Google Native

v0.26.0 published on Friday, Sep 16, 2022 by Pulumi

CustomConstraint

Creates a CustomConstraint. Returns a google.rpc.Status with google.rpc.Code.NOT_FOUND if the organization does not exist. Returns a google.rpc.Status with google.rpc.Code.ALREADY_EXISTS if the constraint already exists on the given organization.

Create a CustomConstraint Resource

new CustomConstraint(name: string, args: CustomConstraintArgs, opts?: CustomResourceOptions);
@overload
def CustomConstraint(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     action_type: Optional[CustomConstraintActionType] = None,
                     condition: Optional[str] = None,
                     description: Optional[str] = None,
                     display_name: Optional[str] = None,
                     method_types: Optional[Sequence[CustomConstraintMethodTypesItem]] = None,
                     name: Optional[str] = None,
                     organization_id: Optional[str] = None,
                     resource_types: Optional[Sequence[str]] = None)
@overload
def CustomConstraint(resource_name: str,
                     args: CustomConstraintArgs,
                     opts: Optional[ResourceOptions] = None)
func NewCustomConstraint(ctx *Context, name string, args CustomConstraintArgs, opts ...ResourceOption) (*CustomConstraint, error)
public CustomConstraint(string name, CustomConstraintArgs args, CustomResourceOptions? opts = null)
public CustomConstraint(String name, CustomConstraintArgs args)
public CustomConstraint(String name, CustomConstraintArgs args, CustomResourceOptions options)
type: google-native:orgpolicy/v2:CustomConstraint
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args CustomConstraintArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args CustomConstraintArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args CustomConstraintArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args CustomConstraintArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args CustomConstraintArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

CustomConstraint Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The CustomConstraint resource accepts the following input properties:

OrganizationId string
ActionType Pulumi.GoogleNative.Orgpolicy.V2.CustomConstraintActionType

Allow or deny type.

Condition string

Org policy condition/expression. For example: resource.instanceName.matches("[production|test]_.*_(\d)+")' or, resource.management.auto_upgrade == true

Description string

Detailed information about this custom policy constraint.

DisplayName string

One line display name for the UI.

MethodTypes List<Pulumi.GoogleNative.Orgpolicy.V2.CustomConstraintMethodTypesItem>

All the operations being applied for this constraint.

Name string

Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * organizations/{organization_id}/customConstraints/{custom_constraint_id} Example : "organizations/123/customConstraints/custom.createOnlyE2TypeVms"

ResourceTypes List<string>

Immutable. The Resource Instance type on which this policy applies to. Format will be of the form : "/" Example: * compute.googleapis.com/Instance.

OrganizationId string
ActionType CustomConstraintActionType

Allow or deny type.

Condition string

Org policy condition/expression. For example: resource.instanceName.matches("[production|test]_.*_(\d)+")' or, resource.management.auto_upgrade == true

Description string

Detailed information about this custom policy constraint.

DisplayName string

One line display name for the UI.

MethodTypes []CustomConstraintMethodTypesItem

All the operations being applied for this constraint.

Name string

Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * organizations/{organization_id}/customConstraints/{custom_constraint_id} Example : "organizations/123/customConstraints/custom.createOnlyE2TypeVms"

ResourceTypes []string

Immutable. The Resource Instance type on which this policy applies to. Format will be of the form : "/" Example: * compute.googleapis.com/Instance.

organizationId String
actionType CustomConstraintActionType

Allow or deny type.

condition String

Org policy condition/expression. For example: resource.instanceName.matches("[production|test]_.*_(\d)+")' or, resource.management.auto_upgrade == true

description String

Detailed information about this custom policy constraint.

displayName String

One line display name for the UI.

methodTypes List<CustomConstraintMethodTypesItem>

All the operations being applied for this constraint.

name String

Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * organizations/{organization_id}/customConstraints/{custom_constraint_id} Example : "organizations/123/customConstraints/custom.createOnlyE2TypeVms"

resourceTypes List<String>

Immutable. The Resource Instance type on which this policy applies to. Format will be of the form : "/" Example: * compute.googleapis.com/Instance.

organizationId string
actionType CustomConstraintActionType

Allow or deny type.

condition string

Org policy condition/expression. For example: resource.instanceName.matches("[production|test]_.*_(\d)+")' or, resource.management.auto_upgrade == true

description string

Detailed information about this custom policy constraint.

displayName string

One line display name for the UI.

methodTypes CustomConstraintMethodTypesItem[]

All the operations being applied for this constraint.

name string

Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * organizations/{organization_id}/customConstraints/{custom_constraint_id} Example : "organizations/123/customConstraints/custom.createOnlyE2TypeVms"

resourceTypes string[]

Immutable. The Resource Instance type on which this policy applies to. Format will be of the form : "/" Example: * compute.googleapis.com/Instance.

organization_id str
action_type CustomConstraintActionType

Allow or deny type.

condition str

Org policy condition/expression. For example: resource.instanceName.matches("[production|test]_.*_(\d)+")' or, resource.management.auto_upgrade == true

description str

Detailed information about this custom policy constraint.

display_name str

One line display name for the UI.

method_types Sequence[CustomConstraintMethodTypesItem]

All the operations being applied for this constraint.

name str

Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * organizations/{organization_id}/customConstraints/{custom_constraint_id} Example : "organizations/123/customConstraints/custom.createOnlyE2TypeVms"

resource_types Sequence[str]

Immutable. The Resource Instance type on which this policy applies to. Format will be of the form : "/" Example: * compute.googleapis.com/Instance.

organizationId String
actionType "ACTION_TYPE_UNSPECIFIED" | "ALLOW" | "DENY"

Allow or deny type.

condition String

Org policy condition/expression. For example: resource.instanceName.matches("[production|test]_.*_(\d)+")' or, resource.management.auto_upgrade == true

description String

Detailed information about this custom policy constraint.

displayName String

One line display name for the UI.

methodTypes List<"METHOD_TYPE_UNSPECIFIED" | "CREATE" | "UPDATE" | "DELETE">

All the operations being applied for this constraint.

name String

Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * organizations/{organization_id}/customConstraints/{custom_constraint_id} Example : "organizations/123/customConstraints/custom.createOnlyE2TypeVms"

resourceTypes List<String>

Immutable. The Resource Instance type on which this policy applies to. Format will be of the form : "/" Example: * compute.googleapis.com/Instance.

Outputs

All input properties are implicitly available as output properties. Additionally, the CustomConstraint resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

UpdateTime string

The last time this custom constraint was updated. This represents the last time that the CreateCustomConstraint or UpdateCustomConstraint RPC was called

Id string

The provider-assigned unique ID for this managed resource.

UpdateTime string

The last time this custom constraint was updated. This represents the last time that the CreateCustomConstraint or UpdateCustomConstraint RPC was called

id String

The provider-assigned unique ID for this managed resource.

updateTime String

The last time this custom constraint was updated. This represents the last time that the CreateCustomConstraint or UpdateCustomConstraint RPC was called

id string

The provider-assigned unique ID for this managed resource.

updateTime string

The last time this custom constraint was updated. This represents the last time that the CreateCustomConstraint or UpdateCustomConstraint RPC was called

id str

The provider-assigned unique ID for this managed resource.

update_time str

The last time this custom constraint was updated. This represents the last time that the CreateCustomConstraint or UpdateCustomConstraint RPC was called

id String

The provider-assigned unique ID for this managed resource.

updateTime String

The last time this custom constraint was updated. This represents the last time that the CreateCustomConstraint or UpdateCustomConstraint RPC was called

Supporting Types

CustomConstraintActionType

ActionTypeUnspecified
ACTION_TYPE_UNSPECIFIED

Unspecified. Will results in user error.

Allow
ALLOW

Allowed action type.

Deny
DENY

Deny action type.

CustomConstraintActionTypeActionTypeUnspecified
ACTION_TYPE_UNSPECIFIED

Unspecified. Will results in user error.

CustomConstraintActionTypeAllow
ALLOW

Allowed action type.

CustomConstraintActionTypeDeny
DENY

Deny action type.

ActionTypeUnspecified
ACTION_TYPE_UNSPECIFIED

Unspecified. Will results in user error.

Allow
ALLOW

Allowed action type.

Deny
DENY

Deny action type.

ActionTypeUnspecified
ACTION_TYPE_UNSPECIFIED

Unspecified. Will results in user error.

Allow
ALLOW

Allowed action type.

Deny
DENY

Deny action type.

ACTION_TYPE_UNSPECIFIED
ACTION_TYPE_UNSPECIFIED

Unspecified. Will results in user error.

ALLOW
ALLOW

Allowed action type.

DENY
DENY

Deny action type.

"ACTION_TYPE_UNSPECIFIED"
ACTION_TYPE_UNSPECIFIED

Unspecified. Will results in user error.

"ALLOW"
ALLOW

Allowed action type.

"DENY"
DENY

Deny action type.

CustomConstraintMethodTypesItem

MethodTypeUnspecified
METHOD_TYPE_UNSPECIFIED

Unspecified. Will results in user error.

Create
CREATE

Constraint applied when creating the resource.

Update
UPDATE

Constraint applied when updating the resource.

Delete
DELETE

Constraint applied when deleting the resource.

CustomConstraintMethodTypesItemMethodTypeUnspecified
METHOD_TYPE_UNSPECIFIED

Unspecified. Will results in user error.

CustomConstraintMethodTypesItemCreate
CREATE

Constraint applied when creating the resource.

CustomConstraintMethodTypesItemUpdate
UPDATE

Constraint applied when updating the resource.

CustomConstraintMethodTypesItemDelete
DELETE

Constraint applied when deleting the resource.

MethodTypeUnspecified
METHOD_TYPE_UNSPECIFIED

Unspecified. Will results in user error.

Create
CREATE

Constraint applied when creating the resource.

Update
UPDATE

Constraint applied when updating the resource.

Delete
DELETE

Constraint applied when deleting the resource.

MethodTypeUnspecified
METHOD_TYPE_UNSPECIFIED

Unspecified. Will results in user error.

Create
CREATE

Constraint applied when creating the resource.

Update
UPDATE

Constraint applied when updating the resource.

Delete
DELETE

Constraint applied when deleting the resource.

METHOD_TYPE_UNSPECIFIED
METHOD_TYPE_UNSPECIFIED

Unspecified. Will results in user error.

CREATE
CREATE

Constraint applied when creating the resource.

UPDATE
UPDATE

Constraint applied when updating the resource.

DELETE
DELETE

Constraint applied when deleting the resource.

"METHOD_TYPE_UNSPECIFIED"
METHOD_TYPE_UNSPECIFIED

Unspecified. Will results in user error.

"CREATE"
CREATE

Constraint applied when creating the resource.

"UPDATE"
UPDATE

Constraint applied when updating the resource.

"DELETE"
DELETE

Constraint applied when deleting the resource.

Package Details

Repository
https://github.com/pulumi/pulumi-google-native
License
Apache-2.0