policy_orchestrators
Creates, updates, deletes, gets or lists a policy_orchestrators resource.
Overview
| Name | policy_orchestrators |
| Type | Resource |
| Id | google.osconfig.policy_orchestrators |
Fields
The following fields are returned by SELECT queries:
- get
- list
Successful response
| Name | Datatype | Description |
|---|---|---|
name | string | Immutable. Identifier. In form of * organizations/{organization_id}/locations/global/policyOrchestrators/{orchestrator_id} * folders/{folder_id}/locations/global/policyOrchestrators/{orchestrator_id} * projects/{project_id_or_number}/locations/global/policyOrchestrators/{orchestrator_id} |
action | string | Required. Action to be done by the orchestrator in projects/{project_id}/zones/{zone_id} locations defined by the orchestration_scope. Allowed values: - UPSERT - Orchestrator will create or update target resources. - DELETE - Orchestrator will delete target resources, if they exist |
createTime | string (google-datetime) | Output only. Timestamp when the policy orchestrator resource was created. |
description | string | Optional. Freeform text describing the purpose of the resource. |
etag | string | Output only. This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. |
labels | object | Optional. Labels as key value pairs |
orchestratedResource | object | Required. Resource to be orchestrated by the policy orchestrator. (id: GoogleCloudOsconfigV2__OrchestratedResource) |
orchestrationScope | object | Optional. Defines scope for the orchestration, in context of the enclosing PolicyOrchestrator resource. Scope is expanded into a list of pairs, in which the rollout action will take place. Expansion starts with a Folder resource parenting the PolicyOrchestrator resource: - All the descendant projects are listed. - List of project is cross joined with a list of all available zones. - Resulting list of pairs is filtered according to the selectors. (id: GoogleCloudOsconfigV2__OrchestrationScope) |
orchestrationState | object | Output only. State of the orchestration. (id: GoogleCloudOsconfigV2_PolicyOrchestrator_OrchestrationState) |
reconciling | boolean | Output only. Set to true, if the there are ongoing changes being applied by the orchestrator. |
state | string | Optional. State of the orchestrator. Can be updated to change orchestrator behaviour. Allowed values: - ACTIVE - orchestrator is actively looking for actions to be taken. - STOPPED - orchestrator won't make any changes. Note: There might be more states added in the future. We use string here instead of an enum, to avoid the need of propagating new states to all the client code. |
updateTime | string (google-datetime) | Output only. Timestamp when the policy orchestrator resource was last modified. |
Successful response
| Name | Datatype | Description |
|---|---|---|
name | string | Immutable. Identifier. In form of * organizations/{organization_id}/locations/global/policyOrchestrators/{orchestrator_id} * folders/{folder_id}/locations/global/policyOrchestrators/{orchestrator_id} * projects/{project_id_or_number}/locations/global/policyOrchestrators/{orchestrator_id} |
action | string | Required. Action to be done by the orchestrator in projects/{project_id}/zones/{zone_id} locations defined by the orchestration_scope. Allowed values: - UPSERT - Orchestrator will create or update target resources. - DELETE - Orchestrator will delete target resources, if they exist |
createTime | string (google-datetime) | Output only. Timestamp when the policy orchestrator resource was created. |
description | string | Optional. Freeform text describing the purpose of the resource. |
etag | string | Output only. This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. |
labels | object | Optional. Labels as key value pairs |
orchestratedResource | object | Required. Resource to be orchestrated by the policy orchestrator. (id: GoogleCloudOsconfigV2__OrchestratedResource) |
orchestrationScope | object | Optional. Defines scope for the orchestration, in context of the enclosing PolicyOrchestrator resource. Scope is expanded into a list of pairs, in which the rollout action will take place. Expansion starts with a Folder resource parenting the PolicyOrchestrator resource: - All the descendant projects are listed. - List of project is cross joined with a list of all available zones. - Resulting list of pairs is filtered according to the selectors. (id: GoogleCloudOsconfigV2__OrchestrationScope) |
orchestrationState | object | Output only. State of the orchestration. (id: GoogleCloudOsconfigV2_PolicyOrchestrator_OrchestrationState) |
reconciling | boolean | Output only. Set to true, if the there are ongoing changes being applied by the orchestrator. |
state | string | Optional. State of the orchestrator. Can be updated to change orchestrator behaviour. Allowed values: - ACTIVE - orchestrator is actively looking for actions to be taken. - STOPPED - orchestrator won't make any changes. Note: There might be more states added in the future. We use string here instead of an enum, to avoid the need of propagating new states to all the client code. |
updateTime | string (google-datetime) | Output only. Timestamp when the policy orchestrator resource was last modified. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | organizationsId, policyOrchestratorsId | Retrieves an existing policy orchestrator, parented by an organization. | |
list | select | organizationsId | pageSize, pageToken, filter, orderBy | Lists the policy orchestrators under the given parent organization resource. |
create | insert | organizationsId | policyOrchestratorId, requestId | Creates a new policy orchestrator under the given organizations resource. name field of the given orchestrator are ignored and instead replaced by a product of parent and policy_orchestrator_id. Orchestrator state field might be only set to ACTIVE, STOPPED or omitted (in which case, the created resource will be in ACTIVE state anyway). |
patch | update | organizationsId, policyOrchestratorsId | updateMask | Updates an existing policy orchestrator, parented by an organization. |
delete | delete | organizationsId, policyOrchestratorsId | requestId, etag | Deletes an existing policy orchestrator resource, parented by an organization. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
organizationsId | string | |
policyOrchestratorsId | string | |
etag | string | |
filter | string | |
orderBy | string | |
pageSize | integer (int32) | |
pageToken | string | |
policyOrchestratorId | string | |
requestId | string | |
updateMask | string (google-fieldmask) |
SELECT examples
- get
- list
Retrieves an existing policy orchestrator, parented by an organization.
SELECT
name,
action,
createTime,
description,
etag,
labels,
orchestratedResource,
orchestrationScope,
orchestrationState,
reconciling,
state,
updateTime
FROM google.osconfig.policy_orchestrators
WHERE organizationsId = '{{ organizationsId }}' -- required
AND policyOrchestratorsId = '{{ policyOrchestratorsId }}' -- required;
Lists the policy orchestrators under the given parent organization resource.
SELECT
name,
action,
createTime,
description,
etag,
labels,
orchestratedResource,
orchestrationScope,
orchestrationState,
reconciling,
state,
updateTime
FROM google.osconfig.policy_orchestrators
WHERE organizationsId = '{{ organizationsId }}' -- required
AND pageSize = '{{ pageSize }}'
AND pageToken = '{{ pageToken }}'
AND filter = '{{ filter }}'
AND orderBy = '{{ orderBy }}';
INSERT examples
- create
- Manifest
Creates a new policy orchestrator under the given organizations resource. name field of the given orchestrator are ignored and instead replaced by a product of parent and policy_orchestrator_id. Orchestrator state field might be only set to ACTIVE, STOPPED or omitted (in which case, the created resource will be in ACTIVE state anyway).
INSERT INTO google.osconfig.policy_orchestrators (
data__name,
data__description,
data__state,
data__orchestrationScope,
data__action,
data__orchestratedResource,
data__labels,
organizationsId,
policyOrchestratorId,
requestId
)
SELECT
'{{ name }}',
'{{ description }}',
'{{ state }}',
'{{ orchestrationScope }}',
'{{ action }}',
'{{ orchestratedResource }}',
'{{ labels }}',
'{{ organizationsId }}',
'{{ policyOrchestratorId }}',
'{{ requestId }}'
RETURNING
name,
done,
error,
metadata,
response
;
# Description fields are for documentation purposes
- name: policy_orchestrators
props:
- name: organizationsId
value: string
description: Required parameter for the policy_orchestrators resource.
- name: name
value: string
description: >
Immutable. Identifier. In form of * `organizations/{organization_id}/locations/global/policyOrchestrators/{orchestrator_id}` * `folders/{folder_id}/locations/global/policyOrchestrators/{orchestrator_id}` * `projects/{project_id_or_number}/locations/global/policyOrchestrators/{orchestrator_id}`
- name: description
value: string
description: >
Optional. Freeform text describing the purpose of the resource.
- name: state
value: string
description: >
Optional. State of the orchestrator. Can be updated to change orchestrator behaviour. Allowed values: - `ACTIVE` - orchestrator is actively looking for actions to be taken. - `STOPPED` - orchestrator won't make any changes. Note: There might be more states added in the future. We use string here instead of an enum, to avoid the need of propagating new states to all the client code.
- name: orchestrationScope
value: object
description: >
Optional. Defines scope for the orchestration, in context of the enclosing PolicyOrchestrator resource. Scope is expanded into a list of pairs, in which the rollout action will take place. Expansion starts with a Folder resource parenting the PolicyOrchestrator resource: - All the descendant projects are listed. - List of project is cross joined with a list of all available zones. - Resulting list of pairs is filtered according to the selectors.
- name: action
value: string
description: >
Required. Action to be done by the orchestrator in `projects/{project_id}/zones/{zone_id}` locations defined by the `orchestration_scope`. Allowed values: - `UPSERT` - Orchestrator will create or update target resources. - `DELETE` - Orchestrator will delete target resources, if they exist
- name: orchestratedResource
value: object
description: >
Required. Resource to be orchestrated by the policy orchestrator.
- name: labels
value: object
description: >
Optional. Labels as key value pairs
- name: policyOrchestratorId
value: string
- name: requestId
value: string
UPDATE examples
- patch
Updates an existing policy orchestrator, parented by an organization.
UPDATE google.osconfig.policy_orchestrators
SET
data__name = '{{ name }}',
data__description = '{{ description }}',
data__state = '{{ state }}',
data__orchestrationScope = '{{ orchestrationScope }}',
data__action = '{{ action }}',
data__orchestratedResource = '{{ orchestratedResource }}',
data__labels = '{{ labels }}'
WHERE
organizationsId = '{{ organizationsId }}' --required
AND policyOrchestratorsId = '{{ policyOrchestratorsId }}' --required
AND updateMask = '{{ updateMask}}'
RETURNING
name,
done,
error,
metadata,
response;
DELETE examples
- delete
Deletes an existing policy orchestrator resource, parented by an organization.
DELETE FROM google.osconfig.policy_orchestrators
WHERE organizationsId = '{{ organizationsId }}' --required
AND policyOrchestratorsId = '{{ policyOrchestratorsId }}' --required
AND requestId = '{{ requestId }}'
AND etag = '{{ etag }}';