orgpolicy

package
Version: v1.11.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 20, 2023 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Overview

Package orgpolicy is an auto-generated package for the Organization Policy API.

The Organization Policy API allows users to configure governance rules on their Google Cloud resources across the resource hierarchy.

General documentation

For information about setting deadlines, reusing contexts, and more please visit https://pkg.go.dev/cloud.google.com/go.

Example usage

To get started with this package, create a client. 

ctx := context.Background()
// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in:
//   https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options
c, err := orgpolicy.NewClient(ctx)
if err != nil {
	// TODO: Handle error.
}
defer c.Close()

The client will use your default application credentials. Clients should be reused instead of created as needed. The methods of Client are safe for concurrent use by multiple goroutines. The returned client must be Closed when it is done being used.

Using the Client

The following is an example of making an API call with the newly created client. 

ctx := context.Background()
// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in:
//   https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options
c, err := orgpolicy.NewClient(ctx)
if err != nil {
	// TODO: Handle error.
}
defer c.Close()

req := &orgpolicypb.ListConstraintsRequest{
	// TODO: Fill request struct fields.
	// See https://pkg.go.dev/cloud.google.com/go/orgpolicy/apiv2/orgpolicypb#ListConstraintsRequest.
}
it := c.ListConstraints(ctx, req)
for {
	resp, err := it.Next()
	if err == iterator.Done {
		break
	}
	if err != nil {
		// TODO: Handle error.
	}
	// TODO: Use resp.
	_ = resp
}

Inspecting errors

To see examples of how to inspect errors returned by this package please reference [Inspecting errors](https://pkg.go.dev/cloud.google.com/go#hdr-Inspecting_errors).

Use of Context

The ctx passed to NewClient is used for authentication requests and for creating the underlying connection, but is not used for subsequent calls. Individual methods on the client use the ctx given to them.

To close the open connection, use the Close() method.

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func DefaultAuthScopes 

func DefaultAuthScopes() []string

DefaultAuthScopes reports the default set of authentication scopes to use with this package.

Types

type CallOptions 

type CallOptions struct {
	ListConstraints    []gax.CallOption
	ListPolicies       []gax.CallOption
	GetPolicy          []gax.CallOption
	GetEffectivePolicy []gax.CallOption
	CreatePolicy       []gax.CallOption
	UpdatePolicy       []gax.CallOption
	DeletePolicy       []gax.CallOption
}

CallOptions contains the retry settings for each method of Client.

type Client 

type Client struct {

	// The call options for this service.
	CallOptions *CallOptions
	// contains filtered or unexported fields
}

Client is a client for interacting with Organization Policy API. Methods, except Close, may be called concurrently. However, fields must not be modified concurrently with method calls.

An interface for managing organization policies.

The Cloud Org Policy service provides a simple mechanism for organizations to restrict the allowed configurations across their entire Cloud Resource hierarchy.

You can use a policy to configure restrictions in Cloud resources. For example, you can enforce a policy that restricts which Google Cloud Platform APIs can be activated in a certain part of your resource hierarchy, or prevents serial port access to VM instances in a particular folder.

Policies are inherited down through the resource hierarchy. A policy applied to a parent resource automatically applies to all its child resources unless overridden with a policy lower in the hierarchy.

A constraint defines an aspect of a resource’s configuration that can be controlled by an organization’s policy administrator. Policies are a collection of constraints that defines their allowable configuration on a particular resource and its child resources.

func NewClient 

func NewClient(ctx context.Context, opts ...option.ClientOption) (*Client, error)

NewClient creates a new org policy client based on gRPC. The returned client must be Closed when it is done being used to clean up its underlying connections.

An interface for managing organization policies.

The Cloud Org Policy service provides a simple mechanism for organizations to restrict the allowed configurations across their entire Cloud Resource hierarchy.

You can use a policy to configure restrictions in Cloud resources. For example, you can enforce a policy that restricts which Google Cloud Platform APIs can be activated in a certain part of your resource hierarchy, or prevents serial port access to VM instances in a particular folder.

Policies are inherited down through the resource hierarchy. A policy applied to a parent resource automatically applies to all its child resources unless overridden with a policy lower in the hierarchy.

A constraint defines an aspect of a resource’s configuration that can be controlled by an organization’s policy administrator. Policies are a collection of constraints that defines their allowable configuration on a particular resource and its child resources.

Example 
package main

import (
	"context"

	orgpolicy "cloud.google.com/go/orgpolicy/apiv2"
)

func main() {
	ctx := context.Background()
	// This snippet has been automatically generated and should be regarded as a code template only.
	// It will require modifications to work:
	// - It may require correct/in-range values for request initialization.
	// - It may require specifying regional endpoints when creating the service client as shown in:
	//   https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options
	c, err := orgpolicy.NewClient(ctx)
	if err != nil {
		// TODO: Handle error.
	}
	defer c.Close()

	// TODO: Use client.
	_ = c
}

Output:

func NewRESTClient added in v1.6.0 

func NewRESTClient(ctx context.Context, opts ...option.ClientOption) (*Client, error)

NewRESTClient creates a new org policy rest client.

An interface for managing organization policies.

The Cloud Org Policy service provides a simple mechanism for organizations to restrict the allowed configurations across their entire Cloud Resource hierarchy.

You can use a policy to configure restrictions in Cloud resources. For example, you can enforce a policy that restricts which Google Cloud Platform APIs can be activated in a certain part of your resource hierarchy, or prevents serial port access to VM instances in a particular folder.

Policies are inherited down through the resource hierarchy. A policy applied to a parent resource automatically applies to all its child resources unless overridden with a policy lower in the hierarchy.

A constraint defines an aspect of a resource’s configuration that can be controlled by an organization’s policy administrator. Policies are a collection of constraints that defines their allowable configuration on a particular resource and its child resources.

Example 
package main

import (
	"context"

	orgpolicy "cloud.google.com/go/orgpolicy/apiv2"
)

func main() {
	ctx := context.Background()
	// This snippet has been automatically generated and should be regarded as a code template only.
	// It will require modifications to work:
	// - It may require correct/in-range values for request initialization.
	// - It may require specifying regional endpoints when creating the service client as shown in:
	//   https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options
	c, err := orgpolicy.NewRESTClient(ctx)
	if err != nil {
		// TODO: Handle error.
	}
	defer c.Close()

	// TODO: Use client.
	_ = c
}

Output:

func (*Client) Close 

func (c *Client) Close() error

Close closes the connection to the API service. The user should invoke this when the client is no longer required.

func (*Client) Connection deprecated 

func (c *Client) Connection() *grpc.ClientConn

Connection returns a connection to the API service.

Deprecated: Connections are now pooled so this method does not always return the same resource.

func (*Client) CreatePolicy 

func (c *Client) CreatePolicy(ctx context.Context, req *orgpolicypb.CreatePolicyRequest, opts ...gax.CallOption) (*orgpolicypb.Policy, error)

CreatePolicy creates a Policy.

Returns a google.rpc.Status with google.rpc.Code.NOT_FOUND if the constraint does not exist. Returns a google.rpc.Status with google.rpc.Code.ALREADY_EXISTS if the policy already exists on the given Cloud resource.

Example 
package main

import (
	"context"

	orgpolicy "cloud.google.com/go/orgpolicy/apiv2"
	orgpolicypb "cloud.google.com/go/orgpolicy/apiv2/orgpolicypb"
)

func main() {
	ctx := context.Background()
	// This snippet has been automatically generated and should be regarded as a code template only.
	// It will require modifications to work:
	// - It may require correct/in-range values for request initialization.
	// - It may require specifying regional endpoints when creating the service client as shown in:
	//   https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options
	c, err := orgpolicy.NewClient(ctx)
	if err != nil {
		// TODO: Handle error.
	}
	defer c.Close()

	req := &orgpolicypb.CreatePolicyRequest{
		// TODO: Fill request struct fields.
		// See https://pkg.go.dev/cloud.google.com/go/orgpolicy/apiv2/orgpolicypb#CreatePolicyRequest.
	}
	resp, err := c.CreatePolicy(ctx, req)
	if err != nil {
		// TODO: Handle error.
	}
	// TODO: Use resp.
	_ = resp
}

Output:

func (*Client) DeletePolicy 

func (c *Client) DeletePolicy(ctx context.Context, req *orgpolicypb.DeletePolicyRequest, opts ...gax.CallOption) error

DeletePolicy deletes a Policy.

Returns a google.rpc.Status with google.rpc.Code.NOT_FOUND if the constraint or Org Policy does not exist.

Example 
package main

import (
	"context"

	orgpolicy "cloud.google.com/go/orgpolicy/apiv2"
	orgpolicypb "cloud.google.com/go/orgpolicy/apiv2/orgpolicypb"
)

func main() {
	ctx := context.Background()
	// This snippet has been automatically generated and should be regarded as a code template only.
	// It will require modifications to work:
	// - It may require correct/in-range values for request initialization.
	// - It may require specifying regional endpoints when creating the service client as shown in:
	//   https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options
	c, err := orgpolicy.NewClient(ctx)
	if err != nil {
		// TODO: Handle error.
	}
	defer c.Close()

	req := &orgpolicypb.DeletePolicyRequest{
		// TODO: Fill request struct fields.
		// See https://pkg.go.dev/cloud.google.com/go/orgpolicy/apiv2/orgpolicypb#DeletePolicyRequest.
	}
	err = c.DeletePolicy(ctx, req)
	if err != nil {
		// TODO: Handle error.
	}
}

Output:

func (*Client) GetEffectivePolicy 

func (c *Client) GetEffectivePolicy(ctx context.Context, req *orgpolicypb.GetEffectivePolicyRequest, opts ...gax.CallOption) (*orgpolicypb.Policy, error)

GetEffectivePolicy gets the effective Policy on a resource. This is the result of merging Policies in the resource hierarchy and evaluating conditions. The returned Policy will not have an etag or condition set because it is a computed Policy across multiple resources. Subtrees of Resource Manager resource hierarchy with ‘under:’ prefix will not be expanded.

Example 
package main

import (
	"context"

	orgpolicy "cloud.google.com/go/orgpolicy/apiv2"
	orgpolicypb "cloud.google.com/go/orgpolicy/apiv2/orgpolicypb"
)

func main() {
	ctx := context.Background()
	// This snippet has been automatically generated and should be regarded as a code template only.
	// It will require modifications to work:
	// - It may require correct/in-range values for request initialization.
	// - It may require specifying regional endpoints when creating the service client as shown in:
	//   https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options
	c, err := orgpolicy.NewClient(ctx)
	if err != nil {
		// TODO: Handle error.
	}
	defer c.Close()

	req := &orgpolicypb.GetEffectivePolicyRequest{
		// TODO: Fill request struct fields.
		// See https://pkg.go.dev/cloud.google.com/go/orgpolicy/apiv2/orgpolicypb#GetEffectivePolicyRequest.
	}
	resp, err := c.GetEffectivePolicy(ctx, req)
	if err != nil {
		// TODO: Handle error.
	}
	// TODO: Use resp.
	_ = resp
}

Output:

func (*Client) GetPolicy 

func (c *Client) GetPolicy(ctx context.Context, req *orgpolicypb.GetPolicyRequest, opts ...gax.CallOption) (*orgpolicypb.Policy, error)

GetPolicy gets a Policy on a resource.

If no Policy is set on the resource, NOT_FOUND is returned. The etag value can be used with UpdatePolicy() to update a Policy during read-modify-write.

Example 
package main

import (
	"context"

	orgpolicy "cloud.google.com/go/orgpolicy/apiv2"
	orgpolicypb "cloud.google.com/go/orgpolicy/apiv2/orgpolicypb"
)

func main() {
	ctx := context.Background()
	// This snippet has been automatically generated and should be regarded as a code template only.
	// It will require modifications to work:
	// - It may require correct/in-range values for request initialization.
	// - It may require specifying regional endpoints when creating the service client as shown in:
	//   https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options
	c, err := orgpolicy.NewClient(ctx)
	if err != nil {
		// TODO: Handle error.
	}
	defer c.Close()

	req := &orgpolicypb.GetPolicyRequest{
		// TODO: Fill request struct fields.
		// See https://pkg.go.dev/cloud.google.com/go/orgpolicy/apiv2/orgpolicypb#GetPolicyRequest.
	}
	resp, err := c.GetPolicy(ctx, req)
	if err != nil {
		// TODO: Handle error.
	}
	// TODO: Use resp.
	_ = resp
}

Output:

func (*Client) ListConstraints 

func (c *Client) ListConstraints(ctx context.Context, req *orgpolicypb.ListConstraintsRequest, opts ...gax.CallOption) *ConstraintIterator

ListConstraints lists Constraints that could be applied on the specified resource.

Example 
package main

import (
	"context"

	orgpolicy "cloud.google.com/go/orgpolicy/apiv2"
	orgpolicypb "cloud.google.com/go/orgpolicy/apiv2/orgpolicypb"
	"google.golang.org/api/iterator"
)

func main() {
	ctx := context.Background()
	// This snippet has been automatically generated and should be regarded as a code template only.
	// It will require modifications to work:
	// - It may require correct/in-range values for request initialization.
	// - It may require specifying regional endpoints when creating the service client as shown in:
	//   https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options
	c, err := orgpolicy.NewClient(ctx)
	if err != nil {
		// TODO: Handle error.
	}
	defer c.Close()

	req := &orgpolicypb.ListConstraintsRequest{
		// TODO: Fill request struct fields.
		// See https://pkg.go.dev/cloud.google.com/go/orgpolicy/apiv2/orgpolicypb#ListConstraintsRequest.
	}
	it := c.ListConstraints(ctx, req)
	for {
		resp, err := it.Next()
		if err == iterator.Done {
			break
		}
		if err != nil {
			// TODO: Handle error.
		}
		// TODO: Use resp.
		_ = resp
	}
}

Output:

func (*Client) ListPolicies 

func (c *Client) ListPolicies(ctx context.Context, req *orgpolicypb.ListPoliciesRequest, opts ...gax.CallOption) *PolicyIterator

ListPolicies retrieves all of the Policies that exist on a particular resource.

Example 
package main

import (
	"context"

	orgpolicy "cloud.google.com/go/orgpolicy/apiv2"
	orgpolicypb "cloud.google.com/go/orgpolicy/apiv2/orgpolicypb"
	"google.golang.org/api/iterator"
)

func main() {
	ctx := context.Background()
	// This snippet has been automatically generated and should be regarded as a code template only.
	// It will require modifications to work:
	// - It may require correct/in-range values for request initialization.
	// - It may require specifying regional endpoints when creating the service client as shown in:
	//   https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options
	c, err := orgpolicy.NewClient(ctx)
	if err != nil {
		// TODO: Handle error.
	}
	defer c.Close()

	req := &orgpolicypb.ListPoliciesRequest{
		// TODO: Fill request struct fields.
		// See https://pkg.go.dev/cloud.google.com/go/orgpolicy/apiv2/orgpolicypb#ListPoliciesRequest.
	}
	it := c.ListPolicies(ctx, req)
	for {
		resp, err := it.Next()
		if err == iterator.Done {
			break
		}
		if err != nil {
			// TODO: Handle error.
		}
		// TODO: Use resp.
		_ = resp
	}
}

Output:

func (*Client) UpdatePolicy 

func (c *Client) UpdatePolicy(ctx context.Context, req *orgpolicypb.UpdatePolicyRequest, opts ...gax.CallOption) (*orgpolicypb.Policy, error)

UpdatePolicy updates a Policy.

Returns a google.rpc.Status with google.rpc.Code.NOT_FOUND if the constraint or the policy do not exist. Returns a google.rpc.Status with google.rpc.Code.ABORTED if the etag supplied in the request does not match the persisted etag of the policy

Note: the supplied policy will perform a full overwrite of all fields.

Example 
package main

import (
	"context"

	orgpolicy "cloud.google.com/go/orgpolicy/apiv2"
	orgpolicypb "cloud.google.com/go/orgpolicy/apiv2/orgpolicypb"
)

func main() {
	ctx := context.Background()
	// This snippet has been automatically generated and should be regarded as a code template only.
	// It will require modifications to work:
	// - It may require correct/in-range values for request initialization.
	// - It may require specifying regional endpoints when creating the service client as shown in:
	//   https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options
	c, err := orgpolicy.NewClient(ctx)
	if err != nil {
		// TODO: Handle error.
	}
	defer c.Close()

	req := &orgpolicypb.UpdatePolicyRequest{
		// TODO: Fill request struct fields.
		// See https://pkg.go.dev/cloud.google.com/go/orgpolicy/apiv2/orgpolicypb#UpdatePolicyRequest.
	}
	resp, err := c.UpdatePolicy(ctx, req)
	if err != nil {
		// TODO: Handle error.
	}
	// TODO: Use resp.
	_ = resp
}

Output:

type ConstraintIterator 

type ConstraintIterator struct {

	// Response is the raw response for the current page.
	// It must be cast to the RPC response type.
	// Calling Next() or InternalFetch() updates this value.
	Response interface{}

	// InternalFetch is for use by the Google Cloud Libraries only.
	// It is not part of the stable interface of this package.
	//
	// InternalFetch returns results from a single call to the underlying RPC.
	// The number of results is no greater than pageSize.
	// If there are no more results, nextPageToken is empty and err is nil.
	InternalFetch func(pageSize int, pageToken string) (results []*orgpolicypb.Constraint, nextPageToken string, err error)
	// contains filtered or unexported fields
}

ConstraintIterator manages a stream of *orgpolicypb.Constraint.

func (*ConstraintIterator) Next 

func (it *ConstraintIterator) Next() (*orgpolicypb.Constraint, error)

Next returns the next result. Its second return value is iterator.Done if there are no more results. Once Next returns Done, all subsequent calls will return Done.

func (*ConstraintIterator) PageInfo 

func (it *ConstraintIterator) PageInfo() *iterator.PageInfo

PageInfo supports pagination. See the google.golang.org/api/iterator package for details.

type PolicyIterator 

type PolicyIterator struct {

	// Response is the raw response for the current page.
	// It must be cast to the RPC response type.
	// Calling Next() or InternalFetch() updates this value.
	Response interface{}

	// InternalFetch is for use by the Google Cloud Libraries only.
	// It is not part of the stable interface of this package.
	//
	// InternalFetch returns results from a single call to the underlying RPC.
	// The number of results is no greater than pageSize.
	// If there are no more results, nextPageToken is empty and err is nil.
	InternalFetch func(pageSize int, pageToken string) (results []*orgpolicypb.Policy, nextPageToken string, err error)
	// contains filtered or unexported fields
}

PolicyIterator manages a stream of *orgpolicypb.Policy.

func (*PolicyIterator) Next 

func (it *PolicyIterator) Next() (*orgpolicypb.Policy, error)

Next returns the next result. Its second return value is iterator.Done if there are no more results. Once Next returns Done, all subsequent calls will return Done.

func (*PolicyIterator) PageInfo 

func (it *PolicyIterator) PageInfo() *iterator.PageInfo

PageInfo supports pagination. See the google.golang.org/api/iterator package for details.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.