Control: GCP > Project > Organization Policy > Restrict Protocol Forwarding Based on type of IP Address

Manage the GCP Organization Policy "Restrict Protocol Forwarding Based on type of IP Address" for the project.

This list constraint defines the type of protocol forwarding rule objects with target instance that a user can create. When this constraint is enforced, new forwarding rule objects with target instance will be limited to internal and/or external IP addresses, based on the types specified.

The types to be allowed or denied must be listed explicitly. By default, creation of both internal and external protocol forwarding rule objects with target instance are allowed.

The list of allowed or denied values can only include values from the list below:

  INTERNAL
  EXTERNAL

Resource Types

This control targets the following resource types:

GCP > Project

Primary Policies

The following policies can be used to configure this control:

In Your Workspace

Developers

Control Type URI

tmod:@turbot/gcp-orgpolicy#/control/types/computeRestrictProtocolForwardingCreationForTypes

Category URI

tmod:@turbot/turbot#/control/categories/policy

GraphQL

query controlType(id: "tmod:@turbot/gcp-orgpolicy#/control/types/computeRestrictProtocolForwardingCreationForTypes") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/gcp-orgpolicy#/control/types/computeRestrictProtocolForwardingCreationForTypes'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/gcp-orgpolicy#/control/types/computeRestrictProtocolForwardingCreationForTypes"