Reference documentation and code samples for the Google Cloud Org Policy V2 Client class Constraint.
A constraint describes a way to restrict resource's configuration. For example, you could enforce a constraint that controls which Google Cloud services can be activated across an organization, or whether a Compute Engine instance can have serial port connections established. Constraints can be configured by the organization policy administrator to fit the needs of the organization by setting a policy that includes constraints at different locations in the organization's resource hierarchy. Policies are inherited down the resource hierarchy from higher levels, but can also be overridden.
For details about the inheritance rules, see
Policy.
Constraints have a default behavior determined by the constraint_default
field, which is the enforcement behavior that is used in the absence of a
policy being defined or inherited for the resource in question.
Generated from protobuf message google.cloud.orgpolicy.v2.Constraint
Namespace
Google \ Cloud \ OrgPolicy \ V2Methods
__construct
Constructor.
| Parameters | |
|---|---|
| Name | Description |
data |
array
Optional. Data for populating the Message object. |
↳ name |
string
Immutable. The resource name of the constraint. Must be in one of the following forms: * * |
↳ display_name |
string
The human readable name. Mutable. |
↳ description |
string
Detailed description of what this constraint controls as well as how and where it is enforced. Mutable. |
↳ constraint_default |
int
The evaluation behavior of this constraint in the absence of a policy. |
↳ list_constraint |
Constraint\ListConstraint
Defines this constraint as being a list constraint. |
↳ boolean_constraint |
Constraint\BooleanConstraint
Defines this constraint as being a boolean constraint. |
↳ supports_dry_run |
bool
Shows if dry run is supported for this constraint or not. |
↳ equivalent_constraint |
string
Managed constraint and canned constraint sometimes can have equivalents. This field is used to store the equivalent constraint name. |
↳ supports_simulation |
bool
Shows if simulation is supported for this constraint or not. |
getName
Immutable. The resource name of the constraint. Must be in one of the following forms:
projects/{project_number}/constraints/{constraint_name}folders/{folder_id}/constraints/{constraint_name}organizations/{organization_id}/constraints/{constraint_name}For example, "/projects/123/constraints/compute.disableSerialPortAccess".
| Returns | |
|---|---|
| Type | Description |
string |
|
setName
Immutable. The resource name of the constraint. Must be in one of the following forms:
projects/{project_number}/constraints/{constraint_name}folders/{folder_id}/constraints/{constraint_name}organizations/{organization_id}/constraints/{constraint_name}For example, "/projects/123/constraints/compute.disableSerialPortAccess".
| Parameter | |
|---|---|
| Name | Description |
var |
string
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getDisplayName
The human readable name.
Mutable.
| Returns | |
|---|---|
| Type | Description |
string |
|
setDisplayName
The human readable name.
Mutable.
| Parameter | |
|---|---|
| Name | Description |
var |
string
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getDescription
Detailed description of what this constraint controls as well as how and where it is enforced.
Mutable.
| Returns | |
|---|---|
| Type | Description |
string |
|
setDescription
Detailed description of what this constraint controls as well as how and where it is enforced.
Mutable.
| Parameter | |
|---|---|
| Name | Description |
var |
string
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getConstraintDefault
The evaluation behavior of this constraint in the absence of a policy.
| Returns | |
|---|---|
| Type | Description |
int |
|
setConstraintDefault
The evaluation behavior of this constraint in the absence of a policy.
| Parameter | |
|---|---|
| Name | Description |
var |
int
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getListConstraint
Defines this constraint as being a list constraint.
| Returns | |
|---|---|
| Type | Description |
Constraint\ListConstraint|null |
|
hasListConstraint
setListConstraint
Defines this constraint as being a list constraint.
| Parameter | |
|---|---|
| Name | Description |
var |
Constraint\ListConstraint
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getBooleanConstraint
Defines this constraint as being a boolean constraint.
| Returns | |
|---|---|
| Type | Description |
Constraint\BooleanConstraint|null |
|
hasBooleanConstraint
setBooleanConstraint
Defines this constraint as being a boolean constraint.
| Parameter | |
|---|---|
| Name | Description |
var |
Constraint\BooleanConstraint
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getSupportsDryRun
Shows if dry run is supported for this constraint or not.
| Returns | |
|---|---|
| Type | Description |
bool |
|
setSupportsDryRun
Shows if dry run is supported for this constraint or not.
| Parameter | |
|---|---|
| Name | Description |
var |
bool
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getEquivalentConstraint
Managed constraint and canned constraint sometimes can have equivalents. This field is used to store the equivalent constraint name.
| Returns | |
|---|---|
| Type | Description |
string |
|
setEquivalentConstraint
Managed constraint and canned constraint sometimes can have equivalents. This field is used to store the equivalent constraint name.
| Parameter | |
|---|---|
| Name | Description |
var |
string
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getSupportsSimulation
Shows if simulation is supported for this constraint or not.
| Returns | |
|---|---|
| Type | Description |
bool |
|
setSupportsSimulation
Shows if simulation is supported for this constraint or not.
| Parameter | |
|---|---|
| Name | Description |
var |
bool
|
| Returns | |
|---|---|
| Type | Description |
$this |
|
getConstraintType
| Returns | |
|---|---|
| Type | Description |
string |
|