Method: projects.attestors.validateAttestationOccurrence

Returns whether the given Attestation for the given image URI was signed by the given Attestor

HTTP request

POST https://binaryauthorization.googleapis.com/v1alpha2/{attestor=projects/*/attestors/*}:validateAttestationOccurrence

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters
attestor

string

Required. The resource name of the Attestor of the [occurrence][grafeas.v1.Occurrence], in the format projects/*/attestors/*.

Authorization requires the following IAM permission on the specified resource attestor:

  • binaryauthorization.attestors.verifyImageAttested

Request body

The request body contains data with the following structure:

JSON representation
{
  "attestation": {
    object (AttestationOccurrence)
  },
  "occurrenceNote": string,
  "occurrenceResourceUri": string
}
Fields
attestation

object (AttestationOccurrence)

Required. An AttestationOccurrence to be checked that it can be verified by the Attestor. It does not have to be an existing entity in Container Analysis. It must otherwise be a valid AttestationOccurrence.

occurrenceNote

string

Required. The resource name of the [Note][grafeas.v1.Note] to which the containing [Occurrence][grafeas.v1.Occurrence] is associated.

occurrenceResourceUri

string

Required. The URI of the artifact (e.g. container image) that is the subject of the containing [Occurrence][grafeas.v1.Occurrence].

Response body

If successful, the response body contains an instance of ValidateAttestationOccurrenceResponse.

Authorization scopes

Requires the following OAuth scope:

  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.