Custom
data class CustomConstraintArgs(val actionType: Output<String>? = null, val condition: Output<String>? = null, val description: Output<String>? = null, val displayName: Output<String>? = null, val methodTypes: Output<List<String>>? = null, val name: Output<String>? = null, val parent: Output<String>? = null, val resourceTypes: Output<List<String>>? = null) : ConvertibleToJava<CustomConstraintArgs>
Example Usage
Org Policy Custom Constraint Basic
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.orgpolicy.CustomConstraint;
import com.pulumi.gcp.orgpolicy.CustomConstraintArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var constraint = new CustomConstraint("constraint", CustomConstraintArgs.builder()
.parent("organizations/123456789")
.actionType("ALLOW")
.condition("resource.management.autoUpgrade == false")
.methodTypes(
"CREATE",
"UPDATE")
.resourceTypes("container.googleapis.com/NodePool")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}Content copied to clipboard
Org Policy Custom Constraint Full
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.orgpolicy.CustomConstraint;
import com.pulumi.gcp.orgpolicy.CustomConstraintArgs;
import com.pulumi.gcp.orgpolicy.Policy;
import com.pulumi.gcp.orgpolicy.PolicyArgs;
import com.pulumi.gcp.orgpolicy.inputs.PolicySpecArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var constraint = new CustomConstraint("constraint", CustomConstraintArgs.builder()
.parent("organizations/123456789")
.displayName("Disable GKE auto upgrade")
.description("Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.")
.actionType("ALLOW")
.condition("resource.management.autoUpgrade == false")
.methodTypes(
"CREATE",
"UPDATE")
.resourceTypes("container.googleapis.com/NodePool")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var bool = new Policy("bool", PolicyArgs.builder()
.parent("organizations/123456789")
.spec(PolicySpecArgs.builder()
.rules(PolicySpecRuleArgs.builder()
.enforce("TRUE")
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}Content copied to clipboard
Import
CustomConstraint can be imported using any of these accepted formats:
$ pulumi import gcp:orgpolicy/customConstraint:CustomConstraint default {{parent}}/customConstraints/{{name}}Content copied to clipboard
Constructors
Link copied to clipboard
fun CustomConstraintArgs(actionType: Output<String>? = null, condition: Output<String>? = null, description: Output<String>? = null, displayName: Output<String>? = null, methodTypes: Output<List<String>>? = null, name: Output<String>? = null, parent: Output<String>? = null, resourceTypes: Output<List<String>>? = null)
Functions
Properties
Link copied to clipboard
A CEL condition that refers to a supported service resource, for example resource.management.autoUpgrade == false. For details about CEL usage, see Common Expression Language.
Link copied to clipboard
Link copied to clipboard
A list of RESTful methods for which to enforce the constraint. Can be CREATE, UPDATE, or both. Not all Google Cloud services support both methods. To see supported methods for each service, find the service in Supported services.