constraints

Creates, updates, deletes, gets or lists a constraints resource.

Overview

Name	constraints
Type	Resource
Id	google.orgpolicy.constraints

Fields

Name	Datatype	Description
name	string	Immutable. The resource name of the constraint. Must be in one of the following forms: projects/{project_number}/constraints/{constraint_name} folders/{folder_id}/constraints/{constraint_name} * organizations/{organization_id}/constraints/{constraint_name} For example, "/projects/123/constraints/compute.disableSerialPortAccess".
description	string	Detailed description of what this constraint controls as well as how and where it is enforced. Mutable.
booleanConstraint	object	A constraint that is either enforced or not. For example, a constraint constraints/compute.disableSerialPortAccess. If it is enforced on a VM instance, serial port connections will not be opened to that instance.
constraintDefault	string	The evaluation behavior of this constraint in the absence of a policy.
displayName	string	The human readable name. Mutable.
listConstraint	object	A constraint that allows or disallows a list of string values, which are configured by an Organization Policy administrator with a policy.
supportsDryRun	boolean	Shows if dry run is supported for this constraint or not.

Methods

Name	Accessible by	Required Params	Description
folders_constraints_list	SELECT	foldersId	Lists constraints that could be applied on the specified resource.
organizations_constraints_list	SELECT	organizationsId	Lists constraints that could be applied on the specified resource.
projects_constraints_list	SELECT	projectsId	Lists constraints that could be applied on the specified resource.

SELECT examples

Lists constraints that could be applied on the specified resource.

SELECT
name,
description,
booleanConstraint,
constraintDefault,
displayName,
listConstraint,
supportsDryRun
FROM google.orgpolicy.constraints
WHERE foldersId = '{{ foldersId }}';