1# Copyright 2023 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15apiVersion: iam.cnrm.cloud.google.com/v1beta1
16kind: IAMAccessBoundaryPolicy
17metadata:
18 name: accessboundary-sample
19spec:
20 projectRef:
21 # Replace "${PROJECT_ID?}" below with your project ID
22 external: "cloudresourcemanager.googleapis.com%2Fprojects%2F${PROJECT_ID?}"
23 displayName: Access Boundary Sample
24 rules:
25 - description: "Sample access boundary rule"
26 accessBoundaryRule:
27 availableResource: "*"
28 availablePermissions:
29 - "*"
30 availabilityCondition:
31 title: "Access level expr"
32 # Replace "${ORG_ID?}" with the numeric ID for your organization and
33 # replace "${ACCESS_LEVEL?}" with the full name of your access level
34 expression: "request.matchAccessLevels('${ORG_ID?}', ['${ACCESS_LEVEL?}'])"
View as plain text