selectel
diff --git a/‎.golangci.yml‎
Lines changed: 7 additions & 0 deletions b/‎.golangci.yml‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 1 addition & 0 deletions b/‎README.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎examples/README.md‎
Lines changed: 1 addition & 0 deletions b/‎examples/README.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎examples/group-with-user/README.md‎
Lines changed: 28 additions & 0 deletions b/‎examples/group-with-user/README.md‎
Lines changed: 28 additions & 0 deletions
diff --git a/‎examples/group-with-user/main.go‎
Lines changed: 89 additions & 0 deletions b/‎examples/group-with-user/main.go‎
Lines changed: 89 additions & 0 deletions
diff --git a/‎examples/s3credentials-create-delete/README.md‎
Lines changed: 2 additions & 2 deletions b/‎examples/s3credentials-create-delete/README.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎examples/s3credentials-create-delete/main.go‎
Lines changed: 18 additions & 16 deletions b/‎examples/s3credentials-create-delete/main.go‎
Lines changed: 18 additions & 16 deletions
diff --git a/‎examples/serviceuser-create-update-delete/README.md‎
Lines changed: 3 additions & 3 deletions b/‎examples/serviceuser-create-update-delete/README.md‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎examples/serviceuser-create-update-delete/main.go‎
Lines changed: 18 additions & 17 deletions b/‎examples/serviceuser-create-update-delete/main.go‎
Lines changed: 18 additions & 17 deletions
diff --git a/‎examples/transfer-role/README.md‎
Lines changed: 1 addition & 1 deletion b/‎examples/transfer-role/README.md‎
Lines changed: 1 addition & 1 deletion
@@ -76,6 +76,13 @@ linters-settings:
 
   nolintlint:
     allow-leading-space: false
+
+  revive:
+    rules:
+      - name: var-naming
+        arguments:
+          # they outplayed themselves, and "IDS" actually means "allow 'Ids' in var name"
+          - [ "IDS" ] # AllowList"
 
   tagliatelle:
     case:
 
@@ -21,6 +21,7 @@ You can use this library to work with the following objects of the Selectel IAM
 
 * [users](https://pkg.go.dev/github.com/selectel/iam-go/service/users)
 * [serviceusers](https://pkg.go.dev/github.com/selectel/iam-go/service/serviceusers)
+* [groups](https://pkg.go.dev/github.com/selectel/iam-go/service/groups)
 * [s3credentials](https://pkg.go.dev/github.com/selectel/iam-go/service/s3credentials)
 
 ### Installation
 
@@ -3,6 +3,7 @@
 This directory contains examples that cover various use cases and functionality for iam-go.
 
 ### Concepts
+- [**Create Group with role and User**](./group-with-user): Create a new Group with role, create and add a User and delete them.
 - [**Create & Delete S3 Credentials**](./s3credentials-create-delete): Create a new S3 Credentials for an existing Service User (ID is needed) and delete it.
 - [**Create, Update & Delete Service User**](./serviceuser-create-update-delete): Create a new Service User, then update it's data and delete it.
 - [**Transfer role from one User to another**](./transfer-role): Find a billing User from all and transfer it's role to another User (ID is needed).
 
@@ -0,0 +1,28 @@
+# Create Group with Role & add User
+
+This example program demonstrates how to manage creating and deleting Group with Roles and Users.
+
+The part of deleting is disabled by `deleteAfterRun` variable.
+
+As an example, the Member Role will be assigned for a new Group.
+
+## Running this example
+
+Running this file will execute the following operations:
+
+1. **Create Group:** Create is used to create a new Group.
+2. **Create User:** Create is used to create a new User.
+3. **Assign Role:** Assign a role to the created Group.
+4. **Update Group:** Updates the Group Name and Description.
+5. **(Delete Group):** _(disabled by default)_ Delete a just-created Group on a previous step.
+6. **(Delete User):** _(disabled by default)_ Delete a just-created User on a previous step.
+
+You should see an output like the following:
+```
+Step 1: Created Group Name: test_group_name ID: 1a2b3c...
+Step 2: Created User ID: 12345_3... Keystone ID: 1a2b3c...
+Step 3: Assigned Role member with scope account to Group ID: 1a2b3c...
+Step 4: Group Name and Description updated to: new_test_group_name and new_group_description
+Step 5: Deleting Group with ID: 1a2b3c...
+Step 6: Deleting User with ID: 12345_3...
+```
@@ -0,0 +1,89 @@
+package main
+
+import (
+	"context"
+	"fmt"
+	"log"
+
+	"github.com/selectel/iam-go"
+	"github.com/selectel/iam-go/service/groups"
+	"github.com/selectel/iam-go/service/roles"
+	"github.com/selectel/iam-go/service/users"
+)
+
+var (
+	// KeystoneToken
+	token          = "gAAAAA..."
+	deleteAfterRun = false
+
+	// Prefix to be added to User-Agent.
+	prefix = "iam-go"
+
+	groupName          = "test_group_name"
+	description        = "group_description"
+	updatedGroupName   = "new_test_group_name"
+	updatedDescription = "new_group_description"
+	email              = "testmail@example.com"
+)
+
+func main() {
+	// Create a new IAM client.
+	iamClient, err := iam.New(
+		iam.WithAuthOpts(&iam.AuthOpts{KeystoneToken: token}),
+		iam.WithUserAgentPrefix(prefix),
+	)
+	if err != nil {
+		fmt.Println(err)
+		return
+	}
+
+	usersAPI := iamClient.Users
+	groupsAPI := iamClient.Groups
+	ctx := context.Background()
+
+	group, err := groupsAPI.Create(ctx, groups.CreateRequest{Name: groupName, Description: description})
+	if err != nil {
+		fmt.Println(err)
+		return
+	}
+	fmt.Printf("Step 1: Created Group Name: %s ID: %s\n", group.Name, group.ID)
+
+	user, err := usersAPI.Create(ctx, users.CreateRequest{
+		AuthType:   users.Local,
+		Email:      email,
+		Federation: nil,
+		Roles:      []roles.Role{{Scope: roles.Account, RoleName: roles.Reader}},
+		GroupIDs:   []string{group.ID},
+	})
+	if err != nil {
+		fmt.Println(err)
+		return
+	}
+	fmt.Printf("Step 2: Created User ID: %s Keystone ID: %s\n", user.ID, user.KeystoneID)
+
+	err = groupsAPI.AssignRoles(ctx, group.ID, []roles.Role{{Scope: roles.Account, RoleName: roles.Member}})
+	if err != nil {
+		log.Fatal(err)
+	}
+	fmt.Printf("Step 3: Assigned Role %s with scope %s to Group ID: %s\n", roles.Member, roles.Account, group.ID)
+
+	group, err = groupsAPI.Update(ctx, group.ID, groups.ModifyRequest{Name: updatedGroupName,
+		Description: &updatedDescription})
+	if err != nil {
+		fmt.Println(err)
+		return
+	}
+	fmt.Printf("Step 4: Group Name and Description updated to: %s and %s\n", group.Name, group.Description)
+
+	if deleteAfterRun {
+		fmt.Printf("Step 5: Deleting Group with ID: %s\n", group.ID)
+		if err = groupsAPI.Delete(ctx, group.ID); err != nil {
+			fmt.Println(err)
+		}
+
+		fmt.Printf("Step 6: Deleting User with ID: %s\n", user.ID)
+		if err = usersAPI.Delete(ctx, user.ID); err != nil {
+			fmt.Println(err)
+		}
+	}
+}
@@ -2,14 +2,14 @@
 
 This example program demonstrates how to manage creating and deleting S3 Credentials for a Service User.
 
-The part of deleting a just-created credentials is commented.
+The part of deleting a just-created credentials is disabled by `deleteAfterRun` variable.
 
 ## Running this example
 
 Running this file will execute the following operations:
 
 1. **Create:** Create is used to create a new S3 Credentials. It is implied, that the Service User ID is known.
-2. **(Delete):** _(commented by default)_ Delete deletes a just-created credentials on a previous step.
+2. **(Delete):** _(disabled by default)_ Delete deletes a just-created credentials on a previous step.
 
 You should see an output like the following (with both operations enabled):
 
 
@@ -7,22 +7,25 @@ import (
 	iam "github.com/selectel/iam-go"
 )
 
-func main() {
+var (
 	// KeystoneToken
-	token := "gAAAAA..."
+	token          = "gAAAAA..."
+	deleteAfterRun = false
 
 	// Prefix to be added to User-Agent.
-	prefix := "iam-go"
+	prefix = "iam-go"
 
 	// ID of the User to create S3 Credentials for.
-	userID := "a1b2c3..."
+	userID = "a1b2c3..."
 
 	// Name of the S3 Credentials to create.
-	name := "my-s3-credentials"
+	name = "my-s3-credentials"
 
 	// Project ID to create the S3 Credentials for.
-	projectID := "a1b2c3..."
+	projectID = "a1b2c3..."
+)
 
+func main() {
 	// Create a new IAM client.
 	iamClient, err := iam.New(
 		iam.WithAuthOpts(&iam.AuthOpts{KeystoneToken: token}),
@@ -56,16 +59,15 @@ func main() {
 	fmt.Printf("Step 1: Created credentials Secret Key: %s Access Key: %s\n", credentials.SecretKey,
 		credentials.AccessKey)
 
-	// // Delete an existing S3 Credentials.
-	// err = s3CredAPI.Delete(ctx, &s3credentials.DeleteInput{
-	// 	UserID:    userID,
-	// 	AccessKey: credentials.AccessKey,
-	// })
+	if deleteAfterRun {
+		// Delete an existing S3 Credentials.
+		err = s3CredAPI.Delete(ctx, userID, credentials.AccessKey)
 
-	// // Handle the error.
-	// if err != nil {
-	// 	fmt.Println(err)
-	// }
+		// Handle the error.
+		if err != nil {
+			fmt.Println(err)
+		}
 
-	// fmt.Printf("Step 2: Deleted credentials")
+		fmt.Printf("Step 2: Deleted credentials")
+	}
 }
@@ -2,7 +2,7 @@
 
 This example program demonstrates how to manage creating, updating and deleting Service User.
 
-The part of deleting a just-created Service User is commented.
+The part of deleting a just-created Service User is disabled by `deleteAfterRun` variable.
 
 As an example, the Billing Role will be assigned for a new Service User and in update method this Service User will be set to _Disabled_.
 
@@ -11,8 +11,8 @@ As an example, the Billing Role will be assigned for a new Service User and in u
 Running this file will execute the following operations:
 
 1. **Create:** Create is used to create a new Service User.
-2. **Update** Update sets _Enabled_ property of the just-created Service User to _false_
-3. **(Delete):** _(commented by default)_ Delete deletes a just-created Service User.
+2. **Update:** Update sets _Enabled_ property of the just-created Service User to _false_
+3. **(Delete):** _(disabled by default)_ Delete deletes a just-created Service User.
 
 You should see an output like the following (with all operations enabled):
 
 
@@ -9,25 +9,25 @@ import (
 	"github.com/selectel/iam-go/service/serviceusers"
 )
 
-func main() {
+var (
 	// KeystoneToken
-	token := "gAAAAA..."
+	token          = "gAAAAA..."
+	deleteAfterRun = false
 
 	// Prefix to be added to User-Agent.
-	prefix := "iam-go"
-
+	prefix = "iam-go"
 	// Name of the Service User to create.
-	name := "service-user"
-
+	name = "service-user"
 	// Password of the Service User to create.
-	password := "Qazwsxedc123"
+	password = "Qazwsxedc123"
+)
 
+func main() {
 	// Create a new IAM client.
 	iamClient, err := iam.New(
 		iam.WithAuthOpts(&iam.AuthOpts{KeystoneToken: token}),
 		iam.WithUserAgentPrefix(prefix),
 	)
-	// Handle the error.
 	if err != nil {
 		fmt.Println(err)
 		return
@@ -46,7 +46,6 @@ func main() {
 		Password: password,
 		Roles:    []roles.Role{{Scope: roles.Account, RoleName: roles.Billing}},
 	})
-	// Handle the error.
 	if err != nil {
 		fmt.Println(err)
 		return
@@ -58,21 +57,23 @@ func main() {
 	_, err = serviceUsersAPI.Update(ctx, serviceUser.ID, serviceusers.UpdateRequest{
 		Enabled: false,
 	})
-	// Handle the error.
 	if err != nil {
 		fmt.Println(err)
 		return
 	}
 
 	fmt.Printf("Step 2: Disabled Service User ID %s\n", serviceUser.ID)
 
-	// // Delete an existing Service User.
-	// err = serviceUsersAPI.Delete(ctx, serviceUser.ID)
+	// Disabled by default
+	if deleteAfterRun {
+		// Delete an existing Service User.
+		err = serviceUsersAPI.Delete(ctx, serviceUser.ID)
 
-	// // Handle the error.
-	// if err != nil {
-	// 	fmt.Println(err)
-	// }
+		// Handle the error.
+		if err != nil {
+			fmt.Println(err)
+		}
 
-	// fmt.Printf("Step 3: Deleted Service User ID %s\n", serviceUser.ID)
+		fmt.Printf("Step 3: Deleted Service User ID %s\n", serviceUser.ID)
+	}
 }
@@ -10,7 +10,7 @@ Running this file will execute the following operations:
 
 1. **List:** List is used to retrieve all Users. The first one, who has a billing role, will be selected as 'transferer'.
 2. **UnassignRole:** UnassinRole will remove Billing role from chosen user.
-3. **AssignRole** AssignRole will add Billing role to the predefined User ID.
+3. **AssignRole:** AssignRole will add Billing role to the predefined User ID.
 
 You should see an output like the following: