REST Resource: projects.policies

Resource: Policy

Defines an organization policy which is used to specify constraints for configurations of Google Cloud resources.

JSON representation
{
  "name": string,
  "spec": {
    object (PolicySpec)
  },
  "alternate": {
    object (AlternatePolicySpec)
  },
  "dryRunSpec": {
    object (PolicySpec)
  },
  "etag": string
}
Fields
name

string

Immutable. The resource name of the policy. Must be one of the following forms, where constraint_name is the name of the constraint which this policy configures:

  • projects/{project_number}/policies/{constraint_name}
  • folders/{folder_id}/policies/{constraint_name}
  • organizations/{organization_id}/policies/{constraint_name}

For example, projects/123/policies/compute.disableSerialPortAccess.

Note: projects/{projectId}/policies/{constraint_name} is also an acceptable name for API requests, but responses will return the name using the equivalent project number.

spec

object (PolicySpec)

Basic information about the Organization Policy.

alternate
(deprecated)

object (AlternatePolicySpec)

Deprecated.

dryRunSpec

object (PolicySpec)

Dry-run policy. Audit-only policy, can be used to monitor how the policy would have impacted the existing and future resources if it's enforced.

etag

string

Optional. An opaque tag indicating the current state of the policy, used for concurrency control. This 'etag' is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

Methods

create

Creates a policy.

delete

Deletes a policy.

get

Gets a policy on a resource.

getEffectivePolicy

Gets the effective policy on a resource.

list

Retrieves all of the policies that exist on a particular resource.

patch

Updates a policy.