Class: Google::Apis::CloudassetV1::GoogleCloudOrgpolicyV1Policy

Inherits:
Object
  • Object
show all
Includes:
Google::Apis::Core::Hashable, Google::Apis::Core::JsonObjectSupport
Defined in:
generated/google/apis/cloudasset_v1/classes.rb,
generated/google/apis/cloudasset_v1/representations.rb,
generated/google/apis/cloudasset_v1/representations.rb

Overview

Defines a Cloud Organization Policy which is used to specify Constraints for configurations of Cloud Platform resources.

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Google::Apis::Core::JsonObjectSupport

#to_json

Methods included from Google::Apis::Core::Hashable

process_value, #to_h

Constructor Details

#initialize(**args) ⇒ GoogleCloudOrgpolicyV1Policy

Returns a new instance of GoogleCloudOrgpolicyV1Policy.


908
909
910
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 908

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#boolean_policyGoogle::Apis::CloudassetV1::GoogleCloudOrgpolicyV1BooleanPolicy

Used in policy_type to specify how boolean_policy will behave at this resource. Corresponds to the JSON property booleanPolicy


838
839
840
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 838

def boolean_policy
  @boolean_policy
end

#constraintString

The name of the Constraint the Policy is configuring, for example, constraints/serviceuser.services. A list of available constraints is available. Immutable after creation. Corresponds to the JSON property constraint

Returns:

  • (String)

846
847
848
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 846

def constraint
  @constraint
end

#etagString

An opaque tag indicating the current version of the Policy, used for concurrency control. When the Policy is returned from either a GetPolicy or a ListOrgPolicy request, this etag indicates the version of the current Policy to use when executing a read-modify-write loop. When the Policy is returned from a GetEffectivePolicy request, the etag will be unset. When the Policy is used in a SetOrgPolicy method, use the etag value that was returned from a GetOrgPolicy request as part of a read-modify-write loop for concurrency control. Not setting the etagin a SetOrgPolicy request will result in an unconditional write of the Policy. Corresponds to the JSON property etag NOTE: Values are automatically base64 encoded/decoded in the client library.

Returns:

  • (String)

860
861
862
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 860

def etag
  @etag
end

#list_policyGoogle::Apis::CloudassetV1::GoogleCloudOrgpolicyV1ListPolicy

Used in policy_type to specify how list_policy behaves at this resource. ListPolicy can define specific values and subtrees of Cloud Resource Manager resource hierarchy (Organizations, Folders, Projects) that are allowed or denied by setting the allowed_values and denied_values fields. This is achieved by using the under: and optional is: prefixes. The under: prefix is used to denote resource subtree values. The is: prefix is used to denote specific values, and is required only if the value contains a ":". Values prefixed with "is:" are treated the same as values with no prefix. Ancestry subtrees must be in one of the following formats: - "projects/", e.g. "projects/tokyo-rain-123" - "folders/", e.g. "folders/1234" - "organizations/", e.g. "organizations/1234" The supports_under field of the associated Constraint defines whether ancestry prefixes can be used. You can set allowed_values and denied_values in the same Policy if all_values is ALL_VALUES_UNSPECIFIED. ALLOW or DENY are used to allow or deny all values. If all_values is set to either ALLOW or DENY, allowed_values and denied_values must be unset. Corresponds to the JSON property listPolicy


880
881
882
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 880

def list_policy
  @list_policy
end

#restore_defaultGoogle::Apis::CloudassetV1::GoogleCloudOrgpolicyV1RestoreDefault

Ignores policies set above this resource and restores the constraint_default enforcement behavior of the specific Constraint at this resource. Suppose that constraint_default is set to ALLOW for the Constraint constraints/ serviceuser.services. Suppose that organization foo.com sets a Policy at their Organization resource node that restricts the allowed service activations to deny all service activations. They could then set a Policy with the policy_type restore_default on several experimental projects, restoring the constraint_default enforcement of the Constraint for only those projects, allowing those projects to have all services activated. Corresponds to the JSON property restoreDefault


893
894
895
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 893

def restore_default
  @restore_default
end

#update_timeString

The time stamp the Policy was previously updated. This is set by the server, not specified by the caller, and represents the last time a call to SetOrgPolicy was made for that Policy. Any value set by the client will be ignored. Corresponds to the JSON property updateTime

Returns:

  • (String)

901
902
903
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 901

def update_time
  @update_time
end

#versionFixnum

Version of the Policy. Default version is 0; Corresponds to the JSON property version

Returns:

  • (Fixnum)

906
907
908
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 906

def version
  @version
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object


913
914
915
916
917
918
919
920
921
# File 'generated/google/apis/cloudasset_v1/classes.rb', line 913

def update!(**args)
  @boolean_policy = args[:boolean_policy] if args.key?(:boolean_policy)
  @constraint = args[:constraint] if args.key?(:constraint)
  @etag = args[:etag] if args.key?(:etag)
  @list_policy = args[:list_policy] if args.key?(:list_policy)
  @restore_default = args[:restore_default] if args.key?(:restore_default)
  @update_time = args[:update_time] if args.key?(:update_time)
  @version = args[:version] if args.key?(:version)
end