- 1.54.0 (latest)
- 1.53.0
- 1.52.0
- 1.51.0
- 1.50.0
- 1.48.0
- 1.47.0
- 1.46.0
- 1.45.0
- 1.44.0
- 1.43.0
- 1.42.0
- 1.41.0
- 1.40.0
- 1.39.0
- 1.38.0
- 1.36.0
- 1.35.0
- 1.34.0
- 1.33.0
- 1.32.0
- 1.31.0
- 1.30.0
- 1.29.0
- 1.28.0
- 1.27.0
- 1.26.0
- 1.23.0
- 1.22.0
- 1.21.0
- 1.20.0
- 1.19.0
- 1.18.0
- 1.17.0
- 1.16.0
- 1.15.0
- 1.14.0
- 1.13.0
- 1.12.0
- 1.11.0
- 1.10.0
- 1.9.0
- 1.8.0
- 1.7.0
- 1.6.0
- 1.5.0
- 1.4.0
- 1.3.0
- 1.0.6
The interfaces provided are listed below, along with usage samples.
BinauthzManagementServiceV1Beta1Client
Service Description: Google Cloud Management Service for Binary Authorization admission policies and attestation authorities.
This API implements a REST model with the following objects:
- Policy
- Attestor
Sample for BinauthzManagementServiceV1Beta1Client:
try (BinauthzManagementServiceV1Beta1Client binauthzManagementServiceV1Beta1Client =
BinauthzManagementServiceV1Beta1Client.create()) {
PolicyName name = PolicyName.ofProjectName("[PROJECT]");
Policy response = binauthzManagementServiceV1Beta1Client.getPolicy(name);
}
SystemPolicyV1Beta1Client
Service Description: API for working with the system policy.
Sample for SystemPolicyV1Beta1Client:
try (SystemPolicyV1Beta1Client systemPolicyV1Beta1Client = SystemPolicyV1Beta1Client.create()) {
PolicyName name = PolicyName.ofProjectName("[PROJECT]");
Policy response = systemPolicyV1Beta1Client.getSystemPolicy(name);
}
Classes
AdmissionRule
An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.
Protobuf type google.cloud.binaryauthorization.v1beta1.AdmissionRule
AdmissionRule.Builder
An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.
Protobuf type google.cloud.binaryauthorization.v1beta1.AdmissionRule
AdmissionWhitelistPattern
An admission allowlist pattern exempts images from checks by admission rules.
Protobuf type google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern
AdmissionWhitelistPattern.Builder
An admission allowlist pattern exempts images from checks by admission rules.
Protobuf type google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern
Attestor
An attestor that attests to container image artifacts. An existing attestor cannot be modified except where indicated.
Protobuf type google.cloud.binaryauthorization.v1beta1.Attestor
Attestor.Builder
An attestor that attests to container image artifacts. An existing attestor cannot be modified except where indicated.
Protobuf type google.cloud.binaryauthorization.v1beta1.Attestor
AttestorName
AttestorName.Builder
Builder for projects/{project}/attestors/{attestor}.
AttestorPublicKey
An attestor public key that will be used to verify attestations signed by this attestor.
Protobuf type google.cloud.binaryauthorization.v1beta1.AttestorPublicKey
AttestorPublicKey.Builder
An attestor public key that will be used to verify attestations signed by this attestor.
Protobuf type google.cloud.binaryauthorization.v1beta1.AttestorPublicKey
BinaryAuthorizationResourcesProto
BinaryAuthorizationServiceProto
BinauthzManagementServiceV1Beta1Client
Service Description: Google Cloud Management Service for Binary Authorization admission policies and attestation authorities.
This API implements a REST model with the following objects:
- Policy
- Attestor
This class provides the ability to make remote calls to the backing service through method calls that map to API methods. Sample code to get started:
try (BinauthzManagementServiceV1Beta1Client binauthzManagementServiceV1Beta1Client =
BinauthzManagementServiceV1Beta1Client.create()) {
PolicyName name = PolicyName.ofProjectName("[PROJECT]");
Policy response = binauthzManagementServiceV1Beta1Client.getPolicy(name);
}
Note: close() needs to be called on the BinauthzManagementServiceV1Beta1Client object to clean up resources such as threads. In the example above, try-with-resources is used, which automatically calls close().
The surface of this class includes several types of Java methods for each of the API's methods:
- A "flattened" method. With this type of method, the fields of the request type have been converted into function parameters. It may be the case that not all fields are available as parameters, and not every API method will have a flattened method entry point.
- A "request object" method. This type of method only takes one parameter, a request object, which must be constructed before the call. Not every API method will have a request object method.
- A "callable" method. This type of method takes no parameters and returns an immutable API callable object, which can be used to initiate calls to the service.
See the individual methods for example code.
Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parse method to extract the individual identifiers contained within names that are returned.
This class can be customized by passing in a custom instance of BinauthzManagementServiceV1Beta1Settings to create(). For example:
To customize credentials:
BinauthzManagementServiceV1Beta1Settings binauthzManagementServiceV1Beta1Settings =
BinauthzManagementServiceV1Beta1Settings.newBuilder()
.setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
.build();
BinauthzManagementServiceV1Beta1Client binauthzManagementServiceV1Beta1Client =
BinauthzManagementServiceV1Beta1Client.create(binauthzManagementServiceV1Beta1Settings);
To customize the endpoint:
BinauthzManagementServiceV1Beta1Settings binauthzManagementServiceV1Beta1Settings =
BinauthzManagementServiceV1Beta1Settings.newBuilder().setEndpoint(myEndpoint).build();
BinauthzManagementServiceV1Beta1Client binauthzManagementServiceV1Beta1Client =
BinauthzManagementServiceV1Beta1Client.create(binauthzManagementServiceV1Beta1Settings);
Please refer to the GitHub repository's samples for more quickstart code snippets.
BinauthzManagementServiceV1Beta1Client.ListAttestorsFixedSizeCollection
BinauthzManagementServiceV1Beta1Client.ListAttestorsPage
BinauthzManagementServiceV1Beta1Client.ListAttestorsPagedResponse
BinauthzManagementServiceV1Beta1Grpc
Google Cloud Management Service for Binary Authorization admission policies and attestation authorities. This API implements a REST model with the following objects:
- Policy
- Attestor
BinauthzManagementServiceV1Beta1Grpc.BinauthzManagementServiceV1Beta1BlockingStub
Google Cloud Management Service for Binary Authorization admission policies and attestation authorities. This API implements a REST model with the following objects:
- Policy
- Attestor
BinauthzManagementServiceV1Beta1Grpc.BinauthzManagementServiceV1Beta1FutureStub
Google Cloud Management Service for Binary Authorization admission policies and attestation authorities. This API implements a REST model with the following objects:
- Policy
- Attestor
BinauthzManagementServiceV1Beta1Grpc.BinauthzManagementServiceV1Beta1ImplBase
Google Cloud Management Service for Binary Authorization admission policies and attestation authorities. This API implements a REST model with the following objects:
- Policy
- Attestor
BinauthzManagementServiceV1Beta1Grpc.BinauthzManagementServiceV1Beta1Stub
Google Cloud Management Service for Binary Authorization admission policies and attestation authorities. This API implements a REST model with the following objects:
- Policy
- Attestor
BinauthzManagementServiceV1Beta1Settings
Settings class to configure an instance of BinauthzManagementServiceV1Beta1Client.
The default instance has everything set to sensible defaults:
- The default service address (binaryauthorization.googleapis.com) and default port (443) are used.
- Credentials are acquired automatically through Application Default Credentials.
- Retries are configured for idempotent methods but not for non-idempotent methods.
The builder of this class is recursive, so contained classes are themselves builders. When build() is called, the tree of builders is called to create the complete settings object.
For example, to set the total timeout of getPolicy to 30 seconds:
BinauthzManagementServiceV1Beta1Settings.Builder
binauthzManagementServiceV1Beta1SettingsBuilder =
BinauthzManagementServiceV1Beta1Settings.newBuilder();
binauthzManagementServiceV1Beta1SettingsBuilder
.getPolicySettings()
.setRetrySettings(
binauthzManagementServiceV1Beta1SettingsBuilder
.getPolicySettings()
.getRetrySettings()
.toBuilder()
.setTotalTimeout(Duration.ofSeconds(30))
.build());
BinauthzManagementServiceV1Beta1Settings binauthzManagementServiceV1Beta1Settings =
binauthzManagementServiceV1Beta1SettingsBuilder.build();
BinauthzManagementServiceV1Beta1Settings.Builder
Builder for BinauthzManagementServiceV1Beta1Settings.
ContinuousValidationEvent
Represents an auditing event from Continuous Validation.
Protobuf type google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent
ContinuousValidationEvent.Builder
Represents an auditing event from Continuous Validation.
Protobuf type google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent
ContinuousValidationEvent.ContinuousValidationPodEvent
An auditing event for one Pod.
Protobuf type
google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent
ContinuousValidationEvent.ContinuousValidationPodEvent.Builder
An auditing event for one Pod.
Protobuf type
google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent
ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails
Container image with auditing details.
Protobuf type
google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails
ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.Builder
Container image with auditing details.
Protobuf type
google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails
ContinuousValidationEvent.UnsupportedPolicyEvent
An event describing that the project policy is unsupported by CV.
Protobuf type
google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.UnsupportedPolicyEvent
ContinuousValidationEvent.UnsupportedPolicyEvent.Builder
An event describing that the project policy is unsupported by CV.
Protobuf type
google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.UnsupportedPolicyEvent
ContinuousValidationLoggingProto
CreateAttestorRequest
Request message for [BinauthzManagementService.CreateAttestor][].
Protobuf type google.cloud.binaryauthorization.v1beta1.CreateAttestorRequest
CreateAttestorRequest.Builder
Request message for [BinauthzManagementService.CreateAttestor][].
Protobuf type google.cloud.binaryauthorization.v1beta1.CreateAttestorRequest
DeleteAttestorRequest
Request message for [BinauthzManagementService.DeleteAttestor][].
Protobuf type google.cloud.binaryauthorization.v1beta1.DeleteAttestorRequest
DeleteAttestorRequest.Builder
Request message for [BinauthzManagementService.DeleteAttestor][].
Protobuf type google.cloud.binaryauthorization.v1beta1.DeleteAttestorRequest
GetAttestorRequest
Request message for [BinauthzManagementService.GetAttestor][].
Protobuf type google.cloud.binaryauthorization.v1beta1.GetAttestorRequest
GetAttestorRequest.Builder
Request message for [BinauthzManagementService.GetAttestor][].
Protobuf type google.cloud.binaryauthorization.v1beta1.GetAttestorRequest
GetPolicyRequest
Request message for [BinauthzManagementService.GetPolicy][].
Protobuf type google.cloud.binaryauthorization.v1beta1.GetPolicyRequest
GetPolicyRequest.Builder
Request message for [BinauthzManagementService.GetPolicy][].
Protobuf type google.cloud.binaryauthorization.v1beta1.GetPolicyRequest
GetSystemPolicyRequest
Request to read the current system policy.
Protobuf type google.cloud.binaryauthorization.v1beta1.GetSystemPolicyRequest
GetSystemPolicyRequest.Builder
Request to read the current system policy.
Protobuf type google.cloud.binaryauthorization.v1beta1.GetSystemPolicyRequest
ListAttestorsRequest
Request message for [BinauthzManagementService.ListAttestors][].
Protobuf type google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest
ListAttestorsRequest.Builder
Request message for [BinauthzManagementService.ListAttestors][].
Protobuf type google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest
ListAttestorsResponse
Response message for [BinauthzManagementService.ListAttestors][].
Protobuf type google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse
ListAttestorsResponse.Builder
Response message for [BinauthzManagementService.ListAttestors][].
Protobuf type google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse
PkixPublicKey
A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.
Protobuf type google.cloud.binaryauthorization.v1beta1.PkixPublicKey
PkixPublicKey.Builder
A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.
Protobuf type google.cloud.binaryauthorization.v1beta1.PkixPublicKey
Policy
A policy for Binary Authorization.
Protobuf type google.cloud.binaryauthorization.v1beta1.Policy
Policy.Builder
A policy for Binary Authorization.
Protobuf type google.cloud.binaryauthorization.v1beta1.Policy
PolicyName
PolicyName.Builder
Builder for projects/{project}/policy.
PolicyName.LocationBuilder
Builder for locations/{location}/policy.
ProjectName
ProjectName.Builder
Builder for projects/{project}.
SystemPolicyV1Beta1Client
Service Description: API for working with the system policy.
This class provides the ability to make remote calls to the backing service through method calls that map to API methods. Sample code to get started:
try (SystemPolicyV1Beta1Client systemPolicyV1Beta1Client = SystemPolicyV1Beta1Client.create()) {
PolicyName name = PolicyName.ofProjectName("[PROJECT]");
Policy response = systemPolicyV1Beta1Client.getSystemPolicy(name);
}
Note: close() needs to be called on the SystemPolicyV1Beta1Client object to clean up resources such as threads. In the example above, try-with-resources is used, which automatically calls close().
The surface of this class includes several types of Java methods for each of the API's methods:
- A "flattened" method. With this type of method, the fields of the request type have been converted into function parameters. It may be the case that not all fields are available as parameters, and not every API method will have a flattened method entry point.
- A "request object" method. This type of method only takes one parameter, a request object, which must be constructed before the call. Not every API method will have a request object method.
- A "callable" method. This type of method takes no parameters and returns an immutable API callable object, which can be used to initiate calls to the service.
See the individual methods for example code.
Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parse method to extract the individual identifiers contained within names that are returned.
This class can be customized by passing in a custom instance of SystemPolicyV1Beta1Settings to create(). For example:
To customize credentials:
SystemPolicyV1Beta1Settings systemPolicyV1Beta1Settings =
SystemPolicyV1Beta1Settings.newBuilder()
.setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
.build();
SystemPolicyV1Beta1Client systemPolicyV1Beta1Client =
SystemPolicyV1Beta1Client.create(systemPolicyV1Beta1Settings);
To customize the endpoint:
SystemPolicyV1Beta1Settings systemPolicyV1Beta1Settings =
SystemPolicyV1Beta1Settings.newBuilder().setEndpoint(myEndpoint).build();
SystemPolicyV1Beta1Client systemPolicyV1Beta1Client =
SystemPolicyV1Beta1Client.create(systemPolicyV1Beta1Settings);
Please refer to the GitHub repository's samples for more quickstart code snippets.
SystemPolicyV1Beta1Grpc
API for working with the system policy.
SystemPolicyV1Beta1Grpc.SystemPolicyV1Beta1BlockingStub
API for working with the system policy.
SystemPolicyV1Beta1Grpc.SystemPolicyV1Beta1FutureStub
API for working with the system policy.
SystemPolicyV1Beta1Grpc.SystemPolicyV1Beta1ImplBase
API for working with the system policy.
SystemPolicyV1Beta1Grpc.SystemPolicyV1Beta1Stub
API for working with the system policy.
SystemPolicyV1Beta1Settings
Settings class to configure an instance of SystemPolicyV1Beta1Client.
The default instance has everything set to sensible defaults:
- The default service address (binaryauthorization.googleapis.com) and default port (443) are used.
- Credentials are acquired automatically through Application Default Credentials.
- Retries are configured for idempotent methods but not for non-idempotent methods.
The builder of this class is recursive, so contained classes are themselves builders. When build() is called, the tree of builders is called to create the complete settings object.
For example, to set the total timeout of getSystemPolicy to 30 seconds:
SystemPolicyV1Beta1Settings.Builder systemPolicyV1Beta1SettingsBuilder =
SystemPolicyV1Beta1Settings.newBuilder();
systemPolicyV1Beta1SettingsBuilder
.getSystemPolicySettings()
.setRetrySettings(
systemPolicyV1Beta1SettingsBuilder
.getSystemPolicySettings()
.getRetrySettings()
.toBuilder()
.setTotalTimeout(Duration.ofSeconds(30))
.build());
SystemPolicyV1Beta1Settings systemPolicyV1Beta1Settings =
systemPolicyV1Beta1SettingsBuilder.build();
SystemPolicyV1Beta1Settings.Builder
Builder for SystemPolicyV1Beta1Settings.
UpdateAttestorRequest
Request message for [BinauthzManagementService.UpdateAttestor][].
Protobuf type google.cloud.binaryauthorization.v1beta1.UpdateAttestorRequest
UpdateAttestorRequest.Builder
Request message for [BinauthzManagementService.UpdateAttestor][].
Protobuf type google.cloud.binaryauthorization.v1beta1.UpdateAttestorRequest
UpdatePolicyRequest
Request message for [BinauthzManagementService.UpdatePolicy][].
Protobuf type google.cloud.binaryauthorization.v1beta1.UpdatePolicyRequest
UpdatePolicyRequest.Builder
Request message for [BinauthzManagementService.UpdatePolicy][].
Protobuf type google.cloud.binaryauthorization.v1beta1.UpdatePolicyRequest
UserOwnedDrydockNote
An user owned drydock note references a Drydock ATTESTATION_AUTHORITY Note created by the user.
Protobuf type google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote
UserOwnedDrydockNote.Builder
An user owned drydock note references a Drydock ATTESTATION_AUTHORITY Note created by the user.
Protobuf type google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote
Interfaces
AdmissionRuleOrBuilder
AdmissionWhitelistPatternOrBuilder
AttestorOrBuilder
AttestorPublicKeyOrBuilder
ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetailsOrBuilder
ContinuousValidationEvent.ContinuousValidationPodEventOrBuilder
ContinuousValidationEvent.UnsupportedPolicyEventOrBuilder
ContinuousValidationEventOrBuilder
CreateAttestorRequestOrBuilder
DeleteAttestorRequestOrBuilder
GetAttestorRequestOrBuilder
GetPolicyRequestOrBuilder
GetSystemPolicyRequestOrBuilder
ListAttestorsRequestOrBuilder
ListAttestorsResponseOrBuilder
PkixPublicKeyOrBuilder
PolicyOrBuilder
UpdateAttestorRequestOrBuilder
UpdatePolicyRequestOrBuilder
UserOwnedDrydockNoteOrBuilder
Enums
AdmissionRule.EnforcementMode
Defines the possible actions when a pod creation is denied by an admission rule.
Protobuf enum google.cloud.binaryauthorization.v1beta1.AdmissionRule.EnforcementMode
AdmissionRule.EvaluationMode
Protobuf enum google.cloud.binaryauthorization.v1beta1.AdmissionRule.EvaluationMode
Attestor.AttestorTypeCase
AttestorPublicKey.PublicKeyCase
ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult
Result of the audit.
Protobuf enum
google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult
ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict
Audit time policy conformance verdict.
Protobuf enum
google.cloud.binaryauthorization.v1beta1.ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict
ContinuousValidationEvent.EventTypeCase
PkixPublicKey.SignatureAlgorithm
Represents a signature algorithm and other information necessary to verify signatures with a given public key. This is based primarily on the public key types supported by Tink's PemKeyType, which is in turn based on KMS's supported signing algorithms. See https://cloud.google.com/kms/docs/algorithms. In the future, BinAuthz might support additional public key types independently of Tink and/or KMS.
Protobuf enum google.cloud.binaryauthorization.v1beta1.PkixPublicKey.SignatureAlgorithm
Policy.GlobalPolicyEvaluationMode
Protobuf enum
google.cloud.binaryauthorization.v1beta1.Policy.GlobalPolicyEvaluationMode