Policy: GCP > Project > Organization Policy > Domain restricted sharing

Manage the GCP Organization Policy "Domain restricted sharing" for the project.

This list constraint defines the set of members that can be added to Cloud IAM policies. By default, all user identities are allowed to be added to Cloud IAM policies. The allowed/denied list must specify one or more Cloud Identity or G Suite customer IDs. If this constraint is active, only identities in the allowed list will be eligible to be added to Cloud IAM policies.

Targets

This policy targets the following resource types:

GCP > Project

Primary Policy

This policy is used with the following primary policy:

GCP > Project > Organization Policy

Policy Specification

Schema Type	`string`
Default	`Skip`
Valid Values [YAML]	`Skip` `Check: Inherited` `Check: Google-managed default` `Check: Per Custom Values, effective value` `Check: Per Custom Values, inherited` `Check: Per Custom Values, set on project`
Examples [YAML]	`Skip`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/policy

Policy Type URI

tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPolicyMemberDomains

GraphQL

query policyType(id: "tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPolicyMemberDomains") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPolicyMemberDomains'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPolicyMemberDomains'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPolicyMemberDomains"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPolicyMemberDomains"

Policy: GCP > Project > Organization Policy > Domain restricted sharing

Targets

This policy targets the following resource types:

GCP > Project

Primary Policy

This policy is used with the following primary policy:

GCP > Project > Organization Policy

Policy Specification

Schema Type	`string`
Default	`Skip`
Valid Values [YAML]	`Skip` `Check: Inherited` `Check: Google-managed default` `Check: Per Custom Values, effective value` `Check: Per Custom Values, inherited` `Check: Per Custom Values, set on project`
Examples [YAML]	`Skip`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/policy

Policy Type URI

tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPolicyMemberDomains

GraphQL

query policyType(id: "tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPolicyMemberDomains") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPolicyMemberDomains'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPolicyMemberDomains'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPolicyMemberDomains"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPolicyMemberDomains"

Policy: GCP > Project > Organization Policy > Domain restricted sharing

Targets

Primary Policy

Related Policies

Policy Specification

Category

In Your Workspace

Developers

Policy: GCP > Project > Organization Policy > Domain restricted sharing

Targets

Primary Policy

Related Policies

Policy Specification

Category

In Your Workspace

Developers