-
Notifications
You must be signed in to change notification settings - Fork 1.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added org policy policy resource. (#5199)
* Added org policy policy resource. * Added additional comments. * Allow resources to use the normal terraform ID process by default - DCL by override. * Added a way to expand and flatten between terraform strings and dcl booleans. * Updated GA version of policy.yaml. * Ran make upgrade-dcl (and added missing tab to tf go.mod). * Added NO_SWEEPER override for orgpolicy policy and formatting for id construction errors. Co-authored-by: Nathan Mckinley <nmckinley@google.com>
- Loading branch information
1 parent
31bc92e
commit ef776cd
Showing
46 changed files
with
2,009 additions
and
24 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,111 @@ | ||
| info: | ||
| title: CloudResourceManager/Folder | ||
| description: DCL Specification for the CloudResourceManager Folder resource | ||
| x-dcl-has-iam: true | ||
| paths: | ||
| get: | ||
| description: The function used to get information about a Folder | ||
| parameters: | ||
| - name: Folder | ||
| required: true | ||
| description: A full instance of a Folder | ||
| apply: | ||
| description: The function used to apply information about a Folder | ||
| parameters: | ||
| - name: Folder | ||
| required: true | ||
| description: A full instance of a Folder | ||
| delete: | ||
| description: The function used to delete a Folder | ||
| parameters: | ||
| - name: Folder | ||
| required: true | ||
| description: A full instance of a Folder | ||
| deleteAll: | ||
| description: The function used to delete all Folder | ||
| parameters: | ||
| - name: parent | ||
| required: true | ||
| schema: | ||
| type: string | ||
| list: | ||
| description: The function used to list information about many Folder | ||
| parameters: | ||
| - name: parent | ||
| required: true | ||
| schema: | ||
| type: string | ||
| components: | ||
| schemas: | ||
| Folder: | ||
| title: Folder | ||
| x-dcl-id: folders/{{name}} | ||
| type: object | ||
| required: | ||
| - parent | ||
| properties: | ||
| createTime: | ||
| type: string | ||
| format: date-time | ||
| x-dcl-go-name: CreateTime | ||
| readOnly: true | ||
| description: Output only. Timestamp when the Folder was created. Assigned | ||
| by the server. | ||
| x-kubernetes-immutable: true | ||
| deleteTime: | ||
| type: string | ||
| format: date-time | ||
| x-dcl-go-name: DeleteTime | ||
| readOnly: true | ||
| description: Output only. Timestamp when the Folder was requested to be | ||
| deleted. | ||
| x-kubernetes-immutable: true | ||
| displayName: | ||
| type: string | ||
| x-dcl-go-name: DisplayName | ||
| description: 'The folder''s display name. A folder''s display name must | ||
| be unique amongst its siblings, e.g. no two folders with the same parent | ||
| can share the same display name. The display name must start and end with | ||
| a letter or digit, may contain letters, digits, spaces, hyphens and underscores | ||
| and can be no longer than 30 characters. This is captured by the regular | ||
| expression: `[p{L}p{N}]([p{L}p{N}_- ]{0,28}[p{L}p{N}])?`.' | ||
| etag: | ||
| type: string | ||
| x-dcl-go-name: Etag | ||
| readOnly: true | ||
| description: Output only. A checksum computed by the server based on the | ||
| current value of the Folder resource. This may be sent on update and delete | ||
| requests to ensure the client has an up-to-date value before proceeding. | ||
| x-kubernetes-immutable: true | ||
| name: | ||
| type: string | ||
| x-dcl-go-name: Name | ||
| readOnly: true | ||
| description: Output only. The resource name of the Folder. | ||
| x-kubernetes-immutable: true | ||
| x-dcl-server-generated-parameter: true | ||
| parent: | ||
| type: string | ||
| x-dcl-go-name: Parent | ||
| description: Required. The Folder's parent's resource name. Updates to the | ||
| folder's parent must be performed via MoveFolder. | ||
| x-dcl-forward-slash-allowed: true | ||
| state: | ||
| type: string | ||
| x-dcl-go-name: State | ||
| x-dcl-go-type: FolderStateEnum | ||
| readOnly: true | ||
| description: 'Output only. The lifecycle state of the folder. Possible values: | ||
| LIFECYCLE_STATE_UNSPECIFIED, ACTIVE, DELETE_REQUESTED' | ||
| x-kubernetes-immutable: true | ||
| enum: | ||
| - LIFECYCLE_STATE_UNSPECIFIED | ||
| - ACTIVE | ||
| - DELETE_REQUESTED | ||
| updateTime: | ||
| type: string | ||
| format: date-time | ||
| x-dcl-go-name: UpdateTime | ||
| readOnly: true | ||
| description: Output only. Timestamp when the Folder was last modified. | ||
| x-kubernetes-immutable: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,89 @@ | ||
| info: | ||
| title: CloudResourceManager/Project | ||
| description: DCL Specification for the CloudResourceManager Project resource | ||
| x-dcl-has-iam: true | ||
| paths: | ||
| get: | ||
| description: The function used to get information about a Project | ||
| parameters: | ||
| - name: Project | ||
| required: true | ||
| description: A full instance of a Project | ||
| apply: | ||
| description: The function used to apply information about a Project | ||
| parameters: | ||
| - name: Project | ||
| required: true | ||
| description: A full instance of a Project | ||
| delete: | ||
| description: The function used to delete a Project | ||
| parameters: | ||
| - name: Project | ||
| required: true | ||
| description: A full instance of a Project | ||
| deleteAll: | ||
| description: The function used to delete all Project | ||
| parameters: [] | ||
| list: | ||
| description: The function used to list information about many Project | ||
| parameters: [] | ||
| components: | ||
| schemas: | ||
| Project: | ||
| title: Project | ||
| x-dcl-id: v1/projects/{{name}} | ||
| x-dcl-labels: labels | ||
| type: object | ||
| properties: | ||
| displayname: | ||
| type: string | ||
| x-dcl-go-name: DisplayName | ||
| description: 'The optional user-assigned display name of the Project. When | ||
| present it must be between 4 to 30 characters. Allowed characters are: | ||
| lowercase and uppercase letters, numbers, hyphen, single-quote, double-quote, | ||
| space, and exclamation point. Example: `My Project` Read-write.' | ||
| x-kubernetes-immutable: true | ||
| labels: | ||
| type: object | ||
| additionalProperties: | ||
| type: string | ||
| x-dcl-go-name: Labels | ||
| description: User-specified labels. | ||
| lifecycleState: | ||
| type: string | ||
| x-dcl-go-name: LifecycleState | ||
| x-dcl-go-type: ProjectLifecycleStateEnum | ||
| readOnly: true | ||
| description: 'The Project lifecycle state. Read-only. Possible values: LIFECYCLE_STATE_UNSPECIFIED, | ||
| ACTIVE, DELETE_REQUESTED, DELETE_IN_PROGRESS' | ||
| x-kubernetes-immutable: true | ||
| enum: | ||
| - LIFECYCLE_STATE_UNSPECIFIED | ||
| - ACTIVE | ||
| - DELETE_REQUESTED | ||
| - DELETE_IN_PROGRESS | ||
| name: | ||
| type: string | ||
| x-dcl-go-name: Name | ||
| description: 'The unique, user-assigned ID of the Project. It must be 6 | ||
| to 30 lowercase letters, digits, or hyphens. It must start with a letter. | ||
| Trailing hyphens are prohibited. Example: `tokyo-rain-123` Read-only after | ||
| creation.' | ||
| x-kubernetes-immutable: true | ||
| parent: | ||
| type: string | ||
| x-dcl-go-name: Parent | ||
| description: 'An optional reference to a parent Resource. Supported values | ||
| include organizations/<org_id> and folders/<folder_id>. Once set, the | ||
| parent cannot be cleared. The `parent` can be set on creation or using | ||
| the `UpdateProject` method; the end user must have the `resourcemanager.projects.create` | ||
| permission on the parent. Read-write. ' | ||
| x-kubernetes-immutable: true | ||
| projectNumber: | ||
| type: integer | ||
| format: int64 | ||
| x-dcl-go-name: ProjectNumber | ||
| readOnly: true | ||
| description: 'The number uniquely identifying the project. Example: `415104041262` | ||
| Read-only. ' | ||
| x-kubernetes-immutable: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,111 @@ | ||
| info: | ||
| title: CloudResourceManager/Folder | ||
| description: DCL Specification for the CloudResourceManager Folder resource | ||
| x-dcl-has-iam: true | ||
| paths: | ||
| get: | ||
| description: The function used to get information about a Folder | ||
| parameters: | ||
| - name: Folder | ||
| required: true | ||
| description: A full instance of a Folder | ||
| apply: | ||
| description: The function used to apply information about a Folder | ||
| parameters: | ||
| - name: Folder | ||
| required: true | ||
| description: A full instance of a Folder | ||
| delete: | ||
| description: The function used to delete a Folder | ||
| parameters: | ||
| - name: Folder | ||
| required: true | ||
| description: A full instance of a Folder | ||
| deleteAll: | ||
| description: The function used to delete all Folder | ||
| parameters: | ||
| - name: parent | ||
| required: true | ||
| schema: | ||
| type: string | ||
| list: | ||
| description: The function used to list information about many Folder | ||
| parameters: | ||
| - name: parent | ||
| required: true | ||
| schema: | ||
| type: string | ||
| components: | ||
| schemas: | ||
| Folder: | ||
| title: Folder | ||
| x-dcl-id: folders/{{name}} | ||
| type: object | ||
| required: | ||
| - parent | ||
| properties: | ||
| createTime: | ||
| type: string | ||
| format: date-time | ||
| x-dcl-go-name: CreateTime | ||
| readOnly: true | ||
| description: Output only. Timestamp when the Folder was created. Assigned | ||
| by the server. | ||
| x-kubernetes-immutable: true | ||
| deleteTime: | ||
| type: string | ||
| format: date-time | ||
| x-dcl-go-name: DeleteTime | ||
| readOnly: true | ||
| description: Output only. Timestamp when the Folder was requested to be | ||
| deleted. | ||
| x-kubernetes-immutable: true | ||
| displayName: | ||
| type: string | ||
| x-dcl-go-name: DisplayName | ||
| description: 'The folder''s display name. A folder''s display name must | ||
| be unique amongst its siblings, e.g. no two folders with the same parent | ||
| can share the same display name. The display name must start and end with | ||
| a letter or digit, may contain letters, digits, spaces, hyphens and underscores | ||
| and can be no longer than 30 characters. This is captured by the regular | ||
| expression: `[p{L}p{N}]([p{L}p{N}_- ]{0,28}[p{L}p{N}])?`.' | ||
| etag: | ||
| type: string | ||
| x-dcl-go-name: Etag | ||
| readOnly: true | ||
| description: Output only. A checksum computed by the server based on the | ||
| current value of the Folder resource. This may be sent on update and delete | ||
| requests to ensure the client has an up-to-date value before proceeding. | ||
| x-kubernetes-immutable: true | ||
| name: | ||
| type: string | ||
| x-dcl-go-name: Name | ||
| readOnly: true | ||
| description: Output only. The resource name of the Folder. | ||
| x-kubernetes-immutable: true | ||
| x-dcl-server-generated-parameter: true | ||
| parent: | ||
| type: string | ||
| x-dcl-go-name: Parent | ||
| description: Required. The Folder's parent's resource name. Updates to the | ||
| folder's parent must be performed via MoveFolder. | ||
| x-dcl-forward-slash-allowed: true | ||
| state: | ||
| type: string | ||
| x-dcl-go-name: State | ||
| x-dcl-go-type: FolderStateEnum | ||
| readOnly: true | ||
| description: 'Output only. The lifecycle state of the folder. Possible values: | ||
| LIFECYCLE_STATE_UNSPECIFIED, ACTIVE, DELETE_REQUESTED' | ||
| x-kubernetes-immutable: true | ||
| enum: | ||
| - LIFECYCLE_STATE_UNSPECIFIED | ||
| - ACTIVE | ||
| - DELETE_REQUESTED | ||
| updateTime: | ||
| type: string | ||
| format: date-time | ||
| x-dcl-go-name: UpdateTime | ||
| readOnly: true | ||
| description: Output only. Timestamp when the Folder was last modified. | ||
| x-kubernetes-immutable: true |
Oops, something went wrong.