Organization Policy API . folders . constraints

Instance Methods

close()

Close httplib2 connections.

list(parent, pageSize=None, pageToken=None, x__xgafv=None)

Lists constraints that could be applied on the specified resource.

list_next()

Retrieves the next page of results.

Method Details

close() 
Close httplib2 connections.
list(parent, pageSize=None, pageToken=None, x__xgafv=None) 
Lists constraints that could be applied on the specified resource.

Args:
  parent: string, Required. The Google Cloud resource that parents the constraint. Must be in one of the following forms: * `projects/{project_number}` * `projects/{project_id}` * `folders/{folder_id}` * `organizations/{organization_id}` (required)
  pageSize: integer, Size of the pages to be returned. This is currently unsupported and will be ignored. The server may at any point start using this field to limit page size.
  pageToken: string, Page token used to retrieve the next page. This is currently unsupported and will be ignored. The server may at any point start using this field.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # The response returned from the ListConstraints method.
  "constraints": [ # The collection of constraints that are available on the targeted resource.
    { # A constraint describes a way to restrict resource's configuration. For example, you could enforce a constraint that controls which Google Cloud services can be activated across an organization, or whether a Compute Engine instance can have serial port connections established. Constraints can be configured by the organization policy administrator to fit the needs of the organization by setting a policy that includes constraints at different locations in the organization's resource hierarchy. Policies are inherited down the resource hierarchy from higher levels, but can also be overridden. For details about the inheritance rules please read about `policies`. Constraints have a default behavior determined by the `constraint_default` field, which is the enforcement behavior that is used in the absence of a policy being defined or inherited for the resource in question.
      "booleanConstraint": { # A constraint that is either enforced or not. For example, a constraint `constraints/compute.disableSerialPortAccess`. If it is enforced on a VM instance, serial port connections will not be opened to that instance. # Defines this constraint as being a BooleanConstraint.
      },
      "constraintDefault": "A String", # The evaluation behavior of this constraint in the absence of a policy.
      "description": "A String", # Detailed description of what this constraint controls as well as how and where it is enforced. Mutable.
      "displayName": "A String", # The human readable name. Mutable.
      "googleManagedConstraint": { # A Google managed constraint. This represents a subset of fields missing from Constraint proto that are required to describe CustomConstraint # Defines this constraint as being a GoogleManagedConstraint.
        "actionType": "A String", # Allow or deny type.
        "condition": "A String", # Org policy condition/expression. For example: `resource.instanceName.matches("[production|test]_.*_(\d)+")` or, `resource.management.auto_upgrade == true` The max length of the condition is 1000 characters.
        "methodTypes": [ # All the operations being applied for this constraint.
          "A String",
        ],
        "resourceTypes": [ # The resource instance type on which this policy applies. Format will be of the form : `/` Example: * `compute.googleapis.com/Instance`.
          "A String",
        ],
      },
      "listConstraint": { # A constraint that allows or disallows a list of string values, which are configured by an Organization Policy administrator with a policy. # Defines this constraint as being a ListConstraint.
        "supportsIn": True or False, # Indicates whether values grouped into categories can be used in `Policy.allowed_values` and `Policy.denied_values`. For example, `"in:Python"` would match any value in the 'Python' group.
        "supportsUnder": True or False, # Indicates whether subtrees of the Resource Manager resource hierarchy can be used in `Policy.allowed_values` and `Policy.denied_values`. For example, `"under:folders/123"` would match any resource under the 'folders/123' folder.
      },
      "name": "A String", # Immutable. The resource name of the constraint. Must be in one of the following forms: * `projects/{project_number}/constraints/{constraint_name}` * `folders/{folder_id}/constraints/{constraint_name}` * `organizations/{organization_id}/constraints/{constraint_name}` For example, "/projects/123/constraints/compute.disableSerialPortAccess".
      "supportsDryRun": True or False, # Shows if dry run is supported for this constraint or not.
    },
  ],
  "nextPageToken": "A String", # Page token used to retrieve the next page. This is currently not used.
}
list_next() 
Retrieves the next page of results.

        Args:
          previous_request: The request for the previous page. (required)
          previous_response: The response from the request for the previous page. (required)

        Returns:
          A request object that you can call 'execute()' on to request the next
          page. Returns None if there are no more items in the collection.