Policy: GCP > Project > Organization Policy > Define allowed root certificate authority [Deprecated]

Manage the GCP Organization Policy "Define allowed root certificate authority" for the project. BETA: This list constraint defines the set of trusted root certificate authorities from which the issued public certificates can be added to Cloud IAM Service Accounts. By default, all public certificates are allowed to be uploaded to Cloud IAM Service Accounts. If this constraint is active, only public certificates issued by the root certificate authorities in the allowed list will be eligible to be added to Cloud IAM service accounts. Note: This policy has been deprecated in v5.1.0 and will be removed in the next major version.

Targets

This policy targets the following resource types:

GCP > Project

Primary Policy

This policy is used with the following primary policy:

GCP > Project > Organization Policy

Policy Specification

Schema Type	`string`
Default	`Skip`
Valid Values [YAML]	`Skip` `Check: Inherited` `Check: Google-managed default` `Check: Per Custom Values, effective value` `Check: Per Custom Values, inherited` `Check: Per Custom Values, set on project`
Examples [YAML]	`Skip`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/policy

Policy Type URI

tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCa

GraphQL

query policyType(id: "tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCa") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCa'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCa'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCa"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCa"

Policy: GCP > Project > Organization Policy > Define allowed root certificate authority [Deprecated]

Targets

This policy targets the following resource types:

GCP > Project

Primary Policy

This policy is used with the following primary policy:

GCP > Project > Organization Policy

Policy Specification

Schema Type	`string`
Default	`Skip`
Valid Values [YAML]	`Skip` `Check: Inherited` `Check: Google-managed default` `Check: Per Custom Values, effective value` `Check: Per Custom Values, inherited` `Check: Per Custom Values, set on project`
Examples [YAML]	`Skip`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/policy

Policy Type URI

tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCa

GraphQL

query policyType(id: "tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCa") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCa'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCa'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCa"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCa"

Policy: GCP > Project > Organization Policy > Define allowed root certificate authority [Deprecated]

Targets

Primary Policy

Related Policies

Policy Specification

Category

In Your Workspace

Developers

Policy: GCP > Project > Organization Policy > Define allowed root certificate authority [Deprecated]

Targets

Primary Policy

Related Policies

Policy Specification

Category

In Your Workspace

Developers