GoogleBinaryAuthorizationPolicy class final
Factory wrapper for google_binary_authorization_policy.
A policy for container image binary authorization.
Project-wide Binary Authorization policy controlling container image admission for GKE, Cloud Run, and other deploy targets.
Enable binaryauthorization.googleapis.com via GoogleProjectService
before apply. Pair with GoogleBinaryAuthorizationAttestor and reference
attestor names in default_admission_rule / cluster_admission_rules.
Example:
GoogleBinaryAuthorizationPolicy(
localName: 'project_policy',
defaultAdmissionRule: BinaryAuthorizationPolicyDefaultAdmissionRule(
evaluationMode: TfArg.literal(
BinaryAuthorizationPolicyEvaluationMode.alwaysAllow,
),
enforcementMode: TfArg.literal(
BinaryAuthorizationPolicyEnforcementMode.enforced,
),
),
);
Constructors
-
GoogleBinaryAuthorizationPolicy({required String localName, TfArg<
String> ? deletionPolicy, TfArg<String> ? description, TfArg<String> ? globalPolicyEvaluationMode, TfArg<String> ? project, TfArg<List< ? admissionWhitelistPatterns, TfArg<Map< >String, dynamic> >List< ? clusterAdmissionRules, required TfArg<Map< >String, dynamic> >Map< defaultAdmissionRule, LifecycleOptions? lifecycle, List<String, dynamic> >DependencyTarget> ? dependsOn})
Properties
-
argMap
→ Map<
String, TfArg?> -
Argument-name → TfArg map. Keys are snake_case (Terraform JSON name).
Synth emits these keys directly; the factory is responsible for the
camelCase → snake_case translation at construction time.
finalinherited
-
dependsOn
→ List<
DependencyTarget> ? -
Optional
depends_on = [...]. Each entry is aDependencyTarget— either a wholesale resource (rendered as bare address) or an explicitTfRef(rendered viabareAddress).finalinherited - hashCode → int
-
The hash code for this object.
no setterinherited
-
id
→ TfRef<
String> -
Reference to
idattribute.no setter - kind → ResourceKind
-
Always
ResourceKind.resource. Overridden byData.no setterinherited - lifecycle → LifecycleOptions?
-
Optional
lifecycle { ... }block.finalinherited - localName → String
-
User-supplied local name within a Stack.
finalinherited
- runtimeType → Type
-
A representation of the runtime type of the object.
no setterinherited
-
sensitiveFields
→ Set<
String> -
Field names that are
@Sensitiveper the IR-derived per-resource constant. Curated factories override with a baked-instatic const Set<String>(file-private in v0.5+).no setter - supportsDeletionProtection → bool
-
Capability flag: true when this resource's underlying Terraform
schema has a
deletion_protectionboolean attribute that the synth-time devMode flow can flip tofalse. Defaults to false; the codegen emitter overrides this totruefor wrappers whose schema includes the attribute.no setterinherited - terraformType → String
-
Terraform resource type, e.g.
google_pubsub_topic.finalinherited - tfAddress → String
-
no setterinherited
Methods
-
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a nonexistent method or property is accessed.
inherited
-
toString(
) → String -
A string representation of this object.
inherited
Operators
-
operator ==(
Object other) → bool -
The equality operator.
inherited