REST Resource: customers.policySchemas

Resource: PolicySchema

Resource representing a policy schema. Next ID: 11

JSON representation
{
  "name": string,
  "policyDescription": string,
  "additionalTargetKeyNames": [
    {
      object (AdditionalTargetKeyName)
    }
  ],
  "definition": {
    object (FileDescriptorProto)
  },
  "fieldDescriptions": [
    {
      object (PolicySchemaFieldDescription)
    }
  ],
  "accessRestrictions": [
    string
  ],
  "notices": [
    {
      object (PolicySchemaNoticeDescription)
    }
  ],
  "supportUri": string,
  "schemaName": string,
  "validTargetResources": [
    enum (TargetResource)
  ]
}
Fields
name

string

Format: name=customers/{customer}/policySchemas/{schema_namespace}

policyDescription

string

Output only. Description about the policy schema for user consumption.

additionalTargetKeyNames[]

object (AdditionalTargetKeyName)

Output only. Additional key names that will be used to identify the target of the policy value. When specifying a policyTargetKey, each of the additional keys specified here will have to be included in the additionalTargetKeys map.

definition

object (FileDescriptorProto)

Schema definition using proto descriptor.

fieldDescriptions[]

object (PolicySchemaFieldDescription)

Output only. Detailed description of each field that is part of the schema.

accessRestrictions[]

string

Output only. Specific access restrictions related to this policy.

notices[]

object (PolicySchemaNoticeDescription)

Output only. Special notice messages related to setting certain values in certain fields in the schema.

supportUri

string

Output only. URI to related support article for this schema.

schemaName

string

Output only. The full qualified name of the policy schema. This value is used to fill the field policySchema in PolicyValue when calling orgunits.batchInherit or orgunits.batchModify.

validTargetResources[]

enum (TargetResource)

Output only. Information about applicable target resources for the policy.

AdditionalTargetKeyName

Additional key names that will be used to identify the target of the policy value.

JSON representation
{
  "key": string,
  "keyDescription": string
}
Fields
key

string

Key name.

keyDescription

string

Key description.

FileDescriptorProto

Describes a complete .proto file.

JSON representation
{
  "name": string,
  "package": string,
  "messageType": [
    {
      object (DescriptorProto)
    }
  ],
  "enumType": [
    {
      object (EnumDescriptorProto)
    }
  ],
  "syntax": string
}
Fields
name

string

file name, relative to root of source tree

package

string

e.g. "foo", "foo.bar", etc.

messageType[]

object (DescriptorProto)

All top-level definitions in this file.

enumType[]

object (EnumDescriptorProto)

syntax

string

The syntax of the proto file. The supported values are "proto2" and "proto3".

DescriptorProto

Describes a message type.

JSON representation
{
  "name": string,
  "field": [
    {
      object (FieldDescriptorProto)
    }
  ],
  "nestedType": [
    {
      object (DescriptorProto)
    }
  ],
  "enumType": [
    {
      object (EnumDescriptorProto)
    }
  ],
  "oneofDecl": [
    {
      object (OneofDescriptorProto)
    }
  ]
}
Fields
name

string

field[]

object (FieldDescriptorProto)

nestedType[]

object (DescriptorProto)

enumType[]

object (EnumDescriptorProto)

oneofDecl[]

object (OneofDescriptorProto)

FieldDescriptorProto

Describes a field within a message.

JSON representation
{
  "name": string,
  "number": integer,
  "label": enum (Label),
  "type": enum (Type),
  "typeName": string,
  "defaultValue": string,
  "oneofIndex": integer,
  "jsonName": string,
  "proto3Optional": boolean
}
Fields
name

string

number

integer

label

enum (Label)

type

enum (Type)

If typeName is set, this need not be set. If both this and typeName are set, this must be one of TYPE_ENUM, TYPE_MESSAGE or TYPE_GROUP.

typeName

string

For message and enum types, this is the name of the type. If the name starts with a '.', it is fully-qualified. Otherwise, C++-like scoping rules are used to find the type (i.e. first the nested types within this message are searched, then within the parent, on up to the root namespace).

defaultValue

string

For numeric types, contains the original text representation of the value. For booleans, "true" or "false". For strings, contains the default text contents (not escaped in any way). For bytes, contains the C escaped value. All bytes >= 128 are escaped.

oneofIndex

integer

If set, gives the index of a oneof in the containing type's oneofDecl list. This field is a member of that oneof.

jsonName

string

JSON name of this field. The value is set by protocol compiler. If the user has set a "jsonName" option on this field, that option's value will be used. Otherwise, it's deduced from the field's name by converting it to camelCase.

proto3Optional

boolean

If true, this is a proto3 "optional". When a proto3 field is optional, it tracks presence regardless of field type.

When proto3Optional is true, this field must be belong to a oneof to signal to old proto3 clients that presence is tracked for this field. This oneof is known as a "synthetic" oneof, and this field must be its sole member (each proto3 optional field gets its own synthetic oneof). Synthetic oneofs exist in the descriptor only, and do not generate any API. Synthetic oneofs must be ordered after all "real" oneofs.

For message fields, proto3Optional doesn't create any semantic change, since non-repeated message fields always track presence. However it still indicates the semantic detail of whether the user wrote "optional" or not. This can be useful for round-tripping the .proto file. For consistency we give message fields a synthetic oneof also, even though it is not required to track presence. This is especially important because the parser can't tell if a field is a message or an enum, so it must always create a synthetic oneof.

Proto2 optional fields do not set this flag, because they already indicate optional with LABEL_OPTIONAL.

Label

Enums
LABEL_OPTIONAL 0 is reserved for errors
LABEL_REQUIRED
LABEL_REPEATED

Type

Enums
TYPE_DOUBLE 0 is reserved for errors. Order is weird for historical reasons.
TYPE_FLOAT
TYPE_INT64 Not ZigZag encoded. Negative numbers take 10 bytes. Use TYPE_SINT64 if negative values are likely.
TYPE_UINT64
TYPE_INT32 Not ZigZag encoded. Negative numbers take 10 bytes. Use TYPE_SINT32 if negative values are likely.
TYPE_FIXED64
TYPE_FIXED32
TYPE_BOOL
TYPE_STRING
TYPE_GROUP Tag-delimited aggregate. Group type is deprecated and not supported in proto3. However, Proto3 implementations should still be able to parse the group wire format and treat group fields as unknown fields.
TYPE_MESSAGE Length-delimited aggregate.
TYPE_BYTES New in version 2.
TYPE_UINT32
TYPE_ENUM
TYPE_SFIXED32
TYPE_SFIXED64
TYPE_SINT32 Uses ZigZag encoding.
TYPE_SINT64 Uses ZigZag encoding.

EnumDescriptorProto

Describes an enum type.

JSON representation
{
  "name": string,
  "value": [
    {
      object (EnumValueDescriptorProto)
    }
  ]
}
Fields
name

string

value[]

object (EnumValueDescriptorProto)

EnumValueDescriptorProto

Describes a value within an enum.

JSON representation
{
  "name": string,
  "number": integer
}
Fields
name

string

number

integer

OneofDescriptorProto

Describes a oneof.

JSON representation
{
  "name": string
}
Fields
name

string

PolicySchemaFieldDescription

Provides detailed information for a particular field that is part of a PolicySchema.

JSON representation
{
  "field": string,
  "description": string,
  "inputConstraint": string,
  "knownValueDescriptions": [
    {
      object (PolicySchemaFieldKnownValueDescription)
    }
  ],
  "nestedFieldDescriptions": [
    {
      object (PolicySchemaFieldDescription)
    }
  ],
  "fieldDependencies": [
    {
      object (PolicySchemaFieldDependencies)
    }
  ]
}
Fields
field

string

Output only. The name of the field for associated with this description.

description

string

Output only. The description for the field.

inputConstraint

string

Output only. Any input constraints associated on the values for the field.

knownValueDescriptions[]

object (PolicySchemaFieldKnownValueDescription)

Output only. If the field has a set of known values, this field will provide a description for these values.

nestedFieldDescriptions[]

object (PolicySchemaFieldDescription)

Output only. Provides the description of the fields nested in this field, if the field is a message type that defines multiple fields.

fieldDependencies[]

object (PolicySchemaFieldDependencies)

Output only. Provides a list of fields and the values they must have for this field to be allowed to be set.

PolicySchemaFieldKnownValueDescription

Provides detailed information about a known value that is allowed for a particular field in a PolicySchema.

JSON representation
{
  "value": string,
  "description": string
}
Fields
value

string

Output only. The string represenstation of the value that can be set for the field.

description

string

Output only. Additional description for this value.

PolicySchemaFieldDependencies

The field and the value it must have for another field to be allowed to be set.

JSON representation
{
  "sourceField": string,
  "sourceFieldValue": string
}
Fields
sourceField

string

The source field which this field depends on.

sourceFieldValue

string

The value which the source field must have for this field to be allowed to be set.

PolicySchemaNoticeDescription

Provides special notice messages related to a particular value in a field that is part of a PolicySchema.

JSON representation
{
  "field": string,
  "noticeValue": string,
  "noticeMessage": string,
  "acknowledgementRequired": boolean
}
Fields
field

string

Output only. The field name associated with the notice.

noticeValue

string

Output only. The value of the field that has a notice. When setting the field to this value, the user may be required to acknowledge the notice message in order for the value to be set.

noticeMessage

string

Output only. The notice message associate with the value of the field.

acknowledgementRequired

boolean

Output only. Whether the user needs to acknowledge the notice message before the value can be set.

TargetResource

Target resource types

Enums
TARGET_RESOURCE_UNSPECIFIED Unspecified target resource.
ORG_UNIT Organizational Unit target resource.
GROUP Group target resource.

Methods

get

Get a specific policy schema for a customer by its resource name.

list

Gets a list of policy schemas that match a specified filter value for a given customer.