Policy: GCP > Project > Organization Policy > Define trusted image projects

Manage the GCP Organization Policy "Define trusted image projects" for the project.

This list constraint defines the set of projects that can be used for image storage and disk instantiation for Compute Engine. By default, instances can be created from images in any project that shares images publicly or explicitly with the user.

The allowed/denied list of publisher projects must be strings in the form: projects/PROJECT_ID. If this constraint is active, only images from trusted projects will be allowed as the source for boot disks for new instances.

Targets

This policy targets the following resource types:

GCP > Project

Primary Policy

This policy is used with the following primary policy:

GCP > Project > Organization Policy

Policy Specification

Schema Type	`string`
Default	`Skip`
Valid Values [YAML]	`Skip` `Check: Inherited` `Check: Google-managed default` `Check: Per Custom Values, effective value` `Check: Per Custom Values, inherited` `Check: Per Custom Values, set on project`
Examples [YAML]	`Skip`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/policy

Policy Type URI

tmod:@turbot/gcp-orgpolicy#/policy/types/computeTrustedImageProjects

GraphQL

query policyType(id: "tmod:@turbot/gcp-orgpolicy#/policy/types/computeTrustedImageProjects") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/computeTrustedImageProjects'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/computeTrustedImageProjects'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/gcp-orgpolicy#/policy/types/computeTrustedImageProjects"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/gcp-orgpolicy#/policy/types/computeTrustedImageProjects"

Policy: GCP > Project > Organization Policy > Define trusted image projects

Targets

This policy targets the following resource types:

GCP > Project

Primary Policy

This policy is used with the following primary policy:

GCP > Project > Organization Policy

Policy Specification

Schema Type	`string`
Default	`Skip`
Valid Values [YAML]	`Skip` `Check: Inherited` `Check: Google-managed default` `Check: Per Custom Values, effective value` `Check: Per Custom Values, inherited` `Check: Per Custom Values, set on project`
Examples [YAML]	`Skip`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/policy

Policy Type URI

tmod:@turbot/gcp-orgpolicy#/policy/types/computeTrustedImageProjects

GraphQL

query policyType(id: "tmod:@turbot/gcp-orgpolicy#/policy/types/computeTrustedImageProjects") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/computeTrustedImageProjects'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/computeTrustedImageProjects'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/gcp-orgpolicy#/policy/types/computeTrustedImageProjects"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/gcp-orgpolicy#/policy/types/computeTrustedImageProjects"

Policy: GCP > Project > Organization Policy > Define trusted image projects

Targets

Primary Policy

Related Policies

Policy Specification

Category

In Your Workspace

Developers

Policy: GCP > Project > Organization Policy > Define trusted image projects

Targets

Primary Policy

Related Policies

Policy Specification

Category

In Your Workspace

Developers