Google Cloud Native v0.30.0, Apr 14 23
Google Cloud Native v0.30.0, Apr 14 23
google-native.orgpolicy/v2.CustomConstraint
Explore with Pulumi AI
Creates a custom constraint. Returns a google.rpc.Status
with google.rpc.Code.NOT_FOUND
if the organization does not exist. Returns a google.rpc.Status
with google.rpc.Code.ALREADY_EXISTS
if the constraint already exists on the given organization.
Create CustomConstraint Resource
new CustomConstraint(name: string, args: CustomConstraintArgs, opts?: CustomResourceOptions);
@overload
def CustomConstraint(resource_name: str,
opts: Optional[ResourceOptions] = None,
action_type: Optional[CustomConstraintActionType] = None,
condition: Optional[str] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
method_types: Optional[Sequence[CustomConstraintMethodTypesItem]] = None,
name: Optional[str] = None,
organization_id: Optional[str] = None,
resource_types: Optional[Sequence[str]] = None)
@overload
def CustomConstraint(resource_name: str,
args: CustomConstraintArgs,
opts: Optional[ResourceOptions] = None)
func NewCustomConstraint(ctx *Context, name string, args CustomConstraintArgs, opts ...ResourceOption) (*CustomConstraint, error)
public CustomConstraint(string name, CustomConstraintArgs args, CustomResourceOptions? opts = null)
public CustomConstraint(String name, CustomConstraintArgs args)
public CustomConstraint(String name, CustomConstraintArgs args, CustomResourceOptions options)
type: google-native:orgpolicy/v2:CustomConstraint
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CustomConstraintArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CustomConstraintArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CustomConstraintArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CustomConstraintArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CustomConstraintArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
CustomConstraint Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The CustomConstraint resource accepts the following input properties:
- Organization
Id string - Action
Type Pulumi.Google Native. Orgpolicy. V2. Custom Constraint Action Type Allow or deny type.
- Condition string
Org policy condition/expression. For example:
resource.instanceName.matches("[production|test]_.*_(\d)+")'
or,resource.management.auto_upgrade == true
The max length of the condition is 1000 characters.- Description string
Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
- Display
Name string One line display name for the UI. The max length of the display_name is 200 characters.
- Method
Types List<Pulumi.Google Native. Orgpolicy. V2. Custom Constraint Method Types Item> All the operations being applied for this constraint.
- Name string
Immutable. Name of the constraint. This is unique within the organization. Format of the name should be *
organizations/{organization_id}/customConstraints/{custom_constraint_id}
Example:organizations/123/customConstraints/custom.createOnlyE2TypeVms
The max length is 70 characters and the minimum length is 1. Note that the prefixorganizations/{organization_id}/customConstraints/
is not counted.- Resource
Types List<string> Immutable. The resource instance type on which this policy applies. Format will be of the form :
/
Example: *compute.googleapis.com/Instance
.
- Organization
Id string - Action
Type CustomConstraint Action Type Allow or deny type.
- Condition string
Org policy condition/expression. For example:
resource.instanceName.matches("[production|test]_.*_(\d)+")'
or,resource.management.auto_upgrade == true
The max length of the condition is 1000 characters.- Description string
Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
- Display
Name string One line display name for the UI. The max length of the display_name is 200 characters.
- Method
Types []CustomConstraint Method Types Item All the operations being applied for this constraint.
- Name string
Immutable. Name of the constraint. This is unique within the organization. Format of the name should be *
organizations/{organization_id}/customConstraints/{custom_constraint_id}
Example:organizations/123/customConstraints/custom.createOnlyE2TypeVms
The max length is 70 characters and the minimum length is 1. Note that the prefixorganizations/{organization_id}/customConstraints/
is not counted.- Resource
Types []string Immutable. The resource instance type on which this policy applies. Format will be of the form :
/
Example: *compute.googleapis.com/Instance
.
- organization
Id String - action
Type CustomConstraint Action Type Allow or deny type.
- condition String
Org policy condition/expression. For example:
resource.instanceName.matches("[production|test]_.*_(\d)+")'
or,resource.management.auto_upgrade == true
The max length of the condition is 1000 characters.- description String
Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
- display
Name String One line display name for the UI. The max length of the display_name is 200 characters.
- method
Types List<CustomConstraint Method Types Item> All the operations being applied for this constraint.
- name String
Immutable. Name of the constraint. This is unique within the organization. Format of the name should be *
organizations/{organization_id}/customConstraints/{custom_constraint_id}
Example:organizations/123/customConstraints/custom.createOnlyE2TypeVms
The max length is 70 characters and the minimum length is 1. Note that the prefixorganizations/{organization_id}/customConstraints/
is not counted.- resource
Types List<String> Immutable. The resource instance type on which this policy applies. Format will be of the form :
/
Example: *compute.googleapis.com/Instance
.
- organization
Id string - action
Type CustomConstraint Action Type Allow or deny type.
- condition string
Org policy condition/expression. For example:
resource.instanceName.matches("[production|test]_.*_(\d)+")'
or,resource.management.auto_upgrade == true
The max length of the condition is 1000 characters.- description string
Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
- display
Name string One line display name for the UI. The max length of the display_name is 200 characters.
- method
Types CustomConstraint Method Types Item[] All the operations being applied for this constraint.
- name string
Immutable. Name of the constraint. This is unique within the organization. Format of the name should be *
organizations/{organization_id}/customConstraints/{custom_constraint_id}
Example:organizations/123/customConstraints/custom.createOnlyE2TypeVms
The max length is 70 characters and the minimum length is 1. Note that the prefixorganizations/{organization_id}/customConstraints/
is not counted.- resource
Types string[] Immutable. The resource instance type on which this policy applies. Format will be of the form :
/
Example: *compute.googleapis.com/Instance
.
- organization_
id str - action_
type CustomConstraint Action Type Allow or deny type.
- condition str
Org policy condition/expression. For example:
resource.instanceName.matches("[production|test]_.*_(\d)+")'
or,resource.management.auto_upgrade == true
The max length of the condition is 1000 characters.- description str
Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
- display_
name str One line display name for the UI. The max length of the display_name is 200 characters.
- method_
types Sequence[CustomConstraint Method Types Item] All the operations being applied for this constraint.
- name str
Immutable. Name of the constraint. This is unique within the organization. Format of the name should be *
organizations/{organization_id}/customConstraints/{custom_constraint_id}
Example:organizations/123/customConstraints/custom.createOnlyE2TypeVms
The max length is 70 characters and the minimum length is 1. Note that the prefixorganizations/{organization_id}/customConstraints/
is not counted.- resource_
types Sequence[str] Immutable. The resource instance type on which this policy applies. Format will be of the form :
/
Example: *compute.googleapis.com/Instance
.
- organization
Id String - action
Type "ACTION_TYPE_UNSPECIFIED" | "ALLOW" | "DENY" Allow or deny type.
- condition String
Org policy condition/expression. For example:
resource.instanceName.matches("[production|test]_.*_(\d)+")'
or,resource.management.auto_upgrade == true
The max length of the condition is 1000 characters.- description String
Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
- display
Name String One line display name for the UI. The max length of the display_name is 200 characters.
- method
Types List<"METHOD_TYPE_UNSPECIFIED" | "CREATE" | "UPDATE" | "DELETE"> All the operations being applied for this constraint.
- name String
Immutable. Name of the constraint. This is unique within the organization. Format of the name should be *
organizations/{organization_id}/customConstraints/{custom_constraint_id}
Example:organizations/123/customConstraints/custom.createOnlyE2TypeVms
The max length is 70 characters and the minimum length is 1. Note that the prefixorganizations/{organization_id}/customConstraints/
is not counted.- resource
Types List<String> Immutable. The resource instance type on which this policy applies. Format will be of the form :
/
Example: *compute.googleapis.com/Instance
.
Outputs
All input properties are implicitly available as output properties. Additionally, the CustomConstraint resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Update
Time string The last time this custom constraint was updated. This represents the last time that the
CreateCustomConstraint
orUpdateCustomConstraint
RPC was called
- Id string
The provider-assigned unique ID for this managed resource.
- Update
Time string The last time this custom constraint was updated. This represents the last time that the
CreateCustomConstraint
orUpdateCustomConstraint
RPC was called
- id String
The provider-assigned unique ID for this managed resource.
- update
Time String The last time this custom constraint was updated. This represents the last time that the
CreateCustomConstraint
orUpdateCustomConstraint
RPC was called
- id string
The provider-assigned unique ID for this managed resource.
- update
Time string The last time this custom constraint was updated. This represents the last time that the
CreateCustomConstraint
orUpdateCustomConstraint
RPC was called
- id str
The provider-assigned unique ID for this managed resource.
- update_
time str The last time this custom constraint was updated. This represents the last time that the
CreateCustomConstraint
orUpdateCustomConstraint
RPC was called
- id String
The provider-assigned unique ID for this managed resource.
- update
Time String The last time this custom constraint was updated. This represents the last time that the
CreateCustomConstraint
orUpdateCustomConstraint
RPC was called
Supporting Types
CustomConstraintActionType
- Action
Type Unspecified - ACTION_TYPE_UNSPECIFIED
Unspecified. Results in an error.
- Allow
- ALLOW
Allowed action type.
- Deny
- DENY
Deny action type.
- Custom
Constraint Action Type Action Type Unspecified - ACTION_TYPE_UNSPECIFIED
Unspecified. Results in an error.
- Custom
Constraint Action Type Allow - ALLOW
Allowed action type.
- Custom
Constraint Action Type Deny - DENY
Deny action type.
- Action
Type Unspecified - ACTION_TYPE_UNSPECIFIED
Unspecified. Results in an error.
- Allow
- ALLOW
Allowed action type.
- Deny
- DENY
Deny action type.
- Action
Type Unspecified - ACTION_TYPE_UNSPECIFIED
Unspecified. Results in an error.
- Allow
- ALLOW
Allowed action type.
- Deny
- DENY
Deny action type.
- ACTION_TYPE_UNSPECIFIED
- ACTION_TYPE_UNSPECIFIED
Unspecified. Results in an error.
- ALLOW
- ALLOW
Allowed action type.
- DENY
- DENY
Deny action type.
- "ACTION_TYPE_UNSPECIFIED"
- ACTION_TYPE_UNSPECIFIED
Unspecified. Results in an error.
- "ALLOW"
- ALLOW
Allowed action type.
- "DENY"
- DENY
Deny action type.
CustomConstraintMethodTypesItem
- Method
Type Unspecified - METHOD_TYPE_UNSPECIFIED
Unspecified. Results in an error.
- Create
- CREATE
Constraint applied when creating the resource.
- Update
- UPDATE
Constraint applied when updating the resource.
- Delete
- DELETE
Constraint applied when deleting the resource. Not supported yet.
- Custom
Constraint Method Types Item Method Type Unspecified - METHOD_TYPE_UNSPECIFIED
Unspecified. Results in an error.
- Custom
Constraint Method Types Item Create - CREATE
Constraint applied when creating the resource.
- Custom
Constraint Method Types Item Update - UPDATE
Constraint applied when updating the resource.
- Custom
Constraint Method Types Item Delete - DELETE
Constraint applied when deleting the resource. Not supported yet.
- Method
Type Unspecified - METHOD_TYPE_UNSPECIFIED
Unspecified. Results in an error.
- Create
- CREATE
Constraint applied when creating the resource.
- Update
- UPDATE
Constraint applied when updating the resource.
- Delete
- DELETE
Constraint applied when deleting the resource. Not supported yet.
- Method
Type Unspecified - METHOD_TYPE_UNSPECIFIED
Unspecified. Results in an error.
- Create
- CREATE
Constraint applied when creating the resource.
- Update
- UPDATE
Constraint applied when updating the resource.
- Delete
- DELETE
Constraint applied when deleting the resource. Not supported yet.
- METHOD_TYPE_UNSPECIFIED
- METHOD_TYPE_UNSPECIFIED
Unspecified. Results in an error.
- CREATE
- CREATE
Constraint applied when creating the resource.
- UPDATE
- UPDATE
Constraint applied when updating the resource.
- DELETE
- DELETE
Constraint applied when deleting the resource. Not supported yet.
- "METHOD_TYPE_UNSPECIFIED"
- METHOD_TYPE_UNSPECIFIED
Unspecified. Results in an error.
- "CREATE"
- CREATE
Constraint applied when creating the resource.
- "UPDATE"
- UPDATE
Constraint applied when updating the resource.
- "DELETE"
- DELETE
Constraint applied when deleting the resource. Not supported yet.
Package Details
- Repository
- Google Cloud Native pulumi/pulumi-google-native
- License
- Apache-2.0