Namespace Google.Cloud.OrgPolicy.V2 (2.0.0)

Stay organized with collections Save and categorize content based on your preferences.

Classes

AlternatePolicySpec

Similar to PolicySpec but with an extra 'launch' field for launch reference. The PolicySpec here is specific for dry-run/darklaunch.

Constraint

A constraint describes a way to restrict resource's configuration. For example, you could enforce a constraint that controls which cloud services can be activated across an organization, or whether a Compute Engine instance can have serial port connections established. Constraints can be configured by the organization's policy administrator to fit the needs of the organization by setting a policy that includes constraints at different locations in the organization's resource hierarchy. Policies are inherited down the resource hierarchy from higher levels, but can also be overridden. For details about the inheritance rules please read about [policies][google.cloud.OrgPolicy.v2.Policy].

Constraints have a default behavior determined by the constraint_default field, which is the enforcement behavior that is used in the absence of a policy being defined or inherited for the resource in question.

Constraint.Types

Container for nested types declared in the Constraint message type.

Constraint.Types.BooleanConstraint

A Constraint that is either enforced or not.

For example a constraint constraints/compute.disableSerialPortAccess. If it is enforced on a VM instance, serial port connections will not be opened to that instance.

Constraint.Types.ListConstraint

A Constraint that allows or disallows a list of string values, which are configured by an Organization's policy administrator with a Policy.

ConstraintName

Resource name for the Constraint resource.

CreatePolicyRequest

The request sent to the [CreatePolicyRequest] [google.cloud.orgpolicy.v2.OrgPolicy.CreatePolicy] method.

DeletePolicyRequest

The request sent to the [DeletePolicy] [google.cloud.orgpolicy.v2.OrgPolicy.DeletePolicy] method.

GetEffectivePolicyRequest

The request sent to the [GetEffectivePolicy] [google.cloud.orgpolicy.v2.OrgPolicy.GetEffectivePolicy] method.

GetPolicyRequest

The request sent to the [GetPolicy] [google.cloud.orgpolicy.v2.OrgPolicy.GetPolicy] method.

ListConstraintsRequest

The request sent to the [ListConstraints] [google.cloud.orgpolicy.v2.OrgPolicy.ListConstraints] method.

ListConstraintsResponse

The response returned from the [ListConstraints] [google.cloud.orgpolicy.v2.OrgPolicy.ListConstraints] method.

ListPoliciesRequest

The request sent to the [ListPolicies] [google.cloud.orgpolicy.v2.OrgPolicy.ListPolicies] method.

ListPoliciesResponse

The response returned from the [ListPolicies] [google.cloud.orgpolicy.v2.OrgPolicy.ListPolicies] method. It will be empty if no Policies are set on the resource.

OrgPolicy

An interface for managing organization policies.

The Cloud Org Policy service provides a simple mechanism for organizations to restrict the allowed configurations across their entire Cloud Resource hierarchy.

You can use a policy to configure restrictions in Cloud resources. For example, you can enforce a policy that restricts which Google Cloud Platform APIs can be activated in a certain part of your resource hierarchy, or prevents serial port access to VM instances in a particular folder.

Policies are inherited down through the resource hierarchy. A policy applied to a parent resource automatically applies to all its child resources unless overridden with a policy lower in the hierarchy.

A constraint defines an aspect of a resource's configuration that can be controlled by an organization's policy administrator. Policies are a collection of constraints that defines their allowable configuration on a particular resource and its child resources.

OrgPolicy.OrgPolicyBase

Base class for server-side implementations of OrgPolicy

OrgPolicy.OrgPolicyClient

Client for OrgPolicy

OrgPolicyClient

OrgPolicy client wrapper, for convenient use.

OrgPolicyClientBuilder

Builder class for OrgPolicyClient to provide simple configuration of credentials, endpoint etc.

OrgPolicyClientImpl

OrgPolicy client wrapper implementation, for convenient use.

OrgPolicySettings

Settings for OrgPolicyClient instances.

Policy

Defines a Cloud Organization Policy which is used to specify Constraints for configurations of Cloud Platform resources.

PolicyName

Resource name for the Policy resource.

PolicySpec

Defines a Cloud Organization PolicySpec which is used to specify Constraints for configurations of Cloud Platform resources.

PolicySpec.Types

Container for nested types declared in the PolicySpec message type.

PolicySpec.Types.PolicyRule

A rule used to express this policy.

PolicySpec.Types.PolicyRule.Types

Container for nested types declared in the PolicyRule message type.

PolicySpec.Types.PolicyRule.Types.StringValues

A message that holds specific allowed and denied values. This message can define specific values and subtrees of Cloud Resource Manager resource hierarchy (Organizations, Folders, Projects) that are allowed or denied. This is achieved by using the under: and optional is: prefixes. The under: prefix is used to denote resource subtree values. The is: prefix is used to denote specific values, and is required only if the value contains a ":". Values prefixed with "is:" are treated the same as values with no prefix. Ancestry subtrees must be in one of the following formats:

  • "projects/<project-id>", e.g. "projects/tokyo-rain-123"
  • "folders/<folder-id>", e.g. "folders/1234"
  • "organizations/<organization-id>", e.g. "organizations/1234" The supports_under field of the associated Constraint defines whether ancestry prefixes can be used.

UpdatePolicyRequest

The request sent to the [UpdatePolicyRequest] [google.cloud.orgpolicy.v2.OrgPolicy.UpdatePolicy] method.

Enums

Constraint.ConstraintTypeOneofCase

Enum of possible cases for the "constraint_type" oneof.

Constraint.Types.ConstraintDefault

Specifies the default behavior in the absence of any Policy for the Constraint. This must not be CONSTRAINT_DEFAULT_UNSPECIFIED.

Immutable after creation.

ConstraintName.ResourceNameType

The possible contents of ConstraintName.

PolicyName.ResourceNameType

The possible contents of PolicyName.

PolicySpec.Types.PolicyRule.KindOneofCase

Enum of possible cases for the "kind" oneof.