Disable Cloud Logging for the Cloud Healthcare API

Preview

This feature is subject to the "Pre-GA Offerings Terms" in the General Service Terms section of the Service Specific Terms. Pre-GA features are available "as is" and might have limited support. For more information, see thelaunch stage descriptions.

Overview

This guide explains how to set a constraint (constraints/gcp.disableCloudLogging)that disablesCloud Logging for the Cloud Healthcare API at the level of an organization,a project, or a folder.The constraint does not affect Cloud Audit Logs. Logs that aregenerated before the constraint takes effect are not deleted and canbe accessed after the constraint takes effect.

Note: The constraint is only supported in the Cloud Healthcare API.

Disabling Cloud Logging for the Cloud Healthcare API

To disable Cloud Logging for the Cloud Healthcare API, you must have the Organization Administrator (roles/resourcemanager.organizationAdmin)role. This role can only be grantedat the Organization level. You must have theOrganization Policy Administrator(roles/orgpolicy.policyAdminrole) to set or change organization policies.

Console

To disable Cloud Logging for the Cloud Healthcare API:

Sign in to the Google Cloud console as a Google Workspace or Cloud Identitysuper administrator and go to theOrganization policies page:
Go to Organization policies
ClickSelect, and then select the project, folder, or organizationfor which you want to view organization policies. TheOrganization policies page displays a filterable list of organizationpolicy constraints that are available.
In the list of policies that appears, selectDisable Cloud Logging for Cloud Healthcare API. TheDisable Cloud Logging for Cloud Healthcare API policy uses theconstraints/gcp.disableCloudLogging ID. ThePolicy details pagethat appears describes the constraint and provides information about howthe constraint is applied.
To update the organization policy, clickManage policy.
On theEdit policy page, selectOverride parent's policy.
ClickAdd a rule.
UnderEnforcement, select an enforcement option:
- To enable the constraint and disable Cloud Logging for theCloud Healthcare API, selectOn.
- To disable the constraint and enable Cloud Logging for theCloud Healthcare API, selectOff.
To enforce the policy, clickSet policy.

gcloud

Get the current policy on the organization resource using thedescribecommand:
```
gcloudorg-policiesdescribegcp.disableCloudLogging\--organization=ORGANIZATION_ID
```
Replace theORGANIZATION_ID:with the unique identifier for the organization resource. You can alsoapply the organization policy to a folder or a project with the--folderor the--project flags, and thefolder IDandproject ID,respectively.
Because a policy isn't set, this returns aNOT_FOUND error:
```
ERROR:(gcloud.org-policies.describe)NOT_FOUND:Requestedentitywasnotfound.
```
Set the policy on the organization using theset-policy command.
1. Create a temporary file/tmp/policy.yaml to store the policy:
```
name:organizations/ORGANIZATION_ID/policies/gcp.disableCloudLoggingspec:rules:-enforce:true
```
2. Run theset-policy command:
```
gcloudorg-policiesset-policy/tmp/policy.yaml
```

View the current effective policy using thedescribe --effective command:

gcloudorg-policiesdescribe\gcp.disableCloudLogging--effective\--organization=ORGANIZATION_ID

After running the command, the following output displays:

name:organizations/ORGANIZATION_ID/policies/gcp.disableCloudLoggingspec:rules:-enforce:true

What's next

SeeUsing constraintsfor more information on creating an organization policy with a particular constraint.

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-12-15 UTC.

Movatterモバイル変換