借助自定义组织政策,管理员可以针对 Google Cloud 服务定义自己的限制。如需详细了解自定义限制条件,请参阅自定义组织政策概览。
每项服务都定义了一组自定义限制条件字段,可用于 对服务资源强制执行组织政策查看以下活动的列表 支持的服务资源,了解哪些 Google Cloud 服务支持 自定义限制条件要了解如何创建自定义限制条件,请参阅 创建和管理自定义限制条件。
支持的服务资源
与以下服务关联的资源可能会受到自定义限制条件的约束。并非所有资源属性都适用于这些资源。请参阅特定于服务的文档,查找可供使用的资源和属性。
| Google Cloud 服务 | 资源类型 | 发布状态 |
|---|---|---|
| Artifact Registry | artifactregistry.googleapis.com/Repository
| GA |
| Cloud Key Management Service | cloudkms.googleapis.com/KeyHandle
| GA |
cloudkms.googleapis.com/AutokeyConfig
| GA |
|
cloudkms.googleapis.com/CryptoKey
| GA |
|
cloudkms.googleapis.com/CryptoKeyVersion
| GA |
|
cloudkms.googleapis.com/EkmConnection
| GA |
|
cloudkms.googleapis.com/EkmConfig
| GA |
|
cloudkms.googleapis.com/ImportJob
| GA |
|
| GKE | container.googleapis.com/NodePool
| GA |
container.googleapis.com/Cluster
| GA |
|
| Dataproc 无服务器 | dataproc.googleapis.com/Batch
| 预览 |
| Dataproc | dataproc.googleapis.com/Cluster
| GA |
| Compute Engine | compute.googleapis.com/Disk
| GA |
compute.googleapis.com/Image
| GA |
|
compute.googleapis.com/Instance
| GA |
|
| Cloud VPN | compute.googleapis.com/ExternalVpnGateway
| GA |
compute.googleapis.com/TargetVpnGateway
| GA |
|
compute.googleapis.com/VpnGateway
| GA |
|
compute.googleapis.com/VpnTunnel
| GA |
|
| Cloud 下一代防火墙 | compute.googleapis.com/Firewall
| GA |
compute.googleapis.com/FirewallPolicy
| GA |
|
| Cloud Load Balancing | compute.googleapis.com/HealthCheck
| GA |
compute.googleapis.com/InstanceGroup
| GA |
|
compute.googleapis.com/NetworkEndpointGroup
| GA |
|
compute.googleapis.com/SslPolicy
| GA |
|
| Cloud Interconnect | compute.googleapis.com/Interconnect
| GA |
compute.googleapis.com/InterconnectAttachment
| GA |
|
| 虚拟私有云 | compute.googleapis.com/Network
| GA |
compute.googleapis.com/PacketMirroring
| GA |
|
compute.googleapis.com/Route
| GA |
|
compute.googleapis.com/Subnetwork
| GA |
|
| Cloud Router、Cloud NAT | compute.googleapis.com/Router
| GA |
| Identity and Access Management | iam.googleapis.com/AllowPolicy
| 预览 |
| Cloud Storage | storage.googleapis.com/Bucket
| GA |
| Cloud SQL | sqladmin.googleapis.com/Instance
| GA |
| Contact Center AI 平台 | contactcenteraiplatform.googleapis.com/ContactCenter
| 预览 |
| Dataflow | dataflow.googleapis.com/Job
| GA |
| Cloud Run | run.googleapis.com/Job
| GA |
run.googleapis.com/Service
| GA |
|
| Cloud Run 函数 | cloudfunctions.googleapis.com/Function
| GA |
| Cloud Build | cloudbuild.googleapis.com/GithubEnterpriseConfig
| GA |
cloudbuild.googleapis.com/BitbucketServerConfig
| GA |
|
cloudbuild.googleapis.com/BuildTrigger
| GA |
|
cloudbuild.googleapis.com/WorkerPool
| GA |
|
| Memorystore | redis.googleapis.com/Instance
| GA |
| Memorystore for Redis Cluster | redis.googleapis.com/Cluster
| GA |
| AlloyDB for PostgreSQL | alloydb.googleapis.com/Instance
| 预览 |
| Identity Platform | identitytoolkit.googleapis.com/Config
| GA |
identitytoolkit.googleapis.com/DefaultSupportedIdpConfig
| GA |
|
identitytoolkit.googleapis.com/InboundSamlConfig
| GA |
|
identitytoolkit.googleapis.com/OauthIdpConfig
| GA |
|
identitytoolkit.googleapis.com/Tenant
| GA |
|
| 辐射内容 | gkehub.googleapis.com/Fleet
| GA |
gkehub.googleapis.com/Membership
| GA |
|
gkehub.googleapis.com/Feature
| GA |
|
gkehub.googleapis.com/MembershipBinding
| GA |
|
gkehub.googleapis.com/Scope
| GA |
|
gkehub.googleapis.com/Namespace
| GA |
|
gkehub.googleapis.com/RBACRoleBinding
| GA |
|
| BigQuery Data Transfer Service | bigquerydatatransfer.googleapis.com/TransferConfig
| GA |