Policy: GCP > Project > Organization Policy

Related Policies

• Disable Source Code Download
• Allowed ingress settings (Cloud Functions)
• Allowed VPC Connector egress settings (Cloud Functions)
• Require VPC Connector (Cloud Functions)
• Disable Guest Attributes of Compute Engine metadata
• Disable Internet Network Endpoint Groups
• Disable VM nested virtualization
• Disable VM serial port access
• Disable VM serial port logging to Stackdriver
• Require OS Login
• Shielded VMs
• Restrict Cloud NAT usage
• Restrict Load Balancer Creation Based on Load Balancer Types
• Restrict Protocol Forwarding Based on type of IP Address
• Restrict Shared VPC Host Projects
• Restrict Shared VPC Subnetworks
• Restrict VPC peering usage
• Restrict shared VPC project lien removal
• Skip default network creation
• Compute Storage resource use restrictions (Compute Engine disks, images, and snapshots)
• Define trusted image projects
• Restrict VM IP Forwarding
• Define allowed external IPs for VM instances
• Disable Cloud Logging
• Google Cloud Platform - Resource Location Restriction
• Domain restricted sharing
• Define allowed root certificate authority [Deprecated]
• Disable Automatic IAM Grants for Default Service Accounts
• Disable service account creation
• Disable service account key creation
• Disable Service Account Key Upload
• Disable Workload Identity Cluster Creation
• Restrict allowed Google Cloud APIs and services
• Restrict default Google-managed encryption on Cloud SQL instances [Deprecated]
• Restrict Authorized Networks on Cloud SQL instances
• Restrict Public IP access on Cloud SQL instances
• Enforce Public Access Prevention
• Retention policy duration in seconds
• Enforce uniform bucket-level access

Controls

• GCP > Project > Organization Policy

Category

• Organization > Policy

In Your Workspace

• Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/policy

Policy Type URI

tmod:@turbot/gcp-orgpolicy#/policy/types/organizationPolicy

GraphQL

query policyType(id: "tmod:@turbot/gcp-orgpolicy#/policy/types/organizationPolicy") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/organizationPolicy'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/gcp-orgpolicy#/policy/types/organizationPolicy'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/gcp-orgpolicy#/policy/types/organizationPolicy"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/gcp-orgpolicy#/policy/types/organizationPolicy"