binaryauthorization

package
v1.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 2, 2019 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Attestor 

type Attestor struct {
	// contains filtered or unexported fields
}

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/r/binary_authorization_attestor.html.markdown.

func GetAttestor 

func GetAttestor(ctx *pulumi.Context,
	name string, id pulumi.ID, state *AttestorState, opts ...pulumi.ResourceOpt) (*Attestor, error)

GetAttestor gets an existing Attestor resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAttestor 

func NewAttestor(ctx *pulumi.Context,
	name string, args *AttestorArgs, opts ...pulumi.ResourceOpt) (*Attestor, error)

NewAttestor registers a new resource with the given unique name, arguments, and options.

func (*Attestor) AttestationAuthorityNote 

func (r *Attestor) AttestationAuthorityNote() pulumi.Output

A Container Analysis ATTESTATION_AUTHORITY Note, created by the user.

func (*Attestor) Description 

func (r *Attestor) Description() pulumi.StringOutput

A descriptive comment. This field may be updated. The field may be displayed in chooser dialogs.

func (*Attestor) ID 

func (r *Attestor) ID() pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Attestor) Name 

func (r *Attestor) Name() pulumi.StringOutput

The resource name.

func (*Attestor) Project 

func (r *Attestor) Project() pulumi.StringOutput

func (*Attestor) URN 

func (r *Attestor) URN() pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type AttestorArgs 

type AttestorArgs struct {
	// A Container Analysis ATTESTATION_AUTHORITY Note, created by the user.
	AttestationAuthorityNote interface{}
	// A descriptive comment. This field may be updated. The field may be displayed in chooser dialogs.
	Description interface{}
	// The resource name.
	Name    interface{}
	Project interface{}
}

The set of arguments for constructing a Attestor resource.

type AttestorIamBinding added in v1.3.0 

type AttestorIamBinding struct {
	// contains filtered or unexported fields
}

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/r/binary_authorization_attestor_iam_binding.html.markdown.

func GetAttestorIamBinding added in v1.3.0 

func GetAttestorIamBinding(ctx *pulumi.Context,
	name string, id pulumi.ID, state *AttestorIamBindingState, opts ...pulumi.ResourceOpt) (*AttestorIamBinding, error)

GetAttestorIamBinding gets an existing AttestorIamBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAttestorIamBinding added in v1.3.0 

func NewAttestorIamBinding(ctx *pulumi.Context,
	name string, args *AttestorIamBindingArgs, opts ...pulumi.ResourceOpt) (*AttestorIamBinding, error)

NewAttestorIamBinding registers a new resource with the given unique name, arguments, and options.

func (*AttestorIamBinding) Attestor added in v1.3.0 

func (r *AttestorIamBinding) Attestor() pulumi.StringOutput

Used to find the parent resource to bind the IAM policy to

func (*AttestorIamBinding) Condition added in v1.6.0 

func (r *AttestorIamBinding) Condition() pulumi.Output

func (*AttestorIamBinding) Etag added in v1.3.0 

func (r *AttestorIamBinding) Etag() pulumi.StringOutput

(Computed) The etag of the IAM policy.

func (*AttestorIamBinding) ID added in v1.3.0 

func (r *AttestorIamBinding) ID() pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*AttestorIamBinding) Members added in v1.3.0 

func (r *AttestorIamBinding) Members() pulumi.ArrayOutput

func (*AttestorIamBinding) Project added in v1.3.0 

func (r *AttestorIamBinding) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

func (*AttestorIamBinding) Role added in v1.3.0 

func (r *AttestorIamBinding) Role() pulumi.StringOutput

The role that should be applied. Only one `binaryauthorization.AttestorIamBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (*AttestorIamBinding) URN added in v1.3.0 

func (r *AttestorIamBinding) URN() pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type AttestorIamBindingArgs added in v1.3.0 

type AttestorIamBindingArgs struct {
	// Used to find the parent resource to bind the IAM policy to
	Attestor  interface{}
	Condition interface{}
	Members   interface{}
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project interface{}
	// The role that should be applied. Only one
	// `binaryauthorization.AttestorIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role interface{}
}

The set of arguments for constructing a AttestorIamBinding resource.

type AttestorIamBindingState added in v1.3.0 

type AttestorIamBindingState struct {
	// Used to find the parent resource to bind the IAM policy to
	Attestor  interface{}
	Condition interface{}
	// (Computed) The etag of the IAM policy.
	Etag    interface{}
	Members interface{}
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project interface{}
	// The role that should be applied. Only one
	// `binaryauthorization.AttestorIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role interface{}
}

Input properties used for looking up and filtering AttestorIamBinding resources.

type AttestorIamMember added in v1.3.0 

type AttestorIamMember struct {
	// contains filtered or unexported fields
}

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/r/binary_authorization_attestor_iam_member.html.markdown.

func GetAttestorIamMember added in v1.3.0 

func GetAttestorIamMember(ctx *pulumi.Context,
	name string, id pulumi.ID, state *AttestorIamMemberState, opts ...pulumi.ResourceOpt) (*AttestorIamMember, error)

GetAttestorIamMember gets an existing AttestorIamMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAttestorIamMember added in v1.3.0 

func NewAttestorIamMember(ctx *pulumi.Context,
	name string, args *AttestorIamMemberArgs, opts ...pulumi.ResourceOpt) (*AttestorIamMember, error)

NewAttestorIamMember registers a new resource with the given unique name, arguments, and options.

func (*AttestorIamMember) Attestor added in v1.3.0 

func (r *AttestorIamMember) Attestor() pulumi.StringOutput

Used to find the parent resource to bind the IAM policy to

func (*AttestorIamMember) Condition added in v1.6.0 

func (r *AttestorIamMember) Condition() pulumi.Output

func (*AttestorIamMember) Etag added in v1.3.0 

func (r *AttestorIamMember) Etag() pulumi.StringOutput

(Computed) The etag of the IAM policy.

func (*AttestorIamMember) ID added in v1.3.0 

func (r *AttestorIamMember) ID() pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*AttestorIamMember) Member added in v1.3.0 

func (r *AttestorIamMember) Member() pulumi.StringOutput

func (*AttestorIamMember) Project added in v1.3.0 

func (r *AttestorIamMember) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

func (*AttestorIamMember) Role added in v1.3.0 

func (r *AttestorIamMember) Role() pulumi.StringOutput

The role that should be applied. Only one `binaryauthorization.AttestorIamBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (*AttestorIamMember) URN added in v1.3.0 

func (r *AttestorIamMember) URN() pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type AttestorIamMemberArgs added in v1.3.0 

type AttestorIamMemberArgs struct {
	// Used to find the parent resource to bind the IAM policy to
	Attestor  interface{}
	Condition interface{}
	Member    interface{}
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project interface{}
	// The role that should be applied. Only one
	// `binaryauthorization.AttestorIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role interface{}
}

The set of arguments for constructing a AttestorIamMember resource.

type AttestorIamMemberState added in v1.3.0 

type AttestorIamMemberState struct {
	// Used to find the parent resource to bind the IAM policy to
	Attestor  interface{}
	Condition interface{}
	// (Computed) The etag of the IAM policy.
	Etag   interface{}
	Member interface{}
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project interface{}
	// The role that should be applied. Only one
	// `binaryauthorization.AttestorIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role interface{}
}

Input properties used for looking up and filtering AttestorIamMember resources.

type AttestorIamPolicy added in v1.3.0 

type AttestorIamPolicy struct {
	// contains filtered or unexported fields
}

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/r/binary_authorization_attestor_iam_policy.html.markdown.

func GetAttestorIamPolicy added in v1.3.0 

func GetAttestorIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.ID, state *AttestorIamPolicyState, opts ...pulumi.ResourceOpt) (*AttestorIamPolicy, error)

GetAttestorIamPolicy gets an existing AttestorIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAttestorIamPolicy added in v1.3.0 

func NewAttestorIamPolicy(ctx *pulumi.Context,
	name string, args *AttestorIamPolicyArgs, opts ...pulumi.ResourceOpt) (*AttestorIamPolicy, error)

NewAttestorIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*AttestorIamPolicy) Attestor added in v1.3.0 

func (r *AttestorIamPolicy) Attestor() pulumi.StringOutput

Used to find the parent resource to bind the IAM policy to

func (*AttestorIamPolicy) Etag added in v1.3.0 

func (r *AttestorIamPolicy) Etag() pulumi.StringOutput

(Computed) The etag of the IAM policy.

func (*AttestorIamPolicy) ID added in v1.3.0 

func (r *AttestorIamPolicy) ID() pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*AttestorIamPolicy) PolicyData added in v1.3.0 

func (r *AttestorIamPolicy) PolicyData() pulumi.StringOutput

The policy data generated by a `organizations.getIAMPolicy` data source.

func (*AttestorIamPolicy) Project added in v1.3.0 

func (r *AttestorIamPolicy) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

func (*AttestorIamPolicy) URN added in v1.3.0 

func (r *AttestorIamPolicy) URN() pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type AttestorIamPolicyArgs added in v1.3.0 

type AttestorIamPolicyArgs struct {
	// Used to find the parent resource to bind the IAM policy to
	Attestor interface{}
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData interface{}
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project interface{}
}

The set of arguments for constructing a AttestorIamPolicy resource.

type AttestorIamPolicyState added in v1.3.0 

type AttestorIamPolicyState struct {
	// Used to find the parent resource to bind the IAM policy to
	Attestor interface{}
	// (Computed) The etag of the IAM policy.
	Etag interface{}
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData interface{}
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project interface{}
}

Input properties used for looking up and filtering AttestorIamPolicy resources.

type AttestorState 

type AttestorState struct {
	// A Container Analysis ATTESTATION_AUTHORITY Note, created by the user.
	AttestationAuthorityNote interface{}
	// A descriptive comment. This field may be updated. The field may be displayed in chooser dialogs.
	Description interface{}
	// The resource name.
	Name    interface{}
	Project interface{}
}

Input properties used for looking up and filtering Attestor resources.

type Policy 

type Policy struct {
	// contains filtered or unexported fields
}

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/r/binary_authorization_policy.html.markdown.

func GetPolicy 

func GetPolicy(ctx *pulumi.Context,
	name string, id pulumi.ID, state *PolicyState, opts ...pulumi.ResourceOpt) (*Policy, error)

GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicy 

func NewPolicy(ctx *pulumi.Context,
	name string, args *PolicyArgs, opts ...pulumi.ResourceOpt) (*Policy, error)

NewPolicy registers a new resource with the given unique name, arguments, and options.

func (*Policy) AdmissionWhitelistPatterns 

func (r *Policy) AdmissionWhitelistPatterns() pulumi.ArrayOutput

A whitelist of image patterns to exclude from admission rules. If an image's name matches a whitelist pattern, the image's admission requests will always be permitted regardless of your admission rules.

func (*Policy) ClusterAdmissionRules 

func (r *Policy) ClusterAdmissionRules() pulumi.ArrayOutput

Per-cluster admission rules. An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. There can be at most one admission rule per cluster spec. Identifier format: '{{location}}.{{clusterId}}'. A location is either a compute zone (e.g. 'us-central1-a') or a region (e.g. 'us-central1').

func (*Policy) DefaultAdmissionRule 

func (r *Policy) DefaultAdmissionRule() pulumi.Output

Default admission rule for a cluster without a per-cluster admission rule.

func (*Policy) Description 

func (r *Policy) Description() pulumi.StringOutput

A descriptive comment.

func (*Policy) GlobalPolicyEvaluationMode added in v1.1.0 

func (r *Policy) GlobalPolicyEvaluationMode() pulumi.StringOutput

Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy.

func (*Policy) ID 

func (r *Policy) ID() pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Policy) Project 

func (r *Policy) Project() pulumi.StringOutput

func (*Policy) URN 

func (r *Policy) URN() pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type PolicyArgs 

type PolicyArgs struct {
	// A whitelist of image patterns to exclude from admission rules. If an image's name matches a whitelist pattern, the
	// image's admission requests will always be permitted regardless of your admission rules.
	AdmissionWhitelistPatterns interface{}
	// Per-cluster admission rules. An admission rule specifies either that all container images used in a pod creation
	// request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations
	// will be denied. There can be at most one admission rule per cluster spec. Identifier format:
	// '{{location}}.{{clusterId}}'. A location is either a compute zone (e.g. 'us-central1-a') or a region (e.g.
	// 'us-central1').
	ClusterAdmissionRules interface{}
	// Default admission rule for a cluster without a per-cluster admission rule.
	DefaultAdmissionRule interface{}
	// A descriptive comment.
	Description interface{}
	// Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not
	// covered by the global policy will be subject to the project admission policy.
	GlobalPolicyEvaluationMode interface{}
	Project                    interface{}
}

The set of arguments for constructing a Policy resource.

type PolicyState 

type PolicyState struct {
	// A whitelist of image patterns to exclude from admission rules. If an image's name matches a whitelist pattern, the
	// image's admission requests will always be permitted regardless of your admission rules.
	AdmissionWhitelistPatterns interface{}
	// Per-cluster admission rules. An admission rule specifies either that all container images used in a pod creation
	// request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations
	// will be denied. There can be at most one admission rule per cluster spec. Identifier format:
	// '{{location}}.{{clusterId}}'. A location is either a compute zone (e.g. 'us-central1-a') or a region (e.g.
	// 'us-central1').
	ClusterAdmissionRules interface{}
	// Default admission rule for a cluster without a per-cluster admission rule.
	DefaultAdmissionRule interface{}
	// A descriptive comment.
	Description interface{}
	// Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not
	// covered by the global policy will be subject to the project admission policy.
	GlobalPolicyEvaluationMode interface{}
	Project                    interface{}
}

Input properties used for looking up and filtering Policy resources.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.