AllocManagedGroupRole returns a new ManagedGroupRole with an initialized store.

AllocUser will allocate an empty user.

CrudActions returns a standard set of actions for resources that support a CRUD API.

CrudlActions adds list to the standard set of actions for resources that support a CRUD API.

ListGroups lists up to page size groups, filtering out entries that do not pass the filter item function.

ListGroupsPage lists up to page size groups, filtering out entries that do not pass the filter item function.

ListGroupsRefresh lists up to page size groups, filtering out entries that do not pass the filter item function.

ListGroupsRefreshPage lists up to page size groups, filtering out entries that do not pass the filter item function.

ListRoles lists up to page size roles, filtering out entries that do not pass the filter item function.

ListRolesPage lists up to page size roles, filtering out entries that do not pass the filter item function.

ListRolesRefresh lists up to page size roles, filtering out entries that do not pass the filter item function.

ListRolesRefreshPage lists up to page size roles, filtering out entries that do not pass the filter item function.

ListScopes lists up to page size scopes, filtering out entries that do not pass the filter item function.

ListScopesPage lists up to page size scopes, filtering out entries that do not pass the filter item function.

ListScopesRefresh lists up to page size scopes, filtering out entries that do not pass the filter item function.

ListScopesRefreshPage lists up to page size scopes, filtering out entries that do not pass the filter item function.

ListUsers lists up to page size users, filtering out entries that do not pass the filter item function.

ListUsersPage lists up to page size users, filtering out entries that do not pass the filter item function.

ListUsersRefresh lists up to page size users, filtering out entries that do not pass the filter item function.

ListUsersRefreshPage lists up to page size users, filtering out entries that do not pass the filter item function.

LookupScope looks up the resource's scope.

NewGroup creates a new in memory group with a scope (project/org) and allowed options include: withDescription, WithName.

NewGroupMemberUser creates a new in memory user member of the group.

NewGroupRole creates a new group role in memory.

NewGroupRole creates a new group role in memory.

NewRepository creates a new iam Repository.

NewRole creates a new in memory role with a scope (project/org) allowed options include: withDescription, WithName.

NewRoleGrant creates a new in memory role grant.

NewRoleGrantScope creates a new in memory role grant scope.

NewUser creates a new in memory user and allows options: WithName - to specify the user's friendly name and WithDescription - to specify a user description.

NewUserRole creates a new user role in memory.

TestGroup creates a group suitable for testing.

TestRepo creates a repo that can be used for various purposes.

TestRole creates a role suitable for testing.

TestScopes creates an org and project suitable for testing.

TestSetPrimaryAuthMethod will set the PrimaryAuthMethodId for a scope.

TestUser creates a user suitable for testing.

WithAccountIds provides an option for specifying account ids to add to a user.

WithDescription provides an optional description.

WithDisassociate provides an option to allow the combining of disassociating and associating a user in one operation.

WithGrantScopeIds provides an option to specify the scope ID for grants in roles.

WithLimit provides an option to provide a limit.

WithName provides an option to search by a friendly name.

WithPrimaryAuthMethodId provides an option to specify the primary auth method for the scope.

WithPublicId provides an optional public id.

WithRandomReader provides an option to specify a random reader.

WithReaderWriter allows the caller to pass an inflight transaction to be used for all database operations.

WithSkipAdminRoleCreation provides an option to disable the automatic creation of an admin role when a new scope is created.

WithSkipDefaultRoleCreation provides an option to disable the automatic creation of a default role when a new scope is created.

WithSkipVetForWrite provides an option to allow skipping vet checks to allow testing lower-level SQL triggers and constraints.

WithStartPageAfterItem is used to paginate over the results.

WithUserId provides an option to specify the user ID to use when creating roles with new scopes.

RoleGrantPrefix is the prefix for role grants.

Group is made up of principals which are scoped to an org.

GroupMember provides a common way to return members.

GroupMemberUser is a group member that's a User.

GroupRole is a group assigned to a role.

ManagedGroupRole is a managed group assigned to a role.

PrincipalRole provides a common way to return roles regardless of their underlying type.

Repository is the iam database repository.

Roles are granted permissions and assignable to Users and Groups.

RoleGrant defines the grants that are assigned to a role.

RoleGrantScope defines the grant scopes that are assigned to a role.

Scope is used to create a hierarchy of "containers" that encompass the scope of an IAM resource.

ScopePolicyStoragePolicy is used to create an hierarchy of "containers" that encompass the scope storage policy of an IAM resource.

User defines boundary users which are scoped to an Org.

UserRole is a user assigned to a role.

Resource declares the shared behavior of IAM Resources.

ResourceWithScope defines an interface for Resources that have a scope.

IamRepoFactory is a factory function that returns a repository and any error.

MemberType defines the possible membership types for groups.

Option - how Options are passed as arguments.

RoleType defines the possible types for roles.