Class Resources.AdmissionRule.Builder (1.36.0)

public static final class Resources.AdmissionRule.Builder extends GeneratedMessageV3.Builder<Resources.AdmissionRule.Builder> implements Resources.AdmissionRuleOrBuilder

An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied.

Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.

Protobuf type google.cloud.binaryauthorization.v1.AdmissionRule

Static Methods

getDescriptor()

public static final Descriptors.Descriptor getDescriptor()
Returns
TypeDescription
Descriptor

Methods

addAllRequireAttestationsBy(Iterable<String> values)

public Resources.AdmissionRule.Builder addAllRequireAttestationsBy(Iterable<String> values)

Optional. The resource names of the attestors that must attest to a container image, in the format projects/*/attestors/*. Each attestor must exist before a policy can reference it. To add an attestor to a policy the principal issuing the policy change request must be able to read the attestor resource.

Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty.

repeated string require_attestations_by = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
valuesIterable<String>

The requireAttestationsBy to add.

Returns
TypeDescription
Resources.AdmissionRule.Builder

This builder for chaining.

addRepeatedField(Descriptors.FieldDescriptor field, Object value)

public Resources.AdmissionRule.Builder addRepeatedField(Descriptors.FieldDescriptor field, Object value)
Parameters
NameDescription
fieldFieldDescriptor
valueObject
Returns
TypeDescription
Resources.AdmissionRule.Builder
Overrides

addRequireAttestationsBy(String value)

public Resources.AdmissionRule.Builder addRequireAttestationsBy(String value)

Optional. The resource names of the attestors that must attest to a container image, in the format projects/*/attestors/*. Each attestor must exist before a policy can reference it. To add an attestor to a policy the principal issuing the policy change request must be able to read the attestor resource.

Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty.

repeated string require_attestations_by = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
valueString

The requireAttestationsBy to add.

Returns
TypeDescription
Resources.AdmissionRule.Builder

This builder for chaining.

addRequireAttestationsByBytes(ByteString value)

public Resources.AdmissionRule.Builder addRequireAttestationsByBytes(ByteString value)

Optional. The resource names of the attestors that must attest to a container image, in the format projects/*/attestors/*. Each attestor must exist before a policy can reference it. To add an attestor to a policy the principal issuing the policy change request must be able to read the attestor resource.

Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty.

repeated string require_attestations_by = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
valueByteString

The bytes of the requireAttestationsBy to add.

Returns
TypeDescription
Resources.AdmissionRule.Builder

This builder for chaining.

build()

public Resources.AdmissionRule build()
Returns
TypeDescription
Resources.AdmissionRule

buildPartial()

public Resources.AdmissionRule buildPartial()
Returns
TypeDescription
Resources.AdmissionRule

clear()

public Resources.AdmissionRule.Builder clear()
Returns
TypeDescription
Resources.AdmissionRule.Builder
Overrides

clearEnforcementMode()

public Resources.AdmissionRule.Builder clearEnforcementMode()

Required. The action when a pod creation is denied by the admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementMode enforcement_mode = 3 [(.google.api.field_behavior) = REQUIRED];

Returns
TypeDescription
Resources.AdmissionRule.Builder

This builder for chaining.

clearEvaluationMode()

public Resources.AdmissionRule.Builder clearEvaluationMode()

Required. How this admission rule will be evaluated.

.google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationMode evaluation_mode = 1 [(.google.api.field_behavior) = REQUIRED];

Returns
TypeDescription
Resources.AdmissionRule.Builder

This builder for chaining.

clearField(Descriptors.FieldDescriptor field)

public Resources.AdmissionRule.Builder clearField(Descriptors.FieldDescriptor field)
Parameter
NameDescription
fieldFieldDescriptor
Returns
TypeDescription
Resources.AdmissionRule.Builder
Overrides

clearOneof(Descriptors.OneofDescriptor oneof)

public Resources.AdmissionRule.Builder clearOneof(Descriptors.OneofDescriptor oneof)
Parameter
NameDescription
oneofOneofDescriptor
Returns
TypeDescription
Resources.AdmissionRule.Builder
Overrides

clearRequireAttestationsBy()

public Resources.AdmissionRule.Builder clearRequireAttestationsBy()

Optional. The resource names of the attestors that must attest to a container image, in the format projects/*/attestors/*. Each attestor must exist before a policy can reference it. To add an attestor to a policy the principal issuing the policy change request must be able to read the attestor resource.

Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty.

repeated string require_attestations_by = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
Resources.AdmissionRule.Builder

This builder for chaining.

clone()

public Resources.AdmissionRule.Builder clone()
Returns
TypeDescription
Resources.AdmissionRule.Builder
Overrides

getDefaultInstanceForType()

public Resources.AdmissionRule getDefaultInstanceForType()
Returns
TypeDescription
Resources.AdmissionRule

getDescriptorForType()

public Descriptors.Descriptor getDescriptorForType()
Returns
TypeDescription
Descriptor
Overrides

getEnforcementMode()

public Resources.AdmissionRule.EnforcementMode getEnforcementMode()

Required. The action when a pod creation is denied by the admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementMode enforcement_mode = 3 [(.google.api.field_behavior) = REQUIRED];

Returns
TypeDescription
Resources.AdmissionRule.EnforcementMode

The enforcementMode.

getEnforcementModeValue()

public int getEnforcementModeValue()

Required. The action when a pod creation is denied by the admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementMode enforcement_mode = 3 [(.google.api.field_behavior) = REQUIRED];

Returns
TypeDescription
int

The enum numeric value on the wire for enforcementMode.

getEvaluationMode()

public Resources.AdmissionRule.EvaluationMode getEvaluationMode()

Required. How this admission rule will be evaluated.

.google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationMode evaluation_mode = 1 [(.google.api.field_behavior) = REQUIRED];

Returns
TypeDescription
Resources.AdmissionRule.EvaluationMode

The evaluationMode.

getEvaluationModeValue()

public int getEvaluationModeValue()

Required. How this admission rule will be evaluated.

.google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationMode evaluation_mode = 1 [(.google.api.field_behavior) = REQUIRED];

Returns
TypeDescription
int

The enum numeric value on the wire for evaluationMode.

getRequireAttestationsBy(int index)

public String getRequireAttestationsBy(int index)

Optional. The resource names of the attestors that must attest to a container image, in the format projects/*/attestors/*. Each attestor must exist before a policy can reference it. To add an attestor to a policy the principal issuing the policy change request must be able to read the attestor resource.

Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty.

repeated string require_attestations_by = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
indexint

The index of the element to return.

Returns
TypeDescription
String

The requireAttestationsBy at the given index.

getRequireAttestationsByBytes(int index)

public ByteString getRequireAttestationsByBytes(int index)

Optional. The resource names of the attestors that must attest to a container image, in the format projects/*/attestors/*. Each attestor must exist before a policy can reference it. To add an attestor to a policy the principal issuing the policy change request must be able to read the attestor resource.

Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty.

repeated string require_attestations_by = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
indexint

The index of the value to return.

Returns
TypeDescription
ByteString

The bytes of the requireAttestationsBy at the given index.

getRequireAttestationsByCount()

public int getRequireAttestationsByCount()

Optional. The resource names of the attestors that must attest to a container image, in the format projects/*/attestors/*. Each attestor must exist before a policy can reference it. To add an attestor to a policy the principal issuing the policy change request must be able to read the attestor resource.

Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty.

repeated string require_attestations_by = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
int

The count of requireAttestationsBy.

getRequireAttestationsByList()

public ProtocolStringList getRequireAttestationsByList()

Optional. The resource names of the attestors that must attest to a container image, in the format projects/*/attestors/*. Each attestor must exist before a policy can reference it. To add an attestor to a policy the principal issuing the policy change request must be able to read the attestor resource.

Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty.

repeated string require_attestations_by = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
ProtocolStringList

A list containing the requireAttestationsBy.

internalGetFieldAccessorTable()

protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns
TypeDescription
FieldAccessorTable
Overrides

isInitialized()

public final boolean isInitialized()
Returns
TypeDescription
boolean
Overrides

mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)

public Resources.AdmissionRule.Builder mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputCodedInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
Resources.AdmissionRule.Builder
Overrides
Exceptions
TypeDescription
IOException

mergeFrom(Message other)

public Resources.AdmissionRule.Builder mergeFrom(Message other)
Parameter
NameDescription
otherMessage
Returns
TypeDescription
Resources.AdmissionRule.Builder
Overrides

mergeFrom(Resources.AdmissionRule other)

public Resources.AdmissionRule.Builder mergeFrom(Resources.AdmissionRule other)
Parameter
NameDescription
otherResources.AdmissionRule
Returns
TypeDescription
Resources.AdmissionRule.Builder

mergeUnknownFields(UnknownFieldSet unknownFields)

public final Resources.AdmissionRule.Builder mergeUnknownFields(UnknownFieldSet unknownFields)
Parameter
NameDescription
unknownFieldsUnknownFieldSet
Returns
TypeDescription
Resources.AdmissionRule.Builder
Overrides

setEnforcementMode(Resources.AdmissionRule.EnforcementMode value)

public Resources.AdmissionRule.Builder setEnforcementMode(Resources.AdmissionRule.EnforcementMode value)

Required. The action when a pod creation is denied by the admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementMode enforcement_mode = 3 [(.google.api.field_behavior) = REQUIRED];

Parameter
NameDescription
valueResources.AdmissionRule.EnforcementMode

The enforcementMode to set.

Returns
TypeDescription
Resources.AdmissionRule.Builder

This builder for chaining.

setEnforcementModeValue(int value)

public Resources.AdmissionRule.Builder setEnforcementModeValue(int value)

Required. The action when a pod creation is denied by the admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule.EnforcementMode enforcement_mode = 3 [(.google.api.field_behavior) = REQUIRED];

Parameter
NameDescription
valueint

The enum numeric value on the wire for enforcementMode to set.

Returns
TypeDescription
Resources.AdmissionRule.Builder

This builder for chaining.

setEvaluationMode(Resources.AdmissionRule.EvaluationMode value)

public Resources.AdmissionRule.Builder setEvaluationMode(Resources.AdmissionRule.EvaluationMode value)

Required. How this admission rule will be evaluated.

.google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationMode evaluation_mode = 1 [(.google.api.field_behavior) = REQUIRED];

Parameter
NameDescription
valueResources.AdmissionRule.EvaluationMode

The evaluationMode to set.

Returns
TypeDescription
Resources.AdmissionRule.Builder

This builder for chaining.

setEvaluationModeValue(int value)

public Resources.AdmissionRule.Builder setEvaluationModeValue(int value)

Required. How this admission rule will be evaluated.

.google.cloud.binaryauthorization.v1.AdmissionRule.EvaluationMode evaluation_mode = 1 [(.google.api.field_behavior) = REQUIRED];

Parameter
NameDescription
valueint

The enum numeric value on the wire for evaluationMode to set.

Returns
TypeDescription
Resources.AdmissionRule.Builder

This builder for chaining.

setField(Descriptors.FieldDescriptor field, Object value)

public Resources.AdmissionRule.Builder setField(Descriptors.FieldDescriptor field, Object value)
Parameters
NameDescription
fieldFieldDescriptor
valueObject
Returns
TypeDescription
Resources.AdmissionRule.Builder
Overrides

setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)

public Resources.AdmissionRule.Builder setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)
Parameters
NameDescription
fieldFieldDescriptor
indexint
valueObject
Returns
TypeDescription
Resources.AdmissionRule.Builder
Overrides

setRequireAttestationsBy(int index, String value)

public Resources.AdmissionRule.Builder setRequireAttestationsBy(int index, String value)

Optional. The resource names of the attestors that must attest to a container image, in the format projects/*/attestors/*. Each attestor must exist before a policy can reference it. To add an attestor to a policy the principal issuing the policy change request must be able to read the attestor resource.

Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty.

repeated string require_attestations_by = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameters
NameDescription
indexint

The index to set the value at.

valueString

The requireAttestationsBy to set.

Returns
TypeDescription
Resources.AdmissionRule.Builder

This builder for chaining.

setUnknownFields(UnknownFieldSet unknownFields)

public final Resources.AdmissionRule.Builder setUnknownFields(UnknownFieldSet unknownFields)
Parameter
NameDescription
unknownFieldsUnknownFieldSet
Returns
TypeDescription
Resources.AdmissionRule.Builder
Overrides