authorized_orgs_descs
Creates, updates, deletes, gets or lists a authorized_orgs_descs resource.
Overview
| Name | authorized_orgs_descs |
| Type | Resource |
| Id | google.accesscontextmanager.authorized_orgs_descs |
Fields
| Name | Datatype | Description |
|---|---|---|
name | string | Identifier. Resource name for the AuthorizedOrgsDesc. Format: accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}. The authorized_orgs_desc component must begin with a letter, followed by alphanumeric characters or _. After you create an AuthorizedOrgsDesc, you cannot change its name. |
assetType | string | The asset type of this authorized orgs desc. Valid values are ASSET_TYPE_DEVICE, and ASSET_TYPE_CREDENTIAL_STRENGTH. |
authorizationDirection | string | The direction of the authorization relationship between this organization and the organizations listed in the orgs field. The valid values for this field include the following: AUTHORIZATION_DIRECTION_FROM: Allows this organization to evaluate traffic in the organizations listed in the orgs field. AUTHORIZATION_DIRECTION_TO: Allows the organizations listed in the orgs field to evaluate the traffic in this organization. For the authorization relationship to take effect, all of the organizations must authorize and specify the appropriate relationship direction. For example, if organization A authorized organization B and C to evaluate its traffic, by specifying AUTHORIZATION_DIRECTION_TO as the authorization direction, organizations B and C must specify AUTHORIZATION_DIRECTION_FROM as the authorization direction in their AuthorizedOrgsDesc resource. |
authorizationType | string | A granular control type for authorization levels. Valid value is AUTHORIZATION_TYPE_TRUST. |
orgs | array | The list of organization ids in this AuthorizedOrgsDesc. Format: organizations/ Example: organizations/123456 |
Methods
| Name | Accessible by | Required Params | Description |
|---|---|---|---|
get | SELECT | accessPoliciesId, authorizedOrgsDescsId | Gets an authorized orgs desc based on the resource name. |
list | SELECT | accessPoliciesId | Lists all authorized orgs descs for an access policy. |
create | INSERT | accessPoliciesId | Creates an authorized orgs desc. The long-running operation from this RPC has a successful status after the authorized orgs desc propagates to long-lasting storage. If a authorized orgs desc contains errors, an error response is returned for the first error encountered. The name of this AuthorizedOrgsDesc will be assigned during creation. |
delete | DELETE | accessPoliciesId, authorizedOrgsDescsId | Deletes an authorized orgs desc based on the resource name. The long-running operation from this RPC has a successful status after the authorized orgs desc is removed from long-lasting storage. |
patch | UPDATE | accessPoliciesId, authorizedOrgsDescsId | Updates an authorized orgs desc. The long-running operation from this RPC has a successful status after the authorized orgs desc propagates to long-lasting storage. If a authorized orgs desc contains errors, an error response is returned for the first error encountered. Only the organization list in AuthorizedOrgsDesc can be updated. The name, authorization_type, asset_type and authorization_direction cannot be updated. |
SELECT examples
Lists all authorized orgs descs for an access policy.
SELECT
name,
assetType,
authorizationDirection,
authorizationType,
orgs
FROM google.accesscontextmanager.authorized_orgs_descs
WHERE accessPoliciesId = '{{ accessPoliciesId }}';
INSERT example
Use the following StackQL query and manifest file to create a new authorized_orgs_descs resource.
- All Properties
- Manifest
/*+ create */
INSERT INTO google.accesscontextmanager.authorized_orgs_descs (
accessPoliciesId,
name,
authorizationType,
assetType,
authorizationDirection,
orgs
)
SELECT
'{{ accessPoliciesId }}',
'{{ name }}',
'{{ authorizationType }}',
'{{ assetType }}',
'{{ authorizationDirection }}',
'{{ orgs }}'
;
- name: your_resource_model_name
props:
- name: name
value: string
- name: authorizationType
value: string
- name: assetType
value: string
- name: authorizationDirection
value: string
- name: orgs
value:
- string
UPDATE example
Updates a authorized_orgs_descs resource.
/*+ update */
UPDATE google.accesscontextmanager.authorized_orgs_descs
SET
name = '{{ name }}',
authorizationType = '{{ authorizationType }}',
assetType = '{{ assetType }}',
authorizationDirection = '{{ authorizationDirection }}',
orgs = '{{ orgs }}'
WHERE
accessPoliciesId = '{{ accessPoliciesId }}'
AND authorizedOrgsDescsId = '{{ authorizedOrgsDescsId }}';
DELETE example
Deletes the specified authorized_orgs_descs resource.
/*+ delete */
DELETE FROM google.accesscontextmanager.authorized_orgs_descs
WHERE accessPoliciesId = '{{ accessPoliciesId }}'
AND authorizedOrgsDescsId = '{{ authorizedOrgsDescsId }}';