Organization Policy V2 API - Class Google::Cloud::OrgPolicy::V2::PolicySpec (v0.5.0)

Reference documentation and code samples for the Organization Policy V2 API class Google::Cloud::OrgPolicy::V2::PolicySpec.

Defines a Cloud Organization PolicySpec which is used to specify Constraints for configurations of Cloud Platform resources.

Inherits

  • Object

Extended By

  • Google::Protobuf::MessageExts::ClassMethods

Includes

  • Google::Protobuf::MessageExts

Methods

#etag

def etag() -> ::String
Returns
  • (::String) — An opaque tag indicating the current version of the Policy, used for concurrency control.

    This field is ignored if used in a CreatePolicy request.

    When the Policy is returned from either a GetPolicy or a ListPolicies request, this etag indicates the version of the current Policy to use when executing a read-modify-write loop.

    When the Policy is returned from a GetEffectivePolicy request, the etag will be unset.

#etag=

def etag=(value) -> ::String
Parameter
  • value (::String) — An opaque tag indicating the current version of the Policy, used for concurrency control.

    This field is ignored if used in a CreatePolicy request.

    When the Policy is returned from either a GetPolicy or a ListPolicies request, this etag indicates the version of the current Policy to use when executing a read-modify-write loop.

    When the Policy is returned from a GetEffectivePolicy request, the etag will be unset.

Returns
  • (::String) — An opaque tag indicating the current version of the Policy, used for concurrency control.

    This field is ignored if used in a CreatePolicy request.

    When the Policy is returned from either a GetPolicy or a ListPolicies request, this etag indicates the version of the current Policy to use when executing a read-modify-write loop.

    When the Policy is returned from a GetEffectivePolicy request, the etag will be unset.

#inherit_from_parent

def inherit_from_parent() -> ::Boolean
Returns
  • (::Boolean) — Determines the inheritance behavior for this Policy.

    If inherit_from_parent is true, PolicyRules set higher up in the hierarchy (up to the closest root) are inherited and present in the effective policy. If it is false, then no rules are inherited, and this Policy becomes the new root for evaluation. This field can be set only for Policies which configure list constraints.

#inherit_from_parent=

def inherit_from_parent=(value) -> ::Boolean
Parameter
  • value (::Boolean) — Determines the inheritance behavior for this Policy.

    If inherit_from_parent is true, PolicyRules set higher up in the hierarchy (up to the closest root) are inherited and present in the effective policy. If it is false, then no rules are inherited, and this Policy becomes the new root for evaluation. This field can be set only for Policies which configure list constraints.

Returns
  • (::Boolean) — Determines the inheritance behavior for this Policy.

    If inherit_from_parent is true, PolicyRules set higher up in the hierarchy (up to the closest root) are inherited and present in the effective policy. If it is false, then no rules are inherited, and this Policy becomes the new root for evaluation. This field can be set only for Policies which configure list constraints.

#reset

def reset() -> ::Boolean
Returns
  • (::Boolean) — Ignores policies set above this resource and restores the constraint_default enforcement behavior of the specific Constraint at this resource. This field can be set in policies for either list or boolean constraints. If set, rules must be empty and inherit_from_parent must be set to false.

#reset=

def reset=(value) -> ::Boolean
Parameter
  • value (::Boolean) — Ignores policies set above this resource and restores the constraint_default enforcement behavior of the specific Constraint at this resource. This field can be set in policies for either list or boolean constraints. If set, rules must be empty and inherit_from_parent must be set to false.
Returns
  • (::Boolean) — Ignores policies set above this resource and restores the constraint_default enforcement behavior of the specific Constraint at this resource. This field can be set in policies for either list or boolean constraints. If set, rules must be empty and inherit_from_parent must be set to false.

#rules

def rules() -> ::Array<::Google::Cloud::OrgPolicy::V2::PolicySpec::PolicyRule>
Returns
  • (::Array<::Google::Cloud::OrgPolicy::V2::PolicySpec::PolicyRule>) —

    Up to 10 PolicyRules are allowed.

    In Policies for boolean constraints, the following requirements apply:

    • There must be one and only one PolicyRule where condition is unset.
    • BooleanPolicyRules with conditions must set enforced to the opposite of the PolicyRule without a condition.
    • During policy evaluation, PolicyRules with conditions that are true for a target resource take precedence.

#rules=

def rules=(value) -> ::Array<::Google::Cloud::OrgPolicy::V2::PolicySpec::PolicyRule>
Parameter
  • value (::Array<::Google::Cloud::OrgPolicy::V2::PolicySpec::PolicyRule>) —

    Up to 10 PolicyRules are allowed.

    In Policies for boolean constraints, the following requirements apply:

    • There must be one and only one PolicyRule where condition is unset.
    • BooleanPolicyRules with conditions must set enforced to the opposite of the PolicyRule without a condition.
    • During policy evaluation, PolicyRules with conditions that are true for a target resource take precedence.
Returns
  • (::Array<::Google::Cloud::OrgPolicy::V2::PolicySpec::PolicyRule>) —

    Up to 10 PolicyRules are allowed.

    In Policies for boolean constraints, the following requirements apply:

    • There must be one and only one PolicyRule where condition is unset.
    • BooleanPolicyRules with conditions must set enforced to the opposite of the PolicyRule without a condition.
    • During policy evaluation, PolicyRules with conditions that are true for a target resource take precedence.

#update_time

def update_time() -> ::Google::Protobuf::Timestamp
Returns
  • (::Google::Protobuf::Timestamp) — Output only. The time stamp this was previously updated. This represents the last time a call to CreatePolicy or UpdatePolicy was made for that Policy.