Class CustomConstraint (0.10.0)

A custom constraint defined by customers which can only be applied to the given resource types and organization.

By creating a custom constraint, customers can apply policies of this custom constraint. Creating a custom constraint itself does NOT apply any policy enforcement.

Protobuf type google.cloud.securityposture.v1.CustomConstraint

Allow or deny type.

.google.cloud.securityposture.v1.CustomConstraint.ActionType action_type = 5;

Allow or deny type.

.google.cloud.securityposture.v1.CustomConstraint.ActionType action_type = 5;

Org policy condition/expression. For example: resource.instanceName.matches("[production|test].*(\d)+") or, resource.management.auto_upgrade == true

The max length of the condition is 1000 characters.

string condition = 4;

Org policy condition/expression. For example: resource.instanceName.matches("[production|test].*(\d)+") or, resource.management.auto_upgrade == true

The max length of the condition is 1000 characters.

string condition = 4;

Detailed information about this custom policy constraint. The max length of the description is 2000 characters.

string description = 7;

Detailed information about this custom policy constraint. The max length of the description is 2000 characters.

string description = 7;

One line display name for the UI. The max length of the display_name is 200 characters.

string display_name = 6;

One line display name for the UI. The max length of the display_name is 200 characters.

string display_name = 6;

All the operations being applied for this constraint.

repeated .google.cloud.securityposture.v1.CustomConstraint.MethodType method_types = 3;

All the operations being applied for this constraint.

repeated .google.cloud.securityposture.v1.CustomConstraint.MethodType method_types = 3;

All the operations being applied for this constraint.

repeated .google.cloud.securityposture.v1.CustomConstraint.MethodType method_types = 3;

All the operations being applied for this constraint.

repeated .google.cloud.securityposture.v1.CustomConstraint.MethodType method_types = 3;

All the operations being applied for this constraint.

repeated .google.cloud.securityposture.v1.CustomConstraint.MethodType method_types = 3;

Immutable. Name of the constraint. This is unique within the organization. Format of the name should be

- organizations/{organization_id}/customConstraints/{custom_constraint_id}

Example: organizations/123/customConstraints/custom.createOnlyE2TypeVms

The max length is 70 characters and the minimum length is 1. Note that the prefix organizations/{organization_id}/customConstraints/ is not counted.

string name = 1 [(.google.api.field_behavior) = IMMUTABLE];

Immutable. Name of the constraint. This is unique within the organization. Format of the name should be

- organizations/{organization_id}/customConstraints/{custom_constraint_id}

Example: organizations/123/customConstraints/custom.createOnlyE2TypeVms

The max length is 70 characters and the minimum length is 1. Note that the prefix organizations/{organization_id}/customConstraints/ is not counted.

string name = 1 [(.google.api.field_behavior) = IMMUTABLE];

Immutable. The resource instance type on which this policy applies. Format will be of the form : <canonical service name>/<type> Example:

• compute.googleapis.com/Instance.

repeated string resource_types = 2 [(.google.api.field_behavior) = IMMUTABLE];

Immutable. The resource instance type on which this policy applies. Format will be of the form : <canonical service name>/<type> Example:

• compute.googleapis.com/Instance.

repeated string resource_types = 2 [(.google.api.field_behavior) = IMMUTABLE];

Immutable. The resource instance type on which this policy applies. Format will be of the form : <canonical service name>/<type> Example:

• compute.googleapis.com/Instance.

repeated string resource_types = 2 [(.google.api.field_behavior) = IMMUTABLE];

Immutable. The resource instance type on which this policy applies. Format will be of the form : <canonical service name>/<type> Example:

• compute.googleapis.com/Instance.

repeated string resource_types = 2 [(.google.api.field_behavior) = IMMUTABLE];

Output only. The last time this custom constraint was updated. This represents the last time that the CreateCustomConstraint or UpdateCustomConstraint RPC was called

.google.protobuf.Timestamp update_time = 8 [(.google.api.field_behavior) = OUTPUT_ONLY];

Output only. The last time this custom constraint was updated. This represents the last time that the CreateCustomConstraint or UpdateCustomConstraint RPC was called

.google.protobuf.Timestamp update_time = 8 [(.google.api.field_behavior) = OUTPUT_ONLY];

Output only. The last time this custom constraint was updated. This represents the last time that the CreateCustomConstraint or UpdateCustomConstraint RPC was called

.google.protobuf.Timestamp update_time = 8 [(.google.api.field_behavior) = OUTPUT_ONLY];