Package types (0.2.2)

API documentation for binaryauthorization_v1beta1.types package.

Classes

AdmissionRule

An [admission rule][google.cloud.binaryauthorization.v1beta1.AdmissionRule] specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied.

Images matching an [admission allowlist pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] are exempted from admission rules and will never block a pod creation.

AdmissionWhitelistPattern

An [admission allowlist pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] exempts images from checks by [admission rules][google.cloud.binaryauthorization.v1beta1.AdmissionRule].

Attestor

An attestor that attests to container image artifacts. An existing attestor cannot be modified except where indicated.

AttestorPublicKey

An [attestor public key][google.cloud.binaryauthorization.v1beta1.AttestorPublicKey] that will be used to verify attestations signed by this attestor.

ContinuousValidationEvent

Represents an auditing event from Continuous Validation. .. attribute:: pod_event

Pod event.

:type: google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent

CreateAttestorRequest

Request message for [BinauthzManagementService.CreateAttestor][]. .. attribute:: parent

Required. The parent of this attestor.

:type: str

DeleteAttestorRequest

Request message for [BinauthzManagementService.DeleteAttestor][]. .. attribute:: name

Required. The name of the attestors to delete, in the format projects/*/attestors/*.

:type: str

GetAttestorRequest

Request message for [BinauthzManagementService.GetAttestor][]. .. attribute:: name

Required. The name of the attestor to retrieve, in the format projects/*/attestors/*.

:type: str

GetPolicyRequest

Request message for [BinauthzManagementService.GetPolicy][]. .. attribute:: name

Required. The resource name of the policy to retrieve, in the format projects/*/policy.

:type: str

ListAttestorsRequest

Request message for [BinauthzManagementService.ListAttestors][]. .. attribute:: parent

Required. The resource name of the project associated with the attestors, in the format projects/*.

:type: str

ListAttestorsResponse

Response message for [BinauthzManagementService.ListAttestors][]. .. attribute:: attestors

The list of attestors.

:type: Sequence[google.cloud.binaryauthorization_v1beta1.types.Attestor]

PkixPublicKey

A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.

Policy

A policy for container image binary authorization.

UpdateAttestorRequest

Request message for [BinauthzManagementService.UpdateAttestor][]. .. attribute:: attestor

Required. The updated attestor value. The service will overwrite the [attestor name][google.cloud.binaryauthorization.v1beta1.Attestor.name] field with the resource name in the request URL, in the format projects/*/attestors/*.

:type: google.cloud.binaryauthorization_v1beta1.types.Attestor

UpdatePolicyRequest

Request message for [BinauthzManagementService.UpdatePolicy][]. .. attribute:: policy

Required. A new or updated policy value. The service will overwrite the [policy name][google.cloud.binaryauthorization.v1beta1.Policy.name] field with the resource name in the request URL, in the format projects/*/policy.

:type: google.cloud.binaryauthorization_v1beta1.types.Policy

UserOwnedDrydockNote

An [user owned drydock note][google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote] references a Drydock ATTESTATION_AUTHORITY Note created by the user.