memberships

Creates, updates, deletes, gets or lists a memberships resource.

Overview

Name	`memberships`
Type	Resource
Id	`google.cloudidentity.memberships`

Fields

The following fields are returned by SELECT queries:

get
list

Successful response

Name	Datatype	Description
`name`	`string`	Output only. The resource name of the `Membership`. Shall be of the form `groups/{group}/memberships/{membership}`.
`createTime`	`string (google-datetime)`	Output only. The time when the `Membership` was created.
`deliverySetting`	`string`	Output only. Delivery setting associated with the membership.
`preferredMemberKey`	`object`	A unique identifier for an entity in the Cloud Identity Groups API. An entity can represent either a group with an optional `namespace` or a user without a `namespace`. The combination of `id` and `namespace` must be unique; however, the same `id` can be used with different `namespace`s. (id: EntityKey)
`roles`	`array`	The `MembershipRole`s that apply to the `Membership`. If unspecified, defaults to a single `MembershipRole` with `name` `MEMBER`. Must not contain duplicate `MembershipRole`s with the same `name`.
`type`	`string`	Output only. The type of the membership.
`updateTime`	`string (google-datetime)`	Output only. The time when the `Membership` was last updated.

Successful response

Name	Datatype	Description
`name`	`string`	Output only. The resource name of the `Membership`. Shall be of the form `groups/{group}/memberships/{membership}`.
`createTime`	`string (google-datetime)`	Output only. The time when the `Membership` was created.
`deliverySetting`	`string`	Output only. Delivery setting associated with the membership.
`preferredMemberKey`	`object`	A unique identifier for an entity in the Cloud Identity Groups API. An entity can represent either a group with an optional `namespace` or a user without a `namespace`. The combination of `id` and `namespace` must be unique; however, the same `id` can be used with different `namespace`s. (id: EntityKey)
`roles`	`array`	The `MembershipRole`s that apply to the `Membership`. If unspecified, defaults to a single `MembershipRole` with `name` `MEMBER`. Must not contain duplicate `MembershipRole`s with the same `name`.
`type`	`string`	Output only. The type of the membership.
`updateTime`	`string (google-datetime)`	Output only. The time when the `Membership` was last updated.

Methods

The following methods are available for this resource:

Name	Accessible by	Required Params	Optional Params	Description
`get`	`select`	`groupsId`, `membershipsId`		Retrieves a `Membership`.
`list`	`select`	`groupsId`	`view`, `pageSize`, `pageToken`	Lists the `Membership`s within a `Group`.
`create`	`insert`	`groupsId`		Creates a `Membership`.
`delete`	`delete`	`groupsId`, `membershipsId`		Deletes a `Membership`.
`lookup`	`exec`	`groupsId`	`memberKey.id`, `memberKey.namespace`	Looks up the resource name of a `Membership` by its `EntityKey`.
`modify_membership_roles`	`exec`	`groupsId`, `membershipsId`		Modifies the `MembershipRole`s of a `Membership`.
`search_transitive_memberships`	`exec`	`groupsId`	`pageSize`, `pageToken`	Search transitive memberships of a group. Note: This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. If the account of the group is not one of these, a 403 (PERMISSION_DENIED) HTTP status code will be returned. A transitive membership is any direct or indirect membership of a group. Actor must have view permissions to all transitive memberships.
`search_transitive_groups`	`exec`	`groupsId`	`query`, `pageSize`, `pageToken`	Search transitive groups of a member. Note: This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. If the account of the member is not one of these, a 403 (PERMISSION_DENIED) HTTP status code will be returned. A transitive group is any group that has a direct or indirect membership to the member. Actor must have view permissions all transitive groups.
`check_transitive_membership`	`exec`	`groupsId`	`query`	Check a potential member for membership in a group. Note: This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. If the account of the member is not one of these, a 403 (PERMISSION_DENIED) HTTP status code will be returned. A member has membership to a group as long as there is a single viewable transitive membership between the group and the member. The actor must have view permissions to at least one transitive membership between the member and group.
`search_direct_groups`	`exec`	`groupsId`	`query`, `pageSize`, `pageToken`, `orderBy`	Searches direct groups of a member.

Parameters

Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.

Name	Datatype	Description
`groupsId`	`string`
`membershipsId`	`string`
`memberKey.id`	`string`
`memberKey.namespace`	`string`
`orderBy`	`string`
`pageSize`	`integer (int32)`
`pageToken`	`string`
`query`	`string`
`view`	`string`

`SELECT` examples

get
list

Retrieves a Membership.

SELECT
name,
createTime,
deliverySetting,
preferredMemberKey,
roles,
type,
updateTime
FROM google.cloudidentity.memberships
WHERE groupsId = '{{ groupsId }}' -- required
AND membershipsId = '{{ membershipsId }}' -- required;

Lists the Memberships within a Group.

SELECT
name,
createTime,
deliverySetting,
preferredMemberKey,
roles,
type,
updateTime
FROM google.cloudidentity.memberships
WHERE groupsId = '{{ groupsId }}' -- required
AND view = '{{ view }}'
AND pageSize = '{{ pageSize }}'
AND pageToken = '{{ pageToken }}';

`INSERT` examples

create
Manifest

Creates a Membership.

INSERT INTO google.cloudidentity.memberships (
data__preferredMemberKey,
data__roles,
groupsId
)
SELECT 
'{{ preferredMemberKey }}',
'{{ roles }}',
'{{ groupsId }}'
RETURNING
name,
done,
error,
metadata,
response
;

# Description fields are for documentation purposes
- name: memberships
  props:
    - name: groupsId
      value: string
      description: Required parameter for the memberships resource.
    - name: preferredMemberKey
      value: object
      description: >
        A unique identifier for an entity in the Cloud Identity Groups API. An entity can represent either a group with an optional `namespace` or a user without a `namespace`. The combination of `id` and `namespace` must be unique; however, the same `id` can be used with different `namespace`s.
        
    - name: roles
      value: array
      description: >
        The `MembershipRole`s that apply to the `Membership`. If unspecified, defaults to a single `MembershipRole` with `name` `MEMBER`. Must not contain duplicate `MembershipRole`s with the same `name`.
        

`DELETE` examples

delete

Deletes a Membership.

DELETE FROM google.cloudidentity.memberships
WHERE groupsId = '{{ groupsId }}' --required
AND membershipsId = '{{ membershipsId }}' --required;

Lifecycle Methods

Looks up the resource name of a Membership by its EntityKey.

EXEC google.cloudidentity.memberships.lookup 
@groupsId='{{ groupsId }}' --required, 
@memberKey.id='{{ memberKey.id }}', 
@memberKey.namespace='{{ memberKey.namespace }}';

Modifies the MembershipRoles of a Membership.

EXEC google.cloudidentity.memberships.modify_membership_roles 
@groupsId='{{ groupsId }}' --required, 
@membershipsId='{{ membershipsId }}' --required 
@@json=
'{
"addRoles": "{{ addRoles }}", 
"removeRoles": "{{ removeRoles }}", 
"updateRolesParams": "{{ updateRolesParams }}"
}';

Search transitive memberships of a group. Note: This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. If the account of the group is not one of these, a 403 (PERMISSION_DENIED) HTTP status code will be returned. A transitive membership is any direct or indirect membership of a group. Actor must have view permissions to all transitive memberships.

EXEC google.cloudidentity.memberships.search_transitive_memberships 
@groupsId='{{ groupsId }}' --required, 
@pageSize='{{ pageSize }}', 
@pageToken='{{ pageToken }}';

Search transitive groups of a member. Note: This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. If the account of the member is not one of these, a 403 (PERMISSION_DENIED) HTTP status code will be returned. A transitive group is any group that has a direct or indirect membership to the member. Actor must have view permissions all transitive groups.

EXEC google.cloudidentity.memberships.search_transitive_groups 
@groupsId='{{ groupsId }}' --required, 
@query='{{ query }}', 
@pageSize='{{ pageSize }}', 
@pageToken='{{ pageToken }}';

Check a potential member for membership in a group. Note: This feature is only available to Google Workspace Enterprise Standard, Enterprise Plus, and Enterprise for Education; and Cloud Identity Premium accounts. If the account of the member is not one of these, a 403 (PERMISSION_DENIED) HTTP status code will be returned. A member has membership to a group as long as there is a single viewable transitive membership between the group and the member. The actor must have view permissions to at least one transitive membership between the member and group.

EXEC google.cloudidentity.memberships.check_transitive_membership 
@groupsId='{{ groupsId }}' --required, 
@query='{{ query }}';

Searches direct groups of a member.

EXEC google.cloudidentity.memberships.search_direct_groups 
@groupsId='{{ groupsId }}' --required, 
@query='{{ query }}', 
@pageSize='{{ pageSize }}', 
@pageToken='{{ pageToken }}', 
@orderBy='{{ orderBy }}';

Overview​

Fields​

Methods​

Parameters​

SELECT examples​

INSERT examples​

DELETE examples​

Lifecycle Methods​