Stay organized with collections
Save and categorize content based on your preferences.
In some situations it might be preferable to limit the job target type. To do
this, administrators who have the Organization Policy Administrator
role can configure a policy
to control what kind of job targets (HTTP, Pub/Sub, and/or App Engine HTTP) can
be created in their organization.
Console
Visit the Organization policies page of the IAM & Admin section.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-28 UTC."],[],[],null,["# Limiting target types\n\nIn some situations it might be preferable to limit the job target type. To do\nthis, administrators who have the [Organization Policy Administrator](/iam/docs/understanding-roles#organization-policy-roles)\nrole can configure a [policy](/resource-manager/docs/organization-policy/overview#organization_policy)\nto control what kind of job targets (HTTP, Pub/Sub, and/or App Engine HTTP) can\nbe created in their organization. \n\n### Console\n\n1. Visit the **Organization policies** page of the **IAM \\& Admin** section.\n\n [IAM \\& Admin](https://console.cloud.google.com/iam-admin/orgpolicies/list)\n2. From the top left dropdown, select the resource (organization or project)\n to which you wish to apply the constraint.\n\n3. Select **Allowed target types for jobs** from the list of **Organization\n Policies**.\n\n4. On the policy page, click the **Edit** button.\n\n5. Under **Rules** , open **Add Rule**\n\n 1. Select **Custom** for **Policy values**.\n\n 2. Select **Allow** for **Policy type**.\n\n 3. Add the type (PUBSUB, HTTP, or APPENGINE) to allowlist.\n\n 4. Click on **New Policy Value** to add multiple job types.\n\n 5. **Save** to enforce the policy.\n\n### Gcloud\n\n- To see the value of the constraint in an existing policy:\n\n ```\n gcloud resource-manager org-policies describe cloudscheduler.allowedTargetTypes --RESOURCE_TYPE=RESOURCE_ID\n \n ```\n\n \u003cbr /\u003e\n\n Where RESOURCE_TYPE is either `project`, `folder`, or `organization`,\n depending on where in the hierarchy the policy is attached.\n\n Which should return something like this: \n\n ```\n constraint: constraints/cloudscheduler.allowedTargetTypes\n etag: ETAG_VALUE\n listPolicy:\n allowedValues:\n - PUBSUB\n updateTime: '2021-09-04T15:30:45.313018Z'\n ```\n Make a note of the ETAG_VALUE for the next step.\n\n \u003cbr /\u003e\n\n- To create a `policy.yaml` file with the constraint:\n\n ```\n cat \u003epolicy.yaml\n constraint: constraints/cloudscheduler.allowedTargetTypes --RESOURCE_TYPE=RESOURCE_ID\n etag: ETAG_VALUE\n listPolicy:\n allowedValues:\n - PUBSUB\n ```\n\n \u003cbr /\u003e\n\n- To set the policy:\n\n \u003cbr /\u003e\n\n ```\n gcloud resource-manager org-policies set-policy --RESOURCE_TYPE=RESOURCE_ID policy.yaml\n ```\n\n \u003cbr /\u003e\n\n- To delete the constraint:\n\n \u003cbr /\u003e\n\n ```\n gcloud resource-manager org-policies delete --RESOURCE_TYPE=RESOURCE_ID\n constraints/cloudscheduler.allowedTargetTypes\n ```\n\n \u003cbr /\u003e"]]
