feat: add membership management api to global admin service (#291)

momentohq · Jul 25, 2024 · 9200656 · 9200656
1 parent dcd6c3d
commit 9200656
Showing 1 changed file with 67 additions and 0 deletions.
diff --git a/proto/global_admin.proto b/proto/global_admin.proto
@@ -10,6 +10,10 @@ package global_admin;
 service GlobalAdmin {
   rpc GetAccounts(_GetAccountsRequest) returns(_GetAccountsResponse) {}
   rpc GetAccountSessionToken (_GetAccountSessionTokenRequest) returns(_GetAccountSessionTokenResponse) {}
+  rpc AddMember(_AddMemberRequest) returns(_AddMemberResponse) {}
+  rpc RemoveMember(_RemoveMemberRequest) returns(_RemoveMemberResponse) {}
+  rpc ListMembers(_ListMembersRequest) returns(_ListMembersResponse) {}
+  rpc GetEndpointsForAccount(_GetEndpointsForAccountRequest) returns (_GetEndpointsForAccountResponse) {}
 }
 
 // No parameters required - we derive identity from the auth header.
@@ -32,3 +36,66 @@ message _GetAccountSessionTokenRequest {
 message _GetAccountSessionTokenResponse {
   string account_session_token = 1;
 }
+
+// API Key needs to be provided via the "authorization" header.
+// The Account to add the User to is derived from the API key, which is account-scoped.
+message _AddMemberRequest {
+  string user_name = 1;
+}
+
+// This response is for when a Member is added successfully to the Account,
+// including the case when the Member is already a Member.
+// These are some of the Errors and their corresponding GRPC status codes.
+// 1. User is already a Member. grpc code = FAILED_PRECONDITION. Metadata: "err" -> "already_a_member".
+// 2. User does not exist. grpc code = NOT_FOUND. Metadata: "err" -> "user_not_found".
+// 3. Account has too many Members. grpc code = RESOURCE_EXHAUSTED. Metadata: "err" -> "max_member_count_exceeded".
+message _AddMemberResponse {
+}
+
+// API Key needs to be provided via the "authorization" header.
+// The Account to remove the User from is derived from the API key, which is account-scoped.
+message _RemoveMemberRequest {
+  string user_name = 1;
+}
+
+// This response is for when a Member is removed successfully from an Account.
+// These are some of the Errors and their corresponding GRPC status codes:
+// 1. User is not a Member. grpc code = FAILED_PRECONDITION. Metadata: "err" -> "user_is_not_a_member".
+// 2. a non-owner Member may not be removed. grpc code = PERMISSION_DENIED. Metadata: "err" -> "owner_cannot_be_removed".
+// Note that to remove an Owner, customers need to reach out to us so we can run mm commands for them.
+message _RemoveMemberResponse {
+}
+
+// API Key needs to be provided via the "authorization" header.
+// The Account to list the Users is derived from the API key, which is account-scoped.
+message _ListMembersRequest {
+}
+
+enum MembershipStatus {
+  OWNER = 0;
+  MEMBER = 1;
+}
+
+message _Member {
+  string user_name = 1;
+  MembershipStatus membership_status = 2;
+}
+
+message _ListMembersResponse {
+  repeated _Member members = 1;
+}
+
+// API Key needs to be provided via the "authorization" header.
+// The Account is derived from the API key, which is account-scoped.
+message _GetEndpointsForAccountRequest {
+}
+
+message _GetEndpointsForAccountResponse {
+  repeated Endpoint endpoints = 1;
+}
+
+message Endpoint {
+  string friendly_name = 1; // the name displayed in the Console, e.g. 'us-west-2', 'private-us-west-2', etc.
+  string domain_name = 2; // domain name for talking to this Endpoint, e.g. `cell-4-us-west-2-1.prod.a.momentohq.com`
+  string region = 3; // AWS region, e.g. `us-west-2`
+}