Method: projects.getEffectiveOrgPolicy

Gets the effective Policy on a resource. This is the result of merging Policies in the resource hierarchy. The returned Policy will not have an etagset because it is a computed Policy across multiple resources. Subtrees of Resource Manager resource hierarchy with 'under:' prefix will not be expanded.

HTTP request

POST https://cloudresourcemanager.googleapis.com/v1/{resource=projects/*}:getEffectiveOrgPolicy

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters
resource

string

The name of the resource to start computing the effective Policy.

Authorization requires the following IAM permission on the specified resource resource:

  • orgpolicy.policy.get

Request body

The request body contains data with the following structure:

JSON representation
{
  "constraint": string
}
Fields
constraint

string

The name of the Constraint to compute the effective Policy.

Response body

If successful, the response body contains an instance of Policy.

Authorization scopes

Requires one of the following OAuth scopes:

  • https://www.googleapis.com/auth/cloud-platform
  • https://www.googleapis.com/auth/cloud-platform.read-only
  • https://www.googleapis.com/auth/cloudplatformorganizations
  • https://www.googleapis.com/auth/cloudplatformorganizations.readonly
  • https://www.googleapis.com/auth/cloudplatformprojects
  • https://www.googleapis.com/auth/cloudplatformprojects.readonly
  • https://www.googleapis.com/auth/cloudplatformfolders
  • https://www.googleapis.com/auth/cloudplatformfolders.readonly

For more information, see the Authentication Overview.