Google Cloud Management Service for Binary Authorization admission policies and attestation authorities.
This API implements a REST model with the following objects:
Equality
Instances of this class created via copy-construction or copy-assignment always compare equal. Instances created with equal std::shared_ptr<*Connection>
objects compare equal. Objects that compare equal share the same underlying resources.
Performance
Creating a new instance of this class is a relatively expensive operation, new objects establish new connections to the service. In contrast, copy-construction, move-construction, and the corresponding assignment operations are relatively efficient as the copies share all underlying resources.
Thread Safety
Concurrent access to different instances of this class, even if they compare equal, is guaranteed to work. Two or more threads operating on the same instance of this class is not guaranteed to work. Since copy-construction and move-construction is a relatively efficient operation, consider using such a copy when using this class from multiple threads.
Constructors
BinauthzManagementServiceV1Client(BinauthzManagementServiceV1Client const &)
Copy and move support
Parameter | |
---|---|
Name | Description |
|
BinauthzManagementServiceV1Client const &
|
BinauthzManagementServiceV1Client(BinauthzManagementServiceV1Client &&)
Copy and move support
Parameter | |
---|---|
Name | Description |
|
BinauthzManagementServiceV1Client &&
|
BinauthzManagementServiceV1Client(std::shared_ptr< BinauthzManagementServiceV1Connection >, Options)
Parameters | |
---|---|
Name | Description |
connection |
std::shared_ptr< BinauthzManagementServiceV1Connection >
|
opts |
Options
|
Operators
operator=(BinauthzManagementServiceV1Client const &)
Copy and move support
Parameter | |
---|---|
Name | Description |
|
BinauthzManagementServiceV1Client const &
|
Returns | |
---|---|
Type | Description |
BinauthzManagementServiceV1Client & |
operator=(BinauthzManagementServiceV1Client &&)
Copy and move support
Parameter | |
---|---|
Name | Description |
|
BinauthzManagementServiceV1Client &&
|
Returns | |
---|---|
Type | Description |
BinauthzManagementServiceV1Client & |
Functions
GetPolicy(std::string const &, Options)
A policy specifies the attestors that must attest to a container image, before the project is allowed to deploy that image.
There is at most one policy per project. All image admission requests are permitted if a project has no policy.
Gets the policy for this project. Returns a default policy if the project does not have one.
Parameters | |
---|---|
Name | Description |
name |
std::string const &
Required. The resource name of the policy to retrieve, in the format |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::cloud::binaryauthorization::v1::Policy > |
the result of the RPC. The response message type (google.cloud.binaryauthorization.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
GetPolicy(google::cloud::binaryauthorization::v1::GetPolicyRequest const &, Options)
A policy specifies the attestors that must attest to a container image, before the project is allowed to deploy that image.
There is at most one policy per project. All image admission requests are permitted if a project has no policy.
Gets the policy for this project. Returns a default policy if the project does not have one.
Parameters | |
---|---|
Name | Description |
request |
google::cloud::binaryauthorization::v1::GetPolicyRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::cloud::binaryauthorization::v1::Policy > |
the result of the RPC. The response message type (google.cloud.binaryauthorization.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
UpdatePolicy(google::cloud::binaryauthorization::v1::Policy const &, Options)
A policy is always updated as a whole, to avoid race conditions with concurrent policy enforcement (or management!) requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed.
Parameters | |
---|---|
Name | Description |
policy |
google::cloud::binaryauthorization::v1::Policy const &
Required. A new or updated policy value. The service will overwrite the policy name field with the resource name in the request URL, in the format |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::cloud::binaryauthorization::v1::Policy > |
the result of the RPC. The response message type (google.cloud.binaryauthorization.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
UpdatePolicy(google::cloud::binaryauthorization::v1::UpdatePolicyRequest const &, Options)
A policy is always updated as a whole, to avoid race conditions with concurrent policy enforcement (or management!) requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed.
Parameters | |
---|---|
Name | Description |
request |
google::cloud::binaryauthorization::v1::UpdatePolicyRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::cloud::binaryauthorization::v1::Policy > |
the result of the RPC. The response message type (google.cloud.binaryauthorization.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
CreateAttestor(std::string const &, std::string const &, google::cloud::binaryauthorization::v1::Attestor const &, Options)
Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the attestor already exists.
Parameters | |
---|---|
Name | Description |
parent |
std::string const &
Required. The parent of this attestor. |
attestor_id |
std::string const &
Required. The attestors ID. |
attestor |
google::cloud::binaryauthorization::v1::Attestor const &
Required. The initial attestor value. The service will overwrite the attestor name field with the resource name, in the format |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::cloud::binaryauthorization::v1::Attestor > |
the result of the RPC. The response message type (google.cloud.binaryauthorization.v1.Attestor) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
CreateAttestor(google::cloud::binaryauthorization::v1::CreateAttestorRequest const &, Options)
Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the attestor already exists.
Parameters | |
---|---|
Name | Description |
request |
google::cloud::binaryauthorization::v1::CreateAttestorRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::cloud::binaryauthorization::v1::Attestor > |
the result of the RPC. The response message type (google.cloud.binaryauthorization.v1.Attestor) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
GetAttestor(std::string const &, Options)
Gets an attestor.
Returns NOT_FOUND if the attestor does not exist.
Parameters | |
---|---|
Name | Description |
name |
std::string const &
Required. The name of the attestor to retrieve, in the format |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::cloud::binaryauthorization::v1::Attestor > |
the result of the RPC. The response message type (google.cloud.binaryauthorization.v1.Attestor) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
GetAttestor(google::cloud::binaryauthorization::v1::GetAttestorRequest const &, Options)
Gets an attestor.
Returns NOT_FOUND if the attestor does not exist.
Parameters | |
---|---|
Name | Description |
request |
google::cloud::binaryauthorization::v1::GetAttestorRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::cloud::binaryauthorization::v1::Attestor > |
the result of the RPC. The response message type (google.cloud.binaryauthorization.v1.Attestor) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
UpdateAttestor(google::cloud::binaryauthorization::v1::Attestor const &, Options)
Updates an attestor.
Returns NOT_FOUND if the attestor does not exist.
Parameters | |
---|---|
Name | Description |
attestor |
google::cloud::binaryauthorization::v1::Attestor const &
Required. The updated attestor value. The service will overwrite the attestor name field with the resource name in the request URL, in the format |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::cloud::binaryauthorization::v1::Attestor > |
the result of the RPC. The response message type (google.cloud.binaryauthorization.v1.Attestor) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
UpdateAttestor(google::cloud::binaryauthorization::v1::UpdateAttestorRequest const &, Options)
Updates an attestor.
Returns NOT_FOUND if the attestor does not exist.
Parameters | |
---|---|
Name | Description |
request |
google::cloud::binaryauthorization::v1::UpdateAttestorRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StatusOr< google::cloud::binaryauthorization::v1::Attestor > |
the result of the RPC. The response message type (google.cloud.binaryauthorization.v1.Attestor) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the |
ListAttestors(std::string const &, Options)
Lists attestors.
Returns INVALID_ARGUMENT if the project does not exist.
Parameters | |
---|---|
Name | Description |
parent |
std::string const &
Required. The resource name of the project associated with the attestors, in the format |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StreamRange< google::cloud::binaryauthorization::v1::Attestor > |
a StreamRange to iterate of the results. See the documentation of this type for details. In brief, this class has |
ListAttestors(google::cloud::binaryauthorization::v1::ListAttestorsRequest, Options)
Lists attestors.
Returns INVALID_ARGUMENT if the project does not exist.
Parameters | |
---|---|
Name | Description |
request |
google::cloud::binaryauthorization::v1::ListAttestorsRequest
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
StreamRange< google::cloud::binaryauthorization::v1::Attestor > |
a StreamRange to iterate of the results. See the documentation of this type for details. In brief, this class has |
DeleteAttestor(std::string const &, Options)
Deletes an attestor.
Returns NOT_FOUND if the attestor does not exist.
Parameters | |
---|---|
Name | Description |
name |
std::string const &
Required. The name of the attestors to delete, in the format |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
Status |
a |
DeleteAttestor(google::cloud::binaryauthorization::v1::DeleteAttestorRequest const &, Options)
Deletes an attestor.
Returns NOT_FOUND if the attestor does not exist.
Parameters | |
---|---|
Name | Description |
request |
google::cloud::binaryauthorization::v1::DeleteAttestorRequest const &
Unary RPCs, such as the one wrapped by this function, receive a single |
opts |
Options
Optional. Override the class-level options, such as retry and backoff policies. |
Returns | |
---|---|
Type | Description |
Status |
a |