Control: GCP > Project > Organization Policy > Restrict allowed Google Cloud APIs and services

Manage the GCP Organization Policy "Restrict allowed Google Cloud APIs and services" for the project.

This list constraint restricts the set of services and their APIs that can be enabled on this resource. By default, all services are allowed. The denied list of services must come from the list below. Explicitly enabling APIs via this constraint is not currently supported.

Specifying an API not in this list will result in an error. compute.googleapis.com deploymentmanager.googleapis.com dns.googleapis.com doubleclicksearch.googleapis.com replicapool.googleapis.com replicapoolupdater.googleapis.com resourceviews.googleapis.com Enforcement of this constraint is not retroactive. If a service is already enabled on a resource when this constraint is enforced, it will remain enabled.

Resource Types

This control targets the following resource types:

GCP > Project

In Your Workspace

Developers

Control Type URI

tmod:@turbot/gcp-orgpolicy#/control/types/serviceuserServices

Category URI

tmod:@turbot/turbot#/control/categories/policy

GraphQL

query controlType(id: "tmod:@turbot/gcp-orgpolicy#/control/types/serviceuserServices") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/gcp-orgpolicy#/control/types/serviceuserServices'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/gcp-orgpolicy#/control/types/serviceuserServices"