커스텀 조직 정책을 사용하면 관리자가 Google Cloud 서비스에 대한 제한사항을 직접 정의할 수 있습니다. 커스텀 제약조건에 대한 자세한 내용은 커스텀 조직 정책 개요를 참조하세요.
각 서비스는 서비스 리소스에 대한 조직 정책을 시행하는 데 사용할 수 있는 커스텀 제약조건 필드 집합을 정의합니다. 커스텀 제약조건을 지원하는 Google Cloud 서비스에 대해 알아보려면 지원되는 서비스 리소스 목록을 참조하세요. 커스텀 제약조건을 만드는 방법을 알아보려면 커스텀 제약조건 만들기 및 관리를 참조하세요.
지원되는 서비스 리소스
다음 서비스와 연결된 리소스에 커스텀 제약조건을 적용할 수 있습니다. 이러한 리소스에 모든 리소스 속성을 사용할 수 있는 것은 아닙니다. 사용 가능한 리소스와 속성을 보려면 서비스별 문서를 참조하세요.
Google Cloud 서비스 | 리소스 유형 | 출시 상태 |
---|---|---|
Artifact Registry | artifactregistry.googleapis.com/Repository
| GA |
인증서 관리자 | certificatemanager.googleapis.com/CertificateMap
| GA |
certificatemanager.googleapis.com/CertificateMapEntry
| GA |
|
certificatemanager.googleapis.com/Certificate
| GA |
|
certificatemanager.googleapis.com/CertificateIssuanceConfig
| GA |
|
certificatemanager.googleapis.com/DnsAuthorization
| GA |
|
certificatemanager.googleapis.com/TrustConfig
| GA |
|
Cloud Key Management Service | cloudkms.googleapis.com/KeyHandle
| GA |
cloudkms.googleapis.com/AutokeyConfig
| GA |
|
cloudkms.googleapis.com/CryptoKey
| GA |
|
cloudkms.googleapis.com/CryptoKeyVersion
| GA |
|
cloudkms.googleapis.com/EkmConnection
| GA |
|
cloudkms.googleapis.com/EkmConfig
| GA |
|
cloudkms.googleapis.com/ImportJob
| GA |
|
GKE | container.googleapis.com/NodePool
| GA |
container.googleapis.com/Cluster
| GA |
|
Dataproc Serverless | dataproc.googleapis.com/Batch
| GA |
Dataproc | dataproc.googleapis.com/Cluster
| GA |
Compute Engine | compute.googleapis.com/Disk
| GA |
compute.googleapis.com/Image
| GA |
|
compute.googleapis.com/Instance
| GA |
|
Cloud VPN | compute.googleapis.com/ExternalVpnGateway
| GA |
compute.googleapis.com/TargetVpnGateway
| GA |
|
compute.googleapis.com/VpnGateway
| GA |
|
compute.googleapis.com/VpnTunnel
| GA |
|
Cloud Next Generation Firewall | compute.googleapis.com/Firewall
| GA |
compute.googleapis.com/FirewallPolicy
| GA |
|
Cloud Load Balancing | compute.googleapis.com/HealthCheck
| GA |
compute.googleapis.com/InstanceGroup
| GA |
|
compute.googleapis.com/NetworkEndpointGroup
| GA |
|
compute.googleapis.com/SslPolicy
| GA |
|
compute.googleapis.com/TargetInstance
| GA |
|
compute.googleapis.com/TargetPool
| GA |
|
compute.googleapis.com/BackendService
| GA |
|
compute.googleapis.com/BackendBucket
| GA |
|
compute.googleapis.com/TargetGrpcProxy
| GA |
|
compute.googleapis.com/UrlMap
| GA |
|
compute.googleapis.com/TargetTcpProxy
| GA |
|
compute.googleapis.com/TargetHttpProxy
| GA |
|
compute.googleapis.com/TargetHttpsProxy
| GA |
|
compute.googleapis.com/TargetSslProxy
| GA |
|
compute.googleapis.com/ForwardingRule
| GA |
|
Cloud Interconnect | compute.googleapis.com/Interconnect
| GA |
compute.googleapis.com/InterconnectAttachment
| GA |
|
Virtual Private Cloud | compute.googleapis.com/Network
| GA |
compute.googleapis.com/PacketMirroring
| GA |
|
compute.googleapis.com/Route
| GA |
|
compute.googleapis.com/Subnetwork
| GA |
|
Private Service Connect | compute.googleapis.com/NetworkAttachment
| GA |
compute.googleapis.com/ServiceAttachment
| GA |
|
Google Cloud Armor | compute.googleapis.com/NetworkEdgeSecurityService
| GA |
compute.googleapis.com/SecurityPolicy
| GA |
|
Cloud Router, Cloud NAT | compute.googleapis.com/Router
| GA |
Identity and Access Management | iam.googleapis.com/AllowPolicy
| 미리보기 |
iam.googleapis.com/ServiceAccount
| 정식 버전 |
|
iam.googleapis.com/ServiceAccountKey
| GA |
|
Cloud Storage | storage.googleapis.com/Bucket
| GA |
Cloud SQL | sqladmin.googleapis.com/Instance
| GA |
sqladmin.googleapis.com/BackupRun
| GA |
|
Google Cloud Contact Center as a Service | contactcenteraiplatform.googleapis.com/ContactCenter
| 미리보기 |
Dataflow | dataflow.googleapis.com/Job
| GA |
Cloud Run | run.googleapis.com/Job
| GA |
run.googleapis.com/Service
| GA |
|
Cloud Run Functions | cloudfunctions.googleapis.com/Function
| GA |
Cloud Build | cloudbuild.googleapis.com/GithubEnterpriseConfig
| GA |
cloudbuild.googleapis.com/BitbucketServerConfig
| GA |
|
cloudbuild.googleapis.com/BuildTrigger
| GA |
|
cloudbuild.googleapis.com/WorkerPool
| GA |
|
Secure Source Manager | securesourcemanager.googleapis.com/Instance
| GA |
Memorystore | redis.googleapis.com/Instance
| GA |
Memorystore for Redis Cluster | redis.googleapis.com/Cluster
| GA |
PostgreSQL용 AlloyDB | alloydb.googleapis.com/Instance
| 미리보기 |
Identity Platform | identitytoolkit.googleapis.com/Config
| GA |
identitytoolkit.googleapis.com/DefaultSupportedIdpConfig
| GA |
|
identitytoolkit.googleapis.com/InboundSamlConfig
| GA |
|
identitytoolkit.googleapis.com/OauthIdpConfig
| GA |
|
identitytoolkit.googleapis.com/Tenant
| GA |
|
허브 | gkehub.googleapis.com/Fleet
| GA |
gkehub.googleapis.com/Membership
| GA |
|
gkehub.googleapis.com/Feature
| GA |
|
gkehub.googleapis.com/MembershipBinding
| GA |
|
gkehub.googleapis.com/Scope
| GA |
|
gkehub.googleapis.com/Namespace
| GA |
|
gkehub.googleapis.com/RBACRoleBinding
| GA |
|
Secret Manager | secretmanager.googleapis.com/Secret
| GA |
Firestore | firestore.googleapis.com/Database
| GA |
BigQuery Data Transfer Service | bigquerydatatransfer.googleapis.com/TransferConfig
| GA |
서버리스 VPC 액세스 | vpcaccess.googleapis.com/Connector
| GA |