Policy: GCP > Project > Organization Policy > Define allowed root certificate authority [Deprecated] > Action [Deprecated]

Determine the behavior of the custom policy.

Note that this selection determines whether the Custom Values sub-policy is a list of items to be allowed ("Allow Custom Values") or a list of items to be denied("Deny Custom Values"). In the case of "Allow All" or "Deny All" the Custom Values are ignored. Note: This policy has been deprecated in v5.1.0 and will be removed in the next major version.

Targets

This policy targets the following resource types:

GCP > Project

Primary Policy

This policy is used with the following primary policy:

GCP > Project > Organization Policy > Define allowed root certificate authority [Deprecated]

Policy Specification

Schema Type	`string`
Default	`Allow All`
Valid Values [YAML]	`Allow All` `Deny All` `Allow Custom Values - Replace` `Allow Custom Values - Merge with parent` `Deny Custom Values - Replace` `Deny Custom Values - Merge with parent`
Examples [YAML]	`Skip`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/policy

Policy Type URI

tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCaAction

GraphQL

query policyType(id: "tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCaAction") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCaAction'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCaAction'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCaAction"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/gcp-orgpolicy#/policy/types/iamAllowedPublicCertificateTrustedRootCaAction"