1. Packages
  2. Google Cloud Native
  3. API Docs
  4. orgpolicy
  5. orgpolicy/v2
  6. CustomConstraint

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

google-native.orgpolicy/v2.CustomConstraint

Explore with Pulumi AI

google-native logo

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

    Creates a custom constraint. Returns a google.rpc.Status with google.rpc.Code.NOT_FOUND if the organization does not exist. Returns a google.rpc.Status with google.rpc.Code.ALREADY_EXISTS if the constraint already exists on the given organization.

    Create CustomConstraint Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new CustomConstraint(name: string, args: CustomConstraintArgs, opts?: CustomResourceOptions);
    @overload
    def CustomConstraint(resource_name: str,
                         args: CustomConstraintArgs,
                         opts: Optional[ResourceOptions] = None)
    
    @overload
    def CustomConstraint(resource_name: str,
                         opts: Optional[ResourceOptions] = None,
                         organization_id: Optional[str] = None,
                         action_type: Optional[CustomConstraintActionType] = None,
                         condition: Optional[str] = None,
                         description: Optional[str] = None,
                         display_name: Optional[str] = None,
                         method_types: Optional[Sequence[CustomConstraintMethodTypesItem]] = None,
                         name: Optional[str] = None,
                         resource_types: Optional[Sequence[str]] = None)
    func NewCustomConstraint(ctx *Context, name string, args CustomConstraintArgs, opts ...ResourceOption) (*CustomConstraint, error)
    public CustomConstraint(string name, CustomConstraintArgs args, CustomResourceOptions? opts = null)
    public CustomConstraint(String name, CustomConstraintArgs args)
    public CustomConstraint(String name, CustomConstraintArgs args, CustomResourceOptions options)
    
    type: google-native:orgpolicy/v2:CustomConstraint
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args CustomConstraintArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args CustomConstraintArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args CustomConstraintArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args CustomConstraintArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args CustomConstraintArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var customConstraintResource = new GoogleNative.Orgpolicy.V2.CustomConstraint("customConstraintResource", new()
    {
        OrganizationId = "string",
        ActionType = GoogleNative.Orgpolicy.V2.CustomConstraintActionType.ActionTypeUnspecified,
        Condition = "string",
        Description = "string",
        DisplayName = "string",
        MethodTypes = new[]
        {
            GoogleNative.Orgpolicy.V2.CustomConstraintMethodTypesItem.MethodTypeUnspecified,
        },
        Name = "string",
        ResourceTypes = new[]
        {
            "string",
        },
    });
    
    example, err := orgpolicy.NewCustomConstraint(ctx, "customConstraintResource", &orgpolicy.CustomConstraintArgs{
    	OrganizationId: pulumi.String("string"),
    	ActionType:     orgpolicy.CustomConstraintActionTypeActionTypeUnspecified,
    	Condition:      pulumi.String("string"),
    	Description:    pulumi.String("string"),
    	DisplayName:    pulumi.String("string"),
    	MethodTypes: orgpolicy.CustomConstraintMethodTypesItemArray{
    		orgpolicy.CustomConstraintMethodTypesItemMethodTypeUnspecified,
    	},
    	Name: pulumi.String("string"),
    	ResourceTypes: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    })
    
    var customConstraintResource = new CustomConstraint("customConstraintResource", CustomConstraintArgs.builder()
        .organizationId("string")
        .actionType("ACTION_TYPE_UNSPECIFIED")
        .condition("string")
        .description("string")
        .displayName("string")
        .methodTypes("METHOD_TYPE_UNSPECIFIED")
        .name("string")
        .resourceTypes("string")
        .build());
    
    custom_constraint_resource = google_native.orgpolicy.v2.CustomConstraint("customConstraintResource",
        organization_id="string",
        action_type=google_native.orgpolicy.v2.CustomConstraintActionType.ACTION_TYPE_UNSPECIFIED,
        condition="string",
        description="string",
        display_name="string",
        method_types=[google_native.orgpolicy.v2.CustomConstraintMethodTypesItem.METHOD_TYPE_UNSPECIFIED],
        name="string",
        resource_types=["string"])
    
    const customConstraintResource = new google_native.orgpolicy.v2.CustomConstraint("customConstraintResource", {
        organizationId: "string",
        actionType: google_native.orgpolicy.v2.CustomConstraintActionType.ActionTypeUnspecified,
        condition: "string",
        description: "string",
        displayName: "string",
        methodTypes: [google_native.orgpolicy.v2.CustomConstraintMethodTypesItem.MethodTypeUnspecified],
        name: "string",
        resourceTypes: ["string"],
    });
    
    type: google-native:orgpolicy/v2:CustomConstraint
    properties:
        actionType: ACTION_TYPE_UNSPECIFIED
        condition: string
        description: string
        displayName: string
        methodTypes:
            - METHOD_TYPE_UNSPECIFIED
        name: string
        organizationId: string
        resourceTypes:
            - string
    

    CustomConstraint Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The CustomConstraint resource accepts the following input properties:

    OrganizationId string
    ActionType Pulumi.GoogleNative.Orgpolicy.V2.CustomConstraintActionType
    Allow or deny type.
    Condition string
    Org policy condition/expression. For example: resource.instanceName.matches("[production|test]_.*_(\d)+") or, resource.management.auto_upgrade == true The max length of the condition is 1000 characters.
    Description string
    Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
    DisplayName string
    One line display name for the UI. The max length of the display_name is 200 characters.
    MethodTypes List<Pulumi.GoogleNative.Orgpolicy.V2.CustomConstraintMethodTypesItem>
    All the operations being applied for this constraint.
    Name string
    Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * organizations/{organization_id}/customConstraints/{custom_constraint_id} Example: organizations/123/customConstraints/custom.createOnlyE2TypeVms The max length is 70 characters and the minimum length is 1. Note that the prefix organizations/{organization_id}/customConstraints/ is not counted.
    ResourceTypes List<string>
    Immutable. The resource instance type on which this policy applies. Format will be of the form : / Example: * compute.googleapis.com/Instance.
    OrganizationId string
    ActionType CustomConstraintActionType
    Allow or deny type.
    Condition string
    Org policy condition/expression. For example: resource.instanceName.matches("[production|test]_.*_(\d)+") or, resource.management.auto_upgrade == true The max length of the condition is 1000 characters.
    Description string
    Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
    DisplayName string
    One line display name for the UI. The max length of the display_name is 200 characters.
    MethodTypes []CustomConstraintMethodTypesItem
    All the operations being applied for this constraint.
    Name string
    Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * organizations/{organization_id}/customConstraints/{custom_constraint_id} Example: organizations/123/customConstraints/custom.createOnlyE2TypeVms The max length is 70 characters and the minimum length is 1. Note that the prefix organizations/{organization_id}/customConstraints/ is not counted.
    ResourceTypes []string
    Immutable. The resource instance type on which this policy applies. Format will be of the form : / Example: * compute.googleapis.com/Instance.
    organizationId String
    actionType CustomConstraintActionType
    Allow or deny type.
    condition String
    Org policy condition/expression. For example: resource.instanceName.matches("[production|test]_.*_(\d)+") or, resource.management.auto_upgrade == true The max length of the condition is 1000 characters.
    description String
    Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
    displayName String
    One line display name for the UI. The max length of the display_name is 200 characters.
    methodTypes List<CustomConstraintMethodTypesItem>
    All the operations being applied for this constraint.
    name String
    Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * organizations/{organization_id}/customConstraints/{custom_constraint_id} Example: organizations/123/customConstraints/custom.createOnlyE2TypeVms The max length is 70 characters and the minimum length is 1. Note that the prefix organizations/{organization_id}/customConstraints/ is not counted.
    resourceTypes List<String>
    Immutable. The resource instance type on which this policy applies. Format will be of the form : / Example: * compute.googleapis.com/Instance.
    organizationId string
    actionType CustomConstraintActionType
    Allow or deny type.
    condition string
    Org policy condition/expression. For example: resource.instanceName.matches("[production|test]_.*_(\d)+") or, resource.management.auto_upgrade == true The max length of the condition is 1000 characters.
    description string
    Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
    displayName string
    One line display name for the UI. The max length of the display_name is 200 characters.
    methodTypes CustomConstraintMethodTypesItem[]
    All the operations being applied for this constraint.
    name string
    Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * organizations/{organization_id}/customConstraints/{custom_constraint_id} Example: organizations/123/customConstraints/custom.createOnlyE2TypeVms The max length is 70 characters and the minimum length is 1. Note that the prefix organizations/{organization_id}/customConstraints/ is not counted.
    resourceTypes string[]
    Immutable. The resource instance type on which this policy applies. Format will be of the form : / Example: * compute.googleapis.com/Instance.
    organization_id str
    action_type CustomConstraintActionType
    Allow or deny type.
    condition str
    Org policy condition/expression. For example: resource.instanceName.matches("[production|test]_.*_(\d)+") or, resource.management.auto_upgrade == true The max length of the condition is 1000 characters.
    description str
    Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
    display_name str
    One line display name for the UI. The max length of the display_name is 200 characters.
    method_types Sequence[CustomConstraintMethodTypesItem]
    All the operations being applied for this constraint.
    name str
    Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * organizations/{organization_id}/customConstraints/{custom_constraint_id} Example: organizations/123/customConstraints/custom.createOnlyE2TypeVms The max length is 70 characters and the minimum length is 1. Note that the prefix organizations/{organization_id}/customConstraints/ is not counted.
    resource_types Sequence[str]
    Immutable. The resource instance type on which this policy applies. Format will be of the form : / Example: * compute.googleapis.com/Instance.
    organizationId String
    actionType "ACTION_TYPE_UNSPECIFIED" | "ALLOW" | "DENY"
    Allow or deny type.
    condition String
    Org policy condition/expression. For example: resource.instanceName.matches("[production|test]_.*_(\d)+") or, resource.management.auto_upgrade == true The max length of the condition is 1000 characters.
    description String
    Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
    displayName String
    One line display name for the UI. The max length of the display_name is 200 characters.
    methodTypes List<"METHOD_TYPE_UNSPECIFIED" | "CREATE" | "UPDATE" | "DELETE">
    All the operations being applied for this constraint.
    name String
    Immutable. Name of the constraint. This is unique within the organization. Format of the name should be * organizations/{organization_id}/customConstraints/{custom_constraint_id} Example: organizations/123/customConstraints/custom.createOnlyE2TypeVms The max length is 70 characters and the minimum length is 1. Note that the prefix organizations/{organization_id}/customConstraints/ is not counted.
    resourceTypes List<String>
    Immutable. The resource instance type on which this policy applies. Format will be of the form : / Example: * compute.googleapis.com/Instance.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the CustomConstraint resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    UpdateTime string
    The last time this custom constraint was updated. This represents the last time that the CreateCustomConstraint or UpdateCustomConstraint RPC was called
    Id string
    The provider-assigned unique ID for this managed resource.
    UpdateTime string
    The last time this custom constraint was updated. This represents the last time that the CreateCustomConstraint or UpdateCustomConstraint RPC was called
    id String
    The provider-assigned unique ID for this managed resource.
    updateTime String
    The last time this custom constraint was updated. This represents the last time that the CreateCustomConstraint or UpdateCustomConstraint RPC was called
    id string
    The provider-assigned unique ID for this managed resource.
    updateTime string
    The last time this custom constraint was updated. This represents the last time that the CreateCustomConstraint or UpdateCustomConstraint RPC was called
    id str
    The provider-assigned unique ID for this managed resource.
    update_time str
    The last time this custom constraint was updated. This represents the last time that the CreateCustomConstraint or UpdateCustomConstraint RPC was called
    id String
    The provider-assigned unique ID for this managed resource.
    updateTime String
    The last time this custom constraint was updated. This represents the last time that the CreateCustomConstraint or UpdateCustomConstraint RPC was called

    Supporting Types

    CustomConstraintActionType, CustomConstraintActionTypeArgs

    ActionTypeUnspecified
    ACTION_TYPE_UNSPECIFIEDUnspecified. Results in an error.
    Allow
    ALLOWAllowed action type.
    Deny
    DENYDeny action type.
    CustomConstraintActionTypeActionTypeUnspecified
    ACTION_TYPE_UNSPECIFIEDUnspecified. Results in an error.
    CustomConstraintActionTypeAllow
    ALLOWAllowed action type.
    CustomConstraintActionTypeDeny
    DENYDeny action type.
    ActionTypeUnspecified
    ACTION_TYPE_UNSPECIFIEDUnspecified. Results in an error.
    Allow
    ALLOWAllowed action type.
    Deny
    DENYDeny action type.
    ActionTypeUnspecified
    ACTION_TYPE_UNSPECIFIEDUnspecified. Results in an error.
    Allow
    ALLOWAllowed action type.
    Deny
    DENYDeny action type.
    ACTION_TYPE_UNSPECIFIED
    ACTION_TYPE_UNSPECIFIEDUnspecified. Results in an error.
    ALLOW
    ALLOWAllowed action type.
    DENY
    DENYDeny action type.
    "ACTION_TYPE_UNSPECIFIED"
    ACTION_TYPE_UNSPECIFIEDUnspecified. Results in an error.
    "ALLOW"
    ALLOWAllowed action type.
    "DENY"
    DENYDeny action type.

    CustomConstraintMethodTypesItem, CustomConstraintMethodTypesItemArgs

    MethodTypeUnspecified
    METHOD_TYPE_UNSPECIFIEDUnspecified. Results in an error.
    Create
    CREATEConstraint applied when creating the resource.
    Update
    UPDATEConstraint applied when updating the resource.
    Delete
    DELETEConstraint applied when deleting the resource. Not supported yet.
    CustomConstraintMethodTypesItemMethodTypeUnspecified
    METHOD_TYPE_UNSPECIFIEDUnspecified. Results in an error.
    CustomConstraintMethodTypesItemCreate
    CREATEConstraint applied when creating the resource.
    CustomConstraintMethodTypesItemUpdate
    UPDATEConstraint applied when updating the resource.
    CustomConstraintMethodTypesItemDelete
    DELETEConstraint applied when deleting the resource. Not supported yet.
    MethodTypeUnspecified
    METHOD_TYPE_UNSPECIFIEDUnspecified. Results in an error.
    Create
    CREATEConstraint applied when creating the resource.
    Update
    UPDATEConstraint applied when updating the resource.
    Delete
    DELETEConstraint applied when deleting the resource. Not supported yet.
    MethodTypeUnspecified
    METHOD_TYPE_UNSPECIFIEDUnspecified. Results in an error.
    Create
    CREATEConstraint applied when creating the resource.
    Update
    UPDATEConstraint applied when updating the resource.
    Delete
    DELETEConstraint applied when deleting the resource. Not supported yet.
    METHOD_TYPE_UNSPECIFIED
    METHOD_TYPE_UNSPECIFIEDUnspecified. Results in an error.
    CREATE
    CREATEConstraint applied when creating the resource.
    UPDATE
    UPDATEConstraint applied when updating the resource.
    DELETE
    DELETEConstraint applied when deleting the resource. Not supported yet.
    "METHOD_TYPE_UNSPECIFIED"
    METHOD_TYPE_UNSPECIFIEDUnspecified. Results in an error.
    "CREATE"
    CREATEConstraint applied when creating the resource.
    "UPDATE"
    UPDATEConstraint applied when updating the resource.
    "DELETE"
    DELETEConstraint applied when deleting the resource. Not supported yet.

    Package Details

    Repository
    Google Cloud Native pulumi/pulumi-google-native
    License
    Apache-2.0
    google-native logo

    Google Cloud Native is in preview. Google Cloud Classic is fully supported.

    Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi