Google Cloud Native v0.32.0, Nov 29 23

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-google-native

google-native.accesscontextmanager/v1.getAccessLevel

Explore with Pulumi AI

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-google-native

Using getAccessLevel

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getAccessLevel(args: GetAccessLevelArgs, opts?: InvokeOptions): Promise<GetAccessLevelResult>
function getAccessLevelOutput(args: GetAccessLevelOutputArgs, opts?: InvokeOptions): Output<GetAccessLevelResult>

def get_access_level(access_level_format: Optional[str] = None,
                     access_level_id: Optional[str] = None,
                     access_policy_id: Optional[str] = None,
                     opts: Optional[InvokeOptions] = None) -> GetAccessLevelResult
def get_access_level_output(access_level_format: Optional[pulumi.Input[str]] = None,
                     access_level_id: Optional[pulumi.Input[str]] = None,
                     access_policy_id: Optional[pulumi.Input[str]] = None,
                     opts: Optional[InvokeOptions] = None) -> Output[GetAccessLevelResult]

func LookupAccessLevel(ctx *Context, args *LookupAccessLevelArgs, opts ...InvokeOption) (*LookupAccessLevelResult, error)
func LookupAccessLevelOutput(ctx *Context, args *LookupAccessLevelOutputArgs, opts ...InvokeOption) LookupAccessLevelResultOutput

> Note: This function is named LookupAccessLevel in the Go SDK.

public static class GetAccessLevel 
{
    public static Task<GetAccessLevelResult> InvokeAsync(GetAccessLevelArgs args, InvokeOptions? opts = null)
    public static Output<GetAccessLevelResult> Invoke(GetAccessLevelInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetAccessLevelResult> getAccessLevel(GetAccessLevelArgs args, InvokeOptions options)
public static Output<GetAccessLevelResult> getAccessLevel(GetAccessLevelArgs args, InvokeOptions options)

fn::invoke:
  function: google-native:accesscontextmanager/v1:getAccessLevel
  arguments:
    # arguments dictionary

The following arguments are supported:

AccessLevelId string
AccessPolicyId string
AccessLevelFormat string

AccessLevelId string
AccessPolicyId string
AccessLevelFormat string

accessLevelId String
accessPolicyId String
accessLevelFormat String

accessLevelId string
accessPolicyId string
accessLevelFormat string

access_level_id str
access_policy_id str
access_level_format str

accessLevelId String
accessPolicyId String
accessLevelFormat String

getAccessLevel Result

The following output properties are available:

Basic Pulumi.GoogleNative.AccessContextManager.V1.Outputs.BasicLevelResponse: A BasicLevel composed of Conditions.
Custom Pulumi.GoogleNative.AccessContextManager.V1.Outputs.CustomLevelResponse: A CustomLevel written in the Common Expression Language.
Description string: Description of the AccessLevel and its use. Does not affect behavior.
Name string: Resource name for the AccessLevel. Format: accessPolicies/{access_policy}/accessLevels/{access_level}. The access_level component must begin with a letter, followed by alphanumeric characters or _. Its maximum length is 50 characters. After you create an AccessLevel, you cannot change its name.
Title string: Human readable title. Must be unique within the Policy.

Basic BasicLevelResponse: A BasicLevel composed of Conditions.
Custom CustomLevelResponse: A CustomLevel written in the Common Expression Language.
Description string: Description of the AccessLevel and its use. Does not affect behavior.
Name string: Resource name for the AccessLevel. Format: accessPolicies/{access_policy}/accessLevels/{access_level}. The access_level component must begin with a letter, followed by alphanumeric characters or _. Its maximum length is 50 characters. After you create an AccessLevel, you cannot change its name.
Title string: Human readable title. Must be unique within the Policy.

basic BasicLevelResponse: A BasicLevel composed of Conditions.
custom CustomLevelResponse: A CustomLevel written in the Common Expression Language.
description String: Description of the AccessLevel and its use. Does not affect behavior.
name String: Resource name for the AccessLevel. Format: accessPolicies/{access_policy}/accessLevels/{access_level}. The access_level component must begin with a letter, followed by alphanumeric characters or _. Its maximum length is 50 characters. After you create an AccessLevel, you cannot change its name.
title String: Human readable title. Must be unique within the Policy.

basic BasicLevelResponse: A BasicLevel composed of Conditions.
custom CustomLevelResponse: A CustomLevel written in the Common Expression Language.
description string: Description of the AccessLevel and its use. Does not affect behavior.
name string: Resource name for the AccessLevel. Format: accessPolicies/{access_policy}/accessLevels/{access_level}. The access_level component must begin with a letter, followed by alphanumeric characters or _. Its maximum length is 50 characters. After you create an AccessLevel, you cannot change its name.
title string: Human readable title. Must be unique within the Policy.

basic BasicLevelResponse: A BasicLevel composed of Conditions.
custom CustomLevelResponse: A CustomLevel written in the Common Expression Language.
description str: Description of the AccessLevel and its use. Does not affect behavior.
name str: Resource name for the AccessLevel. Format: accessPolicies/{access_policy}/accessLevels/{access_level}. The access_level component must begin with a letter, followed by alphanumeric characters or _. Its maximum length is 50 characters. After you create an AccessLevel, you cannot change its name.
title str: Human readable title. Must be unique within the Policy.

basic Property Map: A BasicLevel composed of Conditions.
custom Property Map: A CustomLevel written in the Common Expression Language.
description String: Description of the AccessLevel and its use. Does not affect behavior.
name String: Resource name for the AccessLevel. Format: accessPolicies/{access_policy}/accessLevels/{access_level}. The access_level component must begin with a letter, followed by alphanumeric characters or _. Its maximum length is 50 characters. After you create an AccessLevel, you cannot change its name.
title String: Human readable title. Must be unique within the Policy.

Supporting Types

BasicLevelResponse

CombiningFunction string: How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.
Conditions List<Pulumi.GoogleNative.AccessContextManager.V1.Inputs.ConditionResponse>: A list of requirements for the AccessLevel to be granted.

CombiningFunction string: How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.
Conditions []ConditionResponse: A list of requirements for the AccessLevel to be granted.

combiningFunction String: How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.
conditions List<ConditionResponse>: A list of requirements for the AccessLevel to be granted.

combiningFunction string: How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.
conditions ConditionResponse[]: A list of requirements for the AccessLevel to be granted.

combining_function str: How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.
conditions Sequence[ConditionResponse]: A list of requirements for the AccessLevel to be granted.

combiningFunction String: How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.
conditions List<Property Map>: A list of requirements for the AccessLevel to be granted.

ConditionResponse

DevicePolicy Pulumi.GoogleNative.AccessContextManager.V1.Inputs.DevicePolicyResponse: Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.
IpSubnetworks List<string>: CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.
Members List<string>: The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.
Negate bool: Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields. Any non-empty field criteria evaluating to false will result in the Condition to be satisfied. Defaults to false.
Regions List<string>: The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.
RequiredAccessLevels List<string>: A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"
VpcNetworkSources List<Pulumi.GoogleNative.AccessContextManager.V1.Inputs.VpcNetworkSourceResponse>: The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with ip_subnetworks.

DevicePolicy DevicePolicyResponse: Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.
IpSubnetworks []string: CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.
Members []string: The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.
Negate bool: Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields. Any non-empty field criteria evaluating to false will result in the Condition to be satisfied. Defaults to false.
Regions []string: The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.
RequiredAccessLevels []string: A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"
VpcNetworkSources []VpcNetworkSourceResponse: The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with ip_subnetworks.

devicePolicy DevicePolicyResponse: Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.
ipSubnetworks List<String>: CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.
members List<String>: The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.
negate Boolean: Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields. Any non-empty field criteria evaluating to false will result in the Condition to be satisfied. Defaults to false.
regions List<String>: The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.
requiredAccessLevels List<String>: A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"
vpcNetworkSources List<VpcNetworkSourceResponse>: The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with ip_subnetworks.

devicePolicy DevicePolicyResponse: Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.
ipSubnetworks string[]: CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.
members string[]: The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.
negate boolean: Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields. Any non-empty field criteria evaluating to false will result in the Condition to be satisfied. Defaults to false.
regions string[]: The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.
requiredAccessLevels string[]: A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"
vpcNetworkSources VpcNetworkSourceResponse[]: The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with ip_subnetworks.

device_policy DevicePolicyResponse: Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.
ip_subnetworks Sequence[str]: CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.
members Sequence[str]: The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.
negate bool: Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields. Any non-empty field criteria evaluating to false will result in the Condition to be satisfied. Defaults to false.
regions Sequence[str]: The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.
required_access_levels Sequence[str]: A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"
vpc_network_sources Sequence[VpcNetworkSourceResponse]: The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with ip_subnetworks.

devicePolicy Property Map: Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.
ipSubnetworks List<String>: CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.
members List<String>: The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.
negate Boolean: Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields. Any non-empty field criteria evaluating to false will result in the Condition to be satisfied. Defaults to false.
regions List<String>: The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.
requiredAccessLevels List<String>: A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"
vpcNetworkSources List<Property Map>: The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with ip_subnetworks.

CustomLevelResponse

Expr Pulumi.GoogleNative.AccessContextManager.V1.Inputs.ExprResponse: A Cloud CEL expression evaluating to a boolean.

Expr ExprResponse: A Cloud CEL expression evaluating to a boolean.

expr ExprResponse: A Cloud CEL expression evaluating to a boolean.

expr ExprResponse: A Cloud CEL expression evaluating to a boolean.

expr ExprResponse: A Cloud CEL expression evaluating to a boolean.

expr Property Map: A Cloud CEL expression evaluating to a boolean.

DevicePolicyResponse

AllowedDeviceManagementLevels List<string>: Allowed device management levels, an empty list allows all management levels.
AllowedEncryptionStatuses List<string>: Allowed encryptions statuses, an empty list allows all statuses.
OsConstraints List<Pulumi.GoogleNative.AccessContextManager.V1.Inputs.OsConstraintResponse>: Allowed OS versions, an empty list allows all types and all versions.
RequireAdminApproval bool: Whether the device needs to be approved by the customer admin.
RequireCorpOwned bool: Whether the device needs to be corp owned.
RequireScreenlock bool: Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

AllowedDeviceManagementLevels []string: Allowed device management levels, an empty list allows all management levels.
AllowedEncryptionStatuses []string: Allowed encryptions statuses, an empty list allows all statuses.
OsConstraints []OsConstraintResponse: Allowed OS versions, an empty list allows all types and all versions.
RequireAdminApproval bool: Whether the device needs to be approved by the customer admin.
RequireCorpOwned bool: Whether the device needs to be corp owned.
RequireScreenlock bool: Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

allowedDeviceManagementLevels List<String>: Allowed device management levels, an empty list allows all management levels.
allowedEncryptionStatuses List<String>: Allowed encryptions statuses, an empty list allows all statuses.
osConstraints List<OsConstraintResponse>: Allowed OS versions, an empty list allows all types and all versions.
requireAdminApproval Boolean: Whether the device needs to be approved by the customer admin.
requireCorpOwned Boolean: Whether the device needs to be corp owned.
requireScreenlock Boolean: Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

allowedDeviceManagementLevels string[]: Allowed device management levels, an empty list allows all management levels.
allowedEncryptionStatuses string[]: Allowed encryptions statuses, an empty list allows all statuses.
osConstraints OsConstraintResponse[]: Allowed OS versions, an empty list allows all types and all versions.
requireAdminApproval boolean: Whether the device needs to be approved by the customer admin.
requireCorpOwned boolean: Whether the device needs to be corp owned.
requireScreenlock boolean: Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

allowed_device_management_levels Sequence[str]: Allowed device management levels, an empty list allows all management levels.
allowed_encryption_statuses Sequence[str]: Allowed encryptions statuses, an empty list allows all statuses.
os_constraints Sequence[OsConstraintResponse]: Allowed OS versions, an empty list allows all types and all versions.
require_admin_approval bool: Whether the device needs to be approved by the customer admin.
require_corp_owned bool: Whether the device needs to be corp owned.
require_screenlock bool: Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

allowedDeviceManagementLevels List<String>: Allowed device management levels, an empty list allows all management levels.
allowedEncryptionStatuses List<String>: Allowed encryptions statuses, an empty list allows all statuses.
osConstraints List<Property Map>: Allowed OS versions, an empty list allows all types and all versions.
requireAdminApproval Boolean: Whether the device needs to be approved by the customer admin.
requireCorpOwned Boolean: Whether the device needs to be corp owned.
requireScreenlock Boolean: Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

ExprResponse

Description string: Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
Expression string: Textual representation of an expression in Common Expression Language syntax.
Location string: Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
Title string: Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

Description string: Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
Expression string: Textual representation of an expression in Common Expression Language syntax.
Location string: Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
Title string: Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

description String: Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
expression String: Textual representation of an expression in Common Expression Language syntax.
location String: Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
title String: Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

description string: Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
expression string: Textual representation of an expression in Common Expression Language syntax.
location string: Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
title string: Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

description str: Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
expression str: Textual representation of an expression in Common Expression Language syntax.
location str: Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
title str: Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

description String: Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
expression String: Textual representation of an expression in Common Expression Language syntax.
location String: Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
title String: Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

OsConstraintResponse

MinimumVersion string: The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".
OsType string: The allowed OS type.
RequireVerifiedChromeOs bool: Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

MinimumVersion string: The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".
OsType string: The allowed OS type.
RequireVerifiedChromeOs bool: Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

minimumVersion String: The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".
osType String: The allowed OS type.
requireVerifiedChromeOs Boolean: Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

minimumVersion string: The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".
osType string: The allowed OS type.
requireVerifiedChromeOs boolean: Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

minimum_version str: The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".
os_type str: The allowed OS type.
require_verified_chrome_os bool: Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

minimumVersion String: The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".
osType String: The allowed OS type.
requireVerifiedChromeOs Boolean: Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

VpcNetworkSourceResponse

VpcSubnetwork Pulumi.GoogleNative.AccessContextManager.V1.Inputs.VpcSubNetworkResponse: Sub-segment ranges of a VPC network.

VpcSubnetwork VpcSubNetworkResponse: Sub-segment ranges of a VPC network.

vpcSubnetwork VpcSubNetworkResponse: Sub-segment ranges of a VPC network.

vpcSubnetwork VpcSubNetworkResponse: Sub-segment ranges of a VPC network.

vpc_subnetwork VpcSubNetworkResponse: Sub-segment ranges of a VPC network.

vpcSubnetwork Property Map: Sub-segment ranges of a VPC network.

VpcSubNetworkResponse

Network string: Network name. If the network is not part of the organization, the compute.network.get permission must be granted to the caller. Format: //compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME} Example: //compute.googleapis.com/projects/my-project/global/networks/network-1
VpcIpSubnetworks List<string>: CIDR block IP subnetwork specification. The IP address must be an IPv4 address and can be a public or private IP address. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. If empty, all IP addresses are allowed.

Network string: Network name. If the network is not part of the organization, the compute.network.get permission must be granted to the caller. Format: //compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME} Example: //compute.googleapis.com/projects/my-project/global/networks/network-1
VpcIpSubnetworks []string: CIDR block IP subnetwork specification. The IP address must be an IPv4 address and can be a public or private IP address. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. If empty, all IP addresses are allowed.

network String: Network name. If the network is not part of the organization, the compute.network.get permission must be granted to the caller. Format: //compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME} Example: //compute.googleapis.com/projects/my-project/global/networks/network-1
vpcIpSubnetworks List<String>: CIDR block IP subnetwork specification. The IP address must be an IPv4 address and can be a public or private IP address. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. If empty, all IP addresses are allowed.

network string: Network name. If the network is not part of the organization, the compute.network.get permission must be granted to the caller. Format: //compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME} Example: //compute.googleapis.com/projects/my-project/global/networks/network-1
vpcIpSubnetworks string[]: CIDR block IP subnetwork specification. The IP address must be an IPv4 address and can be a public or private IP address. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. If empty, all IP addresses are allowed.

network str: Network name. If the network is not part of the organization, the compute.network.get permission must be granted to the caller. Format: //compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME} Example: //compute.googleapis.com/projects/my-project/global/networks/network-1
vpc_ip_subnetworks Sequence[str]: CIDR block IP subnetwork specification. The IP address must be an IPv4 address and can be a public or private IP address. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. If empty, all IP addresses are allowed.

network String: Network name. If the network is not part of the organization, the compute.network.get permission must be granted to the caller. Format: //compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME} Example: //compute.googleapis.com/projects/my-project/global/networks/network-1
vpcIpSubnetworks List<String>: CIDR block IP subnetwork specification. The IP address must be an IPv4 address and can be a public or private IP address. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. If empty, all IP addresses are allowed.

Package Details

Repository: Google Cloud Native pulumi/pulumi-google-native
License: Apache-2.0

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-google-native

google-native.accesscontextmanager/v1.getAccessLevel

On this page

On this page

Using getAccessLevel

getAccessLevel Result

Supporting Types

BasicLevelResponse

ConditionResponse

CustomLevelResponse

DevicePolicyResponse

ExprResponse

OsConstraintResponse

VpcNetworkSourceResponse

VpcSubNetworkResponse

Package Details

On this page

On this page