2022-07-06 10:41:18 -07:00
/ * *
* Copyright 2022 Google LLC
*
* Licensed under the Apache License , Version 2 . 0 ( the " License " ) ;
* you may not use this file except in compliance with the License .
* You may obtain a copy of the License at
*
* http : //www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing , software
* distributed under the License is distributed on an " AS IS " BASIS ,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND , either express or implied .
* See the License for the specific language governing permissions and
* limitations under the License .
* /
variable " config_directory " {
description = " Paths to a folder where organization policy configs are stored in yaml format. Files suffix must be `.yaml`. "
type = string
default = null
}
2022-07-08 03:24:18 -07:00
variable " policies " {
2022-07-06 10:41:18 -07:00
description = " Organization policies keyed by parent in format `projects/project-id`, `folders/1234567890` or `organizations/1234567890`. "
2022-07-08 03:24:18 -07:00
type = map ( map ( object ( {
inherit_from_parent = optional ( bool ) # List policy only.
reset = optional ( bool )
rules = optional (
list ( object ( {
allow = optional ( list ( string ) ) # List policy only. Stands for `allow_all` if set to empty list `[]` or to `values.allowed_values` if set to a list of values
deny = optional ( list ( string ) ) # List policy only. Stands for `deny_all` if set to empty list `[]` or to `values.denied_values` if set to a list of values
enforce = optional ( bool ) # Boolean policy only.
condition = optional (
object ( {
description = optional ( string )
expression = optional ( string )
location = optional ( string )
title = optional ( string )
} )
)
} ) )
)
} ) ) )
default = { }
2022-07-06 10:41:18 -07:00
}