Package com.google.protos.google.cloud.binaryauthorization.v1 (1.17.0)

A client to Binary Authorization API

The interfaces provided are listed below, along with usage samples.

BinauthzManagementServiceV1Client

Service Description: Google Cloud Management Service for Binary Authorization admission policies and attestation authorities.

This API implements a REST model with the following objects:

  • Policy
  • Attestor

Sample for BinauthzManagementServiceV1Client:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (BinauthzManagementServiceV1Client binauthzManagementServiceV1Client =
     BinauthzManagementServiceV1Client.create()) {
   PolicyName name = PolicyName.ofProjectName("[PROJECT]");
   Resources.Policy response = binauthzManagementServiceV1Client.getPolicy(name);
 }
 

SystemPolicyV1Client

Service Description: API for working with the system policy.

Sample for SystemPolicyV1Client:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (SystemPolicyV1Client systemPolicyV1Client = SystemPolicyV1Client.create()) {
   PolicyName name = PolicyName.ofLocationName("[LOCATION]");
   Resources.Policy response = systemPolicyV1Client.getSystemPolicy(name);
 }
 

ValidationHelperV1Client

Service Description: BinAuthz Attestor verification

Sample for ValidationHelperV1Client:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ValidationHelperV1Client validationHelperV1Client = ValidationHelperV1Client.create()) {
   Service.ValidateAttestationOccurrenceRequest request =
       Service.ValidateAttestationOccurrenceRequest.newBuilder()
           .setAttestor("attestor542920680")
           .setAttestation(AttestationOccurrence.newBuilder().build())
           .setOccurrenceNote("occurrenceNote1722072419")
           .setOccurrenceResourceUri("occurrenceResourceUri1001424877")
           .build();
   Service.ValidateAttestationOccurrenceResponse response =
       validationHelperV1Client.validateAttestationOccurrence(request);
 }
 

Classes

AttestorName

AttestorName.Builder

Builder for projects/{project}/attestors/{attestor}.

BinauthzManagementServiceV1Client

Service Description: Google Cloud Management Service for Binary Authorization admission policies and attestation authorities.

This API implements a REST model with the following objects:

  • Policy
  • Attestor

This class provides the ability to make remote calls to the backing service through method calls that map to API methods. Sample code to get started:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (BinauthzManagementServiceV1Client binauthzManagementServiceV1Client =
     BinauthzManagementServiceV1Client.create()) {
   PolicyName name = PolicyName.ofProjectName("[PROJECT]");
   Resources.Policy response = binauthzManagementServiceV1Client.getPolicy(name);
 }
 

Note: close() needs to be called on the BinauthzManagementServiceV1Client object to clean up resources such as threads. In the example above, try-with-resources is used, which automatically calls close().

The surface of this class includes several types of Java methods for each of the API's methods:

  1. A "flattened" method. With this type of method, the fields of the request type have been converted into function parameters. It may be the case that not all fields are available as parameters, and not every API method will have a flattened method entry point.
  2. A "request object" method. This type of method only takes one parameter, a request object, which must be constructed before the call. Not every API method will have a request object method.
  3. A "callable" method. This type of method takes no parameters and returns an immutable API callable object, which can be used to initiate calls to the service.

See the individual methods for example code.

Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parse method to extract the individual identifiers contained within names that are returned.

This class can be customized by passing in a custom instance of BinauthzManagementServiceV1Settings to create(). For example:

To customize credentials:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 BinauthzManagementServiceV1Settings binauthzManagementServiceV1Settings =
     BinauthzManagementServiceV1Settings.newBuilder()
         .setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
         .build();
 BinauthzManagementServiceV1Client binauthzManagementServiceV1Client =
     BinauthzManagementServiceV1Client.create(binauthzManagementServiceV1Settings);
 

To customize the endpoint:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 BinauthzManagementServiceV1Settings binauthzManagementServiceV1Settings =
     BinauthzManagementServiceV1Settings.newBuilder().setEndpoint(myEndpoint).build();
 BinauthzManagementServiceV1Client binauthzManagementServiceV1Client =
     BinauthzManagementServiceV1Client.create(binauthzManagementServiceV1Settings);
 

To use REST (HTTP1.1/JSON) transport (instead of gRPC) for sending and receiving requests over the wire:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 BinauthzManagementServiceV1Settings binauthzManagementServiceV1Settings =
     BinauthzManagementServiceV1Settings.newHttpJsonBuilder().build();
 BinauthzManagementServiceV1Client binauthzManagementServiceV1Client =
     BinauthzManagementServiceV1Client.create(binauthzManagementServiceV1Settings);
 

Please refer to the GitHub repository's samples for more quickstart code snippets.

BinauthzManagementServiceV1Client.ListAttestorsFixedSizeCollection

BinauthzManagementServiceV1Client.ListAttestorsPage

BinauthzManagementServiceV1Client.ListAttestorsPagedResponse

BinauthzManagementServiceV1Grpc

Google Cloud Management Service for Binary Authorization admission policies and attestation authorities. This API implements a REST model with the following objects:

  • Policy
  • Attestor

BinauthzManagementServiceV1Grpc.BinauthzManagementServiceV1BlockingStub

A stub to allow clients to do synchronous rpc calls to service BinauthzManagementServiceV1.

Google Cloud Management Service for Binary Authorization admission policies and attestation authorities. This API implements a REST model with the following objects:

  • Policy
  • Attestor

BinauthzManagementServiceV1Grpc.BinauthzManagementServiceV1FutureStub

A stub to allow clients to do ListenableFuture-style rpc calls to service BinauthzManagementServiceV1.

Google Cloud Management Service for Binary Authorization admission policies and attestation authorities. This API implements a REST model with the following objects:

  • Policy
  • Attestor

BinauthzManagementServiceV1Grpc.BinauthzManagementServiceV1ImplBase

Base class for the server implementation of the service BinauthzManagementServiceV1.

Google Cloud Management Service for Binary Authorization admission policies and attestation authorities. This API implements a REST model with the following objects:

  • Policy
  • Attestor

BinauthzManagementServiceV1Grpc.BinauthzManagementServiceV1Stub

A stub to allow clients to do asynchronous rpc calls to service BinauthzManagementServiceV1.

Google Cloud Management Service for Binary Authorization admission policies and attestation authorities. This API implements a REST model with the following objects:

  • Policy
  • Attestor

BinauthzManagementServiceV1Settings

Settings class to configure an instance of BinauthzManagementServiceV1Client.

The default instance has everything set to sensible defaults:

  • The default service address (binaryauthorization.googleapis.com) and default port (443) are used.
  • Credentials are acquired automatically through Application Default Credentials.
  • Retries are configured for idempotent methods but not for non-idempotent methods.

The builder of this class is recursive, so contained classes are themselves builders. When build() is called, the tree of builders is called to create the complete settings object.

For example, to set the total timeout of getPolicy to 30 seconds:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 BinauthzManagementServiceV1Settings.Builder binauthzManagementServiceV1SettingsBuilder =
     BinauthzManagementServiceV1Settings.newBuilder();
 binauthzManagementServiceV1SettingsBuilder
     .getPolicySettings()
     .setRetrySettings(
         binauthzManagementServiceV1SettingsBuilder
             .getPolicySettings()
             .getRetrySettings()
             .toBuilder()
             .setTotalTimeout(Duration.ofSeconds(30))
             .build());
 BinauthzManagementServiceV1Settings binauthzManagementServiceV1Settings =
     binauthzManagementServiceV1SettingsBuilder.build();
 

BinauthzManagementServiceV1Settings.Builder

Builder for BinauthzManagementServiceV1Settings.

PolicyName

PolicyName.Builder

Builder for projects/{project}/policy.

PolicyName.LocationBuilder

Builder for locations/{location}/policy.

ProjectName

ProjectName.Builder

Builder for projects/{project}.

Resources

Resources.AdmissionRule

An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.

Protobuf type google.cloud.binaryauthorization.v1.AdmissionRule

Resources.AdmissionRule.Builder

An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.

Protobuf type google.cloud.binaryauthorization.v1.AdmissionRule

Resources.AdmissionWhitelistPattern

An admission allowlist pattern exempts images from checks by admission rules.

Protobuf type google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern

Resources.AdmissionWhitelistPattern.Builder

An admission allowlist pattern exempts images from checks by admission rules.

Protobuf type google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern

Resources.Attestor

An attestor that attests to container image artifacts. An existing attestor cannot be modified except where indicated.

Protobuf type google.cloud.binaryauthorization.v1.Attestor

Resources.Attestor.Builder

An attestor that attests to container image artifacts. An existing attestor cannot be modified except where indicated.

Protobuf type google.cloud.binaryauthorization.v1.Attestor

Resources.AttestorPublicKey

An attestor public key that will be used to verify attestations signed by this attestor.

Protobuf type google.cloud.binaryauthorization.v1.AttestorPublicKey

Resources.AttestorPublicKey.Builder

An attestor public key that will be used to verify attestations signed by this attestor.

Protobuf type google.cloud.binaryauthorization.v1.AttestorPublicKey

Resources.PkixPublicKey

A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.

Protobuf type google.cloud.binaryauthorization.v1.PkixPublicKey

Resources.PkixPublicKey.Builder

A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.

Protobuf type google.cloud.binaryauthorization.v1.PkixPublicKey

Resources.Policy

A policy for container image binary authorization.

Protobuf type google.cloud.binaryauthorization.v1.Policy

Resources.Policy.Builder

A policy for container image binary authorization.

Protobuf type google.cloud.binaryauthorization.v1.Policy

Resources.UserOwnedGrafeasNote

An user owned Grafeas note references a Grafeas Attestation.Authority Note created by the user.

Protobuf type google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote

Resources.UserOwnedGrafeasNote.Builder

An user owned Grafeas note references a Grafeas Attestation.Authority Note created by the user.

Protobuf type google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote

Service

Service.CreateAttestorRequest

Request message for [BinauthzManagementService.CreateAttestor][].

Protobuf type google.cloud.binaryauthorization.v1.CreateAttestorRequest

Service.CreateAttestorRequest.Builder

Request message for [BinauthzManagementService.CreateAttestor][].

Protobuf type google.cloud.binaryauthorization.v1.CreateAttestorRequest

Service.DeleteAttestorRequest

Request message for [BinauthzManagementService.DeleteAttestor][].

Protobuf type google.cloud.binaryauthorization.v1.DeleteAttestorRequest

Service.DeleteAttestorRequest.Builder

Request message for [BinauthzManagementService.DeleteAttestor][].

Protobuf type google.cloud.binaryauthorization.v1.DeleteAttestorRequest

Service.GetAttestorRequest

Request message for [BinauthzManagementService.GetAttestor][].

Protobuf type google.cloud.binaryauthorization.v1.GetAttestorRequest

Service.GetAttestorRequest.Builder

Request message for [BinauthzManagementService.GetAttestor][].

Protobuf type google.cloud.binaryauthorization.v1.GetAttestorRequest

Service.GetPolicyRequest

Request message for [BinauthzManagementService.GetPolicy][].

Protobuf type google.cloud.binaryauthorization.v1.GetPolicyRequest

Service.GetPolicyRequest.Builder

Request message for [BinauthzManagementService.GetPolicy][].

Protobuf type google.cloud.binaryauthorization.v1.GetPolicyRequest

Service.GetSystemPolicyRequest

Request to read the current system policy.

Protobuf type google.cloud.binaryauthorization.v1.GetSystemPolicyRequest

Service.GetSystemPolicyRequest.Builder

Request to read the current system policy.

Protobuf type google.cloud.binaryauthorization.v1.GetSystemPolicyRequest

Service.ListAttestorsRequest

Request message for [BinauthzManagementService.ListAttestors][].

Protobuf type google.cloud.binaryauthorization.v1.ListAttestorsRequest

Service.ListAttestorsRequest.Builder

Request message for [BinauthzManagementService.ListAttestors][].

Protobuf type google.cloud.binaryauthorization.v1.ListAttestorsRequest

Service.ListAttestorsResponse

Response message for [BinauthzManagementService.ListAttestors][].

Protobuf type google.cloud.binaryauthorization.v1.ListAttestorsResponse

Service.ListAttestorsResponse.Builder

Response message for [BinauthzManagementService.ListAttestors][].

Protobuf type google.cloud.binaryauthorization.v1.ListAttestorsResponse

Service.UpdateAttestorRequest

Request message for [BinauthzManagementService.UpdateAttestor][].

Protobuf type google.cloud.binaryauthorization.v1.UpdateAttestorRequest

Service.UpdateAttestorRequest.Builder

Request message for [BinauthzManagementService.UpdateAttestor][].

Protobuf type google.cloud.binaryauthorization.v1.UpdateAttestorRequest

Service.UpdatePolicyRequest

Request message for [BinauthzManagementService.UpdatePolicy][].

Protobuf type google.cloud.binaryauthorization.v1.UpdatePolicyRequest

Service.UpdatePolicyRequest.Builder

Request message for [BinauthzManagementService.UpdatePolicy][].

Protobuf type google.cloud.binaryauthorization.v1.UpdatePolicyRequest

Service.ValidateAttestationOccurrenceRequest

Request message for ValidationHelperV1.ValidateAttestationOccurrence.

Protobuf type google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest

Service.ValidateAttestationOccurrenceRequest.Builder

Request message for ValidationHelperV1.ValidateAttestationOccurrence.

Protobuf type google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceRequest

Service.ValidateAttestationOccurrenceResponse

Response message for ValidationHelperV1.ValidateAttestationOccurrence.

Protobuf type google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse

Service.ValidateAttestationOccurrenceResponse.Builder

Response message for ValidationHelperV1.ValidateAttestationOccurrence.

Protobuf type google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse

SystemPolicyV1Client

Service Description: API for working with the system policy.

This class provides the ability to make remote calls to the backing service through method calls that map to API methods. Sample code to get started:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (SystemPolicyV1Client systemPolicyV1Client = SystemPolicyV1Client.create()) {
   PolicyName name = PolicyName.ofLocationName("[LOCATION]");
   Resources.Policy response = systemPolicyV1Client.getSystemPolicy(name);
 }
 

Note: close() needs to be called on the SystemPolicyV1Client object to clean up resources such as threads. In the example above, try-with-resources is used, which automatically calls close().

The surface of this class includes several types of Java methods for each of the API's methods:

  1. A "flattened" method. With this type of method, the fields of the request type have been converted into function parameters. It may be the case that not all fields are available as parameters, and not every API method will have a flattened method entry point.
  2. A "request object" method. This type of method only takes one parameter, a request object, which must be constructed before the call. Not every API method will have a request object method.
  3. A "callable" method. This type of method takes no parameters and returns an immutable API callable object, which can be used to initiate calls to the service.

See the individual methods for example code.

Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parse method to extract the individual identifiers contained within names that are returned.

This class can be customized by passing in a custom instance of SystemPolicyV1Settings to create(). For example:

To customize credentials:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 SystemPolicyV1Settings systemPolicyV1Settings =
     SystemPolicyV1Settings.newBuilder()
         .setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
         .build();
 SystemPolicyV1Client systemPolicyV1Client = SystemPolicyV1Client.create(systemPolicyV1Settings);
 

To customize the endpoint:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 SystemPolicyV1Settings systemPolicyV1Settings =
     SystemPolicyV1Settings.newBuilder().setEndpoint(myEndpoint).build();
 SystemPolicyV1Client systemPolicyV1Client = SystemPolicyV1Client.create(systemPolicyV1Settings);
 

To use REST (HTTP1.1/JSON) transport (instead of gRPC) for sending and receiving requests over the wire:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 SystemPolicyV1Settings systemPolicyV1Settings =
     SystemPolicyV1Settings.newHttpJsonBuilder().build();
 SystemPolicyV1Client systemPolicyV1Client = SystemPolicyV1Client.create(systemPolicyV1Settings);
 

Please refer to the GitHub repository's samples for more quickstart code snippets.

SystemPolicyV1Grpc

API for working with the system policy.

SystemPolicyV1Grpc.SystemPolicyV1BlockingStub

A stub to allow clients to do synchronous rpc calls to service SystemPolicyV1.

API for working with the system policy.

SystemPolicyV1Grpc.SystemPolicyV1FutureStub

A stub to allow clients to do ListenableFuture-style rpc calls to service SystemPolicyV1.

API for working with the system policy.

SystemPolicyV1Grpc.SystemPolicyV1ImplBase

Base class for the server implementation of the service SystemPolicyV1.

API for working with the system policy.

SystemPolicyV1Grpc.SystemPolicyV1Stub

A stub to allow clients to do asynchronous rpc calls to service SystemPolicyV1.

API for working with the system policy.

SystemPolicyV1Settings

Settings class to configure an instance of SystemPolicyV1Client.

The default instance has everything set to sensible defaults:

  • The default service address (binaryauthorization.googleapis.com) and default port (443) are used.
  • Credentials are acquired automatically through Application Default Credentials.
  • Retries are configured for idempotent methods but not for non-idempotent methods.

The builder of this class is recursive, so contained classes are themselves builders. When build() is called, the tree of builders is called to create the complete settings object.

For example, to set the total timeout of getSystemPolicy to 30 seconds:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 SystemPolicyV1Settings.Builder systemPolicyV1SettingsBuilder =
     SystemPolicyV1Settings.newBuilder();
 systemPolicyV1SettingsBuilder
     .getSystemPolicySettings()
     .setRetrySettings(
         systemPolicyV1SettingsBuilder
             .getSystemPolicySettings()
             .getRetrySettings()
             .toBuilder()
             .setTotalTimeout(Duration.ofSeconds(30))
             .build());
 SystemPolicyV1Settings systemPolicyV1Settings = systemPolicyV1SettingsBuilder.build();
 

SystemPolicyV1Settings.Builder

Builder for SystemPolicyV1Settings.

ValidationHelperV1Client

Service Description: BinAuthz Attestor verification

This class provides the ability to make remote calls to the backing service through method calls that map to API methods. Sample code to get started:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (ValidationHelperV1Client validationHelperV1Client = ValidationHelperV1Client.create()) {
   Service.ValidateAttestationOccurrenceRequest request =
       Service.ValidateAttestationOccurrenceRequest.newBuilder()
           .setAttestor("attestor542920680")
           .setAttestation(AttestationOccurrence.newBuilder().build())
           .setOccurrenceNote("occurrenceNote1722072419")
           .setOccurrenceResourceUri("occurrenceResourceUri1001424877")
           .build();
   Service.ValidateAttestationOccurrenceResponse response =
       validationHelperV1Client.validateAttestationOccurrence(request);
 }
 

Note: close() needs to be called on the ValidationHelperV1Client object to clean up resources such as threads. In the example above, try-with-resources is used, which automatically calls close().

The surface of this class includes several types of Java methods for each of the API's methods:

  1. A "flattened" method. With this type of method, the fields of the request type have been converted into function parameters. It may be the case that not all fields are available as parameters, and not every API method will have a flattened method entry point.
  2. A "request object" method. This type of method only takes one parameter, a request object, which must be constructed before the call. Not every API method will have a request object method.
  3. A "callable" method. This type of method takes no parameters and returns an immutable API callable object, which can be used to initiate calls to the service.

See the individual methods for example code.

Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parse method to extract the individual identifiers contained within names that are returned.

This class can be customized by passing in a custom instance of ValidationHelperV1Settings to create(). For example:

To customize credentials:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 ValidationHelperV1Settings validationHelperV1Settings =
     ValidationHelperV1Settings.newBuilder()
         .setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
         .build();
 ValidationHelperV1Client validationHelperV1Client =
     ValidationHelperV1Client.create(validationHelperV1Settings);
 

To customize the endpoint:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 ValidationHelperV1Settings validationHelperV1Settings =
     ValidationHelperV1Settings.newBuilder().setEndpoint(myEndpoint).build();
 ValidationHelperV1Client validationHelperV1Client =
     ValidationHelperV1Client.create(validationHelperV1Settings);
 

To use REST (HTTP1.1/JSON) transport (instead of gRPC) for sending and receiving requests over the wire:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 ValidationHelperV1Settings validationHelperV1Settings =
     ValidationHelperV1Settings.newHttpJsonBuilder().build();
 ValidationHelperV1Client validationHelperV1Client =
     ValidationHelperV1Client.create(validationHelperV1Settings);
 

Please refer to the GitHub repository's samples for more quickstart code snippets.

ValidationHelperV1Grpc

BinAuthz Attestor verification

ValidationHelperV1Grpc.ValidationHelperV1BlockingStub

A stub to allow clients to do synchronous rpc calls to service ValidationHelperV1.

BinAuthz Attestor verification

ValidationHelperV1Grpc.ValidationHelperV1FutureStub

A stub to allow clients to do ListenableFuture-style rpc calls to service ValidationHelperV1.

BinAuthz Attestor verification

ValidationHelperV1Grpc.ValidationHelperV1ImplBase

Base class for the server implementation of the service ValidationHelperV1.

BinAuthz Attestor verification

ValidationHelperV1Grpc.ValidationHelperV1Stub

A stub to allow clients to do asynchronous rpc calls to service ValidationHelperV1.

BinAuthz Attestor verification

ValidationHelperV1Settings

Settings class to configure an instance of ValidationHelperV1Client.

The default instance has everything set to sensible defaults:

  • The default service address (binaryauthorization.googleapis.com) and default port (443) are used.
  • Credentials are acquired automatically through Application Default Credentials.
  • Retries are configured for idempotent methods but not for non-idempotent methods.

The builder of this class is recursive, so contained classes are themselves builders. When build() is called, the tree of builders is called to create the complete settings object.

For example, to set the total timeout of validateAttestationOccurrence to 30 seconds:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 ValidationHelperV1Settings.Builder validationHelperV1SettingsBuilder =
     ValidationHelperV1Settings.newBuilder();
 validationHelperV1SettingsBuilder
     .validateAttestationOccurrenceSettings()
     .setRetrySettings(
         validationHelperV1SettingsBuilder
             .validateAttestationOccurrenceSettings()
             .getRetrySettings()
             .toBuilder()
             .setTotalTimeout(Duration.ofSeconds(30))
             .build());
 ValidationHelperV1Settings validationHelperV1Settings =
     validationHelperV1SettingsBuilder.build();
 

ValidationHelperV1Settings.Builder

Builder for ValidationHelperV1Settings.

Interfaces

BinauthzManagementServiceV1Grpc.AsyncService

Google Cloud Management Service for Binary Authorization admission policies and attestation authorities. This API implements a REST model with the following objects:

  • Policy
  • Attestor

Resources.AdmissionRuleOrBuilder

Resources.AdmissionWhitelistPatternOrBuilder

Resources.AttestorOrBuilder

Resources.AttestorPublicKeyOrBuilder

Resources.PkixPublicKeyOrBuilder

Resources.PolicyOrBuilder

Resources.UserOwnedGrafeasNoteOrBuilder

Service.CreateAttestorRequestOrBuilder

Service.DeleteAttestorRequestOrBuilder

Service.GetAttestorRequestOrBuilder

Service.GetPolicyRequestOrBuilder

Service.GetSystemPolicyRequestOrBuilder

Service.ListAttestorsRequestOrBuilder

Service.ListAttestorsResponseOrBuilder

Service.UpdateAttestorRequestOrBuilder

Service.UpdatePolicyRequestOrBuilder

Service.ValidateAttestationOccurrenceRequestOrBuilder

Service.ValidateAttestationOccurrenceResponseOrBuilder

SystemPolicyV1Grpc.AsyncService

API for working with the system policy.

ValidationHelperV1Grpc.AsyncService

BinAuthz Attestor verification

Enums

Resources.AdmissionRule.EnforcementMode

Defines the possible actions when a pod creation is denied by an admission rule.

Protobuf enum google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementMode

Resources.AdmissionRule.EvaluationMode

Protobuf enum google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationMode

Resources.Attestor.AttestorTypeCase

Resources.AttestorPublicKey.PublicKeyCase

Resources.PkixPublicKey.SignatureAlgorithm

Represents a signature algorithm and other information necessary to verify signatures with a given public key. This is based primarily on the public key types supported by Tink's PemKeyType, which is in turn based on KMS's supported signing algorithms. See https://cloud.google.com/kms/docs/algorithms. In the future, BinAuthz might support additional public key types independently of Tink and/or KMS.

Protobuf enum google.cloud.binaryauthorization.v1.PkixPublicKey.SignatureAlgorithm

Resources.Policy.GlobalPolicyEvaluationMode

Protobuf enum google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode

Service.ValidateAttestationOccurrenceResponse.Result

The enum returned in the "result" field.

Protobuf enum google.cloud.binaryauthorization.v1.ValidateAttestationOccurrenceResponse.Result