Class OSPolicy (1.10.0)

OSPolicy(mapping=None, *, ignore_unknown_fields=False, **kwargs)

An OS policy defines the desired state configuration for a VM.

Attributes

NameDescription
id str
Required. The id of the OS policy with the following restrictions: - Must contain only lowercase letters, numbers, and hyphens. - Must start with a letter. - Must be between 1-63 characters. - Must end with a number or a letter. - Must be unique within the assignment.
description str
Policy description. Length of the description is limited to 1024 characters.
mode google.cloud.osconfig_v1alpha.types.OSPolicy.Mode
Required. Policy mode
resource_groups Sequence[google.cloud.osconfig_v1alpha.types.OSPolicy.ResourceGroup]
Required. List of resource groups for the policy. For a particular VM, resource groups are evaluated in the order specified and the first resource group that is applicable is selected and the rest are ignored. If none of the resource groups are applicable for a VM, the VM is considered to be non-compliant w.r.t this policy. This behavior can be toggled by the flag allow_no_resource_group_match
allow_no_resource_group_match bool
This flag determines the OS policy compliance status when none of the resource groups within the policy are applicable for a VM. Set this value to true if the policy needs to be reported as compliant even if the policy has nothing to validate or enforce.

Classes

Mode

Mode(value)

Policy mode

OSFilter

OSFilter(mapping=None, *, ignore_unknown_fields=False, **kwargs)

The OSFilter is used to specify the OS filtering criteria for the resource group.

Resource

Resource(mapping=None, *, ignore_unknown_fields=False, **kwargs)

An OS policy resource is used to define the desired state configuration and provides a specific functionality like installing/removing packages, executing a script etc.

The system ensures that resources are always in their desired state by taking necessary actions if they have drifted from their desired state.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

ResourceGroup

ResourceGroup(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Resource groups provide a mechanism to group OS policy resources.

Resource groups enable OS policy authors to create a single OS policy to be applied to VMs running different operating Systems.

When the OS policy is applied to a target VM, the appropriate resource group within the OS policy is selected based on the OSFilter specified within the resource group.