the behavioral difference. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects list ... Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional Method Properties You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p filter=string Optional. An expression for filtering the results of the request. Filter rules are case insensitive. If multiple fields are included in a filter query, the query will return results that match any of the fields. Some eligible fields for filtering are: + name + id + labels. (where key is the name of a label) + parent.type + parent.id + lifecycleState Some examples of filter queries: | Query | Description | |------------------|-----------------------------------------------------| | name:how | The project's name starts with \"how\". | | name:Howl | The project's name is Howl or howl . | | name:HOWL | Equivalent to above. | | NAME:howl | Equivalent to above. | | labels.color: | The project has the label color . | | labels.color:red | The project's label color has the value red . | | labels.color:red labels.size:big | The project's label color has the value red or its label size has the value big . | | lifecycleState:DELETE_REQUESTED | Only show projects that are pending deletion.| If no filter is specified, the call will return projects for which the user has the resourcemanager.projects.get permission. NOTE: To perform a by-parent query (eg., what projects are directly in a Folder), the caller must have the resourcemanager.projects.list permission on the parent and the filter must contain both a parent.type and a parent.id restriction (example: \"parent.type:folder parent.id:123\"). In this case an alternate search index is used which provides more consistent results. -p page-size=integer Optional. The maximum number of Projects to return in the response. The server can return fewer Projects than requested. If unspecified, server picks an appropriate default. -p page-token=string Optional. A pagination token returned from a previous call to ListProjects that indicates from where listing should continue. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"List"},{"location":"projects_list/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects list ...","title":"Scopes"},{"location":"projects_list/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_list/#optional-method-properties","text":"You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p filter=string Optional. An expression for filtering the results of the request. Filter rules are case insensitive. If multiple fields are included in a filter query, the query will return results that match any of the fields. Some eligible fields for filtering are: + name + id + labels. (where key is the name of a label) + parent.type + parent.id + lifecycleState Some examples of filter queries: | Query | Description | |------------------|-----------------------------------------------------| | name:how | The project's name starts with \"how\". | | name:Howl | The project's name is Howl or howl . | | name:HOWL | Equivalent to above. | | NAME:howl | Equivalent to above. | | labels.color: | The project has the label color . | | labels.color:red | The project's label color has the value red . | | labels.color:red labels.size:big | The project's label color has the value red or its label size has the value big . | | lifecycleState:DELETE_REQUESTED | Only show projects that are pending deletion.| If no filter is specified, the call will return projects for which the user has the resourcemanager.projects.get permission. NOTE: To perform a by-parent query (eg., what projects are directly in a Folder), the caller must have the resourcemanager.projects.list permission on the parent and the filter must contain both a parent.type and a parent.id restriction (example: \"parent.type:folder parent.id:123\"). In this case an alternate search index is used which provides more consistent results. -p page-size=integer Optional. The maximum number of Projects to return in the response. The server can return fewer Projects than requested. If unspecified, server picks an appropriate default. -p page-token=string Optional. A pagination token returned from a previous call to ListProjects that indicates from where listing should continue.","title":"Optional Method Properties"},{"location":"projects_list/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_set-iam-policy/","text":"Sets the IAM access control policy for the specified Project. CAUTION: This method will replace the existing policy, and cannot be used to append additional IAM settings. NOTE: Removing service accounts from policies or changing their roles can render services completely inoperable. It is important to understand how the service account is being used before removing or updating its roles. For additional information about resource (e.g. my-project-id) structure and identification, see Resource Names . The following constraints apply when using setIamPolicy() : + Project does not support allUsers and allAuthenticatedUsers as members in a Binding of a Policy . + The owner role can be granted to a user , serviceAccount , or a group that is part of an organization. For example, group@myownpersonaldomain.com could be added as an owner to a project in the myownpersonaldomain.com organization, but not the examplepetstore.com organization. + Service accounts can be made owners of a project directly without any restrictions. However, to be added as an owner, a user must be invited via Cloud Platform console and must accept the invitation. + A user cannot be granted the owner role using setIamPolicy() . The user must be granted the owner role using the Cloud Platform Console and must explicitly accept the invitation. + You can only grant ownership of a project to a member by using the Google Cloud console. Inviting a member will deliver an invitation email that they must accept. An invitation email is not generated if you are granting a role other than owner, or if both the member you are inviting and the project are part of your organization. + If the project is not part of an organization, there must be at least one owner who has accepted the Terms of Service (ToS) agreement in the policy. Calling setIamPolicy() to remove the last ToS-accepted owner from the policy will fail. This restriction also applies to legacy projects that no longer have owners who have accepted the ToS. Edits to IAM policies will be rejected until the lack of a ToS-accepting owner is rectified. If the project is part of an organization, you can remove all owners, potentially making the organization inaccessible. Authorization requires the Google IAM permission resourcemanager.projects.setIamPolicy on the project Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects set-iam-policy ... Required Scalar Argument <resource> (string) REQUIRED: The resource for which the policy is being specified. See Resource names for the appropriate value for this field. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: SetIamPolicyRequest: policy: etag: string version: integer update-mask: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .policy etag=elitr etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the etag in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An etag is returned in the response to getIamPolicy , and systems are expected to put that etag in the request to setIamPolicy to ensure that their change will be applied to the same version of the policy. Important: If you use IAM Conditions, you must include the etag field whenever you call setIamPolicy . If you omit this field, then IAM allows you to overwrite a version 3 policy with a version 1 policy, and all of the conditions in the version 3 policy are lost. version=95 Specifies the format of the policy. Valid values are 0 , 1 , and 3 . Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version 3 . This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions Important: If you use IAM Conditions, you must include the etag field whenever you call setIamPolicy . If you omit this field, then IAM allows you to overwrite a version 3 policy with a version 1 policy, and all of the conditions in the version 3 policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the IAM documentation . .. update-mask=diam OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: paths: "bindings, etag" About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Set Iam Policy"},{"location":"projects_set-iam-policy/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects set-iam-policy ...","title":"Scopes"},{"location":"projects_set-iam-policy/#required-scalar-argument","text":"<resource> (string) REQUIRED: The resource for which the policy is being specified. See Resource names for the appropriate value for this field.","title":"Required Scalar Argument"},{"location":"projects_set-iam-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: SetIamPolicyRequest: policy: etag: string version: integer update-mask: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .policy etag=elitr etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the etag in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An etag is returned in the response to getIamPolicy , and systems are expected to put that etag in the request to setIamPolicy to ensure that their change will be applied to the same version of the policy. Important: If you use IAM Conditions, you must include the etag field whenever you call setIamPolicy . If you omit this field, then IAM allows you to overwrite a version 3 policy with a version 1 policy, and all of the conditions in the version 3 policy are lost. version=95 Specifies the format of the policy. Valid values are 0 , 1 , and 3 . Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version 3 . This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions Important: If you use IAM Conditions, you must include the etag field whenever you call setIamPolicy . If you omit this field, then IAM allows you to overwrite a version 3 policy with a version 1 policy, and all of the conditions in the version 3 policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the IAM documentation . .. update-mask=diam OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: paths: "bindings, etag"","title":"Required Request Value"},{"location":"projects_set-iam-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"projects_set-iam-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_set-iam-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_set-org-policy/","text":"Updates the specified Policy on the resource. Creates a new Policy for that Constraint on the resource if one does not exist. Not supplying an etag on the request Policy results in an unconditional write of the Policy . Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects set-org-policy ... Required Scalar Argument <resource> (string) Resource name of the resource to attach the Policy . Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: SetOrgPolicyRequest: policy: boolean-policy: enforced: boolean constraint: string etag: string list-policy: all-values: string allowed-values: [string] denied-values: [string] inherit-from-parent: boolean suggested-value: string update-time: string version: integer can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .policy.boolean-policy enforced=true If true , then the Policy is enforced. If false , then any configuration is acceptable. Suppose you have a Constraint constraints/compute.disableSerialPortAccess with constraint_default set to ALLOW . A Policy for that Constraint exhibits the following behavior: - If the Policy at this resource has enforced set to false , serial port connection attempts will be allowed. - If the Policy at this resource has enforced set to true , serial port connection attempts will be refused. - If the Policy at this resource is RestoreDefault , serial port connection attempts will be allowed. - If no Policy is set at this resource or anywhere higher in the resource hierarchy, serial port connection attempts will be allowed. - If no Policy is set at this resource, but one exists higher in the resource hierarchy, the behavior is as if the Policy were set at this resource. The following examples demonstrate the different possible layerings: Example 1 (nearest Constraint wins): organizations/foo has a Policy with: {enforced: false} projects/bar has no Policy set. The constraint at projects/bar and organizations/foo will not be enforced. Example 2 (enforcement gets replaced): organizations/foo has a Policy with: {enforced: false} projects/bar has a Policy with: {enforced: true} The constraint at organizations/foo is not enforced. The constraint at projects/bar is enforced. Example 3 (RestoreDefault): organizations/foo has a Policy with: {enforced: true} projects/bar has a Policy with: {RestoreDefault: {}} The constraint at organizations/foo is enforced. The constraint at projects/bar is not enforced, because constraint_default for the Constraint is ALLOW . .. constraint=ipsum The name of the Constraint the Policy is configuring, for example, constraints/serviceuser.services . A list of available constraints is available. Immutable after creation. etag=accusam An opaque tag indicating the current version of the Policy , used for concurrency control. When the Policy is returned from either a GetPolicy or a ListOrgPolicy request, this etag indicates the version of the current Policy to use when executing a read-modify-write loop. When the Policy is returned from a GetEffectivePolicy request, the etag will be unset. When the Policy is used in a SetOrgPolicy method, use the etag value that was returned from a GetOrgPolicy request as part of a read-modify-write loop for concurrency control. Not setting the etag in a SetOrgPolicy request will result in an unconditional write of the Policy . list-policy all-values=takimata The policy all_values state. allowed-values=consetetur List of values allowed at this resource. Can only be set if all_values is set to ALL_VALUES_UNSPECIFIED . Each invocation of this argument appends the given value to the array. denied-values=voluptua. List of values denied at this resource. Can only be set if all_values is set to ALL_VALUES_UNSPECIFIED . Each invocation of this argument appends the given value to the array. inherit-from-parent=false Determines the inheritance behavior for this Policy . By default, a ListPolicy set at a resource supersedes any Policy set anywhere up the resource hierarchy. However, if inherit_from_parent is set to true , then the values from the effective Policy of the parent resource are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy. Setting Policy hierarchies that inherit both allowed values and denied values isn't recommended in most circumstances to keep the configuration simple and understandable. However, it is possible to set a Policy with allowed_values set that inherits a Policy with denied_values set. In this case, the values that are allowed must be in allowed_values and not present in denied_values . For example, suppose you have a Constraint constraints/serviceuser.services , which has a constraint_type of list_constraint , and with constraint_default set to ALLOW . Suppose that at the Organization level, a Policy is applied that restricts the allowed API activations to { E1 , E2 }. Then, if a Policy is applied to a project below the Organization that has inherit_from_parent set to false and field all_values set to DENY, then an attempt to activate any API will be denied. The following examples demonstrate different possible layerings for projects/bar parented by organizations/foo : Example 1 (no inherited values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has inherit_from_parent false and values: {allowed_values: \"E3\" allowed_values: \"E4\"} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are E3 , and E4 . Example 2 (inherited values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has a Policy with values: {value: \"E3\" value: \"E4\" inherit_from_parent: true} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are E1 , E2 , E3 , and E4 . Example 3 (inheriting both allowed and denied values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values: \"E2\"} projects/bar has a Policy with: {denied_values: \"E1\"} The accepted values at organizations/foo are E1 , E2 . The value accepted at projects/bar is E2 . Example 4 (RestoreDefault): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has a Policy with values: {RestoreDefault: {}} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are either all or none depending on the value of constraint_default (if ALLOW , all; if DENY , none). Example 5 (no policy inherits parent policy): organizations/foo has no Policy set. projects/bar has no Policy set. The accepted values at both levels are either all or none depending on the value of constraint_default (if ALLOW , all; if DENY , none). Example 6 (ListConstraint allowing all): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values: \"E2\"} projects/bar has a Policy with: {all: ALLOW} The accepted values at organizations/foo are E1 , E2 . Any value is accepted at projects/bar . Example 7 (ListConstraint allowing none): organizations/foo has a Policy with values: {allowed_values: "E1" allowed_values: "E2"} projects/bar has a Policy with: {all: DENY} The accepted values at organizations/foo are E1 , E2 . No value is accepted at projects/bar . Example 10 (allowed and denied subtrees of Resource Manager hierarchy): Given the following resource hierarchy O1->{F1, F2}; F1->{P1}; F2->{P2, P3}, organizations/foo has a Policy with values: {allowed_values: \"under:organizations/O1\"} projects/bar has a Policy with: {allowed_values: \"under:projects/P3\"} {denied_values: \"under:folders/F2\"} The accepted values at organizations/foo are organizations/O1 , folders/F1 , folders/F2 , projects/P1 , projects/P2 , projects/P3 . The accepted values at projects/bar are organizations/O1 , folders/F1 , projects/P1 . suggested-value=erat Optional. The Google Cloud Console will try to default to a configuration that matches the value specified in this Policy . If suggested_value is not set, it will inherit the value specified higher in the hierarchy, unless inherit_from_parent is false . .. update-time=consetetur The time stamp the Policy was previously updated. This is set by the server, not specified by the caller, and represents the last time a call to SetOrgPolicy was made for that Policy . Any value set by the client will be ignored. version=99 Version of the Policy . Default version is 0; About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Set Org Policy"},{"location":"projects_set-org-policy/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects set-org-policy ...","title":"Scopes"},{"location":"projects_set-org-policy/#required-scalar-argument","text":"<resource> (string) Resource name of the resource to attach the Policy .","title":"Required Scalar Argument"},{"location":"projects_set-org-policy/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: SetOrgPolicyRequest: policy: boolean-policy: enforced: boolean constraint: string etag: string list-policy: all-values: string allowed-values: [string] denied-values: [string] inherit-from-parent: boolean suggested-value: string update-time: string version: integer can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .policy.boolean-policy enforced=true If true , then the Policy is enforced. If false , then any configuration is acceptable. Suppose you have a Constraint constraints/compute.disableSerialPortAccess with constraint_default set to ALLOW . A Policy for that Constraint exhibits the following behavior: - If the Policy at this resource has enforced set to false , serial port connection attempts will be allowed. - If the Policy at this resource has enforced set to true , serial port connection attempts will be refused. - If the Policy at this resource is RestoreDefault , serial port connection attempts will be allowed. - If no Policy is set at this resource or anywhere higher in the resource hierarchy, serial port connection attempts will be allowed. - If no Policy is set at this resource, but one exists higher in the resource hierarchy, the behavior is as if the Policy were set at this resource. The following examples demonstrate the different possible layerings: Example 1 (nearest Constraint wins): organizations/foo has a Policy with: {enforced: false} projects/bar has no Policy set. The constraint at projects/bar and organizations/foo will not be enforced. Example 2 (enforcement gets replaced): organizations/foo has a Policy with: {enforced: false} projects/bar has a Policy with: {enforced: true} The constraint at organizations/foo is not enforced. The constraint at projects/bar is enforced. Example 3 (RestoreDefault): organizations/foo has a Policy with: {enforced: true} projects/bar has a Policy with: {RestoreDefault: {}} The constraint at organizations/foo is enforced. The constraint at projects/bar is not enforced, because constraint_default for the Constraint is ALLOW . .. constraint=ipsum The name of the Constraint the Policy is configuring, for example, constraints/serviceuser.services . A list of available constraints is available. Immutable after creation. etag=accusam An opaque tag indicating the current version of the Policy , used for concurrency control. When the Policy is returned from either a GetPolicy or a ListOrgPolicy request, this etag indicates the version of the current Policy to use when executing a read-modify-write loop. When the Policy is returned from a GetEffectivePolicy request, the etag will be unset. When the Policy is used in a SetOrgPolicy method, use the etag value that was returned from a GetOrgPolicy request as part of a read-modify-write loop for concurrency control. Not setting the etag in a SetOrgPolicy request will result in an unconditional write of the Policy . list-policy all-values=takimata The policy all_values state. allowed-values=consetetur List of values allowed at this resource. Can only be set if all_values is set to ALL_VALUES_UNSPECIFIED . Each invocation of this argument appends the given value to the array. denied-values=voluptua. List of values denied at this resource. Can only be set if all_values is set to ALL_VALUES_UNSPECIFIED . Each invocation of this argument appends the given value to the array. inherit-from-parent=false Determines the inheritance behavior for this Policy . By default, a ListPolicy set at a resource supersedes any Policy set anywhere up the resource hierarchy. However, if inherit_from_parent is set to true , then the values from the effective Policy of the parent resource are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy. Setting Policy hierarchies that inherit both allowed values and denied values isn't recommended in most circumstances to keep the configuration simple and understandable. However, it is possible to set a Policy with allowed_values set that inherits a Policy with denied_values set. In this case, the values that are allowed must be in allowed_values and not present in denied_values . For example, suppose you have a Constraint constraints/serviceuser.services , which has a constraint_type of list_constraint , and with constraint_default set to ALLOW . Suppose that at the Organization level, a Policy is applied that restricts the allowed API activations to { E1 , E2 }. Then, if a Policy is applied to a project below the Organization that has inherit_from_parent set to false and field all_values set to DENY, then an attempt to activate any API will be denied. The following examples demonstrate different possible layerings for projects/bar parented by organizations/foo : Example 1 (no inherited values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has inherit_from_parent false and values: {allowed_values: \"E3\" allowed_values: \"E4\"} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are E3 , and E4 . Example 2 (inherited values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has a Policy with values: {value: \"E3\" value: \"E4\" inherit_from_parent: true} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are E1 , E2 , E3 , and E4 . Example 3 (inheriting both allowed and denied values): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values: \"E2\"} projects/bar has a Policy with: {denied_values: \"E1\"} The accepted values at organizations/foo are E1 , E2 . The value accepted at projects/bar is E2 . Example 4 (RestoreDefault): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values:\"E2\"} projects/bar has a Policy with values: {RestoreDefault: {}} The accepted values at organizations/foo are E1 , E2 . The accepted values at projects/bar are either all or none depending on the value of constraint_default (if ALLOW , all; if DENY , none). Example 5 (no policy inherits parent policy): organizations/foo has no Policy set. projects/bar has no Policy set. The accepted values at both levels are either all or none depending on the value of constraint_default (if ALLOW , all; if DENY , none). Example 6 (ListConstraint allowing all): organizations/foo has a Policy with values: {allowed_values: \"E1\" allowed_values: \"E2\"} projects/bar has a Policy with: {all: ALLOW} The accepted values at organizations/foo are E1 , E2 . Any value is accepted at projects/bar . Example 7 (ListConstraint allowing none): organizations/foo has a Policy with values: {allowed_values: "E1" allowed_values: "E2"} projects/bar has a Policy with: {all: DENY} The accepted values at organizations/foo are E1 , E2 . No value is accepted at projects/bar . Example 10 (allowed and denied subtrees of Resource Manager hierarchy): Given the following resource hierarchy O1->{F1, F2}; F1->{P1}; F2->{P2, P3}, organizations/foo has a Policy with values: {allowed_values: \"under:organizations/O1\"} projects/bar has a Policy with: {allowed_values: \"under:projects/P3\"} {denied_values: \"under:folders/F2\"} The accepted values at organizations/foo are organizations/O1 , folders/F1 , folders/F2 , projects/P1 , projects/P2 , projects/P3 . The accepted values at projects/bar are organizations/O1 , folders/F1 , projects/P1 . suggested-value=erat Optional. The Google Cloud Console will try to default to a configuration that matches the value specified in this Policy . If suggested_value is not set, it will inherit the value specified higher in the hierarchy, unless inherit_from_parent is false . .. update-time=consetetur The time stamp the Policy was previously updated. This is set by the server, not specified by the caller, and represents the last time a call to SetOrgPolicy was made for that Policy . Any value set by the client will be ignored. version=99 Version of the Policy . Default version is 0;","title":"Required Request Value"},{"location":"projects_set-org-policy/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"projects_set-org-policy/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_set-org-policy/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_test-iam-permissions/","text":"Returns permissions that a caller has on the specified Project. For additional information about resource (e.g. my-project-id) structure and identification, see Resource Names . There are no permissions required for making this API call. Scopes You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects test-iam-permissions ... Required Scalar Argument <resource> (string) REQUIRED: The resource for which the policy detail is being requested. See Resource names for the appropriate value for this field. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: TestIamPermissionsRequest: permissions: [string] can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . permissions=sed The set of permissions to check for the resource . Permissions with wildcards (such as * or storage.* ) are not allowed. For more information see IAM Overview . Each invocation of this argument appends the given value to the array. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Test Iam Permissions"},{"location":"projects_test-iam-permissions/#scopes","text":"You will need authorization for at least one of the following scopes to make a valid call: https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/cloud-platform.read-only If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects test-iam-permissions ...","title":"Scopes"},{"location":"projects_test-iam-permissions/#required-scalar-argument","text":"<resource> (string) REQUIRED: The resource for which the policy detail is being requested. See Resource names for the appropriate value for this field.","title":"Required Scalar Argument"},{"location":"projects_test-iam-permissions/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: TestIamPermissionsRequest: permissions: [string] can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . permissions=sed The set of permissions to check for the resource . Permissions with wildcards (such as * or storage.* ) are not allowed. For more information see IAM Overview . Each invocation of this argument appends the given value to the array.","title":"Required Request Value"},{"location":"projects_test-iam-permissions/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"projects_test-iam-permissions/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_test-iam-permissions/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_undelete/","text":"Restores the Project identified by the specified project_id (for example, my-project-123 ). You can only use this method for a Project that has a lifecycle state of DELETE_REQUESTED. After deletion starts, the Project cannot be restored. The caller must have undelete permissions for this Project. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects undelete ... Required Scalar Argument <project-id> (string) Required. The project ID (for example, foo-bar-123 ). Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: UndeleteProjectRequest: can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Undelete"},{"location":"projects_undelete/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects undelete ...","title":"Scopes"},{"location":"projects_undelete/#required-scalar-argument","text":"<project-id> (string) Required. The project ID (for example, foo-bar-123 ).","title":"Required Scalar Argument"},{"location":"projects_undelete/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: UndeleteProjectRequest: can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time.","title":"Required Request Value"},{"location":"projects_undelete/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"projects_undelete/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_undelete/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"projects_update/","text":"Updates the attributes of the Project identified by the specified project_id (for example, my-project-123 ). The caller must have modify permissions for this Project. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects update ... Required Scalar Argument <project-id> (string) The project ID (for example, my-project-123 ). Required. Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: Project: create-time: string labels: { string: string } lifecycle-state: string name: string parent: id: string type: string project-id: string project-number: string tags: { string: string } can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . create-time=takimata Creation time. Read-only. labels=key=dolores The labels associated with this Project. Label keys must be between 1 and 63 characters long and must conform to the following regular expression: a-z{0,62}. Label values must be between 0 and 63 characters long and must conform to the regular expression [a-z0-9_-]{0,63}. A label value can be empty. No more than 256 labels can be associated with a given resource. Clients should store labels in a representation such as JSON that does not depend on specific characters being disallowed. Example: \"environment\" : \"dev\" Read-write. the value will be associated with the given key lifecycle-state=gubergren The Project lifecycle state. Read-only. name=et The optional user-assigned display name of the Project. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, single-quote, double-quote, space, and exclamation point. Example: My Project Read-write. parent id=accusam The type-specific id. This should correspond to the id used in the type-specific API's. type=voluptua. The resource type this id is for. At present, the valid types are: \"organization\", \"folder\", and \"project\". .. project-id=dolore The unique, user-assigned ID of the Project. It must be 6 to 30 lowercase letters, digits, or hyphens. It must start with a letter. Trailing hyphens are prohibited. Example: tokyo-rain-123 Read-only after creation. project-number=dolore The number uniquely identifying the project. Example: 415104041262 Read-only. tags=key=dolore Optional. Input only. Immutable. Tag keys/values directly bound to this project. Each item in the map must be expressed as \" : \". For example: \"123/environment\" : \"production\", \"123/costCenter\" : \"marketing\" the value will be associated with the given key About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Update"},{"location":"projects_update/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: cloudresourcemanager1 --scope <scope> projects update ...","title":"Scopes"},{"location":"projects_update/#required-scalar-argument","text":"<project-id> (string) The project ID (for example, my-project-123 ). Required.","title":"Required Scalar Argument"},{"location":"projects_update/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: Project: create-time: string labels: { string: string } lifecycle-state: string name: string parent: id: string type: string project-id: string project-number: string tags: { string: string } can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . create-time=takimata Creation time. Read-only. labels=key=dolores The labels associated with this Project. Label keys must be between 1 and 63 characters long and must conform to the following regular expression: a-z{0,62}. Label values must be between 0 and 63 characters long and must conform to the regular expression [a-z0-9_-]{0,63}. A label value can be empty. No more than 256 labels can be associated with a given resource. Clients should store labels in a representation such as JSON that does not depend on specific characters being disallowed. Example: \"environment\" : \"dev\" Read-write. the value will be associated with the given key lifecycle-state=gubergren The Project lifecycle state. Read-only. name=et The optional user-assigned display name of the Project. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, single-quote, double-quote, space, and exclamation point. Example: My Project Read-write. parent id=accusam The type-specific id. This should correspond to the id used in the type-specific API's. type=voluptua. The resource type this id is for. At present, the valid types are: \"organization\", \"folder\", and \"project\". .. project-id=dolore The unique, user-assigned ID of the Project. It must be 6 to 30 lowercase letters, digits, or hyphens. It must start with a letter. Trailing hyphens are prohibited. Example: tokyo-rain-123 Read-only after creation. project-number=dolore The number uniquely identifying the project. Example: 415104041262 Read-only. tags=key=dolore Optional. Input only. Immutable. Tag keys/values directly bound to this project. Each item in the map must be expressed as \" : \". For example: \"123/environment\" : \"production\", \"123/costCenter\" : \"marketing\" the value will be associated with the given key","title":"Required Request Value"},{"location":"projects_update/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"projects_update/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"projects_update/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"}]} |