42 lines
901 B
YAML
42 lines
901 B
YAML
# skip boilerplate check
|
|
#
|
|
# sample subset of useful organization policies, edit to suit requirements
|
|
|
|
---
|
|
# Terraform will be unable to decode this file if it does not contain valid YAML
|
|
# You can retain `---` (start of the document) to indicate an empty document.
|
|
|
|
run.allowedIngress:
|
|
rules:
|
|
- allow:
|
|
values:
|
|
- is:internal-and-cloud-load-balancing
|
|
|
|
# run.allowedVPCEgress:
|
|
# rules:
|
|
# - allow:
|
|
# values:
|
|
# - is:private-ranges-only
|
|
|
|
# cloudfunctions.allowedIngressSettings:
|
|
# rules:
|
|
# - allow:
|
|
# values:
|
|
# - is:ALLOW_INTERNAL_ONLY
|
|
|
|
# cloudfunctions.allowedVpcConnectorEgressSettings:
|
|
# rules:
|
|
# - allow:
|
|
# values:
|
|
# - is:PRIVATE_RANGES_ONLY
|
|
|
|
# cloudfunctions.requireVPCConnector:
|
|
# rules:
|
|
# - enforce: true
|
|
|
|
# constraints/cloudfunctions.restrictAllowedGenerations:
|
|
# rules:
|
|
# - allow:
|
|
# values:
|
|
# - is:2ndGen
|