Reference documentation and code samples for the Organization Policy V2 API class Google::Cloud::OrgPolicy::V2::PolicySpec.
Defines a Google Cloud policy specification which is used to specify constraints for configurations of Google Cloud resources.
Inherits
- Object
Extended By
- Google::Protobuf::MessageExts::ClassMethods
Includes
- Google::Protobuf::MessageExts
Methods
#etag
def etag() -> ::String
-
(::String) — An opaque tag indicating the current version of the policySpec, used for
concurrency control.
This field is ignored if used in a
CreatePolicy
request.When the policy is returned from either a
GetPolicy
or aListPolicies
request, thisetag
indicates the version of the current policySpec to use when executing a read-modify-write loop.When the policy is returned from a
GetEffectivePolicy
request, theetag
will be unset.
#etag=
def etag=(value) -> ::String
-
value (::String) — An opaque tag indicating the current version of the policySpec, used for
concurrency control.
This field is ignored if used in a
CreatePolicy
request.When the policy is returned from either a
GetPolicy
or aListPolicies
request, thisetag
indicates the version of the current policySpec to use when executing a read-modify-write loop.When the policy is returned from a
GetEffectivePolicy
request, theetag
will be unset.
-
(::String) — An opaque tag indicating the current version of the policySpec, used for
concurrency control.
This field is ignored if used in a
CreatePolicy
request.When the policy is returned from either a
GetPolicy
or aListPolicies
request, thisetag
indicates the version of the current policySpec to use when executing a read-modify-write loop.When the policy is returned from a
GetEffectivePolicy
request, theetag
will be unset.
#inherit_from_parent
def inherit_from_parent() -> ::Boolean
-
(::Boolean) — Determines the inheritance behavior for this policy.
If
inherit_from_parent
is true, policy rules set higher up in the hierarchy (up to the closest root) are inherited and present in the effective policy. If it is false, then no rules are inherited, and this policy becomes the new root for evaluation. This field can be set only for policies which configure list constraints.
#inherit_from_parent=
def inherit_from_parent=(value) -> ::Boolean
-
value (::Boolean) — Determines the inheritance behavior for this policy.
If
inherit_from_parent
is true, policy rules set higher up in the hierarchy (up to the closest root) are inherited and present in the effective policy. If it is false, then no rules are inherited, and this policy becomes the new root for evaluation. This field can be set only for policies which configure list constraints.
-
(::Boolean) — Determines the inheritance behavior for this policy.
If
inherit_from_parent
is true, policy rules set higher up in the hierarchy (up to the closest root) are inherited and present in the effective policy. If it is false, then no rules are inherited, and this policy becomes the new root for evaluation. This field can be set only for policies which configure list constraints.
#reset
def reset() -> ::Boolean
-
(::Boolean) — Ignores policies set above this resource and restores the
constraint_default
enforcement behavior of the specific constraint at this resource. This field can be set in policies for either list or boolean constraints. If set,rules
must be empty andinherit_from_parent
must be set to false.
#reset=
def reset=(value) -> ::Boolean
-
value (::Boolean) — Ignores policies set above this resource and restores the
constraint_default
enforcement behavior of the specific constraint at this resource. This field can be set in policies for either list or boolean constraints. If set,rules
must be empty andinherit_from_parent
must be set to false.
-
(::Boolean) — Ignores policies set above this resource and restores the
constraint_default
enforcement behavior of the specific constraint at this resource. This field can be set in policies for either list or boolean constraints. If set,rules
must be empty andinherit_from_parent
must be set to false.
#rules
def rules() -> ::Array<::Google::Cloud::OrgPolicy::V2::PolicySpec::PolicyRule>
-
(::Array<::Google::Cloud::OrgPolicy::V2::PolicySpec::PolicyRule>) —
In policies for boolean constraints, the following requirements apply:
- There must be one and only one policy rule where condition is unset.
- Boolean policy rules with conditions must set
enforced
to the opposite of the policy rule without a condition. - During policy evaluation, policy rules with conditions that are true for a target resource take precedence.
#rules=
def rules=(value) -> ::Array<::Google::Cloud::OrgPolicy::V2::PolicySpec::PolicyRule>
-
value (::Array<::Google::Cloud::OrgPolicy::V2::PolicySpec::PolicyRule>) —
In policies for boolean constraints, the following requirements apply:
- There must be one and only one policy rule where condition is unset.
- Boolean policy rules with conditions must set
enforced
to the opposite of the policy rule without a condition. - During policy evaluation, policy rules with conditions that are true for a target resource take precedence.
-
(::Array<::Google::Cloud::OrgPolicy::V2::PolicySpec::PolicyRule>) —
In policies for boolean constraints, the following requirements apply:
- There must be one and only one policy rule where condition is unset.
- Boolean policy rules with conditions must set
enforced
to the opposite of the policy rule without a condition. - During policy evaluation, policy rules with conditions that are true for a target resource take precedence.
#update_time
def update_time() -> ::Google::Protobuf::Timestamp
-
(::Google::Protobuf::Timestamp) — Output only. The time stamp this was previously updated. This
represents the last time a call to
CreatePolicy
orUpdatePolicy
was made for that policy.