API Reference google_api_org_policy v0.9.1

API client metadata for GoogleApi.OrgPolicy.V2.

API calls for all endpoints tagged Folders.

API calls for all endpoints tagged Organizations.

API calls for all endpoints tagged Projects.

Handle Tesla connections for GoogleApi.OrgPolicy.V2.

Similar to PolicySpec but with an extra 'launch' field for launch reference. The PolicySpec here is specific for dry-run.

A constraint describes a way to restrict resource's configuration. For example, you could enforce a constraint that controls which Google Cloud services can be activated across an organization, or whether a Compute Engine instance can have serial port connections established. Constraints can be configured by the organization policy administrator to fit the needs of the organization by setting a policy that includes constraints at different locations in the organization's resource hierarchy. Policies are inherited down the resource hierarchy from higher levels, but can also be overridden. For details about the inheritance rules, see Policy. Constraints have a default behavior determined by the constraint_default field, which is the enforcement behavior that is used in the absence of a policy being defined or inherited for the resource in question.

A constraint type is enforced or not enforced, which is configured in the PolicyRule. If customConstraintDefinition is defined, this constraint is a managed constraint.

Custom constraint definition. Defines this as a managed constraint.

Defines a parameter structure.

Defines Metadata structure.

A constraint type that allows or disallows a list of string values, which are configured in the PolicyRule.

A custom constraint defined by customers which can only be applied to the given resource types and organization. By creating a custom constraint, customers can apply policies of this custom constraint. Creating a custom constraint itself does NOT apply any policy enforcement.

The response returned from the ListConstraints method.

The response returned from the ListCustomConstraints method. It will be empty if no custom or managed constraints are set on the organization resource.

The response returned from the ListPolicies method. It will be empty if no policies are set on the resource.

Defines an organization policy which is used to specify constraints for configurations of Google Cloud resources.

Defines a Google Cloud policy specification which is used to specify constraints for configurations of Google Cloud resources.

A rule used to express this policy.

A message that holds specific allowed and denied values. This message can define specific values and subtrees of the Resource Manager resource hierarchy (Organizations, Folders, Projects) that are allowed or denied. This is achieved by using the under: and optional is: prefixes. The under: prefix is used to denote resource subtree values. The is: prefix is used to denote specific values, and is required only if the value contains a ":". Values prefixed with "is:" are treated the same as values with no prefix. Ancestry subtrees must be in one of the following formats: - projects/ (for example, projects/tokyo-rain-123) - folders/ (for example, folders/1234) - organizations/ (for example, organizations/1234) The supports_under field of the associated Constraint defines whether ancestry prefixes can be used.

A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.