Class GoogleCloudOrgpolicyV2PolicySpecPolicyRule
A rule used to express this policy.
Implements
Inherited Members
Namespace: Google.Apis.PolicySimulator.v1.Data
Assembly: Google.Apis.PolicySimulator.v1.dll
Syntax
public class GoogleCloudOrgpolicyV2PolicySpecPolicyRule : IDirectResponseSchemaProperties
AllowAll
Setting this to true means that all values are allowed. This field can be set only in policies for list constraints.
Declaration
[JsonProperty("allowAll")]
public virtual bool? AllowAll { get; set; }Property Value
| Type | Description |
|---|---|
| bool? |
Condition
A condition that determines whether this rule is used to evaluate the policy. When set, the
google.type.Expr.expression field must contain 1 to 10 subexpressions, joined by the || or
&& operators. Each subexpression must use the resource.matchTag(),
resource.matchTagId(), resource.hasTagKey(), or resource.hasTagKeyId() Common Expression Language
(CEL) function. The resource.matchTag() function takes the following arguments: * key_name: the
namespaced name of the tag key, with the organization ID and a slash (/) as a prefix; for example,
123456789012/environment * value_name: the short name of the tag value For example:
resource.matchTag('123456789012/environment, 'prod') The resource.matchTagId() function takes the
following arguments: * key_id: the permanent ID of the tag key; for example, tagKeys/123456789012 *
value_id: the permanent ID of the tag value; for example, tagValues/567890123456 For example:
resource.matchTagId('tagKeys/123456789012', 'tagValues/567890123456') The resource.hasTagKey() function
takes the following argument: * key_name: the namespaced name of the tag key, with the organization ID and
a slash (/) as a prefix; for example, 123456789012/environment For example:
resource.hasTagKey('123456789012/environment') The resource.hasTagKeyId() function takes the following
arguments: * key_id: the permanent ID of the tag key; for example, tagKeys/123456789012 For example:
resource.hasTagKeyId('tagKeys/123456789012')
Declaration
[JsonProperty("condition")]
public virtual GoogleTypeExpr Condition { get; set; }Property Value
| Type | Description |
|---|---|
| GoogleTypeExpr |
DenyAll
Setting this to true means that all values are denied. This field can be set only in policies for list constraints.
Declaration
[JsonProperty("denyAll")]
public virtual bool? DenyAll { get; set; }Property Value
| Type | Description |
|---|---|
| bool? |
ETag
The ETag of the item.
Declaration
public virtual string ETag { get; set; }Property Value
| Type | Description |
|---|---|
| string |
Enforce
If true, then the policy is enforced. If false, then any configuration is acceptable. This field can be
set in policies for boolean constraints, custom constraints and managed constraints.
Declaration
[JsonProperty("enforce")]
public virtual bool? Enforce { get; set; }Property Value
| Type | Description |
|---|---|
| bool? |
Parameters
Optional. Required for managed constraints if parameters are defined. Passes parameter values when policy enforcement is enabled. Ensure that parameter value types match those defined in the constraint definition. For example:
{ "allowedLocations" : ["us-east1", "us-west1"], "allowAll" : true }
Declaration
[JsonProperty("parameters")]
public virtual IDictionary<string, object> Parameters { get; set; }Property Value
| Type | Description |
|---|---|
| IDictionary<string, object> |
Values
List of values to be used for this policy rule. This field can be set only in policies for list constraints.
Declaration
[JsonProperty("values")]
public virtual GoogleCloudOrgpolicyV2PolicySpecPolicyRuleStringValues Values { get; set; }Property Value
| Type | Description |
|---|---|
| GoogleCloudOrgpolicyV2PolicySpecPolicyRuleStringValues |