groups
Creates, updates, deletes, gets or lists a groups resource.
Overview
| Name | groups |
| Type | Resource |
| Id | google.cloudidentity.groups |
Fields
The following fields are returned by SELECT queries:
- get
- list
Successful response
| Name | Datatype | Description |
|---|---|---|
name | string | Output only. The resource name of the Group. Shall be of the form groups/{group}. |
additionalGroupKeys | array | Output only. Additional group keys associated with the Group. |
createTime | string (google-datetime) | Output only. The time when the Group was created. |
description | string | An extended description to help users determine the purpose of a Group. Must not be longer than 4,096 characters. |
displayName | string | The display name of the Group. |
dynamicGroupMetadata | object | Optional. Dynamic group metadata like queries and status. (id: DynamicGroupMetadata) |
groupKey | object | Required. The EntityKey of the Group. (id: EntityKey) |
labels | object | Required. One or more label entries that apply to the Group. Labels contain a key with an empty value. Google Groups are the default type of group and have a label with a key of cloudidentity.googleapis.com/groups.discussion_forum and an empty value. Existing Google Groups can have an additional label with a key of cloudidentity.googleapis.com/groups.security and an empty value added to them. This is an immutable change and the security label cannot be removed once added. Dynamic groups have a label with a key of cloudidentity.googleapis.com/groups.dynamic. Identity-mapped groups for Cloud Search have a label with a key of system/groups/external and an empty value. Google Groups can be locked. To lock a group, add a label with a key of cloudidentity.googleapis.com/groups.locked and an empty value. Doing so locks the group. To unlock the group, remove this label. |
parent | string | Required. Immutable. The resource name of the entity under which this Group resides in the Cloud Identity resource hierarchy. Must be of the form identitysources/{identity_source} for external identity-mapped groups or customers/{customer_id} for Google Groups. The customer_id must begin with "C" (for example, 'C046psxkn'). [Find your customer ID.] (https://support.google.com/cloudidentity/answer/10070793) |
updateTime | string (google-datetime) | Output only. The time when the Group was last updated. |
Successful response
| Name | Datatype | Description |
|---|---|---|
name | string | Output only. The resource name of the Group. Shall be of the form groups/{group}. |
additionalGroupKeys | array | Output only. Additional group keys associated with the Group. |
createTime | string (google-datetime) | Output only. The time when the Group was created. |
description | string | An extended description to help users determine the purpose of a Group. Must not be longer than 4,096 characters. |
displayName | string | The display name of the Group. |
dynamicGroupMetadata | object | Optional. Dynamic group metadata like queries and status. (id: DynamicGroupMetadata) |
groupKey | object | Required. The EntityKey of the Group. (id: EntityKey) |
labels | object | Required. One or more label entries that apply to the Group. Labels contain a key with an empty value. Google Groups are the default type of group and have a label with a key of cloudidentity.googleapis.com/groups.discussion_forum and an empty value. Existing Google Groups can have an additional label with a key of cloudidentity.googleapis.com/groups.security and an empty value added to them. This is an immutable change and the security label cannot be removed once added. Dynamic groups have a label with a key of cloudidentity.googleapis.com/groups.dynamic. Identity-mapped groups for Cloud Search have a label with a key of system/groups/external and an empty value. Google Groups can be locked. To lock a group, add a label with a key of cloudidentity.googleapis.com/groups.locked and an empty value. Doing so locks the group. To unlock the group, remove this label. |
parent | string | Required. Immutable. The resource name of the entity under which this Group resides in the Cloud Identity resource hierarchy. Must be of the form identitysources/{identity_source} for external identity-mapped groups or customers/{customer_id} for Google Groups. The customer_id must begin with "C" (for example, 'C046psxkn'). [Find your customer ID.] (https://support.google.com/cloudidentity/answer/10070793) |
updateTime | string (google-datetime) | Output only. The time when the Group was last updated. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | groupsId | Retrieves a Group. | |
list | select | parent, view, pageSize, pageToken | Lists the Group resources under a customer or namespace. | |
create | insert | initialGroupConfig | Creates a Group. | |
patch | update | groupsId | updateMask | Updates a Group. |
delete | delete | groupsId | Deletes a Group. | |
lookup | exec | groupKey.id, groupKey.namespace | Looks up the resource name of a Group by its EntityKey. | |
search | exec | query, view, pageSize, pageToken | Searches for Group resources matching a specified query. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
groupsId | string | |
groupKey.id | string | |
groupKey.namespace | string | |
initialGroupConfig | string | |
pageSize | integer (int32) | |
pageToken | string | |
parent | string | |
query | string | |
updateMask | string (google-fieldmask) | |
view | string |
SELECT examples
- get
- list
Retrieves a Group.
SELECT
name,
additionalGroupKeys,
createTime,
description,
displayName,
dynamicGroupMetadata,
groupKey,
labels,
parent,
updateTime
FROM google.cloudidentity.groups
WHERE groupsId = '{{ groupsId }}' -- required;
Lists the Group resources under a customer or namespace.
SELECT
name,
additionalGroupKeys,
createTime,
description,
displayName,
dynamicGroupMetadata,
groupKey,
labels,
parent,
updateTime
FROM google.cloudidentity.groups
WHERE parent = '{{ parent }}'
AND view = '{{ view }}'
AND pageSize = '{{ pageSize }}'
AND pageToken = '{{ pageToken }}';
INSERT examples
- create
- Manifest
Creates a Group.
INSERT INTO google.cloudidentity.groups (
data__groupKey,
data__parent,
data__displayName,
data__description,
data__labels,
data__dynamicGroupMetadata,
initialGroupConfig
)
SELECT
'{{ groupKey }}',
'{{ parent }}',
'{{ displayName }}',
'{{ description }}',
'{{ labels }}',
'{{ dynamicGroupMetadata }}',
'{{ initialGroupConfig }}'
RETURNING
name,
done,
error,
metadata,
response
;
# Description fields are for documentation purposes
- name: groups
props:
- name: groupKey
value: object
description: >
Required. The `EntityKey` of the `Group`.
- name: parent
value: string
description: >
Required. Immutable. The resource name of the entity under which this `Group` resides in the Cloud Identity resource hierarchy. Must be of the form `identitysources/{identity_source}` for external [identity-mapped groups](https://support.google.com/a/answer/9039510) or `customers/{customer_id}` for Google Groups. The `customer_id` must begin with "C" (for example, 'C046psxkn'). [Find your customer ID.] (https://support.google.com/cloudidentity/answer/10070793)
- name: displayName
value: string
description: >
The display name of the `Group`.
- name: description
value: string
description: >
An extended description to help users determine the purpose of a `Group`. Must not be longer than 4,096 characters.
- name: labels
value: object
description: >
Required. One or more label entries that apply to the Group. Labels contain a key with an empty value. Google Groups are the default type of group and have a label with a key of `cloudidentity.googleapis.com/groups.discussion_forum` and an empty value. Existing Google Groups can have an additional label with a key of `cloudidentity.googleapis.com/groups.security` and an empty value added to them. **This is an immutable change and the security label cannot be removed once added.** Dynamic groups have a label with a key of `cloudidentity.googleapis.com/groups.dynamic`. Identity-mapped groups for Cloud Search have a label with a key of `system/groups/external` and an empty value. Google Groups can be [locked](https://support.google.com/a?p=locked-groups). To lock a group, add a label with a key of `cloudidentity.googleapis.com/groups.locked` and an empty value. Doing so locks the group. To unlock the group, remove this label.
- name: dynamicGroupMetadata
value: object
description: >
Optional. Dynamic group metadata like queries and status.
- name: initialGroupConfig
value: string
UPDATE examples
- patch
Updates a Group.
UPDATE google.cloudidentity.groups
SET
data__groupKey = '{{ groupKey }}',
data__parent = '{{ parent }}',
data__displayName = '{{ displayName }}',
data__description = '{{ description }}',
data__labels = '{{ labels }}',
data__dynamicGroupMetadata = '{{ dynamicGroupMetadata }}'
WHERE
groupsId = '{{ groupsId }}' --required
AND updateMask = '{{ updateMask}}'
RETURNING
name,
done,
error,
metadata,
response;
DELETE examples
- delete
Deletes a Group.
DELETE FROM google.cloudidentity.groups
WHERE groupsId = '{{ groupsId }}' --required;
Lifecycle Methods
- lookup
- search
Looks up the resource name of a Group by its EntityKey.
EXEC google.cloudidentity.groups.lookup
@groupKey.id='{{ groupKey.id }}',
@groupKey.namespace='{{ groupKey.namespace }}';
Searches for Group resources matching a specified query.
EXEC google.cloudidentity.groups.search
@query='{{ query }}',
@view='{{ view }}',
@pageSize='{{ pageSize }}',
@pageToken='{{ pageToken }}';