Class: Google::Apis::OrgpolicyV2::GoogleCloudOrgpolicyV2Constraint

Inherits:

Object

• Object
• Google::Apis::OrgpolicyV2::GoogleCloudOrgpolicyV2Constraint

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

lib/google/apis/orgpolicy_v2/classes.rb,
lib/google/apis/orgpolicy_v2/representations.rb,
lib/google/apis/orgpolicy_v2/representations.rb

Overview

A constraint describes a way to restrict resource's configuration. For example, you could enforce a constraint that controls which Google Cloud services can be activated across an organization, or whether a Compute Engine instance can have serial port connections established. Constraints can be configured by the organization policy administrator to fit the needs of the organization by setting a policy that includes constraints at different locations in the organization's resource hierarchy. Policies are inherited down the resource hierarchy from higher levels, but can also be overridden. For details about the inheritance rules please read about policies. Constraints have a default behavior determined by the constraint_default field, which is the enforcement behavior that is used in the absence of a policy being defined or inherited for the resource in question.

Instance Attribute Summary

• #boolean_constraint ⇒ Google::Apis::OrgpolicyV2::GoogleCloudOrgpolicyV2ConstraintBooleanConstraint

  A constraint that is either enforced or not.

• #constraint_default ⇒ String

  The evaluation behavior of this constraint in the absence of a policy.

• #description ⇒ String

  Detailed description of what this constraint controls as well as how and where it is enforced.

• #display_name ⇒ String

  The human readable name.

• #list_constraint ⇒ Google::Apis::OrgpolicyV2::GoogleCloudOrgpolicyV2ConstraintListConstraint

  A constraint that allows or disallows a list of string values, which are configured by an Organization Policy administrator with a policy.

• #name ⇒ String

  Immutable.

• #supports_dry_run ⇒ Boolean (also: #supports_dry_run?)

  Shows if dry run is supported for this constraint or not.

Instance Method Summary

• #initialize(**args) ⇒ GoogleCloudOrgpolicyV2Constraint constructor

  A new instance of GoogleCloudOrgpolicyV2Constraint.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ GoogleCloudOrgpolicyV2Constraint

Returns a new instance of GoogleCloudOrgpolicyV2Constraint.

# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 112

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#boolean_constraint ⇒ Google::Apis::OrgpolicyV2::GoogleCloudOrgpolicyV2ConstraintBooleanConstraint

A constraint that is either enforced or not. For example, a constraint constraints/compute.disableSerialPortAccess. If it is enforced on a VM instance, serial port connections will not be opened to that instance. Corresponds to the JSON property booleanConstraint

Returns:

• (Google::Apis::OrgpolicyV2::GoogleCloudOrgpolicyV2ConstraintBooleanConstraint)

# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 73

def boolean_constraint
  @boolean_constraint
end

#constraint_default ⇒ String

The evaluation behavior of this constraint in the absence of a policy. Corresponds to the JSON property constraintDefault

Returns:

• (String)

# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 78

def constraint_default
  @constraint_default
end

#description ⇒ String

Detailed description of what this constraint controls as well as how and where it is enforced. Mutable. Corresponds to the JSON property description

Returns:

• (String)

# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 84

def description
  @description
end

#display_name ⇒ String

The human readable name. Mutable. Corresponds to the JSON property displayName

Returns:

• (String)

# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 89

def display_name
  @display_name
end

#list_constraint ⇒ Google::Apis::OrgpolicyV2::GoogleCloudOrgpolicyV2ConstraintListConstraint

A constraint that allows or disallows a list of string values, which are configured by an Organization Policy administrator with a policy. Corresponds to the JSON property listConstraint

Returns:

• (Google::Apis::OrgpolicyV2::GoogleCloudOrgpolicyV2ConstraintListConstraint)

# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 95

def list_constraint
  @list_constraint
end

#name ⇒ String

Immutable. The resource name of the constraint. Must be in one of the following forms: * projects/project_number/constraints/constraint_name* `folders/`folder_id`/constraints/`constraint_name * organizations/ organization_id/constraints/constraint_name`For example, "/projects/123/ constraints/compute.disableSerialPortAccess". Corresponds to the JSON propertyname`

Returns:

• (String)

# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 104

def name
  @name
end

#supports_dry_run ⇒ Boolean Also known as: supports_dry_run?

Shows if dry run is supported for this constraint or not. Corresponds to the JSON property supportsDryRun

Returns:

• (Boolean)

# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 109

def supports_dry_run
  @supports_dry_run
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 117

def update!(**args)
  @boolean_constraint = args[:boolean_constraint] if args.key?(:boolean_constraint)
  @constraint_default = args[:constraint_default] if args.key?(:constraint_default)
  @description = args[:description] if args.key?(:description)
  @display_name = args[:display_name] if args.key?(:display_name)
  @list_constraint = args[:list_constraint] if args.key?(:list_constraint)
  @name = args[:name] if args.key?(:name)
  @supports_dry_run = args[:supports_dry_run] if args.key?(:supports_dry_run)
end