Class: Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint
- Inherits:
-
Object
- Object
- Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint
- Extended by:
- Protobuf::MessageExts::ClassMethods
- Includes:
- Protobuf::MessageExts
- Defined in:
- proto_docs/google/cloud/asset/v1/asset_service.rb
Overview
The organization policy constraint definition.
Defined Under Namespace
Classes: Constraint, CustomConstraint
Instance Attribute Summary collapse
-
#custom_constraint ⇒ ::Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint::CustomConstraint
The definition of the custom constraint.
-
#google_defined_constraint ⇒ ::Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint::Constraint
The definition of the canned constraint defined by Google.
Instance Attribute Details
#custom_constraint ⇒ ::Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint::CustomConstraint
Returns The definition of the custom constraint.
2022 2023 2024 2025 2026 2027 2028 2029 2030 2031 2032 2033 2034 2035 2036 2037 2038 2039 2040 2041 2042 2043 2044 2045 2046 2047 2048 2049 2050 2051 2052 2053 2054 2055 2056 2057 2058 2059 2060 2061 2062 2063 2064 2065 2066 2067 2068 2069 2070 2071 2072 2073 2074 2075 2076 2077 2078 2079 2080 2081 2082 2083 2084 2085 2086 2087 2088 2089 2090 2091 2092 2093 2094 2095 2096 2097 2098 2099 2100 2101 2102 2103 2104 2105 2106 2107 2108 2109 2110 2111 2112 2113 2114 2115 2116 2117 2118 2119 2120 2121 2122 2123 2124 2125 2126 2127 2128 2129 2130 2131 2132 2133 2134 2135 2136 2137 2138 2139 2140 2141 2142 2143 2144 2145 2146 2147 2148 2149 2150 2151 2152 2153 2154 2155 2156 2157 2158 2159 2160 2161 2162 2163 |
# File 'proto_docs/google/cloud/asset/v1/asset_service.rb', line 2022 class AnalyzerOrgPolicyConstraint include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # The definition of a constraint. # @!attribute [rw] name # @return [::String] # The unique name of the constraint. Format of the name should be # * `constraints/{constraint_name}` # # For example, `constraints/compute.disableSerialPortAccess`. # @!attribute [rw] display_name # @return [::String] # The human readable name of the constraint. # @!attribute [rw] description # @return [::String] # Detailed description of what this `Constraint` controls as well as how # and where it is enforced. # @!attribute [rw] constraint_default # @return [::Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint::Constraint::ConstraintDefault] # The evaluation behavior of this constraint in the absence of 'Policy'. # @!attribute [rw] list_constraint # @return [::Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint::Constraint::ListConstraint] # Defines this constraint as being a ListConstraint. # @!attribute [rw] boolean_constraint # @return [::Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint::Constraint::BooleanConstraint] # Defines this constraint as being a BooleanConstraint. class Constraint include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A `Constraint` that allows or disallows a list of string values, which # are configured by an organization's policy administrator with a `Policy`. # @!attribute [rw] supports_in # @return [::Boolean] # Indicates whether values grouped into categories can be used in # `Policy.allowed_values` and `Policy.denied_values`. For example, # `"in:Python"` would match any value in the 'Python' group. # @!attribute [rw] supports_under # @return [::Boolean] # Indicates whether subtrees of Cloud Resource Manager resource hierarchy # can be used in `Policy.allowed_values` and `Policy.denied_values`. For # example, `"under:folders/123"` would match any resource under the # 'folders/123' folder. class ListConstraint include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A `Constraint` that is either enforced or not. # # For example a constraint `constraints/compute.disableSerialPortAccess`. # If it is enforced on a VM instance, serial port connections will not be # opened to that instance. class BooleanConstraint include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Specifies the default behavior in the absence of any `Policy` for the # `Constraint`. This must not be `CONSTRAINT_DEFAULT_UNSPECIFIED`. module ConstraintDefault # This is only used for distinguishing unset values and should never be # used. CONSTRAINT_DEFAULT_UNSPECIFIED = 0 # Indicate that all values are allowed for list constraints. # Indicate that enforcement is off for boolean constraints. ALLOW = 1 # Indicate that all values are denied for list constraints. # Indicate that enforcement is on for boolean constraints. DENY = 2 end end # The definition of a custom constraint. # @!attribute [rw] name # @return [::String] # Name of the constraint. This is unique within the organization. Format of # the name should be # * `organizations/{organization_id}/customConstraints/{custom_constraint_id}` # # Example : # "organizations/123/customConstraints/custom.createOnlyE2TypeVms" # @!attribute [rw] resource_types # @return [::Array<::String>] # The Resource Instance type on which this policy applies to. Format will # be of the form : "<canonical service name>/<type>" Example: # * `compute.googleapis.com/Instance`. # @!attribute [rw] method_types # @return [::Array<::Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint::CustomConstraint::MethodType>] # All the operations being applied for this constraint. # @!attribute [rw] condition # @return [::String] # Organization Policy condition/expression. For example: # `resource.instanceName.matches("[production|test]_.*_(\d)+")'` or, # `resource.management.auto_upgrade == true` # @!attribute [rw] action_type # @return [::Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint::CustomConstraint::ActionType] # Allow or deny type. # @!attribute [rw] display_name # @return [::String] # One line display name for the UI. # @!attribute [rw] description # @return [::String] # Detailed information about this custom policy constraint. class CustomConstraint include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # The operation in which this constraint will be applied. For example: # If the constraint applies only when create VMs, the method_types will be # "CREATE" only. If the constraint applied when create or delete VMs, the # method_types will be "CREATE" and "DELETE". module MethodType # Unspecified. Will results in user error. METHOD_TYPE_UNSPECIFIED = 0 # Constraint applied when creating the resource. CREATE = 1 # Constraint applied when updating the resource. UPDATE = 2 # Constraint applied when deleting the resource. DELETE = 3 end # Allow or deny type. module ActionType # Unspecified. Will results in user error. ACTION_TYPE_UNSPECIFIED = 0 # Allowed action type. ALLOW = 1 # Deny action type. DENY = 2 end end end |
#google_defined_constraint ⇒ ::Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint::Constraint
Returns The definition of the canned constraint defined by Google.
2022 2023 2024 2025 2026 2027 2028 2029 2030 2031 2032 2033 2034 2035 2036 2037 2038 2039 2040 2041 2042 2043 2044 2045 2046 2047 2048 2049 2050 2051 2052 2053 2054 2055 2056 2057 2058 2059 2060 2061 2062 2063 2064 2065 2066 2067 2068 2069 2070 2071 2072 2073 2074 2075 2076 2077 2078 2079 2080 2081 2082 2083 2084 2085 2086 2087 2088 2089 2090 2091 2092 2093 2094 2095 2096 2097 2098 2099 2100 2101 2102 2103 2104 2105 2106 2107 2108 2109 2110 2111 2112 2113 2114 2115 2116 2117 2118 2119 2120 2121 2122 2123 2124 2125 2126 2127 2128 2129 2130 2131 2132 2133 2134 2135 2136 2137 2138 2139 2140 2141 2142 2143 2144 2145 2146 2147 2148 2149 2150 2151 2152 2153 2154 2155 2156 2157 2158 2159 2160 2161 2162 2163 |
# File 'proto_docs/google/cloud/asset/v1/asset_service.rb', line 2022 class AnalyzerOrgPolicyConstraint include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # The definition of a constraint. # @!attribute [rw] name # @return [::String] # The unique name of the constraint. Format of the name should be # * `constraints/{constraint_name}` # # For example, `constraints/compute.disableSerialPortAccess`. # @!attribute [rw] display_name # @return [::String] # The human readable name of the constraint. # @!attribute [rw] description # @return [::String] # Detailed description of what this `Constraint` controls as well as how # and where it is enforced. # @!attribute [rw] constraint_default # @return [::Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint::Constraint::ConstraintDefault] # The evaluation behavior of this constraint in the absence of 'Policy'. # @!attribute [rw] list_constraint # @return [::Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint::Constraint::ListConstraint] # Defines this constraint as being a ListConstraint. # @!attribute [rw] boolean_constraint # @return [::Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint::Constraint::BooleanConstraint] # Defines this constraint as being a BooleanConstraint. class Constraint include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A `Constraint` that allows or disallows a list of string values, which # are configured by an organization's policy administrator with a `Policy`. # @!attribute [rw] supports_in # @return [::Boolean] # Indicates whether values grouped into categories can be used in # `Policy.allowed_values` and `Policy.denied_values`. For example, # `"in:Python"` would match any value in the 'Python' group. # @!attribute [rw] supports_under # @return [::Boolean] # Indicates whether subtrees of Cloud Resource Manager resource hierarchy # can be used in `Policy.allowed_values` and `Policy.denied_values`. For # example, `"under:folders/123"` would match any resource under the # 'folders/123' folder. class ListConstraint include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A `Constraint` that is either enforced or not. # # For example a constraint `constraints/compute.disableSerialPortAccess`. # If it is enforced on a VM instance, serial port connections will not be # opened to that instance. class BooleanConstraint include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Specifies the default behavior in the absence of any `Policy` for the # `Constraint`. This must not be `CONSTRAINT_DEFAULT_UNSPECIFIED`. module ConstraintDefault # This is only used for distinguishing unset values and should never be # used. CONSTRAINT_DEFAULT_UNSPECIFIED = 0 # Indicate that all values are allowed for list constraints. # Indicate that enforcement is off for boolean constraints. ALLOW = 1 # Indicate that all values are denied for list constraints. # Indicate that enforcement is on for boolean constraints. DENY = 2 end end # The definition of a custom constraint. # @!attribute [rw] name # @return [::String] # Name of the constraint. This is unique within the organization. Format of # the name should be # * `organizations/{organization_id}/customConstraints/{custom_constraint_id}` # # Example : # "organizations/123/customConstraints/custom.createOnlyE2TypeVms" # @!attribute [rw] resource_types # @return [::Array<::String>] # The Resource Instance type on which this policy applies to. Format will # be of the form : "<canonical service name>/<type>" Example: # * `compute.googleapis.com/Instance`. # @!attribute [rw] method_types # @return [::Array<::Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint::CustomConstraint::MethodType>] # All the operations being applied for this constraint. # @!attribute [rw] condition # @return [::String] # Organization Policy condition/expression. For example: # `resource.instanceName.matches("[production|test]_.*_(\d)+")'` or, # `resource.management.auto_upgrade == true` # @!attribute [rw] action_type # @return [::Google::Cloud::Asset::V1::AnalyzerOrgPolicyConstraint::CustomConstraint::ActionType] # Allow or deny type. # @!attribute [rw] display_name # @return [::String] # One line display name for the UI. # @!attribute [rw] description # @return [::String] # Detailed information about this custom policy constraint. class CustomConstraint include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # The operation in which this constraint will be applied. For example: # If the constraint applies only when create VMs, the method_types will be # "CREATE" only. If the constraint applied when create or delete VMs, the # method_types will be "CREATE" and "DELETE". module MethodType # Unspecified. Will results in user error. METHOD_TYPE_UNSPECIFIED = 0 # Constraint applied when creating the resource. CREATE = 1 # Constraint applied when updating the resource. UPDATE = 2 # Constraint applied when deleting the resource. DELETE = 3 end # Allow or deny type. module ActionType # Unspecified. Will results in user error. ACTION_TYPE_UNSPECIFIED = 0 # Allowed action type. ALLOW = 1 # Deny action type. DENY = 2 end end end |