982717188d
* Avoid tag binding permadiffs for service accounts created by project-factory * Regenerate schema docs
1059 lines
29 KiB
JSON
1059 lines
29 KiB
JSON
{
|
|
"$schema": "http://json-schema.org/draft-07/schema#",
|
|
"title": "Folder",
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"asset_search": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"asset_types"
|
|
],
|
|
"properties": {
|
|
"asset_types": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"query": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"asset_feeds": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"billing_project",
|
|
"feed_output_config"
|
|
],
|
|
"properties": {
|
|
"billing_project": {
|
|
"type": "string"
|
|
},
|
|
"content_type": {
|
|
"type": "string",
|
|
"enum": [
|
|
"RESOURCE",
|
|
"IAM_POLICY",
|
|
"ORG_POLICY",
|
|
"ACCESS_POLICY",
|
|
"OS_INVENTORY",
|
|
"RELATIONSHIP"
|
|
]
|
|
},
|
|
"asset_types": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"asset_names": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"feed_output_config": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"pubsub_destination"
|
|
],
|
|
"properties": {
|
|
"pubsub_destination": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"topic"
|
|
],
|
|
"properties": {
|
|
"topic": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"condition": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"expression"
|
|
],
|
|
"properties": {
|
|
"expression": {
|
|
"type": "string"
|
|
},
|
|
"title": {
|
|
"type": "string"
|
|
},
|
|
"description": {
|
|
"type": "string"
|
|
},
|
|
"location": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"automation": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"project"
|
|
],
|
|
"properties": {
|
|
"prefix": {
|
|
"type": "string"
|
|
},
|
|
"project": {
|
|
"type": "string"
|
|
},
|
|
"bucket": {
|
|
"$ref": "#/$defs/bucket"
|
|
},
|
|
"service_accounts": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"description": {
|
|
"type": "string"
|
|
},
|
|
"iam": {
|
|
"$ref": "#/$defs/iam"
|
|
},
|
|
"iam_bindings": {
|
|
"$ref": "#/$defs/iam_bindings"
|
|
},
|
|
"iam_bindings_additive": {
|
|
"$ref": "#/$defs/iam_bindings_additive"
|
|
},
|
|
"iam_billing_roles": {
|
|
"$ref": "#/$defs/iam_billing_roles"
|
|
},
|
|
"iam_folder_roles": {
|
|
"$ref": "#/$defs/iam_folder_roles"
|
|
},
|
|
"iam_organization_roles": {
|
|
"$ref": "#/$defs/iam_organization_roles"
|
|
},
|
|
"iam_project_roles": {
|
|
"$ref": "#/$defs/iam_project_roles"
|
|
},
|
|
"iam_sa_roles": {
|
|
"$ref": "#/$defs/iam_sa_roles"
|
|
},
|
|
"iam_storage_roles": {
|
|
"$ref": "#/$defs/iam_storage_roles"
|
|
},
|
|
"tag_bindings": {
|
|
"$ref": "#/$defs/tag_bindings"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"autokey_config": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"project": {
|
|
"type": "string",
|
|
"pattern": "^(projects/|\\$project_ids:|\\$project_numbers:)"
|
|
}
|
|
}
|
|
},
|
|
"billing_budgets": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"contacts": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^(\\S+@\\S+\\.\\S+|\\$email_addresses:\\S+)$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string",
|
|
"enum": [
|
|
"ALL",
|
|
"BILLING",
|
|
"LEGAL",
|
|
"SECURITY",
|
|
"PRODUCT_UPDATES",
|
|
"SUSPENSION",
|
|
"TECHNICAL"
|
|
]
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"data_access_logs": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^([a-z][a-z-]+\\.googleapis\\.com|allServices)$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"ADMIN_READ": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"exempted_members": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"DATA_READ": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"exempted_members": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"DATA_WRITE": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"exempted_members": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"deletion_protection": {
|
|
"type": "boolean"
|
|
},
|
|
"id": {
|
|
"type": "string",
|
|
"pattern": "^(folders/[0-9]+|\\$folder_ids:[a-z0-9_/-]+)$"
|
|
},
|
|
"firewall_policy": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"name",
|
|
"policy"
|
|
],
|
|
"properties": {
|
|
"name": {
|
|
"type": "string"
|
|
},
|
|
"policy": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"logging": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"kms_key_name": {
|
|
"type": "string"
|
|
},
|
|
"storage_location": {
|
|
"type": "string"
|
|
},
|
|
"sinks": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z][a-z0-9-_]+$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"description": {
|
|
"type": "string"
|
|
},
|
|
"destination": {
|
|
"type": "string"
|
|
},
|
|
"exclusions": {
|
|
"type": "object"
|
|
},
|
|
"filter": {
|
|
"type": "string"
|
|
},
|
|
"type": {
|
|
"type": "string",
|
|
"default": "logging",
|
|
"enum": [
|
|
"bigquery",
|
|
"logging",
|
|
"project",
|
|
"pubsub",
|
|
"storage"
|
|
]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"factories_config": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"org_policies": {
|
|
"type": "string"
|
|
},
|
|
"pam_entitlements": {
|
|
"type": "string"
|
|
},
|
|
"scc_sha_custom_modules": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"iam": {
|
|
"$ref": "#/$defs/iam"
|
|
},
|
|
"iam_bindings": {
|
|
"$ref": "#/$defs/iam_bindings"
|
|
},
|
|
"iam_bindings_additive": {
|
|
"$ref": "#/$defs/iam_bindings_additive"
|
|
},
|
|
"iam_by_principals": {
|
|
"$ref": "#/$defs/iam_by_principals"
|
|
},
|
|
"iam_by_principals_conditional": {
|
|
"$ref": "#/$defs/iam_by_principals_conditional"
|
|
},
|
|
"iam_deny_policies": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"rules"
|
|
],
|
|
"properties": {
|
|
"display_name": {
|
|
"type": "string"
|
|
},
|
|
"rules": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"denied_permissions",
|
|
"denied_principals"
|
|
],
|
|
"properties": {
|
|
"description": {
|
|
"type": "string"
|
|
},
|
|
"denied_permissions": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"denied_principals": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"denial_condition": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"expression"
|
|
],
|
|
"properties": {
|
|
"expression": {
|
|
"type": "string"
|
|
},
|
|
"title": {
|
|
"type": "string"
|
|
},
|
|
"description": {
|
|
"type": "string"
|
|
},
|
|
"location": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"exception_permissions": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"exception_principals": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"name": {
|
|
"type": "string"
|
|
},
|
|
"org_policies": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z]+\\.": {
|
|
"type": "object",
|
|
"properties": {
|
|
"inherit_from_parent": {
|
|
"type": "boolean"
|
|
},
|
|
"reset": {
|
|
"type": "boolean"
|
|
},
|
|
"rules": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"allow": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"all": {
|
|
"type": "boolean"
|
|
},
|
|
"values": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"deny": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"all": {
|
|
"type": "boolean"
|
|
},
|
|
"values": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"enforce": {
|
|
"type": "boolean"
|
|
},
|
|
"condition": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"description": {
|
|
"type": "string"
|
|
},
|
|
"expression": {
|
|
"type": "string"
|
|
},
|
|
"location": {
|
|
"type": "string"
|
|
},
|
|
"title": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"pam_entitlements": {
|
|
"$ref": "#/$defs/pam_entitlements"
|
|
},
|
|
"assured_workload_config": {
|
|
"$ref": "#/$defs/assured_workload_config"
|
|
},
|
|
"parent": {
|
|
"type": "string",
|
|
"pattern": "^(?:folders/[0-9]+|organizations/[0-9]+|\\$folder_ids:[a-z0-9_-]+)$"
|
|
},
|
|
"tag_bindings": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9_-]+$": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"$defs": {
|
|
"bucket": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"name": {
|
|
"type": "string"
|
|
},
|
|
"description": {
|
|
"type": "string"
|
|
},
|
|
"iam": {
|
|
"$ref": "#/$defs/iam"
|
|
},
|
|
"iam_bindings": {
|
|
"$ref": "#/$defs/iam_bindings"
|
|
},
|
|
"iam_bindings_additive": {
|
|
"$ref": "#/$defs/iam_bindings_additive"
|
|
},
|
|
"force_destroy": {
|
|
"type": "boolean"
|
|
},
|
|
"labels": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"location": {
|
|
"type": "string"
|
|
},
|
|
"managed_folders": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-zA-Z0-9][a-zA-Z0-9_/-]+$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"force_destroy": {
|
|
"type": "boolean"
|
|
},
|
|
"iam": {
|
|
"$ref": "#/$defs/iam"
|
|
},
|
|
"iam_bindings": {
|
|
"$ref": "#/$defs/iam_bindings"
|
|
},
|
|
"iam_bindings_additive": {
|
|
"$ref": "#/$defs/iam_bindings_additive"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"prefix": {
|
|
"type": "string"
|
|
},
|
|
"storage_class": {
|
|
"type": "string"
|
|
},
|
|
"uniform_bucket_level_access": {
|
|
"type": "boolean"
|
|
},
|
|
"versioning": {
|
|
"type": "boolean"
|
|
}
|
|
}
|
|
},
|
|
"iam": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^(?:roles/|\\$custom_roles:|organizations/[0-9]+/roles/|([a-z0-9.]+:)?projects/[a-z0-9-]+/roles/)": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string",
|
|
"pattern": "^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\\$iam_principals:)"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_bindings": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9_-]+$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"members": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string",
|
|
"pattern": "^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\\$iam_principals:)"
|
|
}
|
|
},
|
|
"role": {
|
|
"type": "string",
|
|
"pattern": "^(?:roles/|\\$custom_roles:|organizations/[0-9]+/roles/|([a-z0-9.]+:)?projects/[a-z0-9-]+/roles/)"
|
|
},
|
|
"condition": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"expression",
|
|
"title"
|
|
],
|
|
"properties": {
|
|
"expression": {
|
|
"type": "string"
|
|
},
|
|
"title": {
|
|
"type": "string"
|
|
},
|
|
"description": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_bindings_additive": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9_-]+$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"member": {
|
|
"type": "string",
|
|
"pattern": "^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\\$iam_principals:)"
|
|
},
|
|
"role": {
|
|
"type": "string",
|
|
"pattern": "^(?:roles/|\\$custom_roles:|organizations/[0-9]+/roles/|([a-z0-9.]+:)?projects/[a-z0-9-]+/roles/)"
|
|
},
|
|
"condition": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"expression",
|
|
"title"
|
|
],
|
|
"properties": {
|
|
"expression": {
|
|
"type": "string"
|
|
},
|
|
"title": {
|
|
"type": "string"
|
|
},
|
|
"description": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_by_principals": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\\$iam_principals:)": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string",
|
|
"pattern": "^(?:roles/|\\$custom_roles:|organizations/[0-9]+/roles/|([a-z0-9.]+:)?projects/[a-z0-9-]+/roles/)"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_by_principals_conditional": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\\$iam_principals:)": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"condition",
|
|
"roles"
|
|
],
|
|
"properties": {
|
|
"condition": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"expression",
|
|
"title"
|
|
],
|
|
"properties": {
|
|
"expression": {
|
|
"type": "string"
|
|
},
|
|
"title": {
|
|
"type": "string"
|
|
},
|
|
"description": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"roles": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string",
|
|
"pattern": "^(?:roles/|\\$custom_roles:|organizations/[0-9]+/roles/|([a-z0-9.]+:)?projects/[a-z0-9-]+/roles/)"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_billing_roles": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_folder_roles": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_organization_roles": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_project_roles": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_sa_roles": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_storage_roles": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"pam_entitlements": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z][a-z0-9-]{0,61}[a-z0-9]$": {
|
|
"type": "object",
|
|
"properties": {
|
|
"max_request_duration": {
|
|
"type": "string"
|
|
},
|
|
"eligible_users": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"privileged_access": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "object",
|
|
"properties": {
|
|
"role": {
|
|
"type": "string"
|
|
},
|
|
"condition": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"required": [
|
|
"role"
|
|
],
|
|
"additionalProperties": false
|
|
}
|
|
},
|
|
"requester_justification_config": {
|
|
"type": "object",
|
|
"properties": {
|
|
"not_mandatory": {
|
|
"type": "boolean"
|
|
},
|
|
"unstructured": {
|
|
"type": "boolean"
|
|
}
|
|
},
|
|
"additionalProperties": false
|
|
},
|
|
"manual_approvals": {
|
|
"type": "object",
|
|
"properties": {
|
|
"require_approver_justification": {
|
|
"type": "boolean"
|
|
},
|
|
"steps": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "object",
|
|
"properties": {
|
|
"approvers": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"approvals_needed": {
|
|
"type": "number"
|
|
},
|
|
"approver_email_recipients": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"required": [
|
|
"approvers"
|
|
],
|
|
"additionalProperties": false
|
|
}
|
|
}
|
|
},
|
|
"required": [
|
|
"require_approver_justification",
|
|
"steps"
|
|
],
|
|
"additionalProperties": false
|
|
},
|
|
"additional_notification_targets": {
|
|
"type": "object",
|
|
"properties": {
|
|
"admin_email_recipients": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"requester_email_recipients": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"additionalProperties": false
|
|
}
|
|
},
|
|
"required": [
|
|
"max_request_duration",
|
|
"eligible_users",
|
|
"privileged_access"
|
|
],
|
|
"additionalProperties": false
|
|
}
|
|
}
|
|
},
|
|
"assured_workload_config": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"compliance_regime": {
|
|
"type": "string",
|
|
"enum": [
|
|
"ASSURED_WORKLOADS_FOR_PARTNERS",
|
|
"AU_REGIONS_AND_US_SUPPORT",
|
|
"AUSTRALIA_DATA_BOUNDARY_AND_SUPPORT",
|
|
"CA_PROTECTED_B",
|
|
"CA_REGIONS_AND_SUPPORT",
|
|
"CANADA_CONTROLLED_GOODS",
|
|
"CANADA_DATA_BOUNDARY_AND_SUPPORT",
|
|
"CJIS",
|
|
"COMPLIANCE_REGIME_UNSPECIFIED",
|
|
"DATA_BOUNDARY_FOR_CANADA_CONTROLLED_GOODS",
|
|
"DATA_BOUNDARY_FOR_CANADA_PROTECTED_B",
|
|
"DATA_BOUNDARY_FOR_CJIS",
|
|
"DATA_BOUNDARY_FOR_FEDRAMP_HIGH",
|
|
"DATA_BOUNDARY_FOR_FEDRAMP_MODERATE",
|
|
"DATA_BOUNDARY_FOR_IL2",
|
|
"DATA_BOUNDARY_FOR_IL4",
|
|
"DATA_BOUNDARY_FOR_IL5",
|
|
"DATA_BOUNDARY_FOR_IRS_PUBLICATION_1075",
|
|
"DATA_BOUNDARY_FOR_ITAR",
|
|
"EU_DATA_BOUNDARY_AND_SUPPORT",
|
|
"EU_REGIONS_AND_SUPPORT",
|
|
"FEDRAMP_HIGH",
|
|
"FEDRAMP_MODERATE",
|
|
"HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS",
|
|
"HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_US_SUPPORT",
|
|
"HIPAA",
|
|
"HITRUST",
|
|
"IL2",
|
|
"IL4",
|
|
"IL5",
|
|
"IRS_1075",
|
|
"ISR_REGIONS",
|
|
"ISR_REGIONS_AND_SUPPORT",
|
|
"ISRAEL_DATA_BOUNDARY_AND_SUPPORT",
|
|
"ITAR",
|
|
"JAPAN_DATA_BOUNDARY",
|
|
"JP_REGIONS_AND_SUPPORT",
|
|
"KSA_DATA_BOUNDARY_WITH_ACCESS_JUSTIFICATIONS",
|
|
"KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS",
|
|
"REGIONAL_CONTROLS",
|
|
"REGIONAL_DATA_BOUNDARY",
|
|
"US_DATA_BOUNDARY_AND_SUPPORT",
|
|
"US_DATA_BOUNDARY_FOR_HEALTHCARE_AND_LIFE_SCIENCES",
|
|
"US_DATA_BOUNDARY_FOR_HEALTHCARE_AND_LIFE_SCIENCES_WITH_SUPPORT",
|
|
"US_REGIONAL_ACCESS"
|
|
]
|
|
},
|
|
"display_name": {
|
|
"type": "string"
|
|
},
|
|
"location": {
|
|
"type": "string"
|
|
},
|
|
"organization": {
|
|
"type": "string"
|
|
},
|
|
"enable_sovereign_controls": {
|
|
"type": "boolean"
|
|
},
|
|
"labels": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"partner": {
|
|
"type": "string",
|
|
"enum": [
|
|
"LOCAL_CONTROLS_BY_S3NS",
|
|
"PARTNER_UNSPECIFIED",
|
|
"SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM",
|
|
"SOVEREIGN_CONTROLS_BY_CNTXT",
|
|
"SOVEREIGN_CONTROLS_BY_PSN",
|
|
"SOVEREIGN_CONTROLS_BY_SIA_MINSAIT",
|
|
"SOVEREIGN_CONTROLS_BY_T_SYSTEMS"
|
|
]
|
|
},
|
|
"partner_permissions": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"assured_workloads_monitoring": {
|
|
"type": "boolean"
|
|
},
|
|
"data_logs_viewer": {
|
|
"type": "boolean"
|
|
},
|
|
"service_access_approver": {
|
|
"type": "boolean"
|
|
}
|
|
}
|
|
},
|
|
"violation_notifications_enabled": {
|
|
"type": "boolean"
|
|
}
|
|
},
|
|
"required": [
|
|
"compliance_regime",
|
|
"display_name",
|
|
"location",
|
|
"organization"
|
|
]
|
|
}
|
|
}
|
|
}
|