pulumi-google-native-kotlin/com.pulumi.googlenative.accesscontextmanager.v1.kotlin/AccessPolicyArgs

AccessPolicyArgs

data class AccessPolicyArgs(val parent: Output<String>? = null, val scopes: Output<List<String>>? = null, val title: Output<String>? = null) : ConvertibleToJava<AccessPolicyArgs>

Creates an access policy. This method fails if the organization already has an access policy. The long-running operation has a successful status after the access policy propagates to long-lasting storage. Syntactic and basic semantic errors are returned in metadata as a BadRequest proto. Auto-naming is currently not supported for this resource.

Constructors

AccessPolicyArgs

fun AccessPolicyArgs(parent: Output<String>? = null, scopes: Output<List<String>>? = null, title: Output<String>? = null)

Functions

toJava

open override fun toJava(): AccessPolicyArgs

Properties

parent

val parent: Output<String>? = null

The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}

scopes

val scopes: Output<List<String>>? = null

The scopes of a policy define which resources an ACM policy can restrict, and where ACM resources can be referenced. For example, a policy with scopes="folders/123" has the following behavior: - vpcsc perimeters can only restrict projects within folders/123 - access levels can only be referenced by resources within folders/123. If empty, there are no limitations on which resources can be restricted by an ACM policy, and there are no limitations on where ACM resources can be referenced. Only one policy can include a given scope (attempting to create a second policy which includes "folders/123" will result in an error). Currently, scopes cannot be modified after a policy is created. Currently, policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}

title

val title: Output<String>? = null

Human readable title. Does not affect behavior.