{
"additionalProperties": false,
"description": "Represents the leaf level constraint to restrict the number of instances of an entity type that can be created. Lowering the limit on the number of instances of a given type is allowed even in cases where there are instances more than the specified limit already in the system. In this case, creation of new instances of that type will be disallowed unless the number of instances goes below the limit. One of the main usage of this expression is to implement Quotas in the multi-tenancy context. It allows to limit the number of resources which can be created inside a Project or Vpc. It also forbids consumption of specific resource by putting its entity count to 0. Note that, update/delete operations will continue to be allowed on already created instances.",
"extends": {
"$ref": "ConstraintExpression
},
"id": "EntityInstanceCountConstraintExpression",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "EntityInstanceCountConstraintExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"count": {
"description": "Instance count.",
"required": true,
"title": "Instance count.",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"operator": {
"required": true,
"title": "Operations supported '<' and '<='.",
"type": "string"
},
"resource_type": {
"enum": [
"ValueConstraintExpression",
"RelatedAttributeConditionalExpression",
"EntityInstanceCountConstraintExpression",
"FieldSanityConstraintExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_resource_type": {
"description": "Target resource type accepts input as DTO Type or FQDN. It also supports dot format like SecurityPolicy.Rule in a scenario where same DTO type shared across across policy sub tree. For example DTO type Rule shared by both security policy and gateway policy rules. So to specify any constraint for Security policy rule, user can define the target resource type SecurityPolicy.Rule.",
"required": false,
"title": "Resource type of the target entity. This needs to be set for all\ncases where the target does not specify the type.\n",
"type": "string"
}
},
"title": "Represents the leaf level constraint to restrict the number instances of type.",
"type": "object"
}