OrgPolicyCustomConstraint
| Property | Value |
|---|---|
| Google Cloud Service Name | Organization Policy |
| Google Cloud Service Documentation | /resource-manager/docs/organization-policy/overview |
| Google Cloud REST Resource Name | organizations.customConstraints |
| Google Cloud REST Resource Documentation | /resource-manager/docs/reference/orgpolicy/rest/v2/organizations.customConstraints |
| Config Connector Resource Short Names | gcporgpolicycustomconstraint gcporgpolicycustomconstraints orgpolicycustomconstraint |
| Config Connector Service Name | orgpolicy.googleapis.com |
| Config Connector Resource Fully Qualified Name | orgpolicycustomconstraints.orgpolicy.cnrm.cloud.google.com |
| Can Be Referenced by IAMPolicy/IAMPolicyMember | No |
| Config Connector Default Average Reconcile Interval In Seconds | 600 |
Custom Resource Definition Properties
Spec
Schema
actionType: string
condition: string
description: string
displayName: string
methodTypes:
- string
organizationRef:
external: string
resourceID: string
resourceTypes:
- string
| Fields | |
|---|---|
|
Optional |
Allow or deny type. |
|
Optional |
Org policy condition/expression. For example: `resource.instanceName.matches("[production|test]_.*_(\d)+")` or, `resource.management.auto_upgrade == true` The max length of the condition is 1000 characters. |
|
Optional |
Detailed information about this custom policy constraint. The max length of the description is 2000 characters. |
|
Optional |
One line display name for the UI. The max length of the display_name is 200 characters. |
|
Optional |
All the operations being applied for this constraint. |
|
Optional |
|
|
Required |
The Organization that this resource belongs to. |
|
Required |
The 'name' field of an organization, when not managed by Config Connector. |
|
Optional |
The OrgPolicyCustomConstraint name. If not given, the metadata.name will be used. |
|
Optional |
Immutable. The resource instance type on which this policy applies. Format
will be of the form : |
|
Optional |
|
Status
Schema
conditions:
- lastTransitionTime: string
message: string
reason: string
status: string
type: string
externalRef: string
observedGeneration: integer
observedState:
updateTime: string
| Fields | |
|---|---|
conditions |
Conditions represent the latest available observations of the object's current state. |
conditions[] |
|
conditions[].lastTransitionTime |
Last time the condition transitioned from one status to another. |
conditions[].message |
Human-readable message indicating details about last transition. |
conditions[].reason |
Unique, one-word, CamelCase reason for the condition's last transition. |
conditions[].status |
Status is the status of the condition. Can be True, False, Unknown. |
conditions[].type |
Type is the type of the condition. |
externalRef |
A unique specifier for the OrgPolicyCustomConstraint resource in Google Cloud. |
observedGeneration |
ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. |
observedState |
ObservedState is the state of the resource as most recently observed in Google Cloud. |
observedState.updateTime |
Output only. The last time this custom constraint was updated. This represents the last time that the `CreateCustomConstraint` or `UpdateCustomConstraint` RPC was called |