v1

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 9, 2021 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Attestor 

type Attestor struct {
	pulumi.CustomResourceState

	// Optional. A descriptive comment. This field may be updated. The field may be displayed in chooser dialogs.
	Description pulumi.StringOutput `pulumi:"description"`
	// Required. The resource name, in the format: `projects/*/attestors/*`. This field may not be updated.
	Name pulumi.StringOutput `pulumi:"name"`
	// Time when the attestor was last updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
	// This specifies how an attestation will be read, and how it will be used during policy enforcement.
	UserOwnedGrafeasNote UserOwnedGrafeasNoteResponseOutput `pulumi:"userOwnedGrafeasNote"`
}

Creates an attestor, and returns a copy of the new attestor. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the attestor already exists.

func GetAttestor 

func GetAttestor(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AttestorState, opts ...pulumi.ResourceOption) (*Attestor, error)

GetAttestor gets an existing Attestor resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAttestor 

func NewAttestor(ctx *pulumi.Context,
	name string, args *AttestorArgs, opts ...pulumi.ResourceOption) (*Attestor, error)

NewAttestor registers a new resource with the given unique name, arguments, and options.

func (*Attestor) ElementType 

func (*Attestor) ElementType() reflect.Type

func (*Attestor) ToAttestorOutput 

func (i *Attestor) ToAttestorOutput() AttestorOutput

func (*Attestor) ToAttestorOutputWithContext 

func (i *Attestor) ToAttestorOutputWithContext(ctx context.Context) AttestorOutput

type AttestorArgs 

type AttestorArgs struct {
	AttestorId pulumi.StringInput
	// Optional. A descriptive comment. This field may be updated. The field may be displayed in chooser dialogs.
	Description pulumi.StringPtrInput
	// Required. The resource name, in the format: `projects/*/attestors/*`. This field may not be updated.
	Name    pulumi.StringPtrInput
	Project pulumi.StringInput
	// This specifies how an attestation will be read, and how it will be used during policy enforcement.
	UserOwnedGrafeasNote UserOwnedGrafeasNotePtrInput
}

The set of arguments for constructing a Attestor resource.

func (AttestorArgs) ElementType 

func (AttestorArgs) ElementType() reflect.Type

type AttestorIamPolicy 

type AttestorIamPolicy struct {
	pulumi.CustomResourceState

	// Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
	Bindings BindingResponseArrayOutput `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntOutput `pulumi:"version"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetAttestorIamPolicy 

func GetAttestorIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AttestorIamPolicyState, opts ...pulumi.ResourceOption) (*AttestorIamPolicy, error)

GetAttestorIamPolicy gets an existing AttestorIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAttestorIamPolicy 

func NewAttestorIamPolicy(ctx *pulumi.Context,
	name string, args *AttestorIamPolicyArgs, opts ...pulumi.ResourceOption) (*AttestorIamPolicy, error)

NewAttestorIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*AttestorIamPolicy) ElementType 

func (*AttestorIamPolicy) ElementType() reflect.Type

func (*AttestorIamPolicy) ToAttestorIamPolicyOutput 

func (i *AttestorIamPolicy) ToAttestorIamPolicyOutput() AttestorIamPolicyOutput

func (*AttestorIamPolicy) ToAttestorIamPolicyOutputWithContext 

func (i *AttestorIamPolicy) ToAttestorIamPolicyOutputWithContext(ctx context.Context) AttestorIamPolicyOutput

type AttestorIamPolicyArgs 

type AttestorIamPolicyArgs struct {
	AttestorId pulumi.StringInput
	// Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
	Bindings BindingArrayInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag    pulumi.StringPtrInput
	Project pulumi.StringInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a AttestorIamPolicy resource.

func (AttestorIamPolicyArgs) ElementType 

func (AttestorIamPolicyArgs) ElementType() reflect.Type

type AttestorIamPolicyInput 

type AttestorIamPolicyInput interface {
	pulumi.Input

	ToAttestorIamPolicyOutput() AttestorIamPolicyOutput
	ToAttestorIamPolicyOutputWithContext(ctx context.Context) AttestorIamPolicyOutput
}

type AttestorIamPolicyOutput 

type AttestorIamPolicyOutput struct {
	*pulumi.OutputState
}

func (AttestorIamPolicyOutput) ElementType 

func (AttestorIamPolicyOutput) ElementType() reflect.Type

func (AttestorIamPolicyOutput) ToAttestorIamPolicyOutput 

func (o AttestorIamPolicyOutput) ToAttestorIamPolicyOutput() AttestorIamPolicyOutput

func (AttestorIamPolicyOutput) ToAttestorIamPolicyOutputWithContext 

func (o AttestorIamPolicyOutput) ToAttestorIamPolicyOutputWithContext(ctx context.Context) AttestorIamPolicyOutput

type AttestorIamPolicyState 

type AttestorIamPolicyState struct {
	// Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
	Bindings BindingResponseArrayInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag pulumi.StringPtrInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

func (AttestorIamPolicyState) ElementType 

func (AttestorIamPolicyState) ElementType() reflect.Type

type AttestorInput 

type AttestorInput interface {
	pulumi.Input

	ToAttestorOutput() AttestorOutput
	ToAttestorOutputWithContext(ctx context.Context) AttestorOutput
}

type AttestorOutput 

type AttestorOutput struct {
	*pulumi.OutputState
}

func (AttestorOutput) ElementType 

func (AttestorOutput) ElementType() reflect.Type

func (AttestorOutput) ToAttestorOutput 

func (o AttestorOutput) ToAttestorOutput() AttestorOutput

func (AttestorOutput) ToAttestorOutputWithContext 

func (o AttestorOutput) ToAttestorOutputWithContext(ctx context.Context) AttestorOutput

type AttestorPublicKey 

type AttestorPublicKey struct {
	// ASCII-armored representation of a PGP public key, as the entire output by the command `gpg --export --armor foo@example.com` (either LF or CRLF line endings). When using this field, `id` should be left blank. The BinAuthz API handlers will calculate the ID and fill it in automatically. BinAuthz computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as upper-case hex. If `id` is provided by the caller, it will be overwritten by the API-calculated ID.
	AsciiArmoredPgpPublicKey *string `pulumi:"asciiArmoredPgpPublicKey"`
	// Optional. A descriptive comment. This field may be updated.
	Comment *string `pulumi:"comment"`
	// The ID of this public key. Signatures verified by BinAuthz must include the ID of the public key that can be used to verify them, and that ID must match the contents of this field exactly. Additional restrictions on this field can be imposed based on which public key type is encapsulated. See the documentation on `public_key` cases below for details.
	Id *string `pulumi:"id"`
	// A raw PKIX SubjectPublicKeyInfo format public key. NOTE: `id` may be explicitly provided by the caller when using this type of public key, but it MUST be a valid RFC3986 URI. If `id` is left blank, a default one will be computed based on the digest of the DER encoding of the public key.
	PkixPublicKey *PkixPublicKey `pulumi:"pkixPublicKey"`
}

An attestor public key that will be used to verify attestations signed by this attestor.

type AttestorPublicKeyArgs 

type AttestorPublicKeyArgs struct {
	// ASCII-armored representation of a PGP public key, as the entire output by the command `gpg --export --armor foo@example.com` (either LF or CRLF line endings). When using this field, `id` should be left blank. The BinAuthz API handlers will calculate the ID and fill it in automatically. BinAuthz computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as upper-case hex. If `id` is provided by the caller, it will be overwritten by the API-calculated ID.
	AsciiArmoredPgpPublicKey pulumi.StringPtrInput `pulumi:"asciiArmoredPgpPublicKey"`
	// Optional. A descriptive comment. This field may be updated.
	Comment pulumi.StringPtrInput `pulumi:"comment"`
	// The ID of this public key. Signatures verified by BinAuthz must include the ID of the public key that can be used to verify them, and that ID must match the contents of this field exactly. Additional restrictions on this field can be imposed based on which public key type is encapsulated. See the documentation on `public_key` cases below for details.
	Id pulumi.StringPtrInput `pulumi:"id"`
	// A raw PKIX SubjectPublicKeyInfo format public key. NOTE: `id` may be explicitly provided by the caller when using this type of public key, but it MUST be a valid RFC3986 URI. If `id` is left blank, a default one will be computed based on the digest of the DER encoding of the public key.
	PkixPublicKey PkixPublicKeyPtrInput `pulumi:"pkixPublicKey"`
}

An attestor public key that will be used to verify attestations signed by this attestor.

func (AttestorPublicKeyArgs) ElementType 

func (AttestorPublicKeyArgs) ElementType() reflect.Type

func (AttestorPublicKeyArgs) ToAttestorPublicKeyOutput 

func (i AttestorPublicKeyArgs) ToAttestorPublicKeyOutput() AttestorPublicKeyOutput

func (AttestorPublicKeyArgs) ToAttestorPublicKeyOutputWithContext 

func (i AttestorPublicKeyArgs) ToAttestorPublicKeyOutputWithContext(ctx context.Context) AttestorPublicKeyOutput

type AttestorPublicKeyArray 

type AttestorPublicKeyArray []AttestorPublicKeyInput

func (AttestorPublicKeyArray) ElementType 

func (AttestorPublicKeyArray) ElementType() reflect.Type

func (AttestorPublicKeyArray) ToAttestorPublicKeyArrayOutput 

func (i AttestorPublicKeyArray) ToAttestorPublicKeyArrayOutput() AttestorPublicKeyArrayOutput

func (AttestorPublicKeyArray) ToAttestorPublicKeyArrayOutputWithContext 

func (i AttestorPublicKeyArray) ToAttestorPublicKeyArrayOutputWithContext(ctx context.Context) AttestorPublicKeyArrayOutput

type AttestorPublicKeyArrayInput 

type AttestorPublicKeyArrayInput interface {
	pulumi.Input

	ToAttestorPublicKeyArrayOutput() AttestorPublicKeyArrayOutput
	ToAttestorPublicKeyArrayOutputWithContext(context.Context) AttestorPublicKeyArrayOutput
}

AttestorPublicKeyArrayInput is an input type that accepts AttestorPublicKeyArray and AttestorPublicKeyArrayOutput values. You can construct a concrete instance of `AttestorPublicKeyArrayInput` via: 

AttestorPublicKeyArray{ AttestorPublicKeyArgs{...} }

type AttestorPublicKeyArrayOutput 

type AttestorPublicKeyArrayOutput struct{ *pulumi.OutputState }

func (AttestorPublicKeyArrayOutput) ElementType 

func (AttestorPublicKeyArrayOutput) ElementType() reflect.Type

func (AttestorPublicKeyArrayOutput) Index 

func (o AttestorPublicKeyArrayOutput) Index(i pulumi.IntInput) AttestorPublicKeyOutput

func (AttestorPublicKeyArrayOutput) ToAttestorPublicKeyArrayOutput 

func (o AttestorPublicKeyArrayOutput) ToAttestorPublicKeyArrayOutput() AttestorPublicKeyArrayOutput

func (AttestorPublicKeyArrayOutput) ToAttestorPublicKeyArrayOutputWithContext 

func (o AttestorPublicKeyArrayOutput) ToAttestorPublicKeyArrayOutputWithContext(ctx context.Context) AttestorPublicKeyArrayOutput

type AttestorPublicKeyInput 

type AttestorPublicKeyInput interface {
	pulumi.Input

	ToAttestorPublicKeyOutput() AttestorPublicKeyOutput
	ToAttestorPublicKeyOutputWithContext(context.Context) AttestorPublicKeyOutput
}

AttestorPublicKeyInput is an input type that accepts AttestorPublicKeyArgs and AttestorPublicKeyOutput values. You can construct a concrete instance of `AttestorPublicKeyInput` via: 

AttestorPublicKeyArgs{...}

type AttestorPublicKeyOutput 

type AttestorPublicKeyOutput struct{ *pulumi.OutputState }

An attestor public key that will be used to verify attestations signed by this attestor.

func (AttestorPublicKeyOutput) AsciiArmoredPgpPublicKey 

func (o AttestorPublicKeyOutput) AsciiArmoredPgpPublicKey() pulumi.StringPtrOutput

ASCII-armored representation of a PGP public key, as the entire output by the command `gpg --export --armor foo@example.com` (either LF or CRLF line endings). When using this field, `id` should be left blank. The BinAuthz API handlers will calculate the ID and fill it in automatically. BinAuthz computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as upper-case hex. If `id` is provided by the caller, it will be overwritten by the API-calculated ID.

func (AttestorPublicKeyOutput) Comment 

func (o AttestorPublicKeyOutput) Comment() pulumi.StringPtrOutput

Optional. A descriptive comment. This field may be updated.

func (AttestorPublicKeyOutput) ElementType 

func (AttestorPublicKeyOutput) ElementType() reflect.Type

func (AttestorPublicKeyOutput) Id 

func (o AttestorPublicKeyOutput) Id() pulumi.StringPtrOutput

The ID of this public key. Signatures verified by BinAuthz must include the ID of the public key that can be used to verify them, and that ID must match the contents of this field exactly. Additional restrictions on this field can be imposed based on which public key type is encapsulated. See the documentation on `public_key` cases below for details.

func (AttestorPublicKeyOutput) PkixPublicKey 

func (o AttestorPublicKeyOutput) PkixPublicKey() PkixPublicKeyPtrOutput

A raw PKIX SubjectPublicKeyInfo format public key. NOTE: `id` may be explicitly provided by the caller when using this type of public key, but it MUST be a valid RFC3986 URI. If `id` is left blank, a default one will be computed based on the digest of the DER encoding of the public key.

func (AttestorPublicKeyOutput) ToAttestorPublicKeyOutput 

func (o AttestorPublicKeyOutput) ToAttestorPublicKeyOutput() AttestorPublicKeyOutput

func (AttestorPublicKeyOutput) ToAttestorPublicKeyOutputWithContext 

func (o AttestorPublicKeyOutput) ToAttestorPublicKeyOutputWithContext(ctx context.Context) AttestorPublicKeyOutput

type AttestorPublicKeyResponse 

type AttestorPublicKeyResponse struct {
	// ASCII-armored representation of a PGP public key, as the entire output by the command `gpg --export --armor foo@example.com` (either LF or CRLF line endings). When using this field, `id` should be left blank. The BinAuthz API handlers will calculate the ID and fill it in automatically. BinAuthz computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as upper-case hex. If `id` is provided by the caller, it will be overwritten by the API-calculated ID.
	AsciiArmoredPgpPublicKey string `pulumi:"asciiArmoredPgpPublicKey"`
	// Optional. A descriptive comment. This field may be updated.
	Comment string `pulumi:"comment"`
	// A raw PKIX SubjectPublicKeyInfo format public key. NOTE: `id` may be explicitly provided by the caller when using this type of public key, but it MUST be a valid RFC3986 URI. If `id` is left blank, a default one will be computed based on the digest of the DER encoding of the public key.
	PkixPublicKey PkixPublicKeyResponse `pulumi:"pkixPublicKey"`
}

An attestor public key that will be used to verify attestations signed by this attestor.

type AttestorPublicKeyResponseArgs 

type AttestorPublicKeyResponseArgs struct {
	// ASCII-armored representation of a PGP public key, as the entire output by the command `gpg --export --armor foo@example.com` (either LF or CRLF line endings). When using this field, `id` should be left blank. The BinAuthz API handlers will calculate the ID and fill it in automatically. BinAuthz computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as upper-case hex. If `id` is provided by the caller, it will be overwritten by the API-calculated ID.
	AsciiArmoredPgpPublicKey pulumi.StringInput `pulumi:"asciiArmoredPgpPublicKey"`
	// Optional. A descriptive comment. This field may be updated.
	Comment pulumi.StringInput `pulumi:"comment"`
	// A raw PKIX SubjectPublicKeyInfo format public key. NOTE: `id` may be explicitly provided by the caller when using this type of public key, but it MUST be a valid RFC3986 URI. If `id` is left blank, a default one will be computed based on the digest of the DER encoding of the public key.
	PkixPublicKey PkixPublicKeyResponseInput `pulumi:"pkixPublicKey"`
}

An attestor public key that will be used to verify attestations signed by this attestor.

func (AttestorPublicKeyResponseArgs) ElementType 

func (AttestorPublicKeyResponseArgs) ElementType() reflect.Type

func (AttestorPublicKeyResponseArgs) ToAttestorPublicKeyResponseOutput 

func (i AttestorPublicKeyResponseArgs) ToAttestorPublicKeyResponseOutput() AttestorPublicKeyResponseOutput

func (AttestorPublicKeyResponseArgs) ToAttestorPublicKeyResponseOutputWithContext 

func (i AttestorPublicKeyResponseArgs) ToAttestorPublicKeyResponseOutputWithContext(ctx context.Context) AttestorPublicKeyResponseOutput

type AttestorPublicKeyResponseArray 

type AttestorPublicKeyResponseArray []AttestorPublicKeyResponseInput

func (AttestorPublicKeyResponseArray) ElementType 

func (AttestorPublicKeyResponseArray) ElementType() reflect.Type

func (AttestorPublicKeyResponseArray) ToAttestorPublicKeyResponseArrayOutput 

func (i AttestorPublicKeyResponseArray) ToAttestorPublicKeyResponseArrayOutput() AttestorPublicKeyResponseArrayOutput

func (AttestorPublicKeyResponseArray) ToAttestorPublicKeyResponseArrayOutputWithContext 

func (i AttestorPublicKeyResponseArray) ToAttestorPublicKeyResponseArrayOutputWithContext(ctx context.Context) AttestorPublicKeyResponseArrayOutput

type AttestorPublicKeyResponseArrayInput 

type AttestorPublicKeyResponseArrayInput interface {
	pulumi.Input

	ToAttestorPublicKeyResponseArrayOutput() AttestorPublicKeyResponseArrayOutput
	ToAttestorPublicKeyResponseArrayOutputWithContext(context.Context) AttestorPublicKeyResponseArrayOutput
}

AttestorPublicKeyResponseArrayInput is an input type that accepts AttestorPublicKeyResponseArray and AttestorPublicKeyResponseArrayOutput values. You can construct a concrete instance of `AttestorPublicKeyResponseArrayInput` via: 

AttestorPublicKeyResponseArray{ AttestorPublicKeyResponseArgs{...} }

type AttestorPublicKeyResponseArrayOutput 

type AttestorPublicKeyResponseArrayOutput struct{ *pulumi.OutputState }

func (AttestorPublicKeyResponseArrayOutput) ElementType 

func (AttestorPublicKeyResponseArrayOutput) ElementType() reflect.Type

func (AttestorPublicKeyResponseArrayOutput) Index 

func (o AttestorPublicKeyResponseArrayOutput) Index(i pulumi.IntInput) AttestorPublicKeyResponseOutput

func (AttestorPublicKeyResponseArrayOutput) ToAttestorPublicKeyResponseArrayOutput 

func (o AttestorPublicKeyResponseArrayOutput) ToAttestorPublicKeyResponseArrayOutput() AttestorPublicKeyResponseArrayOutput

func (AttestorPublicKeyResponseArrayOutput) ToAttestorPublicKeyResponseArrayOutputWithContext 

func (o AttestorPublicKeyResponseArrayOutput) ToAttestorPublicKeyResponseArrayOutputWithContext(ctx context.Context) AttestorPublicKeyResponseArrayOutput

type AttestorPublicKeyResponseInput 

type AttestorPublicKeyResponseInput interface {
	pulumi.Input

	ToAttestorPublicKeyResponseOutput() AttestorPublicKeyResponseOutput
	ToAttestorPublicKeyResponseOutputWithContext(context.Context) AttestorPublicKeyResponseOutput
}

AttestorPublicKeyResponseInput is an input type that accepts AttestorPublicKeyResponseArgs and AttestorPublicKeyResponseOutput values. You can construct a concrete instance of `AttestorPublicKeyResponseInput` via: 

AttestorPublicKeyResponseArgs{...}

type AttestorPublicKeyResponseOutput 

type AttestorPublicKeyResponseOutput struct{ *pulumi.OutputState }

An attestor public key that will be used to verify attestations signed by this attestor.

func (AttestorPublicKeyResponseOutput) AsciiArmoredPgpPublicKey 

func (o AttestorPublicKeyResponseOutput) AsciiArmoredPgpPublicKey() pulumi.StringOutput

ASCII-armored representation of a PGP public key, as the entire output by the command `gpg --export --armor foo@example.com` (either LF or CRLF line endings). When using this field, `id` should be left blank. The BinAuthz API handlers will calculate the ID and fill it in automatically. BinAuthz computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as upper-case hex. If `id` is provided by the caller, it will be overwritten by the API-calculated ID.

func (AttestorPublicKeyResponseOutput) Comment 

func (o AttestorPublicKeyResponseOutput) Comment() pulumi.StringOutput

Optional. A descriptive comment. This field may be updated.

func (AttestorPublicKeyResponseOutput) ElementType 

func (AttestorPublicKeyResponseOutput) ElementType() reflect.Type

func (AttestorPublicKeyResponseOutput) PkixPublicKey 

func (o AttestorPublicKeyResponseOutput) PkixPublicKey() PkixPublicKeyResponseOutput

A raw PKIX SubjectPublicKeyInfo format public key. NOTE: `id` may be explicitly provided by the caller when using this type of public key, but it MUST be a valid RFC3986 URI. If `id` is left blank, a default one will be computed based on the digest of the DER encoding of the public key.

func (AttestorPublicKeyResponseOutput) ToAttestorPublicKeyResponseOutput 

func (o AttestorPublicKeyResponseOutput) ToAttestorPublicKeyResponseOutput() AttestorPublicKeyResponseOutput

func (AttestorPublicKeyResponseOutput) ToAttestorPublicKeyResponseOutputWithContext 

func (o AttestorPublicKeyResponseOutput) ToAttestorPublicKeyResponseOutputWithContext(ctx context.Context) AttestorPublicKeyResponseOutput

type AttestorState 

type AttestorState struct {
	// Optional. A descriptive comment. This field may be updated. The field may be displayed in chooser dialogs.
	Description pulumi.StringPtrInput
	// Required. The resource name, in the format: `projects/*/attestors/*`. This field may not be updated.
	Name pulumi.StringPtrInput
	// Time when the attestor was last updated.
	UpdateTime pulumi.StringPtrInput
	// This specifies how an attestation will be read, and how it will be used during policy enforcement.
	UserOwnedGrafeasNote UserOwnedGrafeasNoteResponsePtrInput
}

func (AttestorState) ElementType 

func (AttestorState) ElementType() reflect.Type

type Binding 

type Binding struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition *Expr `pulumi:"condition"`
	// Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
	Members []string `pulumi:"members"`
	// Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role *string `pulumi:"role"`
}

Associates `members` with a `role`.

type BindingArgs 

type BindingArgs struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition ExprPtrInput `pulumi:"condition"`
	// Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
	Members pulumi.StringArrayInput `pulumi:"members"`
	// Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role pulumi.StringPtrInput `pulumi:"role"`
}

Associates `members` with a `role`.

func (BindingArgs) ElementType 

func (BindingArgs) ElementType() reflect.Type

func (BindingArgs) ToBindingOutput 

func (i BindingArgs) ToBindingOutput() BindingOutput

func (BindingArgs) ToBindingOutputWithContext 

func (i BindingArgs) ToBindingOutputWithContext(ctx context.Context) BindingOutput

type BindingArray 

type BindingArray []BindingInput

func (BindingArray) ElementType 

func (BindingArray) ElementType() reflect.Type

func (BindingArray) ToBindingArrayOutput 

func (i BindingArray) ToBindingArrayOutput() BindingArrayOutput

func (BindingArray) ToBindingArrayOutputWithContext 

func (i BindingArray) ToBindingArrayOutputWithContext(ctx context.Context) BindingArrayOutput

type BindingArrayInput 

type BindingArrayInput interface {
	pulumi.Input

	ToBindingArrayOutput() BindingArrayOutput
	ToBindingArrayOutputWithContext(context.Context) BindingArrayOutput
}

BindingArrayInput is an input type that accepts BindingArray and BindingArrayOutput values. You can construct a concrete instance of `BindingArrayInput` via: 

BindingArray{ BindingArgs{...} }

type BindingArrayOutput 

type BindingArrayOutput struct{ *pulumi.OutputState }

func (BindingArrayOutput) ElementType 

func (BindingArrayOutput) ElementType() reflect.Type

func (BindingArrayOutput) Index 

func (o BindingArrayOutput) Index(i pulumi.IntInput) BindingOutput

func (BindingArrayOutput) ToBindingArrayOutput 

func (o BindingArrayOutput) ToBindingArrayOutput() BindingArrayOutput

func (BindingArrayOutput) ToBindingArrayOutputWithContext 

func (o BindingArrayOutput) ToBindingArrayOutputWithContext(ctx context.Context) BindingArrayOutput

type BindingInput 

type BindingInput interface {
	pulumi.Input

	ToBindingOutput() BindingOutput
	ToBindingOutputWithContext(context.Context) BindingOutput
}

BindingInput is an input type that accepts BindingArgs and BindingOutput values. You can construct a concrete instance of `BindingInput` via: 

BindingArgs{...}

type BindingOutput 

type BindingOutput struct{ *pulumi.OutputState }

Associates `members` with a `role`.

func (BindingOutput) Condition 

func (o BindingOutput) Condition() ExprPtrOutput

The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

func (BindingOutput) ElementType 

func (BindingOutput) ElementType() reflect.Type

func (BindingOutput) Members 

func (o BindingOutput) Members() pulumi.StringArrayOutput

Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.

func (BindingOutput) Role 

func (o BindingOutput) Role() pulumi.StringPtrOutput

Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (BindingOutput) ToBindingOutput 

func (o BindingOutput) ToBindingOutput() BindingOutput

func (BindingOutput) ToBindingOutputWithContext 

func (o BindingOutput) ToBindingOutputWithContext(ctx context.Context) BindingOutput

type BindingResponse 

type BindingResponse struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition ExprResponse `pulumi:"condition"`
	// Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
	Members []string `pulumi:"members"`
	// Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role string `pulumi:"role"`
}

Associates `members` with a `role`.

type BindingResponseArgs 

type BindingResponseArgs struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition ExprResponseInput `pulumi:"condition"`
	// Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
	Members pulumi.StringArrayInput `pulumi:"members"`
	// Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role pulumi.StringInput `pulumi:"role"`
}

Associates `members` with a `role`.

func (BindingResponseArgs) ElementType 

func (BindingResponseArgs) ElementType() reflect.Type

func (BindingResponseArgs) ToBindingResponseOutput 

func (i BindingResponseArgs) ToBindingResponseOutput() BindingResponseOutput

func (BindingResponseArgs) ToBindingResponseOutputWithContext 

func (i BindingResponseArgs) ToBindingResponseOutputWithContext(ctx context.Context) BindingResponseOutput

type BindingResponseArray 

type BindingResponseArray []BindingResponseInput

func (BindingResponseArray) ElementType 

func (BindingResponseArray) ElementType() reflect.Type

func (BindingResponseArray) ToBindingResponseArrayOutput 

func (i BindingResponseArray) ToBindingResponseArrayOutput() BindingResponseArrayOutput

func (BindingResponseArray) ToBindingResponseArrayOutputWithContext 

func (i BindingResponseArray) ToBindingResponseArrayOutputWithContext(ctx context.Context) BindingResponseArrayOutput

type BindingResponseArrayInput 

type BindingResponseArrayInput interface {
	pulumi.Input

	ToBindingResponseArrayOutput() BindingResponseArrayOutput
	ToBindingResponseArrayOutputWithContext(context.Context) BindingResponseArrayOutput
}

BindingResponseArrayInput is an input type that accepts BindingResponseArray and BindingResponseArrayOutput values. You can construct a concrete instance of `BindingResponseArrayInput` via: 

BindingResponseArray{ BindingResponseArgs{...} }

type BindingResponseArrayOutput 

type BindingResponseArrayOutput struct{ *pulumi.OutputState }

func (BindingResponseArrayOutput) ElementType 

func (BindingResponseArrayOutput) ElementType() reflect.Type

func (BindingResponseArrayOutput) Index 

func (o BindingResponseArrayOutput) Index(i pulumi.IntInput) BindingResponseOutput

func (BindingResponseArrayOutput) ToBindingResponseArrayOutput 

func (o BindingResponseArrayOutput) ToBindingResponseArrayOutput() BindingResponseArrayOutput

func (BindingResponseArrayOutput) ToBindingResponseArrayOutputWithContext 

func (o BindingResponseArrayOutput) ToBindingResponseArrayOutputWithContext(ctx context.Context) BindingResponseArrayOutput

type BindingResponseInput 

type BindingResponseInput interface {
	pulumi.Input

	ToBindingResponseOutput() BindingResponseOutput
	ToBindingResponseOutputWithContext(context.Context) BindingResponseOutput
}

BindingResponseInput is an input type that accepts BindingResponseArgs and BindingResponseOutput values. You can construct a concrete instance of `BindingResponseInput` via: 

BindingResponseArgs{...}

type BindingResponseOutput 

type BindingResponseOutput struct{ *pulumi.OutputState }

Associates `members` with a `role`.

func (BindingResponseOutput) Condition 

func (o BindingResponseOutput) Condition() ExprResponseOutput

The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

func (BindingResponseOutput) ElementType 

func (BindingResponseOutput) ElementType() reflect.Type

func (BindingResponseOutput) Members 

func (o BindingResponseOutput) Members() pulumi.StringArrayOutput

Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.

func (BindingResponseOutput) Role 

func (o BindingResponseOutput) Role() pulumi.StringOutput

Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (BindingResponseOutput) ToBindingResponseOutput 

func (o BindingResponseOutput) ToBindingResponseOutput() BindingResponseOutput

func (BindingResponseOutput) ToBindingResponseOutputWithContext 

func (o BindingResponseOutput) ToBindingResponseOutputWithContext(ctx context.Context) BindingResponseOutput

type Expr 

type Expr struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description *string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression *string `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location *string `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title *string `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

type ExprArgs 

type ExprArgs struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description pulumi.StringPtrInput `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression pulumi.StringPtrInput `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location pulumi.StringPtrInput `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title pulumi.StringPtrInput `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprArgs) ElementType 

func (ExprArgs) ElementType() reflect.Type

func (ExprArgs) ToExprOutput 

func (i ExprArgs) ToExprOutput() ExprOutput

func (ExprArgs) ToExprOutputWithContext 

func (i ExprArgs) ToExprOutputWithContext(ctx context.Context) ExprOutput

func (ExprArgs) ToExprPtrOutput 

func (i ExprArgs) ToExprPtrOutput() ExprPtrOutput

func (ExprArgs) ToExprPtrOutputWithContext 

func (i ExprArgs) ToExprPtrOutputWithContext(ctx context.Context) ExprPtrOutput

type ExprInput 

type ExprInput interface {
	pulumi.Input

	ToExprOutput() ExprOutput
	ToExprOutputWithContext(context.Context) ExprOutput
}

ExprInput is an input type that accepts ExprArgs and ExprOutput values. You can construct a concrete instance of `ExprInput` via: 

ExprArgs{...}

type ExprOutput 

type ExprOutput struct{ *pulumi.OutputState }

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprOutput) Description 

func (o ExprOutput) Description() pulumi.StringPtrOutput

Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (ExprOutput) ElementType 

func (ExprOutput) ElementType() reflect.Type

func (ExprOutput) Expression 

func (o ExprOutput) Expression() pulumi.StringPtrOutput

Textual representation of an expression in Common Expression Language syntax.

func (ExprOutput) Location 

func (o ExprOutput) Location() pulumi.StringPtrOutput

Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

func (ExprOutput) Title 

func (o ExprOutput) Title() pulumi.StringPtrOutput

Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

func (ExprOutput) ToExprOutput 

func (o ExprOutput) ToExprOutput() ExprOutput

func (ExprOutput) ToExprOutputWithContext 

func (o ExprOutput) ToExprOutputWithContext(ctx context.Context) ExprOutput

func (ExprOutput) ToExprPtrOutput 

func (o ExprOutput) ToExprPtrOutput() ExprPtrOutput

func (ExprOutput) ToExprPtrOutputWithContext 

func (o ExprOutput) ToExprPtrOutputWithContext(ctx context.Context) ExprPtrOutput

type ExprPtrInput 

type ExprPtrInput interface {
	pulumi.Input

	ToExprPtrOutput() ExprPtrOutput
	ToExprPtrOutputWithContext(context.Context) ExprPtrOutput
}

ExprPtrInput is an input type that accepts ExprArgs, ExprPtr and ExprPtrOutput values. You can construct a concrete instance of `ExprPtrInput` via: 

        ExprArgs{...}

or:

        nil

func ExprPtr 

func ExprPtr(v *ExprArgs) ExprPtrInput

type ExprPtrOutput 

type ExprPtrOutput struct{ *pulumi.OutputState }

func (ExprPtrOutput) Description 

func (o ExprPtrOutput) Description() pulumi.StringPtrOutput

Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (ExprPtrOutput) Elem 

func (o ExprPtrOutput) Elem() ExprOutput

func (ExprPtrOutput) ElementType 

func (ExprPtrOutput) ElementType() reflect.Type

func (ExprPtrOutput) Expression 

func (o ExprPtrOutput) Expression() pulumi.StringPtrOutput

Textual representation of an expression in Common Expression Language syntax.

func (ExprPtrOutput) Location 

func (o ExprPtrOutput) Location() pulumi.StringPtrOutput

Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

func (ExprPtrOutput) Title 

func (o ExprPtrOutput) Title() pulumi.StringPtrOutput

Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

func (ExprPtrOutput) ToExprPtrOutput 

func (o ExprPtrOutput) ToExprPtrOutput() ExprPtrOutput

func (ExprPtrOutput) ToExprPtrOutputWithContext 

func (o ExprPtrOutput) ToExprPtrOutputWithContext(ctx context.Context) ExprPtrOutput

type ExprResponse 

type ExprResponse struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression string `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location string `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title string `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

type ExprResponseArgs 

type ExprResponseArgs struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description pulumi.StringInput `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression pulumi.StringInput `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location pulumi.StringInput `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title pulumi.StringInput `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprResponseArgs) ElementType 

func (ExprResponseArgs) ElementType() reflect.Type

func (ExprResponseArgs) ToExprResponseOutput 

func (i ExprResponseArgs) ToExprResponseOutput() ExprResponseOutput

func (ExprResponseArgs) ToExprResponseOutputWithContext 

func (i ExprResponseArgs) ToExprResponseOutputWithContext(ctx context.Context) ExprResponseOutput

type ExprResponseInput 

type ExprResponseInput interface {
	pulumi.Input

	ToExprResponseOutput() ExprResponseOutput
	ToExprResponseOutputWithContext(context.Context) ExprResponseOutput
}

ExprResponseInput is an input type that accepts ExprResponseArgs and ExprResponseOutput values. You can construct a concrete instance of `ExprResponseInput` via: 

ExprResponseArgs{...}

type ExprResponseOutput 

type ExprResponseOutput struct{ *pulumi.OutputState }

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprResponseOutput) Description 

func (o ExprResponseOutput) Description() pulumi.StringOutput

Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (ExprResponseOutput) ElementType 

func (ExprResponseOutput) ElementType() reflect.Type

func (ExprResponseOutput) Expression 

func (o ExprResponseOutput) Expression() pulumi.StringOutput

Textual representation of an expression in Common Expression Language syntax.

func (ExprResponseOutput) Location 

func (o ExprResponseOutput) Location() pulumi.StringOutput

Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

func (ExprResponseOutput) Title 

func (o ExprResponseOutput) Title() pulumi.StringOutput

Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

func (ExprResponseOutput) ToExprResponseOutput 

func (o ExprResponseOutput) ToExprResponseOutput() ExprResponseOutput

func (ExprResponseOutput) ToExprResponseOutputWithContext 

func (o ExprResponseOutput) ToExprResponseOutputWithContext(ctx context.Context) ExprResponseOutput

type PkixPublicKey 

type PkixPublicKey struct {
	// A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13
	PublicKeyPem *string `pulumi:"publicKeyPem"`
	// The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in `public_key_pem` (i.e. this algorithm must match that of the public key).
	SignatureAlgorithm *string `pulumi:"signatureAlgorithm"`
}

A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.

type PkixPublicKeyArgs 

type PkixPublicKeyArgs struct {
	// A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13
	PublicKeyPem pulumi.StringPtrInput `pulumi:"publicKeyPem"`
	// The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in `public_key_pem` (i.e. this algorithm must match that of the public key).
	SignatureAlgorithm pulumi.StringPtrInput `pulumi:"signatureAlgorithm"`
}

A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.

func (PkixPublicKeyArgs) ElementType 

func (PkixPublicKeyArgs) ElementType() reflect.Type

func (PkixPublicKeyArgs) ToPkixPublicKeyOutput 

func (i PkixPublicKeyArgs) ToPkixPublicKeyOutput() PkixPublicKeyOutput

func (PkixPublicKeyArgs) ToPkixPublicKeyOutputWithContext 

func (i PkixPublicKeyArgs) ToPkixPublicKeyOutputWithContext(ctx context.Context) PkixPublicKeyOutput

func (PkixPublicKeyArgs) ToPkixPublicKeyPtrOutput 

func (i PkixPublicKeyArgs) ToPkixPublicKeyPtrOutput() PkixPublicKeyPtrOutput

func (PkixPublicKeyArgs) ToPkixPublicKeyPtrOutputWithContext 

func (i PkixPublicKeyArgs) ToPkixPublicKeyPtrOutputWithContext(ctx context.Context) PkixPublicKeyPtrOutput

type PkixPublicKeyInput 

type PkixPublicKeyInput interface {
	pulumi.Input

	ToPkixPublicKeyOutput() PkixPublicKeyOutput
	ToPkixPublicKeyOutputWithContext(context.Context) PkixPublicKeyOutput
}

PkixPublicKeyInput is an input type that accepts PkixPublicKeyArgs and PkixPublicKeyOutput values. You can construct a concrete instance of `PkixPublicKeyInput` via: 

PkixPublicKeyArgs{...}

type PkixPublicKeyOutput 

type PkixPublicKeyOutput struct{ *pulumi.OutputState }

A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.

func (PkixPublicKeyOutput) ElementType 

func (PkixPublicKeyOutput) ElementType() reflect.Type

func (PkixPublicKeyOutput) PublicKeyPem 

func (o PkixPublicKeyOutput) PublicKeyPem() pulumi.StringPtrOutput

A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13

func (PkixPublicKeyOutput) SignatureAlgorithm 

func (o PkixPublicKeyOutput) SignatureAlgorithm() pulumi.StringPtrOutput

The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in `public_key_pem` (i.e. this algorithm must match that of the public key).

func (PkixPublicKeyOutput) ToPkixPublicKeyOutput 

func (o PkixPublicKeyOutput) ToPkixPublicKeyOutput() PkixPublicKeyOutput

func (PkixPublicKeyOutput) ToPkixPublicKeyOutputWithContext 

func (o PkixPublicKeyOutput) ToPkixPublicKeyOutputWithContext(ctx context.Context) PkixPublicKeyOutput

func (PkixPublicKeyOutput) ToPkixPublicKeyPtrOutput 

func (o PkixPublicKeyOutput) ToPkixPublicKeyPtrOutput() PkixPublicKeyPtrOutput

func (PkixPublicKeyOutput) ToPkixPublicKeyPtrOutputWithContext 

func (o PkixPublicKeyOutput) ToPkixPublicKeyPtrOutputWithContext(ctx context.Context) PkixPublicKeyPtrOutput

type PkixPublicKeyPtrInput 

type PkixPublicKeyPtrInput interface {
	pulumi.Input

	ToPkixPublicKeyPtrOutput() PkixPublicKeyPtrOutput
	ToPkixPublicKeyPtrOutputWithContext(context.Context) PkixPublicKeyPtrOutput
}

PkixPublicKeyPtrInput is an input type that accepts PkixPublicKeyArgs, PkixPublicKeyPtr and PkixPublicKeyPtrOutput values. You can construct a concrete instance of `PkixPublicKeyPtrInput` via: 

        PkixPublicKeyArgs{...}

or:

        nil

func PkixPublicKeyPtr 

func PkixPublicKeyPtr(v *PkixPublicKeyArgs) PkixPublicKeyPtrInput

type PkixPublicKeyPtrOutput 

type PkixPublicKeyPtrOutput struct{ *pulumi.OutputState }

func (PkixPublicKeyPtrOutput) Elem 

func (o PkixPublicKeyPtrOutput) Elem() PkixPublicKeyOutput

func (PkixPublicKeyPtrOutput) ElementType 

func (PkixPublicKeyPtrOutput) ElementType() reflect.Type

func (PkixPublicKeyPtrOutput) PublicKeyPem 

func (o PkixPublicKeyPtrOutput) PublicKeyPem() pulumi.StringPtrOutput

A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13

func (PkixPublicKeyPtrOutput) SignatureAlgorithm 

func (o PkixPublicKeyPtrOutput) SignatureAlgorithm() pulumi.StringPtrOutput

The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in `public_key_pem` (i.e. this algorithm must match that of the public key).

func (PkixPublicKeyPtrOutput) ToPkixPublicKeyPtrOutput 

func (o PkixPublicKeyPtrOutput) ToPkixPublicKeyPtrOutput() PkixPublicKeyPtrOutput

func (PkixPublicKeyPtrOutput) ToPkixPublicKeyPtrOutputWithContext 

func (o PkixPublicKeyPtrOutput) ToPkixPublicKeyPtrOutputWithContext(ctx context.Context) PkixPublicKeyPtrOutput

type PkixPublicKeyResponse 

type PkixPublicKeyResponse struct {
	// A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13
	PublicKeyPem string `pulumi:"publicKeyPem"`
	// The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in `public_key_pem` (i.e. this algorithm must match that of the public key).
	SignatureAlgorithm string `pulumi:"signatureAlgorithm"`
}

A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.

type PkixPublicKeyResponseArgs 

type PkixPublicKeyResponseArgs struct {
	// A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13
	PublicKeyPem pulumi.StringInput `pulumi:"publicKeyPem"`
	// The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in `public_key_pem` (i.e. this algorithm must match that of the public key).
	SignatureAlgorithm pulumi.StringInput `pulumi:"signatureAlgorithm"`
}

A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.

func (PkixPublicKeyResponseArgs) ElementType 

func (PkixPublicKeyResponseArgs) ElementType() reflect.Type

func (PkixPublicKeyResponseArgs) ToPkixPublicKeyResponseOutput 

func (i PkixPublicKeyResponseArgs) ToPkixPublicKeyResponseOutput() PkixPublicKeyResponseOutput

func (PkixPublicKeyResponseArgs) ToPkixPublicKeyResponseOutputWithContext 

func (i PkixPublicKeyResponseArgs) ToPkixPublicKeyResponseOutputWithContext(ctx context.Context) PkixPublicKeyResponseOutput

type PkixPublicKeyResponseInput 

type PkixPublicKeyResponseInput interface {
	pulumi.Input

	ToPkixPublicKeyResponseOutput() PkixPublicKeyResponseOutput
	ToPkixPublicKeyResponseOutputWithContext(context.Context) PkixPublicKeyResponseOutput
}

PkixPublicKeyResponseInput is an input type that accepts PkixPublicKeyResponseArgs and PkixPublicKeyResponseOutput values. You can construct a concrete instance of `PkixPublicKeyResponseInput` via: 

PkixPublicKeyResponseArgs{...}

type PkixPublicKeyResponseOutput 

type PkixPublicKeyResponseOutput struct{ *pulumi.OutputState }

A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.

func (PkixPublicKeyResponseOutput) ElementType 

func (PkixPublicKeyResponseOutput) ElementType() reflect.Type

func (PkixPublicKeyResponseOutput) PublicKeyPem 

func (o PkixPublicKeyResponseOutput) PublicKeyPem() pulumi.StringOutput

A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13

func (PkixPublicKeyResponseOutput) SignatureAlgorithm 

func (o PkixPublicKeyResponseOutput) SignatureAlgorithm() pulumi.StringOutput

The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in `public_key_pem` (i.e. this algorithm must match that of the public key).

func (PkixPublicKeyResponseOutput) ToPkixPublicKeyResponseOutput 

func (o PkixPublicKeyResponseOutput) ToPkixPublicKeyResponseOutput() PkixPublicKeyResponseOutput

func (PkixPublicKeyResponseOutput) ToPkixPublicKeyResponseOutputWithContext 

func (o PkixPublicKeyResponseOutput) ToPkixPublicKeyResponseOutputWithContext(ctx context.Context) PkixPublicKeyResponseOutput

type PolicyIamPolicy 

type PolicyIamPolicy struct {
	pulumi.CustomResourceState

	// Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
	Bindings BindingResponseArrayOutput `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntOutput `pulumi:"version"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetPolicyIamPolicy 

func GetPolicyIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PolicyIamPolicyState, opts ...pulumi.ResourceOption) (*PolicyIamPolicy, error)

GetPolicyIamPolicy gets an existing PolicyIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicyIamPolicy 

func NewPolicyIamPolicy(ctx *pulumi.Context,
	name string, args *PolicyIamPolicyArgs, opts ...pulumi.ResourceOption) (*PolicyIamPolicy, error)

NewPolicyIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*PolicyIamPolicy) ElementType 

func (*PolicyIamPolicy) ElementType() reflect.Type

func (*PolicyIamPolicy) ToPolicyIamPolicyOutput 

func (i *PolicyIamPolicy) ToPolicyIamPolicyOutput() PolicyIamPolicyOutput

func (*PolicyIamPolicy) ToPolicyIamPolicyOutputWithContext 

func (i *PolicyIamPolicy) ToPolicyIamPolicyOutputWithContext(ctx context.Context) PolicyIamPolicyOutput

type PolicyIamPolicyArgs 

type PolicyIamPolicyArgs struct {
	// Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
	Bindings BindingArrayInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag    pulumi.StringPtrInput
	Project pulumi.StringInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a PolicyIamPolicy resource.

func (PolicyIamPolicyArgs) ElementType 

func (PolicyIamPolicyArgs) ElementType() reflect.Type

type PolicyIamPolicyInput 

type PolicyIamPolicyInput interface {
	pulumi.Input

	ToPolicyIamPolicyOutput() PolicyIamPolicyOutput
	ToPolicyIamPolicyOutputWithContext(ctx context.Context) PolicyIamPolicyOutput
}

type PolicyIamPolicyOutput 

type PolicyIamPolicyOutput struct {
	*pulumi.OutputState
}

func (PolicyIamPolicyOutput) ElementType 

func (PolicyIamPolicyOutput) ElementType() reflect.Type

func (PolicyIamPolicyOutput) ToPolicyIamPolicyOutput 

func (o PolicyIamPolicyOutput) ToPolicyIamPolicyOutput() PolicyIamPolicyOutput

func (PolicyIamPolicyOutput) ToPolicyIamPolicyOutputWithContext 

func (o PolicyIamPolicyOutput) ToPolicyIamPolicyOutputWithContext(ctx context.Context) PolicyIamPolicyOutput

type PolicyIamPolicyState 

type PolicyIamPolicyState struct {
	// Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
	Bindings BindingResponseArrayInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag pulumi.StringPtrInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

func (PolicyIamPolicyState) ElementType 

func (PolicyIamPolicyState) ElementType() reflect.Type

type UserOwnedGrafeasNote 

type UserOwnedGrafeasNote struct {
	// Required. The Grafeas resource name of a Attestation.Authority Note, created by the user, in the format: `projects/*/notes/*`. This field may not be updated. An attestation by this attestor is stored as a Grafeas Attestation.Authority Occurrence that names a container image and that links to this Note. Grafeas is an external dependency.
	NoteReference *string `pulumi:"noteReference"`
	// Optional. Public keys that verify attestations signed by this attestor. This field may be updated. If this field is non-empty, one of the specified public keys must verify that an attestation was signed by this attestor for the image specified in the admission request. If this field is empty, this attestor always returns that no valid attestations exist.
	PublicKeys []AttestorPublicKey `pulumi:"publicKeys"`
}

An user owned Grafeas note references a Grafeas Attestation.Authority Note created by the user.

type UserOwnedGrafeasNoteArgs 

type UserOwnedGrafeasNoteArgs struct {
	// Required. The Grafeas resource name of a Attestation.Authority Note, created by the user, in the format: `projects/*/notes/*`. This field may not be updated. An attestation by this attestor is stored as a Grafeas Attestation.Authority Occurrence that names a container image and that links to this Note. Grafeas is an external dependency.
	NoteReference pulumi.StringPtrInput `pulumi:"noteReference"`
	// Optional. Public keys that verify attestations signed by this attestor. This field may be updated. If this field is non-empty, one of the specified public keys must verify that an attestation was signed by this attestor for the image specified in the admission request. If this field is empty, this attestor always returns that no valid attestations exist.
	PublicKeys AttestorPublicKeyArrayInput `pulumi:"publicKeys"`
}

An user owned Grafeas note references a Grafeas Attestation.Authority Note created by the user.

func (UserOwnedGrafeasNoteArgs) ElementType 

func (UserOwnedGrafeasNoteArgs) ElementType() reflect.Type

func (UserOwnedGrafeasNoteArgs) ToUserOwnedGrafeasNoteOutput 

func (i UserOwnedGrafeasNoteArgs) ToUserOwnedGrafeasNoteOutput() UserOwnedGrafeasNoteOutput

func (UserOwnedGrafeasNoteArgs) ToUserOwnedGrafeasNoteOutputWithContext 

func (i UserOwnedGrafeasNoteArgs) ToUserOwnedGrafeasNoteOutputWithContext(ctx context.Context) UserOwnedGrafeasNoteOutput

func (UserOwnedGrafeasNoteArgs) ToUserOwnedGrafeasNotePtrOutput 

func (i UserOwnedGrafeasNoteArgs) ToUserOwnedGrafeasNotePtrOutput() UserOwnedGrafeasNotePtrOutput

func (UserOwnedGrafeasNoteArgs) ToUserOwnedGrafeasNotePtrOutputWithContext 

func (i UserOwnedGrafeasNoteArgs) ToUserOwnedGrafeasNotePtrOutputWithContext(ctx context.Context) UserOwnedGrafeasNotePtrOutput

type UserOwnedGrafeasNoteInput 

type UserOwnedGrafeasNoteInput interface {
	pulumi.Input

	ToUserOwnedGrafeasNoteOutput() UserOwnedGrafeasNoteOutput
	ToUserOwnedGrafeasNoteOutputWithContext(context.Context) UserOwnedGrafeasNoteOutput
}

UserOwnedGrafeasNoteInput is an input type that accepts UserOwnedGrafeasNoteArgs and UserOwnedGrafeasNoteOutput values. You can construct a concrete instance of `UserOwnedGrafeasNoteInput` via: 

UserOwnedGrafeasNoteArgs{...}

type UserOwnedGrafeasNoteOutput 

type UserOwnedGrafeasNoteOutput struct{ *pulumi.OutputState }

An user owned Grafeas note references a Grafeas Attestation.Authority Note created by the user.

func (UserOwnedGrafeasNoteOutput) ElementType 

func (UserOwnedGrafeasNoteOutput) ElementType() reflect.Type

func (UserOwnedGrafeasNoteOutput) NoteReference 

func (o UserOwnedGrafeasNoteOutput) NoteReference() pulumi.StringPtrOutput

Required. The Grafeas resource name of a Attestation.Authority Note, created by the user, in the format: `projects/*/notes/*`. This field may not be updated. An attestation by this attestor is stored as a Grafeas Attestation.Authority Occurrence that names a container image and that links to this Note. Grafeas is an external dependency.

func (UserOwnedGrafeasNoteOutput) PublicKeys 

func (o UserOwnedGrafeasNoteOutput) PublicKeys() AttestorPublicKeyArrayOutput

Optional. Public keys that verify attestations signed by this attestor. This field may be updated. If this field is non-empty, one of the specified public keys must verify that an attestation was signed by this attestor for the image specified in the admission request. If this field is empty, this attestor always returns that no valid attestations exist.

func (UserOwnedGrafeasNoteOutput) ToUserOwnedGrafeasNoteOutput 

func (o UserOwnedGrafeasNoteOutput) ToUserOwnedGrafeasNoteOutput() UserOwnedGrafeasNoteOutput

func (UserOwnedGrafeasNoteOutput) ToUserOwnedGrafeasNoteOutputWithContext 

func (o UserOwnedGrafeasNoteOutput) ToUserOwnedGrafeasNoteOutputWithContext(ctx context.Context) UserOwnedGrafeasNoteOutput

func (UserOwnedGrafeasNoteOutput) ToUserOwnedGrafeasNotePtrOutput 

func (o UserOwnedGrafeasNoteOutput) ToUserOwnedGrafeasNotePtrOutput() UserOwnedGrafeasNotePtrOutput

func (UserOwnedGrafeasNoteOutput) ToUserOwnedGrafeasNotePtrOutputWithContext 

func (o UserOwnedGrafeasNoteOutput) ToUserOwnedGrafeasNotePtrOutputWithContext(ctx context.Context) UserOwnedGrafeasNotePtrOutput

type UserOwnedGrafeasNotePtrInput 

type UserOwnedGrafeasNotePtrInput interface {
	pulumi.Input

	ToUserOwnedGrafeasNotePtrOutput() UserOwnedGrafeasNotePtrOutput
	ToUserOwnedGrafeasNotePtrOutputWithContext(context.Context) UserOwnedGrafeasNotePtrOutput
}

UserOwnedGrafeasNotePtrInput is an input type that accepts UserOwnedGrafeasNoteArgs, UserOwnedGrafeasNotePtr and UserOwnedGrafeasNotePtrOutput values. You can construct a concrete instance of `UserOwnedGrafeasNotePtrInput` via: 

        UserOwnedGrafeasNoteArgs{...}

or:

        nil

func UserOwnedGrafeasNotePtr 

func UserOwnedGrafeasNotePtr(v *UserOwnedGrafeasNoteArgs) UserOwnedGrafeasNotePtrInput

type UserOwnedGrafeasNotePtrOutput 

type UserOwnedGrafeasNotePtrOutput struct{ *pulumi.OutputState }

func (UserOwnedGrafeasNotePtrOutput) Elem 

func (o UserOwnedGrafeasNotePtrOutput) Elem() UserOwnedGrafeasNoteOutput

func (UserOwnedGrafeasNotePtrOutput) ElementType 

func (UserOwnedGrafeasNotePtrOutput) ElementType() reflect.Type

func (UserOwnedGrafeasNotePtrOutput) NoteReference 

func (o UserOwnedGrafeasNotePtrOutput) NoteReference() pulumi.StringPtrOutput

Required. The Grafeas resource name of a Attestation.Authority Note, created by the user, in the format: `projects/*/notes/*`. This field may not be updated. An attestation by this attestor is stored as a Grafeas Attestation.Authority Occurrence that names a container image and that links to this Note. Grafeas is an external dependency.

func (UserOwnedGrafeasNotePtrOutput) PublicKeys 

func (o UserOwnedGrafeasNotePtrOutput) PublicKeys() AttestorPublicKeyArrayOutput

Optional. Public keys that verify attestations signed by this attestor. This field may be updated. If this field is non-empty, one of the specified public keys must verify that an attestation was signed by this attestor for the image specified in the admission request. If this field is empty, this attestor always returns that no valid attestations exist.

func (UserOwnedGrafeasNotePtrOutput) ToUserOwnedGrafeasNotePtrOutput 

func (o UserOwnedGrafeasNotePtrOutput) ToUserOwnedGrafeasNotePtrOutput() UserOwnedGrafeasNotePtrOutput

func (UserOwnedGrafeasNotePtrOutput) ToUserOwnedGrafeasNotePtrOutputWithContext 

func (o UserOwnedGrafeasNotePtrOutput) ToUserOwnedGrafeasNotePtrOutputWithContext(ctx context.Context) UserOwnedGrafeasNotePtrOutput

type UserOwnedGrafeasNoteResponse 

type UserOwnedGrafeasNoteResponse struct {
	// This field will contain the service account email address that this Attestor will use as the principal when querying Container Analysis. Attestor administrators must grant this service account the IAM role needed to read attestations from the note_reference in Container Analysis (`containeranalysis.notes.occurrences.viewer`). This email address is fixed for the lifetime of the Attestor, but callers should not make any other assumptions about the service account email; future versions may use an email based on a different naming pattern.
	DelegationServiceAccountEmail string `pulumi:"delegationServiceAccountEmail"`
	// Required. The Grafeas resource name of a Attestation.Authority Note, created by the user, in the format: `projects/*/notes/*`. This field may not be updated. An attestation by this attestor is stored as a Grafeas Attestation.Authority Occurrence that names a container image and that links to this Note. Grafeas is an external dependency.
	NoteReference string `pulumi:"noteReference"`
	// Optional. Public keys that verify attestations signed by this attestor. This field may be updated. If this field is non-empty, one of the specified public keys must verify that an attestation was signed by this attestor for the image specified in the admission request. If this field is empty, this attestor always returns that no valid attestations exist.
	PublicKeys []AttestorPublicKeyResponse `pulumi:"publicKeys"`
}

An user owned Grafeas note references a Grafeas Attestation.Authority Note created by the user.

type UserOwnedGrafeasNoteResponseArgs 

type UserOwnedGrafeasNoteResponseArgs struct {
	// This field will contain the service account email address that this Attestor will use as the principal when querying Container Analysis. Attestor administrators must grant this service account the IAM role needed to read attestations from the note_reference in Container Analysis (`containeranalysis.notes.occurrences.viewer`). This email address is fixed for the lifetime of the Attestor, but callers should not make any other assumptions about the service account email; future versions may use an email based on a different naming pattern.
	DelegationServiceAccountEmail pulumi.StringInput `pulumi:"delegationServiceAccountEmail"`
	// Required. The Grafeas resource name of a Attestation.Authority Note, created by the user, in the format: `projects/*/notes/*`. This field may not be updated. An attestation by this attestor is stored as a Grafeas Attestation.Authority Occurrence that names a container image and that links to this Note. Grafeas is an external dependency.
	NoteReference pulumi.StringInput `pulumi:"noteReference"`
	// Optional. Public keys that verify attestations signed by this attestor. This field may be updated. If this field is non-empty, one of the specified public keys must verify that an attestation was signed by this attestor for the image specified in the admission request. If this field is empty, this attestor always returns that no valid attestations exist.
	PublicKeys AttestorPublicKeyResponseArrayInput `pulumi:"publicKeys"`
}

An user owned Grafeas note references a Grafeas Attestation.Authority Note created by the user.

func (UserOwnedGrafeasNoteResponseArgs) ElementType 

func (UserOwnedGrafeasNoteResponseArgs) ElementType() reflect.Type

func (UserOwnedGrafeasNoteResponseArgs) ToUserOwnedGrafeasNoteResponseOutput 

func (i UserOwnedGrafeasNoteResponseArgs) ToUserOwnedGrafeasNoteResponseOutput() UserOwnedGrafeasNoteResponseOutput

func (UserOwnedGrafeasNoteResponseArgs) ToUserOwnedGrafeasNoteResponseOutputWithContext 

func (i UserOwnedGrafeasNoteResponseArgs) ToUserOwnedGrafeasNoteResponseOutputWithContext(ctx context.Context) UserOwnedGrafeasNoteResponseOutput

func (UserOwnedGrafeasNoteResponseArgs) ToUserOwnedGrafeasNoteResponsePtrOutput 

func (i UserOwnedGrafeasNoteResponseArgs) ToUserOwnedGrafeasNoteResponsePtrOutput() UserOwnedGrafeasNoteResponsePtrOutput

func (UserOwnedGrafeasNoteResponseArgs) ToUserOwnedGrafeasNoteResponsePtrOutputWithContext 

func (i UserOwnedGrafeasNoteResponseArgs) ToUserOwnedGrafeasNoteResponsePtrOutputWithContext(ctx context.Context) UserOwnedGrafeasNoteResponsePtrOutput

type UserOwnedGrafeasNoteResponseInput 

type UserOwnedGrafeasNoteResponseInput interface {
	pulumi.Input

	ToUserOwnedGrafeasNoteResponseOutput() UserOwnedGrafeasNoteResponseOutput
	ToUserOwnedGrafeasNoteResponseOutputWithContext(context.Context) UserOwnedGrafeasNoteResponseOutput
}

UserOwnedGrafeasNoteResponseInput is an input type that accepts UserOwnedGrafeasNoteResponseArgs and UserOwnedGrafeasNoteResponseOutput values. You can construct a concrete instance of `UserOwnedGrafeasNoteResponseInput` via: 

UserOwnedGrafeasNoteResponseArgs{...}

type UserOwnedGrafeasNoteResponseOutput 

type UserOwnedGrafeasNoteResponseOutput struct{ *pulumi.OutputState }

An user owned Grafeas note references a Grafeas Attestation.Authority Note created by the user.

func (UserOwnedGrafeasNoteResponseOutput) DelegationServiceAccountEmail 

func (o UserOwnedGrafeasNoteResponseOutput) DelegationServiceAccountEmail() pulumi.StringOutput

This field will contain the service account email address that this Attestor will use as the principal when querying Container Analysis. Attestor administrators must grant this service account the IAM role needed to read attestations from the note_reference in Container Analysis (`containeranalysis.notes.occurrences.viewer`). This email address is fixed for the lifetime of the Attestor, but callers should not make any other assumptions about the service account email; future versions may use an email based on a different naming pattern.

func (UserOwnedGrafeasNoteResponseOutput) ElementType 

func (UserOwnedGrafeasNoteResponseOutput) ElementType() reflect.Type

func (UserOwnedGrafeasNoteResponseOutput) NoteReference 

func (o UserOwnedGrafeasNoteResponseOutput) NoteReference() pulumi.StringOutput

Required. The Grafeas resource name of a Attestation.Authority Note, created by the user, in the format: `projects/*/notes/*`. This field may not be updated. An attestation by this attestor is stored as a Grafeas Attestation.Authority Occurrence that names a container image and that links to this Note. Grafeas is an external dependency.

func (UserOwnedGrafeasNoteResponseOutput) PublicKeys 

func (o UserOwnedGrafeasNoteResponseOutput) PublicKeys() AttestorPublicKeyResponseArrayOutput

Optional. Public keys that verify attestations signed by this attestor. This field may be updated. If this field is non-empty, one of the specified public keys must verify that an attestation was signed by this attestor for the image specified in the admission request. If this field is empty, this attestor always returns that no valid attestations exist.

func (UserOwnedGrafeasNoteResponseOutput) ToUserOwnedGrafeasNoteResponseOutput 

func (o UserOwnedGrafeasNoteResponseOutput) ToUserOwnedGrafeasNoteResponseOutput() UserOwnedGrafeasNoteResponseOutput

func (UserOwnedGrafeasNoteResponseOutput) ToUserOwnedGrafeasNoteResponseOutputWithContext 

func (o UserOwnedGrafeasNoteResponseOutput) ToUserOwnedGrafeasNoteResponseOutputWithContext(ctx context.Context) UserOwnedGrafeasNoteResponseOutput

func (UserOwnedGrafeasNoteResponseOutput) ToUserOwnedGrafeasNoteResponsePtrOutput 

func (o UserOwnedGrafeasNoteResponseOutput) ToUserOwnedGrafeasNoteResponsePtrOutput() UserOwnedGrafeasNoteResponsePtrOutput

func (UserOwnedGrafeasNoteResponseOutput) ToUserOwnedGrafeasNoteResponsePtrOutputWithContext 

func (o UserOwnedGrafeasNoteResponseOutput) ToUserOwnedGrafeasNoteResponsePtrOutputWithContext(ctx context.Context) UserOwnedGrafeasNoteResponsePtrOutput

type UserOwnedGrafeasNoteResponsePtrInput 

type UserOwnedGrafeasNoteResponsePtrInput interface {
	pulumi.Input

	ToUserOwnedGrafeasNoteResponsePtrOutput() UserOwnedGrafeasNoteResponsePtrOutput
	ToUserOwnedGrafeasNoteResponsePtrOutputWithContext(context.Context) UserOwnedGrafeasNoteResponsePtrOutput
}

UserOwnedGrafeasNoteResponsePtrInput is an input type that accepts UserOwnedGrafeasNoteResponseArgs, UserOwnedGrafeasNoteResponsePtr and UserOwnedGrafeasNoteResponsePtrOutput values. You can construct a concrete instance of `UserOwnedGrafeasNoteResponsePtrInput` via: 

        UserOwnedGrafeasNoteResponseArgs{...}

or:

        nil

func UserOwnedGrafeasNoteResponsePtr 

func UserOwnedGrafeasNoteResponsePtr(v *UserOwnedGrafeasNoteResponseArgs) UserOwnedGrafeasNoteResponsePtrInput

type UserOwnedGrafeasNoteResponsePtrOutput 

type UserOwnedGrafeasNoteResponsePtrOutput struct{ *pulumi.OutputState }

func (UserOwnedGrafeasNoteResponsePtrOutput) DelegationServiceAccountEmail 

func (o UserOwnedGrafeasNoteResponsePtrOutput) DelegationServiceAccountEmail() pulumi.StringPtrOutput

This field will contain the service account email address that this Attestor will use as the principal when querying Container Analysis. Attestor administrators must grant this service account the IAM role needed to read attestations from the note_reference in Container Analysis (`containeranalysis.notes.occurrences.viewer`). This email address is fixed for the lifetime of the Attestor, but callers should not make any other assumptions about the service account email; future versions may use an email based on a different naming pattern.

func (UserOwnedGrafeasNoteResponsePtrOutput) Elem 

func (o UserOwnedGrafeasNoteResponsePtrOutput) Elem() UserOwnedGrafeasNoteResponseOutput

func (UserOwnedGrafeasNoteResponsePtrOutput) ElementType 

func (UserOwnedGrafeasNoteResponsePtrOutput) ElementType() reflect.Type

func (UserOwnedGrafeasNoteResponsePtrOutput) NoteReference 

func (o UserOwnedGrafeasNoteResponsePtrOutput) NoteReference() pulumi.StringPtrOutput

Required. The Grafeas resource name of a Attestation.Authority Note, created by the user, in the format: `projects/*/notes/*`. This field may not be updated. An attestation by this attestor is stored as a Grafeas Attestation.Authority Occurrence that names a container image and that links to this Note. Grafeas is an external dependency.

func (UserOwnedGrafeasNoteResponsePtrOutput) PublicKeys 

func (o UserOwnedGrafeasNoteResponsePtrOutput) PublicKeys() AttestorPublicKeyResponseArrayOutput

Optional. Public keys that verify attestations signed by this attestor. This field may be updated. If this field is non-empty, one of the specified public keys must verify that an attestation was signed by this attestor for the image specified in the admission request. If this field is empty, this attestor always returns that no valid attestations exist.

func (UserOwnedGrafeasNoteResponsePtrOutput) ToUserOwnedGrafeasNoteResponsePtrOutput 

func (o UserOwnedGrafeasNoteResponsePtrOutput) ToUserOwnedGrafeasNoteResponsePtrOutput() UserOwnedGrafeasNoteResponsePtrOutput

func (UserOwnedGrafeasNoteResponsePtrOutput) ToUserOwnedGrafeasNoteResponsePtrOutputWithContext 

func (o UserOwnedGrafeasNoteResponsePtrOutput) ToUserOwnedGrafeasNoteResponsePtrOutputWithContext(ctx context.Context) UserOwnedGrafeasNoteResponsePtrOutput

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.