Google Cloud Native is in preview. Google Cloud Classic is fully supported.
google-native.orgpolicy/v2.CustomConstraint
Explore with Pulumi AI
Google Cloud Native is in preview. Google Cloud Classic is fully supported.
Creates a custom constraint. Returns a google.rpc.Status
with google.rpc.Code.NOT_FOUND
if the organization does not exist. Returns a google.rpc.Status
with google.rpc.Code.ALREADY_EXISTS
if the constraint already exists on the given organization.
Create CustomConstraint Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CustomConstraint(name: string, args: CustomConstraintArgs, opts?: CustomResourceOptions);
@overload
def CustomConstraint(resource_name: str,
args: CustomConstraintArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CustomConstraint(resource_name: str,
opts: Optional[ResourceOptions] = None,
organization_id: Optional[str] = None,
action_type: Optional[CustomConstraintActionType] = None,
condition: Optional[str] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
method_types: Optional[Sequence[CustomConstraintMethodTypesItem]] = None,
name: Optional[str] = None,
resource_types: Optional[Sequence[str]] = None)
func NewCustomConstraint(ctx *Context, name string, args CustomConstraintArgs, opts ...ResourceOption) (*CustomConstraint, error)
public CustomConstraint(string name, CustomConstraintArgs args, CustomResourceOptions? opts = null)
public CustomConstraint(String name, CustomConstraintArgs args)
public CustomConstraint(String name, CustomConstraintArgs args, CustomResourceOptions options)
type: google-native:orgpolicy/v2:CustomConstraint
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CustomConstraintArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CustomConstraintArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CustomConstraintArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CustomConstraintArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CustomConstraintArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var customConstraintResource = new GoogleNative.Orgpolicy.V2.CustomConstraint("customConstraintResource", new()
{
OrganizationId = "string",
ActionType = GoogleNative.Orgpolicy.V2.CustomConstraintActionType.ActionTypeUnspecified,
Condition = "string",
Description = "string",
DisplayName = "string",
MethodTypes = new[]
{
GoogleNative.Orgpolicy.V2.CustomConstraintMethodTypesItem.MethodTypeUnspecified,
},
Name = "string",
ResourceTypes = new[]
{
"string",
},
});
example, err := orgpolicy.NewCustomConstraint(ctx, "customConstraintResource", &orgpolicy.CustomConstraintArgs{
OrganizationId: pulumi.String("string"),
ActionType: orgpolicy.CustomConstraintActionTypeActionTypeUnspecified,
Condition: pulumi.String("string"),
Description: pulumi.String("string"),
DisplayName: pulumi.String("string"),
MethodTypes: orgpolicy.CustomConstraintMethodTypesItemArray{
orgpolicy.CustomConstraintMethodTypesItemMethodTypeUnspecified,
},
Name: pulumi.String("string"),
ResourceTypes: pulumi.StringArray{
pulumi.String("string"),
},
})
var customConstraintResource = new CustomConstraint("customConstraintResource", CustomConstraintArgs.builder()
.organizationId("string")
.actionType("ACTION_TYPE_UNSPECIFIED")
.condition("string")
.description("string")
.displayName("string")
.methodTypes("METHOD_TYPE_UNSPECIFIED")
.name("string")
.resourceTypes("string")
.build());
custom_constraint_resource = google_native.orgpolicy.v2.CustomConstraint("customConstraintResource",
organization_id="string",
action_type=google_native.orgpolicy.v2.CustomConstraintActionType.ACTION_TYPE_UNSPECIFIED,
condition="string",
description="string",
display_name="string",
method_types=[google_native.orgpolicy.v2.CustomConstraintMethodTypesItem.METHOD_TYPE_UNSPECIFIED],
name="string",
resource_types=["string"])
const customConstraintResource = new google_native.orgpolicy.v2.CustomConstraint("customConstraintResource", {
organizationId: "string",
actionType: google_native.orgpolicy.v2.CustomConstraintActionType.ActionTypeUnspecified,
condition: "string",
description: "string",
displayName: "string",
methodTypes: [google_native.orgpolicy.v2.CustomConstraintMethodTypesItem.MethodTypeUnspecified],
name: "string",
resourceTypes: ["string"],
});
type: google-native:orgpolicy/v2:CustomConstraint
properties:
actionType: ACTION_TYPE_UNSPECIFIED
condition: string
description: string
displayName: string
methodTypes:
- METHOD_TYPE_UNSPECIFIED
name: string
organizationId: string
resourceTypes:
- string
CustomConstraint Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The CustomConstraint resource accepts the following input properties:
- Organization
Id string - Action
Type Pulumi.Google Native. Orgpolicy. V2. Custom Constraint Action Type - Allow or deny type.
- Condition string
- Org policy condition/expression. For example:
resource.instanceName.matches("[production|test]_.*_(\d)+")
or,resource.management.auto_upgrade == true
The max length of the condition is 1000 characters. - Description string
- Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
- Display
Name string - One line display name for the UI. The max length of the display_name is 200 characters.
- Method
Types List<Pulumi.Google Native. Orgpolicy. V2. Custom Constraint Method Types Item> - All the operations being applied for this constraint.
- Name string
- Immutable. Name of the constraint. This is unique within the organization. Format of the name should be *
organizations/{organization_id}/customConstraints/{custom_constraint_id}
Example:organizations/123/customConstraints/custom.createOnlyE2TypeVms
The max length is 70 characters and the minimum length is 1. Note that the prefixorganizations/{organization_id}/customConstraints/
is not counted. - Resource
Types List<string> - Immutable. The resource instance type on which this policy applies. Format will be of the form :
/
Example: *compute.googleapis.com/Instance
.
- Organization
Id string - Action
Type CustomConstraint Action Type - Allow or deny type.
- Condition string
- Org policy condition/expression. For example:
resource.instanceName.matches("[production|test]_.*_(\d)+")
or,resource.management.auto_upgrade == true
The max length of the condition is 1000 characters. - Description string
- Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
- Display
Name string - One line display name for the UI. The max length of the display_name is 200 characters.
- Method
Types []CustomConstraint Method Types Item - All the operations being applied for this constraint.
- Name string
- Immutable. Name of the constraint. This is unique within the organization. Format of the name should be *
organizations/{organization_id}/customConstraints/{custom_constraint_id}
Example:organizations/123/customConstraints/custom.createOnlyE2TypeVms
The max length is 70 characters and the minimum length is 1. Note that the prefixorganizations/{organization_id}/customConstraints/
is not counted. - Resource
Types []string - Immutable. The resource instance type on which this policy applies. Format will be of the form :
/
Example: *compute.googleapis.com/Instance
.
- organization
Id String - action
Type CustomConstraint Action Type - Allow or deny type.
- condition String
- Org policy condition/expression. For example:
resource.instanceName.matches("[production|test]_.*_(\d)+")
or,resource.management.auto_upgrade == true
The max length of the condition is 1000 characters. - description String
- Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
- display
Name String - One line display name for the UI. The max length of the display_name is 200 characters.
- method
Types List<CustomConstraint Method Types Item> - All the operations being applied for this constraint.
- name String
- Immutable. Name of the constraint. This is unique within the organization. Format of the name should be *
organizations/{organization_id}/customConstraints/{custom_constraint_id}
Example:organizations/123/customConstraints/custom.createOnlyE2TypeVms
The max length is 70 characters and the minimum length is 1. Note that the prefixorganizations/{organization_id}/customConstraints/
is not counted. - resource
Types List<String> - Immutable. The resource instance type on which this policy applies. Format will be of the form :
/
Example: *compute.googleapis.com/Instance
.
- organization
Id string - action
Type CustomConstraint Action Type - Allow or deny type.
- condition string
- Org policy condition/expression. For example:
resource.instanceName.matches("[production|test]_.*_(\d)+")
or,resource.management.auto_upgrade == true
The max length of the condition is 1000 characters. - description string
- Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
- display
Name string - One line display name for the UI. The max length of the display_name is 200 characters.
- method
Types CustomConstraint Method Types Item[] - All the operations being applied for this constraint.
- name string
- Immutable. Name of the constraint. This is unique within the organization. Format of the name should be *
organizations/{organization_id}/customConstraints/{custom_constraint_id}
Example:organizations/123/customConstraints/custom.createOnlyE2TypeVms
The max length is 70 characters and the minimum length is 1. Note that the prefixorganizations/{organization_id}/customConstraints/
is not counted. - resource
Types string[] - Immutable. The resource instance type on which this policy applies. Format will be of the form :
/
Example: *compute.googleapis.com/Instance
.
- organization_
id str - action_
type CustomConstraint Action Type - Allow or deny type.
- condition str
- Org policy condition/expression. For example:
resource.instanceName.matches("[production|test]_.*_(\d)+")
or,resource.management.auto_upgrade == true
The max length of the condition is 1000 characters. - description str
- Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
- display_
name str - One line display name for the UI. The max length of the display_name is 200 characters.
- method_
types Sequence[CustomConstraint Method Types Item] - All the operations being applied for this constraint.
- name str
- Immutable. Name of the constraint. This is unique within the organization. Format of the name should be *
organizations/{organization_id}/customConstraints/{custom_constraint_id}
Example:organizations/123/customConstraints/custom.createOnlyE2TypeVms
The max length is 70 characters and the minimum length is 1. Note that the prefixorganizations/{organization_id}/customConstraints/
is not counted. - resource_
types Sequence[str] - Immutable. The resource instance type on which this policy applies. Format will be of the form :
/
Example: *compute.googleapis.com/Instance
.
- organization
Id String - action
Type "ACTION_TYPE_UNSPECIFIED" | "ALLOW" | "DENY" - Allow or deny type.
- condition String
- Org policy condition/expression. For example:
resource.instanceName.matches("[production|test]_.*_(\d)+")
or,resource.management.auto_upgrade == true
The max length of the condition is 1000 characters. - description String
- Detailed information about this custom policy constraint. The max length of the description is 2000 characters.
- display
Name String - One line display name for the UI. The max length of the display_name is 200 characters.
- method
Types List<"METHOD_TYPE_UNSPECIFIED" | "CREATE" | "UPDATE" | "DELETE"> - All the operations being applied for this constraint.
- name String
- Immutable. Name of the constraint. This is unique within the organization. Format of the name should be *
organizations/{organization_id}/customConstraints/{custom_constraint_id}
Example:organizations/123/customConstraints/custom.createOnlyE2TypeVms
The max length is 70 characters and the minimum length is 1. Note that the prefixorganizations/{organization_id}/customConstraints/
is not counted. - resource
Types List<String> - Immutable. The resource instance type on which this policy applies. Format will be of the form :
/
Example: *compute.googleapis.com/Instance
.
Outputs
All input properties are implicitly available as output properties. Additionally, the CustomConstraint resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Update
Time string - The last time this custom constraint was updated. This represents the last time that the
CreateCustomConstraint
orUpdateCustomConstraint
RPC was called
- Id string
- The provider-assigned unique ID for this managed resource.
- Update
Time string - The last time this custom constraint was updated. This represents the last time that the
CreateCustomConstraint
orUpdateCustomConstraint
RPC was called
- id String
- The provider-assigned unique ID for this managed resource.
- update
Time String - The last time this custom constraint was updated. This represents the last time that the
CreateCustomConstraint
orUpdateCustomConstraint
RPC was called
- id string
- The provider-assigned unique ID for this managed resource.
- update
Time string - The last time this custom constraint was updated. This represents the last time that the
CreateCustomConstraint
orUpdateCustomConstraint
RPC was called
- id str
- The provider-assigned unique ID for this managed resource.
- update_
time str - The last time this custom constraint was updated. This represents the last time that the
CreateCustomConstraint
orUpdateCustomConstraint
RPC was called
- id String
- The provider-assigned unique ID for this managed resource.
- update
Time String - The last time this custom constraint was updated. This represents the last time that the
CreateCustomConstraint
orUpdateCustomConstraint
RPC was called
Supporting Types
CustomConstraintActionType, CustomConstraintActionTypeArgs
- Action
Type Unspecified - ACTION_TYPE_UNSPECIFIEDUnspecified. Results in an error.
- Allow
- ALLOWAllowed action type.
- Deny
- DENYDeny action type.
- Custom
Constraint Action Type Action Type Unspecified - ACTION_TYPE_UNSPECIFIEDUnspecified. Results in an error.
- Custom
Constraint Action Type Allow - ALLOWAllowed action type.
- Custom
Constraint Action Type Deny - DENYDeny action type.
- Action
Type Unspecified - ACTION_TYPE_UNSPECIFIEDUnspecified. Results in an error.
- Allow
- ALLOWAllowed action type.
- Deny
- DENYDeny action type.
- Action
Type Unspecified - ACTION_TYPE_UNSPECIFIEDUnspecified. Results in an error.
- Allow
- ALLOWAllowed action type.
- Deny
- DENYDeny action type.
- ACTION_TYPE_UNSPECIFIED
- ACTION_TYPE_UNSPECIFIEDUnspecified. Results in an error.
- ALLOW
- ALLOWAllowed action type.
- DENY
- DENYDeny action type.
- "ACTION_TYPE_UNSPECIFIED"
- ACTION_TYPE_UNSPECIFIEDUnspecified. Results in an error.
- "ALLOW"
- ALLOWAllowed action type.
- "DENY"
- DENYDeny action type.
CustomConstraintMethodTypesItem, CustomConstraintMethodTypesItemArgs
- Method
Type Unspecified - METHOD_TYPE_UNSPECIFIEDUnspecified. Results in an error.
- Create
- CREATEConstraint applied when creating the resource.
- Update
- UPDATEConstraint applied when updating the resource.
- Delete
- DELETEConstraint applied when deleting the resource. Not supported yet.
- Custom
Constraint Method Types Item Method Type Unspecified - METHOD_TYPE_UNSPECIFIEDUnspecified. Results in an error.
- Custom
Constraint Method Types Item Create - CREATEConstraint applied when creating the resource.
- Custom
Constraint Method Types Item Update - UPDATEConstraint applied when updating the resource.
- Custom
Constraint Method Types Item Delete - DELETEConstraint applied when deleting the resource. Not supported yet.
- Method
Type Unspecified - METHOD_TYPE_UNSPECIFIEDUnspecified. Results in an error.
- Create
- CREATEConstraint applied when creating the resource.
- Update
- UPDATEConstraint applied when updating the resource.
- Delete
- DELETEConstraint applied when deleting the resource. Not supported yet.
- Method
Type Unspecified - METHOD_TYPE_UNSPECIFIEDUnspecified. Results in an error.
- Create
- CREATEConstraint applied when creating the resource.
- Update
- UPDATEConstraint applied when updating the resource.
- Delete
- DELETEConstraint applied when deleting the resource. Not supported yet.
- METHOD_TYPE_UNSPECIFIED
- METHOD_TYPE_UNSPECIFIEDUnspecified. Results in an error.
- CREATE
- CREATEConstraint applied when creating the resource.
- UPDATE
- UPDATEConstraint applied when updating the resource.
- DELETE
- DELETEConstraint applied when deleting the resource. Not supported yet.
- "METHOD_TYPE_UNSPECIFIED"
- METHOD_TYPE_UNSPECIFIEDUnspecified. Results in an error.
- "CREATE"
- CREATEConstraint applied when creating the resource.
- "UPDATE"
- UPDATEConstraint applied when updating the resource.
- "DELETE"
- DELETEConstraint applied when deleting the resource. Not supported yet.
Package Details
- Repository
- Google Cloud Native pulumi/pulumi-google-native
- License
- Apache-2.0
Google Cloud Native is in preview. Google Cloud Classic is fully supported.