Reference documentation and code samples for the Google Cloud Org Policy V2 Client class PolicySpec.
Defines a Cloud Organization PolicySpec
which is used to specify
Constraints
for configurations of Cloud Platform resources.
Generated from protobuf message google.cloud.orgpolicy.v2.PolicySpec
Namespace
Google \ Cloud \ OrgPolicy \ V2Methods
__construct
Constructor.
Parameters | |
---|---|
Name | Description |
data |
array
Optional. Data for populating the Message object. |
↳ etag |
string
An opaque tag indicating the current version of the |
↳ update_time |
Google\Protobuf\Timestamp
Output only. The time stamp this was previously updated. This represents the last time a call to |
↳ rules |
array<Google\Cloud\OrgPolicy\V2\PolicySpec\PolicyRule>
Up to 10 PolicyRules are allowed. In Policies for boolean constraints, the following requirements apply: - There must be one and only one PolicyRule where condition is unset. - BooleanPolicyRules with conditions must set |
↳ inherit_from_parent |
bool
Determines the inheritance behavior for this |
↳ reset |
bool
Ignores policies set above this resource and restores the |
getEtag
An opaque tag indicating the current version of the Policy
, used for
concurrency control.
This field is ignored if used in a CreatePolicy
request.
When the Policy
is returned from either a GetPolicy
or a
ListPolicies
request, this etag
indicates the version of the
current Policy
to use when executing a read-modify-write loop.
When the Policy
is returned from a GetEffectivePolicy
request, the
etag
will be unset.
Returns | |
---|---|
Type | Description |
string |
setEtag
An opaque tag indicating the current version of the Policy
, used for
concurrency control.
This field is ignored if used in a CreatePolicy
request.
When the Policy
is returned from either a GetPolicy
or a
ListPolicies
request, this etag
indicates the version of the
current Policy
to use when executing a read-modify-write loop.
When the Policy
is returned from a GetEffectivePolicy
request, the
etag
will be unset.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getUpdateTime
Output only. The time stamp this was previously updated. This
represents the last time a call to CreatePolicy
or UpdatePolicy
was
made for that Policy
.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Timestamp|null |
hasUpdateTime
clearUpdateTime
setUpdateTime
Output only. The time stamp this was previously updated. This
represents the last time a call to CreatePolicy
or UpdatePolicy
was
made for that Policy
.
Parameter | |
---|---|
Name | Description |
var |
Google\Protobuf\Timestamp
|
Returns | |
---|---|
Type | Description |
$this |
getRules
Up to 10 PolicyRules are allowed.
In Policies for boolean constraints, the following requirements apply:
- There must be one and only one PolicyRule where condition is unset.
- BooleanPolicyRules with conditions must set
enforced
to the opposite of the PolicyRule without a condition. - During policy evaluation, PolicyRules with conditions that are true for a target resource take precedence.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Internal\RepeatedField |
setRules
Up to 10 PolicyRules are allowed.
In Policies for boolean constraints, the following requirements apply:
- There must be one and only one PolicyRule where condition is unset.
- BooleanPolicyRules with conditions must set
enforced
to the opposite of the PolicyRule without a condition. - During policy evaluation, PolicyRules with conditions that are true for a target resource take precedence.
Parameter | |
---|---|
Name | Description |
var |
array<Google\Cloud\OrgPolicy\V2\PolicySpec\PolicyRule>
|
Returns | |
---|---|
Type | Description |
$this |
getInheritFromParent
Determines the inheritance behavior for this Policy
.
If inherit_from_parent
is true, PolicyRules set higher up in the
hierarchy (up to the closest root) are inherited and present in the
effective policy. If it is false, then no rules are inherited, and this
Policy becomes the new root for evaluation.
This field can be set only for Policies which configure list constraints.
Returns | |
---|---|
Type | Description |
bool |
setInheritFromParent
Determines the inheritance behavior for this Policy
.
If inherit_from_parent
is true, PolicyRules set higher up in the
hierarchy (up to the closest root) are inherited and present in the
effective policy. If it is false, then no rules are inherited, and this
Policy becomes the new root for evaluation.
This field can be set only for Policies which configure list constraints.
Parameter | |
---|---|
Name | Description |
var |
bool
|
Returns | |
---|---|
Type | Description |
$this |
getReset
Ignores policies set above this resource and restores the
constraint_default
enforcement behavior of the specific Constraint
at
this resource.
This field can be set in policies for either list or boolean
constraints. If set, rules
must be empty and inherit_from_parent
must be set to false.
Returns | |
---|---|
Type | Description |
bool |
setReset
Ignores policies set above this resource and restores the
constraint_default
enforcement behavior of the specific Constraint
at
this resource.
This field can be set in policies for either list or boolean
constraints. If set, rules
must be empty and inherit_from_parent
must be set to false.
Parameter | |
---|---|
Name | Description |
var |
bool
|
Returns | |
---|---|
Type | Description |
$this |