policy_orchestrators

Creates, updates, deletes, gets or lists a policy_orchestrators resource.

Overview

Name	`policy_orchestrators`
Type	Resource
Id	`google.osconfig.policy_orchestrators`

Fields

The following fields are returned by SELECT queries:

get
list

Name	Datatype	Description
`name`	`string`	Immutable. Identifier. In form of * `organizations/{organization_id}/locations/global/policyOrchestrators/{orchestrator_id}` * `folders/{folder_id}/locations/global/policyOrchestrators/{orchestrator_id}` * `projects/{project_id_or_number}/locations/global/policyOrchestrators/{orchestrator_id}`
`action`	`string`	Required. Action to be done by the orchestrator in `projects/{project_id}/zones/{zone_id}` locations defined by the `orchestration_scope`. Allowed values: - `UPSERT` - Orchestrator will create or update target resources. - `DELETE` - Orchestrator will delete target resources, if they exist
`createTime`	`string (google-datetime)`	Output only. Timestamp when the policy orchestrator resource was created.
`description`	`string`	Optional. Freeform text describing the purpose of the resource.
`etag`	`string`	Output only. This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
`labels`	`object`	Optional. Labels as key value pairs
`orchestratedResource`	`object`	Required. Resource to be orchestrated by the policy orchestrator. (id: GoogleCloudOsconfigV2__OrchestratedResource)
`orchestrationScope`	`object`	Optional. Defines scope for the orchestration, in context of the enclosing PolicyOrchestrator resource. Scope is expanded into a list of pairs, in which the rollout action will take place. Expansion starts with a Folder resource parenting the PolicyOrchestrator resource: - All the descendant projects are listed. - List of project is cross joined with a list of all available zones. - Resulting list of pairs is filtered according to the selectors. (id: GoogleCloudOsconfigV2__OrchestrationScope)
`orchestrationState`	`object`	Output only. State of the orchestration. (id: GoogleCloudOsconfigV2_PolicyOrchestrator_OrchestrationState)
`reconciling`	`boolean`	Output only. Set to true, if the there are ongoing changes being applied by the orchestrator.
`state`	`string`	Optional. State of the orchestrator. Can be updated to change orchestrator behaviour. Allowed values: - `ACTIVE` - orchestrator is actively looking for actions to be taken. - `STOPPED` - orchestrator won't make any changes. Note: There might be more states added in the future. We use string here instead of an enum, to avoid the need of propagating new states to all the client code.
`updateTime`	`string (google-datetime)`	Output only. Timestamp when the policy orchestrator resource was last modified.

Methods

The following methods are available for this resource:

Name	Accessible by	Required Params	Optional Params	Description
`get`	`select`	`projectsId`, `policyOrchestratorsId`		Retrieves an existing policy orchestrator, parented by a project.
`list`	`select`	`projectsId`	`orderBy`, `pageSize`, `pageToken`, `filter`	Lists the policy orchestrators under the given parent project resource.
`create`	`insert`	`projectsId`	`policyOrchestratorId`, `requestId`	Creates a new policy orchestrator under the given project resource. `name` field of the given orchestrator are ignored and instead replaced by a product of `parent` and `policy_orchestrator_id`. Orchestrator state field might be only set to `ACTIVE`, `STOPPED` or omitted (in which case, the created resource will be in `ACTIVE` state anyway).
`patch`	`update`	`projectsId`, `policyOrchestratorsId`	`updateMask`	Updates an existing policy orchestrator, parented by a project.
`delete`	`delete`	`projectsId`, `policyOrchestratorsId`	`etag`, `requestId`	Deletes an existing policy orchestrator resource, parented by a project.

Parameters

Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.

Name	Datatype	Description
`policyOrchestratorsId`	`string`
`projectsId`	`string`
`etag`	`string`
`filter`	`string`
`orderBy`	`string`
`pageSize`	`integer (int32)`
`pageToken`	`string`
`policyOrchestratorId`	`string`
`requestId`	`string`
`updateMask`	`string (google-fieldmask)`

`SELECT` examples

get
list

Retrieves an existing policy orchestrator, parented by a project.

SELECT
name,
action,
createTime,
description,
etag,
labels,
orchestratedResource,
orchestrationScope,
orchestrationState,
reconciling,
state,
updateTime
FROM google.osconfig.policy_orchestrators
WHERE projectsId = '{{ projectsId }}' -- required
AND policyOrchestratorsId = '{{ policyOrchestratorsId }}' -- required
;

Lists the policy orchestrators under the given parent project resource.

SELECT
*
FROM google.osconfig.policy_orchestrators
WHERE projectsId = '{{ projectsId }}' -- required
AND orderBy = '{{ orderBy }}'
AND pageSize = '{{ pageSize }}'
AND pageToken = '{{ pageToken }}'
AND filter = '{{ filter }}'
;

`INSERT` examples

create
Manifest

Creates a new policy orchestrator under the given project resource. name field of the given orchestrator are ignored and instead replaced by a product of parent and policy_orchestrator_id. Orchestrator state field might be only set to ACTIVE, STOPPED or omitted (in which case, the created resource will be in ACTIVE state anyway).

INSERT INTO google.osconfig.policy_orchestrators (
data__orchestratedResource,
data__labels,
data__description,
data__action,
data__state,
data__name,
data__orchestrationScope,
projectsId,
policyOrchestratorId,
requestId
)
SELECT 
'{{ orchestratedResource }}',
'{{ labels }}',
'{{ description }}',
'{{ action }}',
'{{ state }}',
'{{ name }}',
'{{ orchestrationScope }}',
'{{ projectsId }}',
'{{ policyOrchestratorId }}',
'{{ requestId }}'
RETURNING
name,
done,
error,
metadata,
response
;

# Description fields are for documentation purposes
- name: policy_orchestrators
  props:
    - name: projectsId
      value: string
      description: Required parameter for the policy_orchestrators resource.
    - name: orchestratedResource
      value: object
      description: >
        Required. Resource to be orchestrated by the policy orchestrator.
        
    - name: labels
      value: object
      description: >
        Optional. Labels as key value pairs
        
    - name: description
      value: string
      description: >
        Optional. Freeform text describing the purpose of the resource.
        
    - name: action
      value: string
      description: >
        Required. Action to be done by the orchestrator in `projects/{project_id}/zones/{zone_id}` locations defined by the `orchestration_scope`. Allowed values: - `UPSERT` - Orchestrator will create or update target resources. - `DELETE` - Orchestrator will delete target resources, if they exist
        
    - name: state
      value: string
      description: >
        Optional. State of the orchestrator. Can be updated to change orchestrator behaviour. Allowed values: - `ACTIVE` - orchestrator is actively looking for actions to be taken. - `STOPPED` - orchestrator won't make any changes. Note: There might be more states added in the future. We use string here instead of an enum, to avoid the need of propagating new states to all the client code.
        
    - name: name
      value: string
      description: >
        Immutable. Identifier. In form of * `organizations/{organization_id}/locations/global/policyOrchestrators/{orchestrator_id}` * `folders/{folder_id}/locations/global/policyOrchestrators/{orchestrator_id}` * `projects/{project_id_or_number}/locations/global/policyOrchestrators/{orchestrator_id}`
        
    - name: orchestrationScope
      value: object
      description: >
        Optional. Defines scope for the orchestration, in context of the enclosing PolicyOrchestrator resource. Scope is expanded into a list of pairs, in which the rollout action will take place. Expansion starts with a Folder resource parenting the PolicyOrchestrator resource: - All the descendant projects are listed. - List of project is cross joined with a list of all available zones. - Resulting list of pairs is filtered according to the selectors.
        
    - name: policyOrchestratorId
      value: string
    - name: requestId
      value: string

`UPDATE` examples

patch

Updates an existing policy orchestrator, parented by a project.

UPDATE google.osconfig.policy_orchestrators
SET 
data__orchestratedResource = '{{ orchestratedResource }}',
data__labels = '{{ labels }}',
data__description = '{{ description }}',
data__action = '{{ action }}',
data__state = '{{ state }}',
data__name = '{{ name }}',
data__orchestrationScope = '{{ orchestrationScope }}'
WHERE 
projectsId = '{{ projectsId }}' --required
AND policyOrchestratorsId = '{{ policyOrchestratorsId }}' --required
AND updateMask = '{{ updateMask}}'
RETURNING
name,
done,
error,
metadata,
response;

`DELETE` examples

delete

Deletes an existing policy orchestrator resource, parented by a project.

DELETE FROM google.osconfig.policy_orchestrators
WHERE projectsId = '{{ projectsId }}' --required
AND policyOrchestratorsId = '{{ policyOrchestratorsId }}' --required
AND etag = '{{ etag }}'
AND requestId = '{{ requestId }}'
;

Overview​

Fields​

Methods​

Parameters​

SELECT examples​

INSERT examples​

UPDATE examples​

DELETE examples​