REST Resource: accessPolicies.authorizedOrgsDescs

Resource: AuthorizedOrgsDesc

AuthorizedOrgsDesc contains data for an organization's authorization policy.

JSON representation
{
  "name": string,
  "authorizationType": enum (AuthorizationType),
  "assetType": enum (AssetType),
  "authorizationDirection": enum (AuthorizationDirection),
  "orgs": [
    string
  ]
}
Fields
name

string

Identifier. Resource name for the AuthorizedOrgsDesc. Format: accessPolicies/{access_policy}/authorizedOrgsDescs/{authorizedOrgsDesc}.

The authorizedOrgsDesc component must begin with a letter, followed by alphanumeric characters or _.

After you create an AuthorizedOrgsDesc, you cannot change its name.

authorizationType

enum (AuthorizationType)

A granular control type for authorization levels. Valid value is AUTHORIZATION_TYPE_TRUST.

assetType

enum (AssetType)

The asset type of this authorized orgs desc. Valid values are ASSET_TYPE_DEVICE, and ASSET_TYPE_CREDENTIAL_STRENGTH.

authorizationDirection

enum (AuthorizationDirection)

The direction of the authorization relationship between this organization and the organizations listed in the orgs field. The valid values for this field include the following:

AUTHORIZATION_DIRECTION_FROM: Allows this organization to evaluate traffic in the organizations listed in the orgs field.

AUTHORIZATION_DIRECTION_TO: Allows the organizations listed in the orgs field to evaluate the traffic in this organization.

For the authorization relationship to take effect, all of the organizations must authorize and specify the appropriate relationship direction. For example, if organization A authorized organization B and C to evaluate its traffic, by specifying AUTHORIZATION_DIRECTION_TO as the authorization direction, organizations B and C must specify AUTHORIZATION_DIRECTION_FROM as the authorization direction in their AuthorizedOrgsDesc resource.

orgs[]

string

The list of organization ids in this AuthorizedOrgsDesc. Format: organizations/<org_number> Example: organizations/123456

AuthorizationType

A granular control type for authorization levels. Valid value is AUTHORIZATION_TYPE_TRUST.

Enums
AUTHORIZATION_TYPE_UNSPECIFIED No authorization type specified.
AUTHORIZATION_TYPE_TRUST This authorization relationship is "trust".

AssetType

The type of entities that need to use the authorization relationship during evaluation, such as a device. Valid values are ASSET_TYPE_DEVICE, and ASSET_TYPE_CREDENTIAL_STRENGTH.

Enums
ASSET_TYPE_UNSPECIFIED No asset type specified.
ASSET_TYPE_DEVICE Device asset type.
ASSET_TYPE_CREDENTIAL_STRENGTH Credential strength asset type.

AuthorizationDirection

Authorization direction of specified organizations in AuthorizedOrgsDesc [com.google.identity.accesscontextmanager.v1alpha.AuthorizedOrgsDesc].

Enums
AUTHORIZATION_DIRECTION_UNSPECIFIED No direction specified.
AUTHORIZATION_DIRECTION_TO Specified orgs will evaluate traffic.
AUTHORIZATION_DIRECTION_FROM Specified orgs' traffic will be evaluated.

Methods

create

Creates an authorized orgs desc.

delete

Deletes an authorized orgs desc based on the resource name.

get

Gets an authorized orgs desc based on the resource name.

list

Lists all authorized orgs descs for an access policy.

patch

Updates an authorized orgs desc.