We have a requirement to disable Google Enterprise APIs ex. Anthos as organization policy constraint for setting up policy boundary for the developers and other users. Is there a way automatically impose the organization policy when we are creating user and assigning project.
Hi,
If you're using Infrastructure as Code (IaC) for provisioning Google Cloud resources, you can include the organization policy resources in your Terraform scripts:
https://registry.terraform.io/modules/terraform-google-modules/org-policy/google/latest
resource "google_organization_policy" "disable_apis_policy" {
org_id = "your-org-id"
constraint = "constraints/serviceuser.services"
boolean_policy {
enforced = true
}
}