Reference documentation and code samples for the Google Cloud Org Policy V2 Client class PolicyRule.
A rule used to express this policy.
Generated from protobuf message google.cloud.orgpolicy.v2.PolicySpec.PolicyRule
Namespace
Google \ Cloud \ OrgPolicy \ V2 \ PolicySpecMethods
__construct
Constructor.
| Parameters | |
|---|---|
| Name | Description |
data |
array
Optional. Data for populating the Message object. |
↳ values |
PolicyRule\StringValues
List of values to be used for this policy rule. This field can be set only in policies for list constraints. |
↳ allow_all |
bool
Setting this to true means that all values are allowed. This field can be set only in policies for list constraints. |
↳ deny_all |
bool
Setting this to true means that all values are denied. This field can be set only in policies for list constraints. |
↳ enforce |
bool
If |
↳ condition |
Google\Type\Expr
A condition which determines whether this rule is used in the evaluation of the policy. When set, the |
↳ parameters |
Google\Protobuf\Struct
Optional. Required for managed constraints if parameters are defined. Passes parameter values when policy enforcement is enabled. Ensure that parameter value types match those defined in the constraint definition. For example: { "allowedLocations" : ["us-east1", "us-west1"], "allowAll" : true } |
getValues
List of values to be used for this policy rule. This field can be set only in policies for list constraints.
| Returns | |
|---|---|
| Type | Description |
PolicyRule\StringValues|null |
|
hasValues
setValues
List of values to be used for this policy rule. This field can be set only in policies for list constraints.
| Parameter | |
|---|---|
| Name | Description |
var |
PolicyRule\StringValues
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getAllowAll
Setting this to true means that all values are allowed. This field can be set only in policies for list constraints.
| Returns | |
|---|---|
| Type | Description |
bool |
|
hasAllowAll
setAllowAll
Setting this to true means that all values are allowed. This field can be set only in policies for list constraints.
| Parameter | |
|---|---|
| Name | Description |
var |
bool
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getDenyAll
Setting this to true means that all values are denied. This field can be set only in policies for list constraints.
| Returns | |
|---|---|
| Type | Description |
bool |
|
hasDenyAll
setDenyAll
Setting this to true means that all values are denied. This field can be set only in policies for list constraints.
| Parameter | |
|---|---|
| Name | Description |
var |
bool
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getEnforce
If true, then the policy is enforced. If false, then any
configuration is acceptable.
This field can be set only in policies for boolean constraints.
| Returns | |
|---|---|
| Type | Description |
bool |
|
hasEnforce
setEnforce
If true, then the policy is enforced. If false, then any
configuration is acceptable.
This field can be set only in policies for boolean constraints.
| Parameter | |
|---|---|
| Name | Description |
var |
bool
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getCondition
A condition which determines whether this rule is used
in the evaluation of the policy. When set, the expression field in
the `Expr' must include from 1 to 10 subexpressions, joined by the "||"
or "&&" operators. Each subexpression must be of the form
"resource.matchTag('<ORG_ID>/tag_key_short_name,
'tag_value_short_name')". or "resource.matchTagId('tagKeys/key_id',
'tagValues/value_id')". where key_name and value_name are the resource
names for Label Keys and Values. These names are available from the Tag
Manager Service. An example expression is:
"resource.matchTag('123456789/environment,
'prod')". or "resource.matchTagId('tagKeys/123',
'tagValues/456')".
| Returns | |
|---|---|
| Type | Description |
Google\Type\Expr|null |
|
hasCondition
clearCondition
setCondition
A condition which determines whether this rule is used
in the evaluation of the policy. When set, the expression field in
the `Expr' must include from 1 to 10 subexpressions, joined by the "||"
or "&&" operators. Each subexpression must be of the form
"resource.matchTag('<ORG_ID>/tag_key_short_name,
'tag_value_short_name')". or "resource.matchTagId('tagKeys/key_id',
'tagValues/value_id')". where key_name and value_name are the resource
names for Label Keys and Values. These names are available from the Tag
Manager Service. An example expression is:
"resource.matchTag('123456789/environment,
'prod')". or "resource.matchTagId('tagKeys/123',
'tagValues/456')".
| Parameter | |
|---|---|
| Name | Description |
var |
Google\Type\Expr
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getParameters
Optional. Required for managed constraints if parameters are defined.
Passes parameter values when policy enforcement is enabled. Ensure that parameter value types match those defined in the constraint definition. For example: { "allowedLocations" : ["us-east1", "us-west1"], "allowAll" : true }
| Returns | |
|---|---|
| Type | Description |
Google\Protobuf\Struct|null |
|
hasParameters
clearParameters
setParameters
Optional. Required for managed constraints if parameters are defined.
Passes parameter values when policy enforcement is enabled. Ensure that parameter value types match those defined in the constraint definition. For example: { "allowedLocations" : ["us-east1", "us-west1"], "allowAll" : true }
| Parameter | |
|---|---|
| Name | Description |
var |
Google\Protobuf\Struct
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getKind
| Returns | |
|---|---|
| Type | Description |
string |
|