[IAM User] Endpoint to add Carol emails to GCP IAM

Description

POST {{/v1/tenant/

{mdmTenantId}

/gcp_users}}

This is going to be a SYNC request.

BE will send a request with a list of users to add in the IAM and a list of users to remove from the IAM

If the it fails for some reason that a couple backoff retries (3 recommended with 5 seconds) can’t workaround, than we should return the error in the response, being crystal clear about what happened. The whole request should not take more than 5 minutes, otherwise BE will receive a timeout and will not know the final result.

If some user we are trying to add already is in the IAM we should just skip it. If some user we are trying to remove is no longer in the IAM we should just skip it as well.

We need to validate if the email are from Totvs (http://totvs.com , http://totvs.com.br , totvslab.com, totvslab.com.br)

Body:

{
  "addEmails": [<string>,],
  "removeEmails": [<string>,],
}

There is a quota of 600 policies per minute. Is it will impact anything?

Manage the limit of 1000 users/emails per tenant. If the request has more then 1000 users, we should refuse the request with 4xx. Use the role to make the calculation.

Allow only OrgAdmin and intern token LocalApiAuthorization to add users.

We need to request a custom role for SRE, but before that we need to figure out which is the specific role for users use the tenant in a Spreadsheet and Looker.

We don’t need to store the requests and they status in a PG table, but we can log as debug all request body, just to make easier to track. Since it will be not used a lot, it will cause no problems about too many logs.

We should not allow two concurrent process for the same tenant. We can return 409 in case of other request for the same tenant.

Response (200):

{
  "detail": "Use this field if we need to share some importante information"
}

Response (400):

{
  "detail": "Error message...",
  "status": 400,
  "title": "Bad Request",
  "type": "about:blank"
}

For errors:

  • For generic errors from GCP we will return 500
  • For quota limit we must return the 4xx more appropriated
  • If we can identify other types of errors in advance we should use a appropriated 4xx error