A policy specifies the attestors that must attest to a container image, before the project is allowed to deploy that image. There is at most one policy per project. All image admission requests are permitted if a project has no policy.
Gets the policy for this project. Returns a default policy if the project does not have one.
HTTP request
GET https://binaryauthorization.googleapis.com/v1beta1/{name=projects/*/policy}
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-05-30 UTC."],[[["This webpage outlines the process for retrieving a project's Binary Authorization policy, which dictates the attestors required for container image deployment."],["The HTTP request to retrieve the policy is a `GET` request to the specified URL, using gRPC Transcoding syntax."],["The request requires a `name` parameter in the path, formatted as `projects/*/policy`, to identify the target policy, and requires the `binaryauthorization.policy.get` IAM permission."],["The request body must be empty, and a successful response will contain the project's policy in a `Policy` object."],["Authorization requires the OAuth scope `https://www.googleapis.com/auth/cloud-platform` to be set for the request."]]],[]]
