Google Cloud Resource Manager

1.17.0 · active · verified Sat Mar 28

The Google Cloud Resource Manager API client library provides Python methods to programmatically manage Google Cloud projects, folders, and organizations. This library (version 1.17.0) is actively maintained as part of the broader `google-cloud-python` ecosystem, with frequent releases to add features and address issues.

Warnings

gotcha When creating new projects, folders, or organizations, using a Service Account for authentication can sometimes lead to 'Permission Denied' errors if the Service Account itself doesn't have the necessary organizational context or permissions, especially at the organization level. For project creation, `gcloud auth application-default login` using a user account with appropriate permissions is often more reliable for initial setup or local development.
Fix: Use `gcloud auth application-default login` with a user account that has 'Project Creator' or 'Organization Admin' roles. For production, ensure the Service Account has comprehensive `resourcemanager.*` roles at the organization or folder level where resources are being created.
gotcha Older codebases or examples might use `from google.cloud import resource_manager`, which can lead to `ImportError: cannot import name 'resource_manager' from 'google.cloud'` or outdated API versions. Google Cloud client libraries typically use versioned imports.
Fix: Always import from the specific versioned module, e.g., `from google.cloud.resourcemanager_v3 import ProjectsClient`.
gotcha The `list_projects` method (if available in a specific client version/API) may only return direct child projects of a given parent. To recursively find all projects within an organization or folder hierarchy, use the `search_projects` method (which requires the `resourcemanager.projects.get` permission on all projects you wish to retrieve).
Fix: Prefer `client.search_projects(query='parent.type:organization parent.id:YOUR_ORG_ID')` or `client.search_projects(query='parent.type:folder parent.id:YOUR_FOLDER_ID')` for comprehensive project listing within a hierarchy.

Install

pip install google-cloud-resource-manager Install latest version

Imports

ProjectsClient
```
from google.cloud.resourcemanager_v3 import ProjectsClient
```
For client libraries, always import the specific versioned module (e.g., `resourcemanager_v3`) instead of the top-level package, which might not expose client classes directly or could be an older, deprecated API version.

FoldersClient

from google.cloud.resourcemanager_v3 import FoldersClient

OrganizationsClient

from google.cloud.resourcemanager_v3 import OrganizationsClient

Quickstart

This quickstart initializes the `ProjectsClient` and then uses the `search_projects` method to list all Google Cloud projects accessible by the authenticated identity. It includes basic error handling and a reminder about setting up Application Default Credentials (ADC) for authentication.

import os
from google.cloud.resourcemanager_v3 import ProjectsClient
from google.api_core.exceptions import GoogleAPIError

def list_projects():
    # Ensure GOOGLE_APPLICATION_CREDENTIALS or gcloud auth is set up.
    # For local development, 'gcloud auth application-default login' is recommended.
    try:
        client = ProjectsClient()
        # The `search_projects` method can retrieve projects across the organization/folders
        # depending on the authenticated identity's permissions.
        # An empty query string lists all projects the user has permission to view.
        print("Listing projects:")
        for project in client.search_projects(query=''):
            print(f"  Project Name: {project.display_name} (ID: {project.project_id})")
            print(f"    State: {project.state.name}, Parent: {project.parent.type}/{project.parent.id}")
    except GoogleAPIError as e:
        print(f"An API error occurred: {e}")
        print("Ensure the Resource Manager API is enabled and you have necessary permissions.")
    except Exception as e:
        print(f"An unexpected error occurred: {e}")

if __name__ == '__main__':
    # This assumes Application Default Credentials are set up.
    # For example, by running `gcloud auth application-default login`
    # or setting the GOOGLE_APPLICATION_CREDENTIALS environment variable.
    if not os.environ.get('GOOGLE_APPLICATION_CREDENTIALS') and not os.environ.get('CLOUDSDK_CORE_ACCOUNT'):
        print("WARNING: No explicit Google Cloud credentials found. This script relies on Application Default Credentials (ADC).")
        print("         Please run 'gcloud auth application-default login' or set GOOGLE_APPLICATION_CREDENTIALS.")

    list_projects()

view raw JSON →