Class: Google::Apis::OrgpolicyV2::GoogleCloudOrgpolicyV2Constraint

Inherits:
Object
  • Object
show all
Includes:
Core::Hashable, Core::JsonObjectSupport
Defined in:
lib/google/apis/orgpolicy_v2/classes.rb,
lib/google/apis/orgpolicy_v2/representations.rb,
lib/google/apis/orgpolicy_v2/representations.rb

Overview

A constraint describes a way to restrict a resource's configuration. For example, you could enforce a constraint that controls which Google Cloud services can be activated across an organization, or whether a Compute Engine instance can have serial port connections established. Constraints can be configured by the organization policy administrator to fit the needs of the organization by setting a policy that includes constraints at different locations in the organization's resource hierarchy. Policies are inherited down the resource hierarchy from higher levels, but can also be overridden. For details about the inheritance rules, see Policy. Constraints have a default behavior determined by the constraint_default field, which is the enforcement behavior that is used in the absence of a policy being defined or inherited for the resource in question.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ GoogleCloudOrgpolicyV2Constraint

Returns a new instance of GoogleCloudOrgpolicyV2Constraint.



127
128
129
 
# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 127

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#boolean_constraintGoogle::Apis::OrgpolicyV2::GoogleCloudOrgpolicyV2ConstraintBooleanConstraint

A constraint type is enforced or not enforced, which is configured in the PolicyRule. If customConstraintDefinition is defined, this constraint is a managed constraint. Corresponds to the JSON property booleanConstraint

Returns:



73
74
75
 
# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 73

def boolean_constraint
  @boolean_constraint
end

#constraint_defaultString

The evaluation behavior of this constraint in the absence of a policy. Corresponds to the JSON property constraintDefault

Returns:

  • (String) 


78
79
80
 
# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 78

def constraint_default
  @constraint_default
end

#descriptionString

Detailed description of what this constraint controls as well as how and where it is enforced. Mutable. Corresponds to the JSON property description

Returns:

  • (String) 


84
85
86
 
# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 84

def description
  @description
end

#display_nameString

The human readable name. Mutable. Corresponds to the JSON property displayName

Returns:

  • (String) 


89
90
91
 
# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 89

def display_name
  @display_name
end

#equivalent_constraintString

Defines the equivalent constraint name, if it exists. Managed constraints can have an equivalent legacy managed constraint, and legacy managed constraints can have an equivalent managed constraint. For example, "constraints/iam. disableServiceAccountKeyUpload" is equivalent to "constraints/iam.managed. disableServiceAccountKeyUpload". Corresponds to the JSON property equivalentConstraint

Returns:

  • (String) 


98
99
100
 
# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 98

def equivalent_constraint
  @equivalent_constraint
end

#list_constraintGoogle::Apis::OrgpolicyV2::GoogleCloudOrgpolicyV2ConstraintListConstraint

A constraint type that allows or disallows a list of string values, which are configured in the PolicyRule. Corresponds to the JSON property listConstraint

Returns:



104
105
106
 
# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 104

def list_constraint
  @list_constraint
end

#nameString

Immutable. The resource name of the constraint. Must be in one of the following forms: * projects/project_number/constraints/constraint_name* `folders/`folder_id`/constraints/`constraint_name * organizations/ organization_id/constraints/constraint_name`For example, "/projects/123/ constraints/compute.disableSerialPortAccess". Corresponds to the JSON propertyname`

Returns:

  • (String) 


113
114
115
 
# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 113

def name
  @name
end

#supports_dry_runBoolean Also known as: supports_dry_run?

Shows if dry run is supported for this constraint or not. Corresponds to the JSON property supportsDryRun

Returns:

  • (Boolean) 


118
119
120
 
# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 118

def supports_dry_run
  @supports_dry_run
end

#supports_simulationBoolean Also known as: supports_simulation?

Shows if simulation is supported for this constraint or not. Corresponds to the JSON property supportsSimulation

Returns:

  • (Boolean) 


124
125
126
 
# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 124

def supports_simulation
  @supports_simulation
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



132
133
134
135
136
137
138
139
140
141
142
 
# File 'lib/google/apis/orgpolicy_v2/classes.rb', line 132

def update!(**args)
  @boolean_constraint = args[:boolean_constraint] if args.key?(:boolean_constraint)
  @constraint_default = args[:constraint_default] if args.key?(:constraint_default)
  @description = args[:description] if args.key?(:description)
  @display_name = args[:display_name] if args.key?(:display_name)
  @equivalent_constraint = args[:equivalent_constraint] if args.key?(:equivalent_constraint)
  @list_constraint = args[:list_constraint] if args.key?(:list_constraint)
  @name = args[:name] if args.key?(:name)
  @supports_dry_run = args[:supports_dry_run] if args.key?(:supports_dry_run)
  @supports_simulation = args[:supports_simulation] if args.key?(:supports_simulation)
end