OrgPolicy¶
- class google.cloud.orgpolicy_v2.services.org_policy.OrgPolicyAsyncClient(*, credentials: google.auth.credentials.Credentials = None, transport: Union[str, google.cloud.orgpolicy_v2.services.org_policy.transports.base.OrgPolicyTransport] = 'grpc_asyncio', client_options: <module 'google.api_core.client_options' from '/usr/lib/python3.10/site-packages/google/api_core/client_options.py'> = None, client_info: google.api_core.gapic_v1.client_info.ClientInfo = <google.api_core.gapic_v1.client_info.ClientInfo object>)[source]¶
An interface for managing organization policies.
The Cloud Org Policy service provides a simple mechanism for organizations to restrict the allowed configurations across their entire Cloud Resource hierarchy.
You can use a
policy
to configure restrictions in Cloud resources. For example, you can enforce apolicy
that restricts which Google Cloud Platform APIs can be activated in a certain part of your resource hierarchy, or prevents serial port access to VM instances in a particular folder.Policies
are inherited down through the resource hierarchy. Apolicy
applied to a parent resource automatically applies to all its child resources unless overridden with apolicy
lower in the hierarchy.A
constraint
defines an aspect of a resource’s configuration that can be controlled by an organization’s policy administrator.Policies
are a collection ofconstraints
that defines their allowable configuration on a particular resource and its child resources.Instantiates the org policy client.
- Parameters
credentials (Optional[google.auth.credentials.Credentials]) – The authorization credentials to attach to requests. These credentials identify the application to the service; if none are specified, the client will attempt to ascertain the credentials from the environment.
transport (Union[str, OrgPolicyTransport]) – The transport to use. If set to None, a transport is chosen automatically.
client_options (ClientOptions) – Custom options for the client. It won’t take effect if a
transport
instance is provided. (1) Theapi_endpoint
property can be used to override the default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT environment variable can also be used to override the endpoint: “always” (always use the default mTLS endpoint), “never” (always use the default regular endpoint) and “auto” (auto switch to the default mTLS endpoint if client certificate is present, this is the default value). However, theapi_endpoint
property takes precedence if provided. (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is “true”, then theclient_cert_source
property can be used to provide client certificate for mutual TLS transport. If not provided, the default SSL client certificate will be used if present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is “false” or not set, no client certificate will be used.
- Raises
google.auth.exceptions.MutualTlsChannelError – If mutual TLS transport creation failed for any reason.
- static common_billing_account_path(billing_account: str) str ¶
Returns a fully-qualified billing_account string.
- static common_folder_path(folder: str) str ¶
Returns a fully-qualified folder string.
- static common_location_path(project: str, location: str) str ¶
Returns a fully-qualified location string.
- static common_organization_path(organization: str) str ¶
Returns a fully-qualified organization string.
- static common_project_path(project: str) str ¶
Returns a fully-qualified project string.
- static constraint_path(project: str, constraint: str) str ¶
Returns a fully-qualified constraint string.
- async create_policy(request: Optional[google.cloud.orgpolicy_v2.types.orgpolicy.CreatePolicyRequest] = None, *, parent: Optional[str] = None, policy: Optional[google.cloud.orgpolicy_v2.types.orgpolicy.Policy] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.orgpolicy_v2.types.orgpolicy.Policy [source]¶
Creates a Policy.
Returns a
google.rpc.Status
withgoogle.rpc.Code.NOT_FOUND
if the constraint does not exist. Returns agoogle.rpc.Status
withgoogle.rpc.Code.ALREADY_EXISTS
if the policy already exists on the given Cloud resource.- Parameters
request (
google.cloud.orgpolicy_v2.types.CreatePolicyRequest
) – The request object. The request sent to the [CreatePolicyRequest] [google.cloud.orgpolicy.v2.OrgPolicy.CreatePolicy] method.parent (
str
) –Required. The Cloud resource that will parent the new Policy. Must be in one of the following forms:
projects/{project_number}
projects/{project_id}
folders/{folder_id}
organizations/{organization_id}
This corresponds to the
parent
field on therequest
instance; ifrequest
is provided, this should not be set.policy (
google.cloud.orgpolicy_v2.types.Policy
) – Required.Policy
to create. This corresponds to thepolicy
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
- Defines a Cloud Organization Policy which is used to specify Constraints
for configurations of Cloud Platform resources.
- Return type
- async delete_policy(request: Optional[google.cloud.orgpolicy_v2.types.orgpolicy.DeletePolicyRequest] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) None [source]¶
Deletes a Policy.
Returns a
google.rpc.Status
withgoogle.rpc.Code.NOT_FOUND
if the constraint or Org Policy does not exist.- Parameters
request (
google.cloud.orgpolicy_v2.types.DeletePolicyRequest
) – The request object. The request sent to the [DeletePolicy] [google.cloud.orgpolicy.v2.OrgPolicy.DeletePolicy] method.name (
str
) –Required. Name of the policy to delete. See
Policy
for naming rules.This corresponds to the
name
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- classmethod from_service_account_file(filename: str, *args, **kwargs)[source]¶
- Creates an instance of this client using the provided credentials
file.
- Parameters
filename (str) – The path to the service account private key json file.
args – Additional arguments to pass to the constructor.
kwargs – Additional arguments to pass to the constructor.
- Returns
The constructed client.
- Return type
- classmethod from_service_account_info(info: dict, *args, **kwargs)[source]¶
- Creates an instance of this client using the provided credentials
info.
- Parameters
info (dict) – The service account private key info.
args – Additional arguments to pass to the constructor.
kwargs – Additional arguments to pass to the constructor.
- Returns
The constructed client.
- Return type
- classmethod from_service_account_json(filename: str, *args, **kwargs)¶
- Creates an instance of this client using the provided credentials
file.
- Parameters
filename (str) – The path to the service account private key json file.
args – Additional arguments to pass to the constructor.
kwargs – Additional arguments to pass to the constructor.
- Returns
The constructed client.
- Return type
- async get_effective_policy(request: Optional[google.cloud.orgpolicy_v2.types.orgpolicy.GetEffectivePolicyRequest] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.orgpolicy_v2.types.orgpolicy.Policy [source]¶
Gets the effective
Policy
on a resource. This is the result of mergingPolicies
in the resource hierarchy and evaluating conditions. The returnedPolicy
will not have anetag
orcondition
set because it is a computedPolicy
across multiple resources. Subtrees of Resource Manager resource hierarchy with ‘under:’ prefix will not be expanded.- Parameters
request (
google.cloud.orgpolicy_v2.types.GetEffectivePolicyRequest
) – The request object. The request sent to the [GetEffectivePolicy] [google.cloud.orgpolicy.v2.OrgPolicy.GetEffectivePolicy] method.name (
str
) –Required. The effective policy to compute. See
Policy
for naming rules.This corresponds to the
name
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
- Defines a Cloud Organization Policy which is used to specify Constraints
for configurations of Cloud Platform resources.
- Return type
- async get_policy(request: Optional[google.cloud.orgpolicy_v2.types.orgpolicy.GetPolicyRequest] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.orgpolicy_v2.types.orgpolicy.Policy [source]¶
Gets a
Policy
on a resource.If no
Policy
is set on the resource, NOT_FOUND is returned. Theetag
value can be used withUpdatePolicy()
to update aPolicy
during read-modify-write.- Parameters
request (
google.cloud.orgpolicy_v2.types.GetPolicyRequest
) – The request object. The request sent to the [GetPolicy] [google.cloud.orgpolicy.v2.OrgPolicy.GetPolicy] method.name (
str
) –Required. Resource name of the policy. See
Policy
for naming requirements.This corresponds to the
name
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
- Defines a Cloud Organization Policy which is used to specify Constraints
for configurations of Cloud Platform resources.
- Return type
- get_transport_class() Type[google.cloud.orgpolicy_v2.services.org_policy.transports.base.OrgPolicyTransport] ¶
Returns an appropriate transport class.
- Parameters
label – The name of the desired transport. If none is provided, then the first transport in the registry is used.
- Returns
The transport class to use.
- async list_constraints(request: Optional[google.cloud.orgpolicy_v2.types.orgpolicy.ListConstraintsRequest] = None, *, parent: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.orgpolicy_v2.services.org_policy.pagers.ListConstraintsAsyncPager [source]¶
Lists
Constraints
that could be applied on the specified resource.- Parameters
request (
google.cloud.orgpolicy_v2.types.ListConstraintsRequest
) – The request object. The request sent to the [ListConstraints] [google.cloud.orgpolicy.v2.OrgPolicy.ListConstraints] method.parent (
str
) –Required. The Cloud resource that parents the constraint. Must be in one of the following forms:
projects/{project_number}
projects/{project_id}
folders/{folder_id}
organizations/{organization_id}
This corresponds to the
parent
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
- The response returned from the [ListConstraints]
[google.cloud.orgpolicy.v2.OrgPolicy.ListConstraints] method.
Iterating over this object will yield results and resolve additional pages automatically.
- Return type
google.cloud.orgpolicy_v2.services.org_policy.pagers.ListConstraintsAsyncPager
- async list_policies(request: Optional[google.cloud.orgpolicy_v2.types.orgpolicy.ListPoliciesRequest] = None, *, parent: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.orgpolicy_v2.services.org_policy.pagers.ListPoliciesAsyncPager [source]¶
Retrieves all of the
Policies
that exist on a particular resource.- Parameters
request (
google.cloud.orgpolicy_v2.types.ListPoliciesRequest
) – The request object. The request sent to the [ListPolicies] [google.cloud.orgpolicy.v2.OrgPolicy.ListPolicies] method.parent (
str
) –Required. The target Cloud resource that parents the set of constraints and policies that will be returned from this call. Must be in one of the following forms:
projects/{project_number}
projects/{project_id}
folders/{folder_id}
organizations/{organization_id}
This corresponds to the
parent
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
- The response returned from the [ListPolicies]
[google.cloud.orgpolicy.v2.OrgPolicy.ListPolicies] method. It will be empty if no Policies are set on the resource.
Iterating over this object will yield results and resolve additional pages automatically.
- Return type
google.cloud.orgpolicy_v2.services.org_policy.pagers.ListPoliciesAsyncPager
- static parse_common_billing_account_path(path: str) Dict[str, str] ¶
Parse a billing_account path into its component segments.
- static parse_common_folder_path(path: str) Dict[str, str] ¶
Parse a folder path into its component segments.
- static parse_common_location_path(path: str) Dict[str, str] ¶
Parse a location path into its component segments.
- static parse_common_organization_path(path: str) Dict[str, str] ¶
Parse a organization path into its component segments.
- static parse_common_project_path(path: str) Dict[str, str] ¶
Parse a project path into its component segments.
- static parse_constraint_path(path: str) Dict[str, str] ¶
Parses a constraint path into its component segments.
- static parse_policy_path(path: str) Dict[str, str] ¶
Parses a policy path into its component segments.
- static policy_path(project: str, policy: str) str ¶
Returns a fully-qualified policy string.
- property transport: google.cloud.orgpolicy_v2.services.org_policy.transports.base.OrgPolicyTransport¶
Returns the transport used by the client instance.
- Returns
The transport used by the client instance.
- Return type
OrgPolicyTransport
- async update_policy(request: Optional[google.cloud.orgpolicy_v2.types.orgpolicy.UpdatePolicyRequest] = None, *, policy: Optional[google.cloud.orgpolicy_v2.types.orgpolicy.Policy] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.orgpolicy_v2.types.orgpolicy.Policy [source]¶
Updates a Policy.
Returns a
google.rpc.Status
withgoogle.rpc.Code.NOT_FOUND
if the constraint or the policy do not exist. Returns agoogle.rpc.Status
withgoogle.rpc.Code.ABORTED
if the etag supplied in the request does not match the persisted etag of the policyNote: the supplied policy will perform a full overwrite of all fields.
- Parameters
request (
google.cloud.orgpolicy_v2.types.UpdatePolicyRequest
) – The request object. The request sent to the [UpdatePolicyRequest] [google.cloud.orgpolicy.v2.OrgPolicy.UpdatePolicy] method.policy (
google.cloud.orgpolicy_v2.types.Policy
) – Required.Policy
to update. This corresponds to thepolicy
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
- Defines a Cloud Organization Policy which is used to specify Constraints
for configurations of Cloud Platform resources.
- Return type
- class google.cloud.orgpolicy_v2.services.org_policy.OrgPolicyClient(*, credentials: Optional[google.auth.credentials.Credentials] = None, transport: Optional[Union[str, google.cloud.orgpolicy_v2.services.org_policy.transports.base.OrgPolicyTransport]] = None, client_options: Optional[google.api_core.client_options.ClientOptions] = None, client_info: google.api_core.gapic_v1.client_info.ClientInfo = <google.api_core.gapic_v1.client_info.ClientInfo object>)[source]¶
An interface for managing organization policies.
The Cloud Org Policy service provides a simple mechanism for organizations to restrict the allowed configurations across their entire Cloud Resource hierarchy.
You can use a
policy
to configure restrictions in Cloud resources. For example, you can enforce apolicy
that restricts which Google Cloud Platform APIs can be activated in a certain part of your resource hierarchy, or prevents serial port access to VM instances in a particular folder.Policies
are inherited down through the resource hierarchy. Apolicy
applied to a parent resource automatically applies to all its child resources unless overridden with apolicy
lower in the hierarchy.A
constraint
defines an aspect of a resource’s configuration that can be controlled by an organization’s policy administrator.Policies
are a collection ofconstraints
that defines their allowable configuration on a particular resource and its child resources.Instantiates the org policy client.
- Parameters
credentials (Optional[google.auth.credentials.Credentials]) – The authorization credentials to attach to requests. These credentials identify the application to the service; if none are specified, the client will attempt to ascertain the credentials from the environment.
transport (Union[str, OrgPolicyTransport]) – The transport to use. If set to None, a transport is chosen automatically.
client_options (google.api_core.client_options.ClientOptions) – Custom options for the client. It won’t take effect if a
transport
instance is provided. (1) Theapi_endpoint
property can be used to override the default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT environment variable can also be used to override the endpoint: “always” (always use the default mTLS endpoint), “never” (always use the default regular endpoint) and “auto” (auto switch to the default mTLS endpoint if client certificate is present, this is the default value). However, theapi_endpoint
property takes precedence if provided. (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is “true”, then theclient_cert_source
property can be used to provide client certificate for mutual TLS transport. If not provided, the default SSL client certificate will be used if present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is “false” or not set, no client certificate will be used.client_info (google.api_core.gapic_v1.client_info.ClientInfo) – The client info used to send a user-agent string along with API requests. If
None
, then default info will be used. Generally, you only need to set this if you’re developing your own client library.
- Raises
google.auth.exceptions.MutualTLSChannelError – If mutual TLS transport creation failed for any reason.
- static common_billing_account_path(billing_account: str) str [source]¶
Returns a fully-qualified billing_account string.
- static common_location_path(project: str, location: str) str [source]¶
Returns a fully-qualified location string.
- static common_organization_path(organization: str) str [source]¶
Returns a fully-qualified organization string.
- static constraint_path(project: str, constraint: str) str [source]¶
Returns a fully-qualified constraint string.
- create_policy(request: Optional[Union[google.cloud.orgpolicy_v2.types.orgpolicy.CreatePolicyRequest, dict]] = None, *, parent: Optional[str] = None, policy: Optional[google.cloud.orgpolicy_v2.types.orgpolicy.Policy] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.orgpolicy_v2.types.orgpolicy.Policy [source]¶
Creates a Policy.
Returns a
google.rpc.Status
withgoogle.rpc.Code.NOT_FOUND
if the constraint does not exist. Returns agoogle.rpc.Status
withgoogle.rpc.Code.ALREADY_EXISTS
if the policy already exists on the given Cloud resource.- Parameters
request (Union[google.cloud.orgpolicy_v2.types.CreatePolicyRequest, dict]) – The request object. The request sent to the [CreatePolicyRequest] [google.cloud.orgpolicy.v2.OrgPolicy.CreatePolicy] method.
parent (str) –
Required. The Cloud resource that will parent the new Policy. Must be in one of the following forms:
projects/{project_number}
projects/{project_id}
folders/{folder_id}
organizations/{organization_id}
This corresponds to the
parent
field on therequest
instance; ifrequest
is provided, this should not be set.policy (google.cloud.orgpolicy_v2.types.Policy) – Required.
Policy
to create. This corresponds to thepolicy
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
- Defines a Cloud Organization Policy which is used to specify Constraints
for configurations of Cloud Platform resources.
- Return type
- delete_policy(request: Optional[Union[google.cloud.orgpolicy_v2.types.orgpolicy.DeletePolicyRequest, dict]] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) None [source]¶
Deletes a Policy.
Returns a
google.rpc.Status
withgoogle.rpc.Code.NOT_FOUND
if the constraint or Org Policy does not exist.- Parameters
request (Union[google.cloud.orgpolicy_v2.types.DeletePolicyRequest, dict]) – The request object. The request sent to the [DeletePolicy] [google.cloud.orgpolicy.v2.OrgPolicy.DeletePolicy] method.
name (str) –
Required. Name of the policy to delete. See
Policy
for naming rules.This corresponds to the
name
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- classmethod from_service_account_file(filename: str, *args, **kwargs)[source]¶
- Creates an instance of this client using the provided credentials
file.
- Parameters
filename (str) – The path to the service account private key json file.
args – Additional arguments to pass to the constructor.
kwargs – Additional arguments to pass to the constructor.
- Returns
The constructed client.
- Return type
- classmethod from_service_account_info(info: dict, *args, **kwargs)[source]¶
- Creates an instance of this client using the provided credentials
info.
- Parameters
info (dict) – The service account private key info.
args – Additional arguments to pass to the constructor.
kwargs – Additional arguments to pass to the constructor.
- Returns
The constructed client.
- Return type
- classmethod from_service_account_json(filename: str, *args, **kwargs)¶
- Creates an instance of this client using the provided credentials
file.
- Parameters
filename (str) – The path to the service account private key json file.
args – Additional arguments to pass to the constructor.
kwargs – Additional arguments to pass to the constructor.
- Returns
The constructed client.
- Return type
- get_effective_policy(request: Optional[Union[google.cloud.orgpolicy_v2.types.orgpolicy.GetEffectivePolicyRequest, dict]] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.orgpolicy_v2.types.orgpolicy.Policy [source]¶
Gets the effective
Policy
on a resource. This is the result of mergingPolicies
in the resource hierarchy and evaluating conditions. The returnedPolicy
will not have anetag
orcondition
set because it is a computedPolicy
across multiple resources. Subtrees of Resource Manager resource hierarchy with ‘under:’ prefix will not be expanded.- Parameters
request (Union[google.cloud.orgpolicy_v2.types.GetEffectivePolicyRequest, dict]) – The request object. The request sent to the [GetEffectivePolicy] [google.cloud.orgpolicy.v2.OrgPolicy.GetEffectivePolicy] method.
name (str) –
Required. The effective policy to compute. See
Policy
for naming rules.This corresponds to the
name
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
- Defines a Cloud Organization Policy which is used to specify Constraints
for configurations of Cloud Platform resources.
- Return type
- get_policy(request: Optional[Union[google.cloud.orgpolicy_v2.types.orgpolicy.GetPolicyRequest, dict]] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.orgpolicy_v2.types.orgpolicy.Policy [source]¶
Gets a
Policy
on a resource.If no
Policy
is set on the resource, NOT_FOUND is returned. Theetag
value can be used withUpdatePolicy()
to update aPolicy
during read-modify-write.- Parameters
request (Union[google.cloud.orgpolicy_v2.types.GetPolicyRequest, dict]) – The request object. The request sent to the [GetPolicy] [google.cloud.orgpolicy.v2.OrgPolicy.GetPolicy] method.
name (str) –
Required. Resource name of the policy. See
Policy
for naming requirements.This corresponds to the
name
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
- Defines a Cloud Organization Policy which is used to specify Constraints
for configurations of Cloud Platform resources.
- Return type
- list_constraints(request: Optional[Union[google.cloud.orgpolicy_v2.types.orgpolicy.ListConstraintsRequest, dict]] = None, *, parent: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.orgpolicy_v2.services.org_policy.pagers.ListConstraintsPager [source]¶
Lists
Constraints
that could be applied on the specified resource.- Parameters
request (Union[google.cloud.orgpolicy_v2.types.ListConstraintsRequest, dict]) – The request object. The request sent to the [ListConstraints] [google.cloud.orgpolicy.v2.OrgPolicy.ListConstraints] method.
parent (str) –
Required. The Cloud resource that parents the constraint. Must be in one of the following forms:
projects/{project_number}
projects/{project_id}
folders/{folder_id}
organizations/{organization_id}
This corresponds to the
parent
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
- The response returned from the [ListConstraints]
[google.cloud.orgpolicy.v2.OrgPolicy.ListConstraints] method.
Iterating over this object will yield results and resolve additional pages automatically.
- Return type
google.cloud.orgpolicy_v2.services.org_policy.pagers.ListConstraintsPager
- list_policies(request: Optional[Union[google.cloud.orgpolicy_v2.types.orgpolicy.ListPoliciesRequest, dict]] = None, *, parent: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.orgpolicy_v2.services.org_policy.pagers.ListPoliciesPager [source]¶
Retrieves all of the
Policies
that exist on a particular resource.- Parameters
request (Union[google.cloud.orgpolicy_v2.types.ListPoliciesRequest, dict]) – The request object. The request sent to the [ListPolicies] [google.cloud.orgpolicy.v2.OrgPolicy.ListPolicies] method.
parent (str) –
Required. The target Cloud resource that parents the set of constraints and policies that will be returned from this call. Must be in one of the following forms:
projects/{project_number}
projects/{project_id}
folders/{folder_id}
organizations/{organization_id}
This corresponds to the
parent
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
- The response returned from the [ListPolicies]
[google.cloud.orgpolicy.v2.OrgPolicy.ListPolicies] method. It will be empty if no Policies are set on the resource.
Iterating over this object will yield results and resolve additional pages automatically.
- Return type
google.cloud.orgpolicy_v2.services.org_policy.pagers.ListPoliciesPager
- static parse_common_billing_account_path(path: str) Dict[str, str] [source]¶
Parse a billing_account path into its component segments.
- static parse_common_folder_path(path: str) Dict[str, str] [source]¶
Parse a folder path into its component segments.
- static parse_common_location_path(path: str) Dict[str, str] [source]¶
Parse a location path into its component segments.
- static parse_common_organization_path(path: str) Dict[str, str] [source]¶
Parse a organization path into its component segments.
- static parse_common_project_path(path: str) Dict[str, str] [source]¶
Parse a project path into its component segments.
- static parse_constraint_path(path: str) Dict[str, str] [source]¶
Parses a constraint path into its component segments.
- static parse_policy_path(path: str) Dict[str, str] [source]¶
Parses a policy path into its component segments.
- static policy_path(project: str, policy: str) str [source]¶
Returns a fully-qualified policy string.
- property transport: google.cloud.orgpolicy_v2.services.org_policy.transports.base.OrgPolicyTransport¶
Returns the transport used by the client instance.
- Returns
- The transport used by the client
instance.
- Return type
OrgPolicyTransport
- update_policy(request: Optional[Union[google.cloud.orgpolicy_v2.types.orgpolicy.UpdatePolicyRequest, dict]] = None, *, policy: Optional[google.cloud.orgpolicy_v2.types.orgpolicy.Policy] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.orgpolicy_v2.types.orgpolicy.Policy [source]¶
Updates a Policy.
Returns a
google.rpc.Status
withgoogle.rpc.Code.NOT_FOUND
if the constraint or the policy do not exist. Returns agoogle.rpc.Status
withgoogle.rpc.Code.ABORTED
if the etag supplied in the request does not match the persisted etag of the policyNote: the supplied policy will perform a full overwrite of all fields.
- Parameters
request (Union[google.cloud.orgpolicy_v2.types.UpdatePolicyRequest, dict]) – The request object. The request sent to the [UpdatePolicyRequest] [google.cloud.orgpolicy.v2.OrgPolicy.UpdatePolicy] method.
policy (google.cloud.orgpolicy_v2.types.Policy) – Required.
Policy
to update. This corresponds to thepolicy
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
- Defines a Cloud Organization Policy which is used to specify Constraints
for configurations of Cloud Platform resources.
- Return type
- class google.cloud.orgpolicy_v2.services.org_policy.pagers.ListConstraintsAsyncPager(method: Callable[[...], Awaitable[google.cloud.orgpolicy_v2.types.orgpolicy.ListConstraintsResponse]], request: google.cloud.orgpolicy_v2.types.orgpolicy.ListConstraintsRequest, response: google.cloud.orgpolicy_v2.types.orgpolicy.ListConstraintsResponse, *, metadata: Sequence[Tuple[str, str]] = ())[source]¶
A pager for iterating through
list_constraints
requests.This class thinly wraps an initial
google.cloud.orgpolicy_v2.types.ListConstraintsResponse
object, and provides an__aiter__
method to iterate through itsconstraints
field.If there are more pages, the
__aiter__
method will make additionalListConstraints
requests and continue to iterate through theconstraints
field on the corresponding responses.All the usual
google.cloud.orgpolicy_v2.types.ListConstraintsResponse
attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.Instantiates the pager.
- Parameters
method (Callable) – The method that was originally called, and which instantiated this pager.
request (google.cloud.orgpolicy_v2.types.ListConstraintsRequest) – The initial request object.
response (google.cloud.orgpolicy_v2.types.ListConstraintsResponse) – The initial response object.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- class google.cloud.orgpolicy_v2.services.org_policy.pagers.ListConstraintsPager(method: Callable[[...], google.cloud.orgpolicy_v2.types.orgpolicy.ListConstraintsResponse], request: google.cloud.orgpolicy_v2.types.orgpolicy.ListConstraintsRequest, response: google.cloud.orgpolicy_v2.types.orgpolicy.ListConstraintsResponse, *, metadata: Sequence[Tuple[str, str]] = ())[source]¶
A pager for iterating through
list_constraints
requests.This class thinly wraps an initial
google.cloud.orgpolicy_v2.types.ListConstraintsResponse
object, and provides an__iter__
method to iterate through itsconstraints
field.If there are more pages, the
__iter__
method will make additionalListConstraints
requests and continue to iterate through theconstraints
field on the corresponding responses.All the usual
google.cloud.orgpolicy_v2.types.ListConstraintsResponse
attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.Instantiate the pager.
- Parameters
method (Callable) – The method that was originally called, and which instantiated this pager.
request (google.cloud.orgpolicy_v2.types.ListConstraintsRequest) – The initial request object.
response (google.cloud.orgpolicy_v2.types.ListConstraintsResponse) – The initial response object.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- class google.cloud.orgpolicy_v2.services.org_policy.pagers.ListPoliciesAsyncPager(method: Callable[[...], Awaitable[google.cloud.orgpolicy_v2.types.orgpolicy.ListPoliciesResponse]], request: google.cloud.orgpolicy_v2.types.orgpolicy.ListPoliciesRequest, response: google.cloud.orgpolicy_v2.types.orgpolicy.ListPoliciesResponse, *, metadata: Sequence[Tuple[str, str]] = ())[source]¶
A pager for iterating through
list_policies
requests.This class thinly wraps an initial
google.cloud.orgpolicy_v2.types.ListPoliciesResponse
object, and provides an__aiter__
method to iterate through itspolicies
field.If there are more pages, the
__aiter__
method will make additionalListPolicies
requests and continue to iterate through thepolicies
field on the corresponding responses.All the usual
google.cloud.orgpolicy_v2.types.ListPoliciesResponse
attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.Instantiates the pager.
- Parameters
method (Callable) – The method that was originally called, and which instantiated this pager.
request (google.cloud.orgpolicy_v2.types.ListPoliciesRequest) – The initial request object.
response (google.cloud.orgpolicy_v2.types.ListPoliciesResponse) – The initial response object.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- class google.cloud.orgpolicy_v2.services.org_policy.pagers.ListPoliciesPager(method: Callable[[...], google.cloud.orgpolicy_v2.types.orgpolicy.ListPoliciesResponse], request: google.cloud.orgpolicy_v2.types.orgpolicy.ListPoliciesRequest, response: google.cloud.orgpolicy_v2.types.orgpolicy.ListPoliciesResponse, *, metadata: Sequence[Tuple[str, str]] = ())[source]¶
A pager for iterating through
list_policies
requests.This class thinly wraps an initial
google.cloud.orgpolicy_v2.types.ListPoliciesResponse
object, and provides an__iter__
method to iterate through itspolicies
field.If there are more pages, the
__iter__
method will make additionalListPolicies
requests and continue to iterate through thepolicies
field on the corresponding responses.All the usual
google.cloud.orgpolicy_v2.types.ListPoliciesResponse
attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.Instantiate the pager.
- Parameters
method (Callable) – The method that was originally called, and which instantiated this pager.
request (google.cloud.orgpolicy_v2.types.ListPoliciesRequest) – The initial request object.
response (google.cloud.orgpolicy_v2.types.ListPoliciesResponse) – The initial response object.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.