Docs Packages
  1. Packages
  2. Google Cloud Native
  3. API Docs
  4. accesscontextmanager
  5. accesscontextmanager/v1beta
  6. AccessLevel

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.31.1 published on Thursday, Jul 20, 2023 by Pulumi
pulumi/pulumi-google-native

google-native.accesscontextmanager/v1beta.AccessLevel

Explore with Pulumi AI

google-native logo

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.31.1 published on Thursday, Jul 20, 2023 by Pulumi
pulumi/pulumi-google-native

    Create an Access Level. The longrunning operation from this RPC will have a successful status once the Access Level has propagated to long-lasting storage. Access Levels containing errors will result in an error response for the first error encountered.

    Create AccessLevel Resource

    new AccessLevel(name: string, args: AccessLevelArgs, opts?: CustomResourceOptions);
    @overload
def AccessLevel(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                access_policy_id: Optional[str] = None,
                basic: Optional[BasicLevelArgs] = None,
                custom: Optional[CustomLevelArgs] = None,
                description: Optional[str] = None,
                name: Optional[str] = None,
                title: Optional[str] = None)
@overload
def AccessLevel(resource_name: str,
                args: AccessLevelArgs,
                opts: Optional[ResourceOptions] = None)
    func NewAccessLevel(ctx *Context, name string, args AccessLevelArgs, opts ...ResourceOption) (*AccessLevel, error)
    public AccessLevel(string name, AccessLevelArgs args, CustomResourceOptions? opts = null)
    public AccessLevel(String name, AccessLevelArgs args)
public AccessLevel(String name, AccessLevelArgs args, CustomResourceOptions options)

    type: google-native:accesscontextmanager/v1beta:AccessLevel
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AccessLevelArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AccessLevelArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AccessLevelArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AccessLevelArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AccessLevelArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    AccessLevel Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The AccessLevel resource accepts the following input properties:

    AccessPolicyId string
    Basic Pulumi.GoogleNative.AccessContextManager.V1Beta.Inputs.BasicLevel

    A BasicLevel composed of Conditions.

    Custom Pulumi.GoogleNative.AccessContextManager.V1Beta.Inputs.CustomLevel

    A CustomLevel written in the Common Expression Language.

    Description string

    Description of the AccessLevel and its use. Does not affect behavior.

    Name string

    Resource name for the AccessLevel. Format: accessPolicies/{access_policy}/accessLevels/{access_level}. The access_level component must begin with a letter, followed by alphanumeric characters or _. Its maximum length is 50 characters. After you create an AccessLevel, you cannot change its name.

    Title string

    Human readable title. Must be unique within the Policy.

    AccessPolicyId string
    Basic BasicLevelArgs

    A BasicLevel composed of Conditions.

    Custom CustomLevelArgs

    A CustomLevel written in the Common Expression Language.

    Description string

    Description of the AccessLevel and its use. Does not affect behavior.

    Name string

    Resource name for the AccessLevel. Format: accessPolicies/{access_policy}/accessLevels/{access_level}. The access_level component must begin with a letter, followed by alphanumeric characters or _. Its maximum length is 50 characters. After you create an AccessLevel, you cannot change its name.

    Title string

    Human readable title. Must be unique within the Policy.

    accessPolicyId String
    basic BasicLevel

    A BasicLevel composed of Conditions.

    custom CustomLevel

    A CustomLevel written in the Common Expression Language.

    description String

    Description of the AccessLevel and its use. Does not affect behavior.

    name String

    Resource name for the AccessLevel. Format: accessPolicies/{access_policy}/accessLevels/{access_level}. The access_level component must begin with a letter, followed by alphanumeric characters or _. Its maximum length is 50 characters. After you create an AccessLevel, you cannot change its name.

    title String

    Human readable title. Must be unique within the Policy.

    accessPolicyId string
    basic BasicLevel

    A BasicLevel composed of Conditions.

    custom CustomLevel

    A CustomLevel written in the Common Expression Language.

    description string

    Description of the AccessLevel and its use. Does not affect behavior.

    name string

    Resource name for the AccessLevel. Format: accessPolicies/{access_policy}/accessLevels/{access_level}. The access_level component must begin with a letter, followed by alphanumeric characters or _. Its maximum length is 50 characters. After you create an AccessLevel, you cannot change its name.

    title string

    Human readable title. Must be unique within the Policy.

    access_policy_id str
    basic BasicLevelArgs

    A BasicLevel composed of Conditions.

    custom CustomLevelArgs

    A CustomLevel written in the Common Expression Language.

    description str

    Description of the AccessLevel and its use. Does not affect behavior.

    name str

    Resource name for the AccessLevel. Format: accessPolicies/{access_policy}/accessLevels/{access_level}. The access_level component must begin with a letter, followed by alphanumeric characters or _. Its maximum length is 50 characters. After you create an AccessLevel, you cannot change its name.

    title str

    Human readable title. Must be unique within the Policy.

    accessPolicyId String
    basic Property Map

    A BasicLevel composed of Conditions.

    custom Property Map

    A CustomLevel written in the Common Expression Language.

    description String

    Description of the AccessLevel and its use. Does not affect behavior.

    name String

    Resource name for the AccessLevel. Format: accessPolicies/{access_policy}/accessLevels/{access_level}. The access_level component must begin with a letter, followed by alphanumeric characters or _. Its maximum length is 50 characters. After you create an AccessLevel, you cannot change its name.

    title String

    Human readable title. Must be unique within the Policy.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AccessLevel resource produces the following output properties:

    Id string

    The provider-assigned unique ID for this managed resource.

    Id string

    The provider-assigned unique ID for this managed resource.

    id String

    The provider-assigned unique ID for this managed resource.

    id string

    The provider-assigned unique ID for this managed resource.

    id str

    The provider-assigned unique ID for this managed resource.

    id String

    The provider-assigned unique ID for this managed resource.

    Supporting Types

    BasicLevel, BasicLevelArgs

    Conditions List<Pulumi.GoogleNative.AccessContextManager.V1Beta.Inputs.Condition>

    A list of requirements for the AccessLevel to be granted.

    CombiningFunction Pulumi.GoogleNative.AccessContextManager.V1Beta.BasicLevelCombiningFunction

    How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.

    Conditions []Condition

    A list of requirements for the AccessLevel to be granted.

    CombiningFunction BasicLevelCombiningFunction

    How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.

    conditions List<Condition>

    A list of requirements for the AccessLevel to be granted.

    combiningFunction BasicLevelCombiningFunction

    How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.

    conditions Condition[]

    A list of requirements for the AccessLevel to be granted.

    combiningFunction BasicLevelCombiningFunction

    How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.

    conditions Sequence[Condition]

    A list of requirements for the AccessLevel to be granted.

    combining_function BasicLevelCombiningFunction

    How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.

    conditions List<Property Map>

    A list of requirements for the AccessLevel to be granted.

    combiningFunction "AND" | "OR"

    How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.

    BasicLevelCombiningFunction, BasicLevelCombiningFunctionArgs

    And
    AND

    All Conditions must be true for the BasicLevel to be true.

    Or
    OR

    If at least one Condition is true, then the BasicLevel is true.

    BasicLevelCombiningFunctionAnd
    AND

    All Conditions must be true for the BasicLevel to be true.

    BasicLevelCombiningFunctionOr
    OR

    If at least one Condition is true, then the BasicLevel is true.

    And
    AND

    All Conditions must be true for the BasicLevel to be true.

    Or
    OR

    If at least one Condition is true, then the BasicLevel is true.

    And
    AND

    All Conditions must be true for the BasicLevel to be true.

    Or
    OR

    If at least one Condition is true, then the BasicLevel is true.

    AND_
    AND

    All Conditions must be true for the BasicLevel to be true.

    OR_
    OR

    If at least one Condition is true, then the BasicLevel is true.

    "AND"
    AND

    All Conditions must be true for the BasicLevel to be true.

    "OR"
    OR

    If at least one Condition is true, then the BasicLevel is true.

    BasicLevelResponse, BasicLevelResponseArgs

    CombiningFunction string

    How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.

    Conditions List<Pulumi.GoogleNative.AccessContextManager.V1Beta.Inputs.ConditionResponse>

    A list of requirements for the AccessLevel to be granted.

    CombiningFunction string

    How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.

    Conditions []ConditionResponse

    A list of requirements for the AccessLevel to be granted.

    combiningFunction String

    How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.

    conditions List<ConditionResponse>

    A list of requirements for the AccessLevel to be granted.

    combiningFunction string

    How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.

    conditions ConditionResponse[]

    A list of requirements for the AccessLevel to be granted.

    combining_function str

    How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.

    conditions Sequence[ConditionResponse]

    A list of requirements for the AccessLevel to be granted.

    combiningFunction String

    How the conditions list should be combined to determine if a request is granted this AccessLevel. If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND.

    conditions List<Property Map>

    A list of requirements for the AccessLevel to be granted.

    Condition, ConditionArgs

    DevicePolicy Pulumi.GoogleNative.AccessContextManager.V1Beta.Inputs.DevicePolicy

    Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.

    IpSubnetworks List<string>

    CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.

    Members List<string>

    The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.

    Negate bool

    Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false.

    Regions List<string>

    The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.

    RequiredAccessLevels List<string>

    A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"

    DevicePolicy DevicePolicy

    Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.

    IpSubnetworks []string

    CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.

    Members []string

    The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.

    Negate bool

    Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false.

    Regions []string

    The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.

    RequiredAccessLevels []string

    A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"

    devicePolicy DevicePolicy

    Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.

    ipSubnetworks List<String>

    CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.

    members List<String>

    The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.

    negate Boolean

    Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false.

    regions List<String>

    The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.

    requiredAccessLevels List<String>

    A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"

    devicePolicy DevicePolicy

    Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.

    ipSubnetworks string[]

    CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.

    members string[]

    The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.

    negate boolean

    Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false.

    regions string[]

    The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.

    requiredAccessLevels string[]

    A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"

    device_policy DevicePolicy

    Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.

    ip_subnetworks Sequence[str]

    CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.

    members Sequence[str]

    The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.

    negate bool

    Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false.

    regions Sequence[str]

    The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.

    required_access_levels Sequence[str]

    A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"

    devicePolicy Property Map

    Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.

    ipSubnetworks List<String>

    CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.

    members List<String>

    The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.

    negate Boolean

    Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false.

    regions List<String>

    The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.

    requiredAccessLevels List<String>

    A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"

    ConditionResponse, ConditionResponseArgs

    DevicePolicy Pulumi.GoogleNative.AccessContextManager.V1Beta.Inputs.DevicePolicyResponse

    Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.

    IpSubnetworks List<string>

    CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.

    Members List<string>

    The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.

    Negate bool

    Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false.

    Regions List<string>

    The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.

    RequiredAccessLevels List<string>

    A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"

    DevicePolicy DevicePolicyResponse

    Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.

    IpSubnetworks []string

    CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.

    Members []string

    The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.

    Negate bool

    Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false.

    Regions []string

    The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.

    RequiredAccessLevels []string

    A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"

    devicePolicy DevicePolicyResponse

    Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.

    ipSubnetworks List<String>

    CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.

    members List<String>

    The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.

    negate Boolean

    Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false.

    regions List<String>

    The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.

    requiredAccessLevels List<String>

    A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"

    devicePolicy DevicePolicyResponse

    Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.

    ipSubnetworks string[]

    CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.

    members string[]

    The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.

    negate boolean

    Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false.

    regions string[]

    The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.

    requiredAccessLevels string[]

    A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"

    device_policy DevicePolicyResponse

    Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.

    ip_subnetworks Sequence[str]

    CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.

    members Sequence[str]

    The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.

    negate bool

    Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false.

    regions Sequence[str]

    The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.

    required_access_levels Sequence[str]

    A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"

    devicePolicy Property Map

    Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed.

    ipSubnetworks List<String>

    CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.

    members List<String>

    The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: user:{emailid} serviceAccount:{emailid} If not specified, a request may come from any user.

    negate Boolean

    Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to false.

    regions List<String>

    The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes.

    requiredAccessLevels List<String>

    A list of other access levels defined in the same Policy, referenced by resource name. Referencing an AccessLevel which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"

    CustomLevel, CustomLevelArgs

    Expr Pulumi.GoogleNative.AccessContextManager.V1Beta.Inputs.Expr

    A Cloud CEL expression evaluating to a boolean.

    Expr Expr

    A Cloud CEL expression evaluating to a boolean.

    expr Expr

    A Cloud CEL expression evaluating to a boolean.

    expr Expr

    A Cloud CEL expression evaluating to a boolean.

    expr Expr

    A Cloud CEL expression evaluating to a boolean.

    expr Property Map

    A Cloud CEL expression evaluating to a boolean.

    CustomLevelResponse, CustomLevelResponseArgs

    Expr Pulumi.GoogleNative.AccessContextManager.V1Beta.Inputs.ExprResponse

    A Cloud CEL expression evaluating to a boolean.

    Expr ExprResponse

    A Cloud CEL expression evaluating to a boolean.

    expr ExprResponse

    A Cloud CEL expression evaluating to a boolean.

    expr ExprResponse

    A Cloud CEL expression evaluating to a boolean.

    expr ExprResponse

    A Cloud CEL expression evaluating to a boolean.

    expr Property Map

    A Cloud CEL expression evaluating to a boolean.

    DevicePolicy, DevicePolicyArgs

    AllowedDeviceManagementLevels List<Pulumi.GoogleNative.AccessContextManager.V1Beta.DevicePolicyAllowedDeviceManagementLevelsItem>

    Allowed device management levels, an empty list allows all management levels.

    AllowedEncryptionStatuses List<Pulumi.GoogleNative.AccessContextManager.V1Beta.DevicePolicyAllowedEncryptionStatusesItem>

    Allowed encryptions statuses, an empty list allows all statuses.

    OsConstraints List<Pulumi.GoogleNative.AccessContextManager.V1Beta.Inputs.OsConstraint>

    Allowed OS versions, an empty list allows all types and all versions.

    RequireAdminApproval bool

    Whether the device needs to be approved by the customer admin.

    RequireCorpOwned bool

    Whether the device needs to be corp owned.

    RequireScreenlock bool

    Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

    AllowedDeviceManagementLevels []DevicePolicyAllowedDeviceManagementLevelsItem

    Allowed device management levels, an empty list allows all management levels.

    AllowedEncryptionStatuses []DevicePolicyAllowedEncryptionStatusesItem

    Allowed encryptions statuses, an empty list allows all statuses.

    OsConstraints []OsConstraint

    Allowed OS versions, an empty list allows all types and all versions.

    RequireAdminApproval bool

    Whether the device needs to be approved by the customer admin.

    RequireCorpOwned bool

    Whether the device needs to be corp owned.

    RequireScreenlock bool

    Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

    allowedDeviceManagementLevels List<DevicePolicyAllowedDeviceManagementLevelsItem>

    Allowed device management levels, an empty list allows all management levels.

    allowedEncryptionStatuses List<DevicePolicyAllowedEncryptionStatusesItem>

    Allowed encryptions statuses, an empty list allows all statuses.

    osConstraints List<OsConstraint>

    Allowed OS versions, an empty list allows all types and all versions.

    requireAdminApproval Boolean

    Whether the device needs to be approved by the customer admin.

    requireCorpOwned Boolean

    Whether the device needs to be corp owned.

    requireScreenlock Boolean

    Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

    allowedDeviceManagementLevels DevicePolicyAllowedDeviceManagementLevelsItem[]

    Allowed device management levels, an empty list allows all management levels.

    allowedEncryptionStatuses DevicePolicyAllowedEncryptionStatusesItem[]

    Allowed encryptions statuses, an empty list allows all statuses.

    osConstraints OsConstraint[]

    Allowed OS versions, an empty list allows all types and all versions.

    requireAdminApproval boolean

    Whether the device needs to be approved by the customer admin.

    requireCorpOwned boolean

    Whether the device needs to be corp owned.

    requireScreenlock boolean

    Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

    allowed_device_management_levels Sequence[DevicePolicyAllowedDeviceManagementLevelsItem]

    Allowed device management levels, an empty list allows all management levels.

    allowed_encryption_statuses Sequence[DevicePolicyAllowedEncryptionStatusesItem]

    Allowed encryptions statuses, an empty list allows all statuses.

    os_constraints Sequence[OsConstraint]

    Allowed OS versions, an empty list allows all types and all versions.

    require_admin_approval bool

    Whether the device needs to be approved by the customer admin.

    require_corp_owned bool

    Whether the device needs to be corp owned.

    require_screenlock bool

    Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

    allowedDeviceManagementLevels List<"MANAGEMENT_UNSPECIFIED" | "NONE" | "BASIC" | "COMPLETE">

    Allowed device management levels, an empty list allows all management levels.

    allowedEncryptionStatuses List<"ENCRYPTION_UNSPECIFIED" | "ENCRYPTION_UNSUPPORTED" | "UNENCRYPTED" | "ENCRYPTED">

    Allowed encryptions statuses, an empty list allows all statuses.

    osConstraints List<Property Map>

    Allowed OS versions, an empty list allows all types and all versions.

    requireAdminApproval Boolean

    Whether the device needs to be approved by the customer admin.

    requireCorpOwned Boolean

    Whether the device needs to be corp owned.

    requireScreenlock Boolean

    Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

    DevicePolicyAllowedDeviceManagementLevelsItem, DevicePolicyAllowedDeviceManagementLevelsItemArgs

    ManagementUnspecified
    MANAGEMENT_UNSPECIFIED

    The device's management level is not specified or not known.

    None
    NONE

    The device is not managed.

    Basic
    BASIC

    Basic management is enabled, which is generally limited to monitoring and wiping the corporate account.

    Complete
    COMPLETE

    Complete device management. This includes more thorough monitoring and the ability to directly manage the device (such as remote wiping). This can be enabled through the Android Enterprise Platform.

    DevicePolicyAllowedDeviceManagementLevelsItemManagementUnspecified
    MANAGEMENT_UNSPECIFIED

    The device's management level is not specified or not known.

    DevicePolicyAllowedDeviceManagementLevelsItemNone
    NONE

    The device is not managed.

    DevicePolicyAllowedDeviceManagementLevelsItemBasic
    BASIC

    Basic management is enabled, which is generally limited to monitoring and wiping the corporate account.

    DevicePolicyAllowedDeviceManagementLevelsItemComplete
    COMPLETE

    Complete device management. This includes more thorough monitoring and the ability to directly manage the device (such as remote wiping). This can be enabled through the Android Enterprise Platform.

    ManagementUnspecified
    MANAGEMENT_UNSPECIFIED

    The device's management level is not specified or not known.

    None
    NONE

    The device is not managed.

    Basic
    BASIC

    Basic management is enabled, which is generally limited to monitoring and wiping the corporate account.

    Complete
    COMPLETE

    Complete device management. This includes more thorough monitoring and the ability to directly manage the device (such as remote wiping). This can be enabled through the Android Enterprise Platform.

    ManagementUnspecified
    MANAGEMENT_UNSPECIFIED

    The device's management level is not specified or not known.

    None
    NONE

    The device is not managed.

    Basic
    BASIC

    Basic management is enabled, which is generally limited to monitoring and wiping the corporate account.

    Complete
    COMPLETE

    Complete device management. This includes more thorough monitoring and the ability to directly manage the device (such as remote wiping). This can be enabled through the Android Enterprise Platform.

    MANAGEMENT_UNSPECIFIED
    MANAGEMENT_UNSPECIFIED

    The device's management level is not specified or not known.

    NONE
    NONE

    The device is not managed.

    BASIC
    BASIC

    Basic management is enabled, which is generally limited to monitoring and wiping the corporate account.

    COMPLETE
    COMPLETE

    Complete device management. This includes more thorough monitoring and the ability to directly manage the device (such as remote wiping). This can be enabled through the Android Enterprise Platform.

    "MANAGEMENT_UNSPECIFIED"
    MANAGEMENT_UNSPECIFIED

    The device's management level is not specified or not known.

    "NONE"
    NONE

    The device is not managed.

    "BASIC"
    BASIC

    Basic management is enabled, which is generally limited to monitoring and wiping the corporate account.

    "COMPLETE"
    COMPLETE

    Complete device management. This includes more thorough monitoring and the ability to directly manage the device (such as remote wiping). This can be enabled through the Android Enterprise Platform.

    DevicePolicyAllowedEncryptionStatusesItem, DevicePolicyAllowedEncryptionStatusesItemArgs

    EncryptionUnspecified
    ENCRYPTION_UNSPECIFIED

    The encryption status of the device is not specified or not known.

    EncryptionUnsupported
    ENCRYPTION_UNSUPPORTED

    The device does not support encryption.

    Unencrypted
    UNENCRYPTED

    The device supports encryption, but is currently unencrypted.

    Encrypted
    ENCRYPTED

    The device is encrypted.

    DevicePolicyAllowedEncryptionStatusesItemEncryptionUnspecified
    ENCRYPTION_UNSPECIFIED

    The encryption status of the device is not specified or not known.

    DevicePolicyAllowedEncryptionStatusesItemEncryptionUnsupported
    ENCRYPTION_UNSUPPORTED

    The device does not support encryption.

    DevicePolicyAllowedEncryptionStatusesItemUnencrypted
    UNENCRYPTED

    The device supports encryption, but is currently unencrypted.

    DevicePolicyAllowedEncryptionStatusesItemEncrypted
    ENCRYPTED

    The device is encrypted.

    EncryptionUnspecified
    ENCRYPTION_UNSPECIFIED

    The encryption status of the device is not specified or not known.

    EncryptionUnsupported
    ENCRYPTION_UNSUPPORTED

    The device does not support encryption.

    Unencrypted
    UNENCRYPTED

    The device supports encryption, but is currently unencrypted.

    Encrypted
    ENCRYPTED

    The device is encrypted.

    EncryptionUnspecified
    ENCRYPTION_UNSPECIFIED

    The encryption status of the device is not specified or not known.

    EncryptionUnsupported
    ENCRYPTION_UNSUPPORTED

    The device does not support encryption.

    Unencrypted
    UNENCRYPTED

    The device supports encryption, but is currently unencrypted.

    Encrypted
    ENCRYPTED

    The device is encrypted.

    ENCRYPTION_UNSPECIFIED
    ENCRYPTION_UNSPECIFIED

    The encryption status of the device is not specified or not known.

    ENCRYPTION_UNSUPPORTED
    ENCRYPTION_UNSUPPORTED

    The device does not support encryption.

    UNENCRYPTED
    UNENCRYPTED

    The device supports encryption, but is currently unencrypted.

    ENCRYPTED
    ENCRYPTED

    The device is encrypted.

    "ENCRYPTION_UNSPECIFIED"
    ENCRYPTION_UNSPECIFIED

    The encryption status of the device is not specified or not known.

    "ENCRYPTION_UNSUPPORTED"
    ENCRYPTION_UNSUPPORTED

    The device does not support encryption.

    "UNENCRYPTED"
    UNENCRYPTED

    The device supports encryption, but is currently unencrypted.

    "ENCRYPTED"
    ENCRYPTED

    The device is encrypted.

    DevicePolicyResponse, DevicePolicyResponseArgs

    AllowedDeviceManagementLevels List<string>

    Allowed device management levels, an empty list allows all management levels.

    AllowedEncryptionStatuses List<string>

    Allowed encryptions statuses, an empty list allows all statuses.

    OsConstraints List<Pulumi.GoogleNative.AccessContextManager.V1Beta.Inputs.OsConstraintResponse>

    Allowed OS versions, an empty list allows all types and all versions.

    RequireAdminApproval bool

    Whether the device needs to be approved by the customer admin.

    RequireCorpOwned bool

    Whether the device needs to be corp owned.

    RequireScreenlock bool

    Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

    AllowedDeviceManagementLevels []string

    Allowed device management levels, an empty list allows all management levels.

    AllowedEncryptionStatuses []string

    Allowed encryptions statuses, an empty list allows all statuses.

    OsConstraints []OsConstraintResponse

    Allowed OS versions, an empty list allows all types and all versions.

    RequireAdminApproval bool

    Whether the device needs to be approved by the customer admin.

    RequireCorpOwned bool

    Whether the device needs to be corp owned.

    RequireScreenlock bool

    Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

    allowedDeviceManagementLevels List<String>

    Allowed device management levels, an empty list allows all management levels.

    allowedEncryptionStatuses List<String>

    Allowed encryptions statuses, an empty list allows all statuses.

    osConstraints List<OsConstraintResponse>

    Allowed OS versions, an empty list allows all types and all versions.

    requireAdminApproval Boolean

    Whether the device needs to be approved by the customer admin.

    requireCorpOwned Boolean

    Whether the device needs to be corp owned.

    requireScreenlock Boolean

    Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

    allowedDeviceManagementLevels string[]

    Allowed device management levels, an empty list allows all management levels.

    allowedEncryptionStatuses string[]

    Allowed encryptions statuses, an empty list allows all statuses.

    osConstraints OsConstraintResponse[]

    Allowed OS versions, an empty list allows all types and all versions.

    requireAdminApproval boolean

    Whether the device needs to be approved by the customer admin.

    requireCorpOwned boolean

    Whether the device needs to be corp owned.

    requireScreenlock boolean

    Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

    allowed_device_management_levels Sequence[str]

    Allowed device management levels, an empty list allows all management levels.

    allowed_encryption_statuses Sequence[str]

    Allowed encryptions statuses, an empty list allows all statuses.

    os_constraints Sequence[OsConstraintResponse]

    Allowed OS versions, an empty list allows all types and all versions.

    require_admin_approval bool

    Whether the device needs to be approved by the customer admin.

    require_corp_owned bool

    Whether the device needs to be corp owned.

    require_screenlock bool

    Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

    allowedDeviceManagementLevels List<String>

    Allowed device management levels, an empty list allows all management levels.

    allowedEncryptionStatuses List<String>

    Allowed encryptions statuses, an empty list allows all statuses.

    osConstraints List<Property Map>

    Allowed OS versions, an empty list allows all types and all versions.

    requireAdminApproval Boolean

    Whether the device needs to be approved by the customer admin.

    requireCorpOwned Boolean

    Whether the device needs to be corp owned.

    requireScreenlock Boolean

    Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

    Expr, ExprArgs

    Description string

    Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

    Expression string

    Textual representation of an expression in Common Expression Language syntax.

    Location string

    Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

    Title string

    Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

    Description string

    Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

    Expression string

    Textual representation of an expression in Common Expression Language syntax.

    Location string

    Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

    Title string

    Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

    description String

    Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

    expression String

    Textual representation of an expression in Common Expression Language syntax.

    location String

    Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

    title String

    Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

    description string

    Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

    expression string

    Textual representation of an expression in Common Expression Language syntax.

    location string

    Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

    title string

    Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

    description str

    Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

    expression str

    Textual representation of an expression in Common Expression Language syntax.

    location str

    Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

    title str

    Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

    description String

    Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

    expression String

    Textual representation of an expression in Common Expression Language syntax.

    location String

    Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

    title String

    Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

    ExprResponse, ExprResponseArgs

    Description string

    Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

    Expression string

    Textual representation of an expression in Common Expression Language syntax.

    Location string

    Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

    Title string

    Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

    Description string

    Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

    Expression string

    Textual representation of an expression in Common Expression Language syntax.

    Location string

    Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

    Title string

    Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

    description String

    Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

    expression String

    Textual representation of an expression in Common Expression Language syntax.

    location String

    Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

    title String

    Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

    description string

    Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

    expression string

    Textual representation of an expression in Common Expression Language syntax.

    location string

    Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

    title string

    Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

    description str

    Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

    expression str

    Textual representation of an expression in Common Expression Language syntax.

    location str

    Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

    title str

    Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

    description String

    Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

    expression String

    Textual representation of an expression in Common Expression Language syntax.

    location String

    Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

    title String

    Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

    OsConstraint, OsConstraintArgs

    OsType Pulumi.GoogleNative.AccessContextManager.V1Beta.OsConstraintOsType

    The allowed OS type.

    MinimumVersion string

    The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".

    RequireVerifiedChromeOs bool

    Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

    OsType OsConstraintOsType

    The allowed OS type.

    MinimumVersion string

    The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".

    RequireVerifiedChromeOs bool

    Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

    osType OsConstraintOsType

    The allowed OS type.

    minimumVersion String

    The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".

    requireVerifiedChromeOs Boolean

    Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

    osType OsConstraintOsType

    The allowed OS type.

    minimumVersion string

    The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".

    requireVerifiedChromeOs boolean

    Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

    os_type OsConstraintOsType

    The allowed OS type.

    minimum_version str

    The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".

    require_verified_chrome_os bool

    Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

    osType "OS_UNSPECIFIED" | "DESKTOP_MAC" | "DESKTOP_WINDOWS" | "DESKTOP_LINUX" | "DESKTOP_CHROME_OS" | "ANDROID" | "IOS"

    The allowed OS type.

    minimumVersion String

    The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".

    requireVerifiedChromeOs Boolean

    Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

    OsConstraintOsType, OsConstraintOsTypeArgs

    OsUnspecified
    OS_UNSPECIFIED

    The operating system of the device is not specified or not known.

    DesktopMac
    DESKTOP_MAC

    A desktop Mac operating system.

    DesktopWindows
    DESKTOP_WINDOWS

    A desktop Windows operating system.

    DesktopLinux
    DESKTOP_LINUX

    A desktop Linux operating system.

    DesktopChromeOs
    DESKTOP_CHROME_OS

    A desktop ChromeOS operating system.

    Android
    ANDROID

    An Android operating system.

    Ios
    IOS

    An iOS operating system.

    OsConstraintOsTypeOsUnspecified
    OS_UNSPECIFIED

    The operating system of the device is not specified or not known.

    OsConstraintOsTypeDesktopMac
    DESKTOP_MAC

    A desktop Mac operating system.

    OsConstraintOsTypeDesktopWindows
    DESKTOP_WINDOWS

    A desktop Windows operating system.

    OsConstraintOsTypeDesktopLinux
    DESKTOP_LINUX

    A desktop Linux operating system.

    OsConstraintOsTypeDesktopChromeOs
    DESKTOP_CHROME_OS

    A desktop ChromeOS operating system.

    OsConstraintOsTypeAndroid
    ANDROID

    An Android operating system.

    OsConstraintOsTypeIos
    IOS

    An iOS operating system.

    OsUnspecified
    OS_UNSPECIFIED

    The operating system of the device is not specified or not known.

    DesktopMac
    DESKTOP_MAC

    A desktop Mac operating system.

    DesktopWindows
    DESKTOP_WINDOWS

    A desktop Windows operating system.

    DesktopLinux
    DESKTOP_LINUX

    A desktop Linux operating system.

    DesktopChromeOs
    DESKTOP_CHROME_OS

    A desktop ChromeOS operating system.

    Android
    ANDROID

    An Android operating system.

    Ios
    IOS

    An iOS operating system.

    OsUnspecified
    OS_UNSPECIFIED

    The operating system of the device is not specified or not known.

    DesktopMac
    DESKTOP_MAC

    A desktop Mac operating system.

    DesktopWindows
    DESKTOP_WINDOWS

    A desktop Windows operating system.

    DesktopLinux
    DESKTOP_LINUX

    A desktop Linux operating system.

    DesktopChromeOs
    DESKTOP_CHROME_OS

    A desktop ChromeOS operating system.

    Android
    ANDROID

    An Android operating system.

    Ios
    IOS

    An iOS operating system.

    OS_UNSPECIFIED
    OS_UNSPECIFIED

    The operating system of the device is not specified or not known.

    DESKTOP_MAC
    DESKTOP_MAC

    A desktop Mac operating system.

    DESKTOP_WINDOWS
    DESKTOP_WINDOWS

    A desktop Windows operating system.

    DESKTOP_LINUX
    DESKTOP_LINUX

    A desktop Linux operating system.

    DESKTOP_CHROME_OS
    DESKTOP_CHROME_OS

    A desktop ChromeOS operating system.

    ANDROID
    ANDROID

    An Android operating system.

    IOS
    IOS

    An iOS operating system.

    "OS_UNSPECIFIED"
    OS_UNSPECIFIED

    The operating system of the device is not specified or not known.

    "DESKTOP_MAC"
    DESKTOP_MAC

    A desktop Mac operating system.

    "DESKTOP_WINDOWS"
    DESKTOP_WINDOWS

    A desktop Windows operating system.

    "DESKTOP_LINUX"
    DESKTOP_LINUX

    A desktop Linux operating system.

    "DESKTOP_CHROME_OS"
    DESKTOP_CHROME_OS

    A desktop ChromeOS operating system.

    "ANDROID"
    ANDROID

    An Android operating system.

    "IOS"
    IOS

    An iOS operating system.

    OsConstraintResponse, OsConstraintResponseArgs

    MinimumVersion string

    The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".

    OsType string

    The allowed OS type.

    RequireVerifiedChromeOs bool

    Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

    MinimumVersion string

    The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".

    OsType string

    The allowed OS type.

    RequireVerifiedChromeOs bool

    Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

    minimumVersion String

    The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".

    osType String

    The allowed OS type.

    requireVerifiedChromeOs Boolean

    Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

    minimumVersion string

    The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".

    osType string

    The allowed OS type.

    requireVerifiedChromeOs boolean

    Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

    minimum_version str

    The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".

    os_type str

    The allowed OS type.

    require_verified_chrome_os bool

    Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

    minimumVersion String

    The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: "major.minor.patch". Examples: "10.5.301", "9.2.1".

    osType String

    The allowed OS type.

    requireVerifiedChromeOs Boolean

    Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request.

    Package Details

    Repository
    Google Cloud Native pulumi/pulumi-google-native
    License
    Apache-2.0
    google-native logo

    Google Cloud Native is in preview. Google Cloud Classic is fully supported.

    Google Cloud Native v0.31.1 published on Thursday, Jul 20, 2023 by Pulumi
    pulumi/pulumi-google-native