Class: Google::Apis::CloudassetV1p7beta1::GoogleCloudOrgpolicyV1Policy
- Inherits:
-
Object
- Object
- Google::Apis::CloudassetV1p7beta1::GoogleCloudOrgpolicyV1Policy
- Includes:
- Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
- Defined in:
- lib/google/apis/cloudasset_v1p7beta1/classes.rb,
lib/google/apis/cloudasset_v1p7beta1/representations.rb,
lib/google/apis/cloudasset_v1p7beta1/representations.rb
Overview
Defines a Cloud Organization Policy
which is used to specify Constraints
for configurations of Cloud Platform resources.
Instance Attribute Summary collapse
-
#boolean_policy ⇒ Google::Apis::CloudassetV1p7beta1::GoogleCloudOrgpolicyV1BooleanPolicy
Used in
policy_type
to specify howboolean_policy
will behave at this resource. -
#constraint ⇒ String
The name of the
Constraint
thePolicy
is configuring, for example,constraints/serviceuser.services
. -
#etag ⇒ String
An opaque tag indicating the current version of the
Policy
, used for concurrency control. -
#list_policy ⇒ Google::Apis::CloudassetV1p7beta1::GoogleCloudOrgpolicyV1ListPolicy
Used in
policy_type
to specify howlist_policy
behaves at this resource. -
#restore_default ⇒ Google::Apis::CloudassetV1p7beta1::GoogleCloudOrgpolicyV1RestoreDefault
Ignores policies set above this resource and restores the
constraint_default
enforcement behavior of the specificConstraint
at this resource. -
#update_time ⇒ String
The time stamp the
Policy
was previously updated. -
#version ⇒ Fixnum
Version of the
Policy
.
Instance Method Summary collapse
-
#initialize(**args) ⇒ GoogleCloudOrgpolicyV1Policy
constructor
A new instance of GoogleCloudOrgpolicyV1Policy.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ GoogleCloudOrgpolicyV1Policy
Returns a new instance of GoogleCloudOrgpolicyV1Policy.
1062 1063 1064 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 1062 def initialize(**args) update!(**args) end |
Instance Attribute Details
#boolean_policy ⇒ Google::Apis::CloudassetV1p7beta1::GoogleCloudOrgpolicyV1BooleanPolicy
Used in policy_type
to specify how boolean_policy
will behave at this
resource.
Corresponds to the JSON property booleanPolicy
992 993 994 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 992 def boolean_policy @boolean_policy end |
#constraint ⇒ String
The name of the Constraint
the Policy
is configuring, for example,
constraints/serviceuser.services
. A list of available constraints is available.
Immutable after creation.
Corresponds to the JSON property constraint
1000 1001 1002 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 1000 def constraint @constraint end |
#etag ⇒ String
An opaque tag indicating the current version of the Policy
, used for
concurrency control. When the Policy
is returned from either a GetPolicy
or a ListOrgPolicy
request, this etag
indicates the version of the current
Policy
to use when executing a read-modify-write loop. When the Policy
is
returned from a GetEffectivePolicy
request, the etag
will be unset. When
the Policy
is used in a SetOrgPolicy
method, use the etag
value that was
returned from a GetOrgPolicy
request as part of a read-modify-write loop for
concurrency control. Not setting the etag
in a SetOrgPolicy
request will
result in an unconditional write of the Policy
.
Corresponds to the JSON property etag
NOTE: Values are automatically base64 encoded/decoded in the client library.
1014 1015 1016 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 1014 def etag @etag end |
#list_policy ⇒ Google::Apis::CloudassetV1p7beta1::GoogleCloudOrgpolicyV1ListPolicy
Used in policy_type
to specify how list_policy
behaves at this resource.
ListPolicy
can define specific values and subtrees of Cloud Resource Manager
resource hierarchy (Organizations
, Folders
, Projects
) that are allowed
or denied by setting the allowed_values
and denied_values
fields. This is
achieved by using the under:
and optional is:
prefixes. The under:
prefix is used to denote resource subtree values. The is:
prefix is used to
denote specific values, and is required only if the value contains a ":".
Values prefixed with "is:" are treated the same as values with no prefix.
Ancestry subtrees must be in one of the following formats: - "projects/", e.g.
"projects/tokyo-rain-123" - "folders/", e.g. "folders/1234" - "organizations/",
e.g. "organizations/1234" The supports_under
field of the associated
Constraint
defines whether ancestry prefixes can be used. You can set
allowed_values
and denied_values
in the same Policy
if all_values
is
ALL_VALUES_UNSPECIFIED
. ALLOW
or DENY
are used to allow or deny all
values. If all_values
is set to either ALLOW
or DENY
, allowed_values
and denied_values
must be unset.
Corresponds to the JSON property listPolicy
1034 1035 1036 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 1034 def list_policy @list_policy end |
#restore_default ⇒ Google::Apis::CloudassetV1p7beta1::GoogleCloudOrgpolicyV1RestoreDefault
Ignores policies set above this resource and restores the constraint_default
enforcement behavior of the specific Constraint
at this resource. Suppose
that constraint_default
is set to ALLOW
for the Constraint
constraints/
serviceuser.services
. Suppose that organization foo.com sets a Policy
at
their Organization resource node that restricts the allowed service
activations to deny all service activations. They could then set a Policy
with the policy_type
restore_default
on several experimental projects,
restoring the constraint_default
enforcement of the Constraint
for only
those projects, allowing those projects to have all services activated.
Corresponds to the JSON property restoreDefault
1047 1048 1049 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 1047 def restore_default @restore_default end |
#update_time ⇒ String
The time stamp the Policy
was previously updated. This is set by the server,
not specified by the caller, and represents the last time a call to
SetOrgPolicy
was made for that Policy
. Any value set by the client will be
ignored.
Corresponds to the JSON property updateTime
1055 1056 1057 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 1055 def update_time @update_time end |
#version ⇒ Fixnum
Version of the Policy
. Default version is 0;
Corresponds to the JSON property version
1060 1061 1062 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 1060 def version @version end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
1067 1068 1069 1070 1071 1072 1073 1074 1075 |
# File 'lib/google/apis/cloudasset_v1p7beta1/classes.rb', line 1067 def update!(**args) @boolean_policy = args[:boolean_policy] if args.key?(:boolean_policy) @constraint = args[:constraint] if args.key?(:constraint) @etag = args[:etag] if args.key?(:etag) @list_policy = args[:list_policy] if args.key?(:list_policy) @restore_default = args[:restore_default] if args.key?(:restore_default) @update_time = args[:update_time] if args.key?(:update_time) @version = args[:version] if args.key?(:version) end |