Interface OrgPolicyGrpc.AsyncService (2.27.0)

public static interface OrgPolicyGrpc.AsyncService

An interface for managing organization policies. The Cloud Org Policy service provides a simple mechanism for organizations to restrict the allowed configurations across their entire Cloud Resource hierarchy. You can use a policy to configure restrictions in Cloud resources. For example, you can enforce a policy that restricts which Google Cloud Platform APIs can be activated in a certain part of your resource hierarchy, or prevents serial port access to VM instances in a particular folder. Policies are inherited down through the resource hierarchy. A policy applied to a parent resource automatically applies to all its child resources unless overridden with a policy lower in the hierarchy. A constraint defines an aspect of a resource's configuration that can be controlled by an organization's policy administrator. Policies are a collection of constraints that defines their allowable configuration on a particular resource and its child resources.

Methods

createPolicy(CreatePolicyRequest request, StreamObserver<Policy> responseObserver)

public default void createPolicy(CreatePolicyRequest request, StreamObserver<Policy> responseObserver)

Creates a Policy. Returns a google.rpc.Status with google.rpc.Code.NOT_FOUND if the constraint does not exist. Returns a google.rpc.Status with google.rpc.Code.ALREADY_EXISTS if the policy already exists on the given Cloud resource.

Parameters
NameDescription
requestCreatePolicyRequest
responseObserverio.grpc.stub.StreamObserver<Policy>

deletePolicy(DeletePolicyRequest request, StreamObserver<Empty> responseObserver)

public default void deletePolicy(DeletePolicyRequest request, StreamObserver<Empty> responseObserver)

Deletes a Policy. Returns a google.rpc.Status with google.rpc.Code.NOT_FOUND if the constraint or Org Policy does not exist.

Parameters
NameDescription
requestDeletePolicyRequest
responseObserverio.grpc.stub.StreamObserver<Empty>

getEffectivePolicy(GetEffectivePolicyRequest request, StreamObserver<Policy> responseObserver)

public default void getEffectivePolicy(GetEffectivePolicyRequest request, StreamObserver<Policy> responseObserver)

Gets the effective Policy on a resource. This is the result of merging Policies in the resource hierarchy and evaluating conditions. The returned Policy will not have an etag or condition set because it is a computed Policy across multiple resources. Subtrees of Resource Manager resource hierarchy with 'under:' prefix will not be expanded.

Parameters
NameDescription
requestGetEffectivePolicyRequest
responseObserverio.grpc.stub.StreamObserver<Policy>

getPolicy(GetPolicyRequest request, StreamObserver<Policy> responseObserver)

public default void getPolicy(GetPolicyRequest request, StreamObserver<Policy> responseObserver)

Gets a Policy on a resource. If no Policy is set on the resource, NOT_FOUND is returned. The etag value can be used with UpdatePolicy() to update a Policy during read-modify-write.

Parameters
NameDescription
requestGetPolicyRequest
responseObserverio.grpc.stub.StreamObserver<Policy>

listConstraints(ListConstraintsRequest request, StreamObserver<ListConstraintsResponse> responseObserver)

public default void listConstraints(ListConstraintsRequest request, StreamObserver<ListConstraintsResponse> responseObserver)

Lists Constraints that could be applied on the specified resource.

Parameters
NameDescription
requestListConstraintsRequest
responseObserverio.grpc.stub.StreamObserver<ListConstraintsResponse>

listPolicies(ListPoliciesRequest request, StreamObserver<ListPoliciesResponse> responseObserver)

public default void listPolicies(ListPoliciesRequest request, StreamObserver<ListPoliciesResponse> responseObserver)

Retrieves all of the Policies that exist on a particular resource.

Parameters
NameDescription
requestListPoliciesRequest
responseObserverio.grpc.stub.StreamObserver<ListPoliciesResponse>

updatePolicy(UpdatePolicyRequest request, StreamObserver<Policy> responseObserver)

public default void updatePolicy(UpdatePolicyRequest request, StreamObserver<Policy> responseObserver)

Updates a Policy. Returns a google.rpc.Status with google.rpc.Code.NOT_FOUND if the constraint or the policy do not exist. Returns a google.rpc.Status with google.rpc.Code.ABORTED if the etag supplied in the request does not match the persisted etag of the policy Note: the supplied policy will perform a full overwrite of all fields.

Parameters
NameDescription
requestUpdatePolicyRequest
responseObserverio.grpc.stub.StreamObserver<Policy>