Control: GCP > Project > Organization Policy > Restrict Shared VPC Host Projects

Manage the GCP Organization Policy "Restrict Shared VPC Host Projects" for the project.

This list constraint defines the set of Shared VPC host projects that projects at or below this resource can attach to. By default, a project can attach to any host project in the same organization, thereby becoming a service project.

Projects, folders, and organizations in allowed/denied lists affect all objects underneath them in the resource hierarchy, and must be specified in the form: under:organizations/ORGANIZATION_ID, under:folders/FOLDER_ID, or projects/PROJECT_ID.

Resource Types

This control targets the following resource types:

GCP > Project

Primary Policies

The following policies can be used to configure this control:

In Your Workspace

Developers

Control Type URI

tmod:@turbot/gcp-orgpolicy#/control/types/computeRestrictSharedVpcHostProjects

Category URI

tmod:@turbot/turbot#/control/categories/policy

GraphQL

query controlType(id: "tmod:@turbot/gcp-orgpolicy#/control/types/computeRestrictSharedVpcHostProjects") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/gcp-orgpolicy#/control/types/computeRestrictSharedVpcHostProjects'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/gcp-orgpolicy#/control/types/computeRestrictSharedVpcHostProjects"