binaryauthorization.v1 library Null safety
Binary Authorization API - v1
The management interface for Binary Authorization, a system providing policy control for images deployed to Kubernetes Engine clusters.
For more information, see cloud.google.com/binary-authorization/
Create an instance of BinaryAuthorizationApi to access these resources:
- An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. [...]
- An admission allowlist pattern exempts images from checks by admission rules.
- Occurrence that represents a single "attestation". [...]
- An attestor that attests to container image artifacts. [...]
- An attestor public key that will be used to verify attestations signed by this attestor.
- The management interface for Binary Authorization, a system providing policy control for images deployed to Kubernetes Engine clusters.
- A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. [...]
- Represents a textual expression in the Common Expression Language (CEL) syntax. [...]
- An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. [...]
- Response message for BinauthzManagementService.ListAttestors.
- A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-220.127.116.11 for details). [...]
- A policy for container image binary authorization.
Request message for
- Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to the trust anchors defined in policy (e.g. a Kritis policy). [...]
Request message for
Response message for
- An user owned Grafeas note references a Grafeas Attestation.Authority Note created by the user.
- Request message for ValidationHelperV1.ValidateAttestationOccurrence.
- Response message for ValidationHelperV1.ValidateAttestationOccurrence.