gcpdiag.queries.orgpolicy
Queries related to organization policy constraints.
PREFETCH_ORG_CONSTRAINTS =
('constraints/compute.disableSerialPortAccess', 'constraints/compute.requireOsLogin', 'constraints/compute.requireShieldedVm', 'constraints/iam.automaticIamGrantsForDefaultServiceAccounts', 'constraints/compute.disableSerialPortLogging', 'constraints/compute.disableSshInBrowser', 'constraints/iam.disableCrossProjectServiceAccountUsage')
class
PolicyConstraint:
40class PolicyConstraint: 41 42 def __init__(self, name, resource_data): 43 self.name = name 44 self._resource_data = resource_data 45 46 def __str__(self): 47 return self.name + ': ' + self._resource_data.__str__() 48 49 pass
52class BooleanPolicyConstraint(PolicyConstraint): 53 54 def is_enforced(self) -> bool: 55 return self._resource_data.get('enforced', False)
Inherited Members
def
get_effective_org_policy(project_id: str, constraint: str):
95def get_effective_org_policy(project_id: str, constraint: str): 96 all_constraints = _get_effective_org_policy_all_constraints(project_id) 97 if constraint not in all_constraints: 98 raise ValueError( 99 f'constraint {constraint} not supported {list(all_constraints)}') 100 return all_constraints[constraint]