Class Resources.Policy.Builder (1.5.0)

Stay organized with collections Save and categorize content based on your preferences.
public static final class Resources.Policy.Builder extends GeneratedMessageV3.Builder<Resources.Policy.Builder> implements Resources.PolicyOrBuilder

A policy for container image binary authorization.

Protobuf type google.cloud.binaryauthorization.v1.Policy

Static Methods

getDescriptor()

public static final Descriptors.Descriptor getDescriptor()
Returns
TypeDescription
Descriptor

Methods

addAdmissionWhitelistPatterns(Resources.AdmissionWhitelistPattern value)

public Resources.Policy.Builder addAdmissionWhitelistPatterns(Resources.AdmissionWhitelistPattern value)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
valueResources.AdmissionWhitelistPattern
Returns
TypeDescription
Resources.Policy.Builder

addAdmissionWhitelistPatterns(Resources.AdmissionWhitelistPattern.Builder builderForValue)

public Resources.Policy.Builder addAdmissionWhitelistPatterns(Resources.AdmissionWhitelistPattern.Builder builderForValue)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
builderForValueResources.AdmissionWhitelistPattern.Builder
Returns
TypeDescription
Resources.Policy.Builder

addAdmissionWhitelistPatterns(int index, Resources.AdmissionWhitelistPattern value)

public Resources.Policy.Builder addAdmissionWhitelistPatterns(int index, Resources.AdmissionWhitelistPattern value)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameters
NameDescription
indexint
valueResources.AdmissionWhitelistPattern
Returns
TypeDescription
Resources.Policy.Builder

addAdmissionWhitelistPatterns(int index, Resources.AdmissionWhitelistPattern.Builder builderForValue)

public Resources.Policy.Builder addAdmissionWhitelistPatterns(int index, Resources.AdmissionWhitelistPattern.Builder builderForValue)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameters
NameDescription
indexint
builderForValueResources.AdmissionWhitelistPattern.Builder
Returns
TypeDescription
Resources.Policy.Builder

addAdmissionWhitelistPatternsBuilder()

public Resources.AdmissionWhitelistPattern.Builder addAdmissionWhitelistPatternsBuilder()

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
Resources.AdmissionWhitelistPattern.Builder

addAdmissionWhitelistPatternsBuilder(int index)

public Resources.AdmissionWhitelistPattern.Builder addAdmissionWhitelistPatternsBuilder(int index)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
indexint
Returns
TypeDescription
Resources.AdmissionWhitelistPattern.Builder

addAllAdmissionWhitelistPatterns(Iterable<? extends Resources.AdmissionWhitelistPattern> values)

public Resources.Policy.Builder addAllAdmissionWhitelistPatterns(Iterable<? extends Resources.AdmissionWhitelistPattern> values)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
valuesIterable<? extends com.google.protos.google.cloud.binaryauthorization.v1.Resources.AdmissionWhitelistPattern>
Returns
TypeDescription
Resources.Policy.Builder

addRepeatedField(Descriptors.FieldDescriptor field, Object value)

public Resources.Policy.Builder addRepeatedField(Descriptors.FieldDescriptor field, Object value)
Parameters
NameDescription
fieldFieldDescriptor
valueObject
Returns
TypeDescription
Resources.Policy.Builder
Overrides

build()

public Resources.Policy build()
Returns
TypeDescription
Resources.Policy

buildPartial()

public Resources.Policy buildPartial()
Returns
TypeDescription
Resources.Policy

clear()

public Resources.Policy.Builder clear()
Returns
TypeDescription
Resources.Policy.Builder
Overrides

clearAdmissionWhitelistPatterns()

public Resources.Policy.Builder clearAdmissionWhitelistPatterns()

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
Resources.Policy.Builder

clearClusterAdmissionRules()

public Resources.Policy.Builder clearClusterAdmissionRules()
Returns
TypeDescription
Resources.Policy.Builder

clearDefaultAdmissionRule()

public Resources.Policy.Builder clearDefaultAdmissionRule()

Required. Default admission rule for a cluster without a per-cluster, per- kubernetes-service-account, or per-istio-service-identity admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule default_admission_rule = 4 [(.google.api.field_behavior) = REQUIRED];

Returns
TypeDescription
Resources.Policy.Builder

clearDescription()

public Resources.Policy.Builder clearDescription()

Optional. A descriptive comment.

string description = 6 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
Resources.Policy.Builder

This builder for chaining.

clearField(Descriptors.FieldDescriptor field)

public Resources.Policy.Builder clearField(Descriptors.FieldDescriptor field)
Parameter
NameDescription
fieldFieldDescriptor
Returns
TypeDescription
Resources.Policy.Builder
Overrides

clearGlobalPolicyEvaluationMode()

public Resources.Policy.Builder clearGlobalPolicyEvaluationMode()

Optional. Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. This setting has no effect when specified inside a global admission policy.

.google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode global_policy_evaluation_mode = 7 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
Resources.Policy.Builder

This builder for chaining.

clearIstioServiceIdentityAdmissionRules()

public Resources.Policy.Builder clearIstioServiceIdentityAdmissionRules()
Returns
TypeDescription
Resources.Policy.Builder

clearKubernetesNamespaceAdmissionRules()

public Resources.Policy.Builder clearKubernetesNamespaceAdmissionRules()
Returns
TypeDescription
Resources.Policy.Builder

clearKubernetesServiceAccountAdmissionRules()

public Resources.Policy.Builder clearKubernetesServiceAccountAdmissionRules()
Returns
TypeDescription
Resources.Policy.Builder

clearName()

public Resources.Policy.Builder clearName()

Output only. The resource name, in the format projects/*/policy. There is at most one policy per project.

string name = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
Resources.Policy.Builder

This builder for chaining.

clearOneof(Descriptors.OneofDescriptor oneof)

public Resources.Policy.Builder clearOneof(Descriptors.OneofDescriptor oneof)
Parameter
NameDescription
oneofOneofDescriptor
Returns
TypeDescription
Resources.Policy.Builder
Overrides

clearUpdateTime()

public Resources.Policy.Builder clearUpdateTime()

Output only. Time when the policy was last updated.

.google.protobuf.Timestamp update_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
Resources.Policy.Builder

clone()

public Resources.Policy.Builder clone()
Returns
TypeDescription
Resources.Policy.Builder
Overrides

containsClusterAdmissionRules(String key)

public boolean containsClusterAdmissionRules(String key)

Optional. Per-cluster admission rules. Cluster spec format: location.clusterId. There can be at most one admission rule per cluster spec. A location is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For clusterId syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> cluster_admission_rules = 3 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
keyString
Returns
TypeDescription
boolean

containsIstioServiceIdentityAdmissionRules(String key)

public boolean containsIstioServiceIdentityAdmissionRules(String key)

Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe://<domain>/ns/<namespace>/sa/<serviceaccount> or <domain>/ns/<namespace>/sa/<serviceaccount> e.g. spiffe://example.com/ns/test-ns/sa/default

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> istio_service_identity_admission_rules = 9 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
keyString
Returns
TypeDescription
boolean

containsKubernetesNamespaceAdmissionRules(String key)

public boolean containsKubernetesNamespaceAdmissionRules(String key)

Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_namespace_admission_rules = 10 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
keyString
Returns
TypeDescription
boolean

containsKubernetesServiceAccountAdmissionRules(String key)

public boolean containsKubernetesServiceAccountAdmissionRules(String key)

Optional. Per-kubernetes-service-account admission rules. Service account spec format: namespace:serviceaccount. e.g. 'test-ns:default'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_service_account_admission_rules = 8 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
keyString
Returns
TypeDescription
boolean

getAdmissionWhitelistPatterns(int index)

public Resources.AdmissionWhitelistPattern getAdmissionWhitelistPatterns(int index)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
indexint
Returns
TypeDescription
Resources.AdmissionWhitelistPattern

getAdmissionWhitelistPatternsBuilder(int index)

public Resources.AdmissionWhitelistPattern.Builder getAdmissionWhitelistPatternsBuilder(int index)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
indexint
Returns
TypeDescription
Resources.AdmissionWhitelistPattern.Builder

getAdmissionWhitelistPatternsBuilderList()

public List<Resources.AdmissionWhitelistPattern.Builder> getAdmissionWhitelistPatternsBuilderList()

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
List<Builder>

getAdmissionWhitelistPatternsCount()

public int getAdmissionWhitelistPatternsCount()

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
int

getAdmissionWhitelistPatternsList()

public List<Resources.AdmissionWhitelistPattern> getAdmissionWhitelistPatternsList()

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
List<AdmissionWhitelistPattern>

getAdmissionWhitelistPatternsOrBuilder(int index)

public Resources.AdmissionWhitelistPatternOrBuilder getAdmissionWhitelistPatternsOrBuilder(int index)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
indexint
Returns
TypeDescription
Resources.AdmissionWhitelistPatternOrBuilder

getAdmissionWhitelistPatternsOrBuilderList()

public List<? extends Resources.AdmissionWhitelistPatternOrBuilder> getAdmissionWhitelistPatternsOrBuilderList()

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
List<? extends com.google.protos.google.cloud.binaryauthorization.v1.Resources.AdmissionWhitelistPatternOrBuilder>

getClusterAdmissionRules()

public Map<String,Resources.AdmissionRule> getClusterAdmissionRules()
Returns
TypeDescription
Map<String,AdmissionRule>

getClusterAdmissionRulesCount()

public int getClusterAdmissionRulesCount()

Optional. Per-cluster admission rules. Cluster spec format: location.clusterId. There can be at most one admission rule per cluster spec. A location is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For clusterId syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> cluster_admission_rules = 3 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
int

getClusterAdmissionRulesMap()

public Map<String,Resources.AdmissionRule> getClusterAdmissionRulesMap()

Optional. Per-cluster admission rules. Cluster spec format: location.clusterId. There can be at most one admission rule per cluster spec. A location is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For clusterId syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> cluster_admission_rules = 3 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
Map<String,AdmissionRule>

getClusterAdmissionRulesOrDefault(String key, Resources.AdmissionRule defaultValue)

public Resources.AdmissionRule getClusterAdmissionRulesOrDefault(String key, Resources.AdmissionRule defaultValue)

Optional. Per-cluster admission rules. Cluster spec format: location.clusterId. There can be at most one admission rule per cluster spec. A location is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For clusterId syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> cluster_admission_rules = 3 [(.google.api.field_behavior) = OPTIONAL];

Parameters
NameDescription
keyString
defaultValueResources.AdmissionRule
Returns
TypeDescription
Resources.AdmissionRule

getClusterAdmissionRulesOrThrow(String key)

public Resources.AdmissionRule getClusterAdmissionRulesOrThrow(String key)

Optional. Per-cluster admission rules. Cluster spec format: location.clusterId. There can be at most one admission rule per cluster spec. A location is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For clusterId syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> cluster_admission_rules = 3 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
keyString
Returns
TypeDescription
Resources.AdmissionRule

getDefaultAdmissionRule()

public Resources.AdmissionRule getDefaultAdmissionRule()

Required. Default admission rule for a cluster without a per-cluster, per- kubernetes-service-account, or per-istio-service-identity admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule default_admission_rule = 4 [(.google.api.field_behavior) = REQUIRED];

Returns
TypeDescription
Resources.AdmissionRule

The defaultAdmissionRule.

getDefaultAdmissionRuleBuilder()

public Resources.AdmissionRule.Builder getDefaultAdmissionRuleBuilder()

Required. Default admission rule for a cluster without a per-cluster, per- kubernetes-service-account, or per-istio-service-identity admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule default_admission_rule = 4 [(.google.api.field_behavior) = REQUIRED];

Returns
TypeDescription
Resources.AdmissionRule.Builder

getDefaultAdmissionRuleOrBuilder()

public Resources.AdmissionRuleOrBuilder getDefaultAdmissionRuleOrBuilder()

Required. Default admission rule for a cluster without a per-cluster, per- kubernetes-service-account, or per-istio-service-identity admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule default_admission_rule = 4 [(.google.api.field_behavior) = REQUIRED];

Returns
TypeDescription
Resources.AdmissionRuleOrBuilder

getDefaultInstanceForType()

public Resources.Policy getDefaultInstanceForType()
Returns
TypeDescription
Resources.Policy

getDescription()

public String getDescription()

Optional. A descriptive comment.

string description = 6 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
String

The description.

getDescriptionBytes()

public ByteString getDescriptionBytes()

Optional. A descriptive comment.

string description = 6 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
ByteString

The bytes for description.

getDescriptorForType()

public Descriptors.Descriptor getDescriptorForType()
Returns
TypeDescription
Descriptor
Overrides

getGlobalPolicyEvaluationMode()

public Resources.Policy.GlobalPolicyEvaluationMode getGlobalPolicyEvaluationMode()

Optional. Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. This setting has no effect when specified inside a global admission policy.

.google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode global_policy_evaluation_mode = 7 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
Resources.Policy.GlobalPolicyEvaluationMode

The globalPolicyEvaluationMode.

getGlobalPolicyEvaluationModeValue()

public int getGlobalPolicyEvaluationModeValue()

Optional. Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. This setting has no effect when specified inside a global admission policy.

.google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode global_policy_evaluation_mode = 7 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
int

The enum numeric value on the wire for globalPolicyEvaluationMode.

getIstioServiceIdentityAdmissionRules()

public Map<String,Resources.AdmissionRule> getIstioServiceIdentityAdmissionRules()
Returns
TypeDescription
Map<String,AdmissionRule>

getIstioServiceIdentityAdmissionRulesCount()

public int getIstioServiceIdentityAdmissionRulesCount()

Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe://<domain>/ns/<namespace>/sa/<serviceaccount> or <domain>/ns/<namespace>/sa/<serviceaccount> e.g. spiffe://example.com/ns/test-ns/sa/default

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> istio_service_identity_admission_rules = 9 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
int

getIstioServiceIdentityAdmissionRulesMap()

public Map<String,Resources.AdmissionRule> getIstioServiceIdentityAdmissionRulesMap()

Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe://<domain>/ns/<namespace>/sa/<serviceaccount> or <domain>/ns/<namespace>/sa/<serviceaccount> e.g. spiffe://example.com/ns/test-ns/sa/default

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> istio_service_identity_admission_rules = 9 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
Map<String,AdmissionRule>

getIstioServiceIdentityAdmissionRulesOrDefault(String key, Resources.AdmissionRule defaultValue)

public Resources.AdmissionRule getIstioServiceIdentityAdmissionRulesOrDefault(String key, Resources.AdmissionRule defaultValue)

Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe://<domain>/ns/<namespace>/sa/<serviceaccount> or <domain>/ns/<namespace>/sa/<serviceaccount> e.g. spiffe://example.com/ns/test-ns/sa/default

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> istio_service_identity_admission_rules = 9 [(.google.api.field_behavior) = OPTIONAL];

Parameters
NameDescription
keyString
defaultValueResources.AdmissionRule
Returns
TypeDescription
Resources.AdmissionRule

getIstioServiceIdentityAdmissionRulesOrThrow(String key)

public Resources.AdmissionRule getIstioServiceIdentityAdmissionRulesOrThrow(String key)

Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe://<domain>/ns/<namespace>/sa/<serviceaccount> or <domain>/ns/<namespace>/sa/<serviceaccount> e.g. spiffe://example.com/ns/test-ns/sa/default

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> istio_service_identity_admission_rules = 9 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
keyString
Returns
TypeDescription
Resources.AdmissionRule

getKubernetesNamespaceAdmissionRules()

public Map<String,Resources.AdmissionRule> getKubernetesNamespaceAdmissionRules()
Returns
TypeDescription
Map<String,AdmissionRule>

getKubernetesNamespaceAdmissionRulesCount()

public int getKubernetesNamespaceAdmissionRulesCount()

Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_namespace_admission_rules = 10 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
int

getKubernetesNamespaceAdmissionRulesMap()

public Map<String,Resources.AdmissionRule> getKubernetesNamespaceAdmissionRulesMap()

Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_namespace_admission_rules = 10 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
Map<String,AdmissionRule>

getKubernetesNamespaceAdmissionRulesOrDefault(String key, Resources.AdmissionRule defaultValue)

public Resources.AdmissionRule getKubernetesNamespaceAdmissionRulesOrDefault(String key, Resources.AdmissionRule defaultValue)

Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_namespace_admission_rules = 10 [(.google.api.field_behavior) = OPTIONAL];

Parameters
NameDescription
keyString
defaultValueResources.AdmissionRule
Returns
TypeDescription
Resources.AdmissionRule

getKubernetesNamespaceAdmissionRulesOrThrow(String key)

public Resources.AdmissionRule getKubernetesNamespaceAdmissionRulesOrThrow(String key)

Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_namespace_admission_rules = 10 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
keyString
Returns
TypeDescription
Resources.AdmissionRule

getKubernetesServiceAccountAdmissionRules()

public Map<String,Resources.AdmissionRule> getKubernetesServiceAccountAdmissionRules()
Returns
TypeDescription
Map<String,AdmissionRule>

getKubernetesServiceAccountAdmissionRulesCount()

public int getKubernetesServiceAccountAdmissionRulesCount()

Optional. Per-kubernetes-service-account admission rules. Service account spec format: namespace:serviceaccount. e.g. 'test-ns:default'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_service_account_admission_rules = 8 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
int

getKubernetesServiceAccountAdmissionRulesMap()

public Map<String,Resources.AdmissionRule> getKubernetesServiceAccountAdmissionRulesMap()

Optional. Per-kubernetes-service-account admission rules. Service account spec format: namespace:serviceaccount. e.g. 'test-ns:default'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_service_account_admission_rules = 8 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
Map<String,AdmissionRule>

getKubernetesServiceAccountAdmissionRulesOrDefault(String key, Resources.AdmissionRule defaultValue)

public Resources.AdmissionRule getKubernetesServiceAccountAdmissionRulesOrDefault(String key, Resources.AdmissionRule defaultValue)

Optional. Per-kubernetes-service-account admission rules. Service account spec format: namespace:serviceaccount. e.g. 'test-ns:default'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_service_account_admission_rules = 8 [(.google.api.field_behavior) = OPTIONAL];

Parameters
NameDescription
keyString
defaultValueResources.AdmissionRule
Returns
TypeDescription
Resources.AdmissionRule

getKubernetesServiceAccountAdmissionRulesOrThrow(String key)

public Resources.AdmissionRule getKubernetesServiceAccountAdmissionRulesOrThrow(String key)

Optional. Per-kubernetes-service-account admission rules. Service account spec format: namespace:serviceaccount. e.g. 'test-ns:default'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_service_account_admission_rules = 8 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
keyString
Returns
TypeDescription
Resources.AdmissionRule

getMutableClusterAdmissionRules()

public Map<String,Resources.AdmissionRule> getMutableClusterAdmissionRules()

Use alternate mutation accessors instead.

Returns
TypeDescription
Map<String,AdmissionRule>

getMutableIstioServiceIdentityAdmissionRules()

public Map<String,Resources.AdmissionRule> getMutableIstioServiceIdentityAdmissionRules()

Use alternate mutation accessors instead.

Returns
TypeDescription
Map<String,AdmissionRule>

getMutableKubernetesNamespaceAdmissionRules()

public Map<String,Resources.AdmissionRule> getMutableKubernetesNamespaceAdmissionRules()

Use alternate mutation accessors instead.

Returns
TypeDescription
Map<String,AdmissionRule>

getMutableKubernetesServiceAccountAdmissionRules()

public Map<String,Resources.AdmissionRule> getMutableKubernetesServiceAccountAdmissionRules()

Use alternate mutation accessors instead.

Returns
TypeDescription
Map<String,AdmissionRule>

getName()

public String getName()

Output only. The resource name, in the format projects/*/policy. There is at most one policy per project.

string name = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
String

The name.

getNameBytes()

public ByteString getNameBytes()

Output only. The resource name, in the format projects/*/policy. There is at most one policy per project.

string name = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
ByteString

The bytes for name.

getUpdateTime()

public Timestamp getUpdateTime()

Output only. Time when the policy was last updated.

.google.protobuf.Timestamp update_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
Timestamp

The updateTime.

getUpdateTimeBuilder()

public Timestamp.Builder getUpdateTimeBuilder()

Output only. Time when the policy was last updated.

.google.protobuf.Timestamp update_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
Builder

getUpdateTimeOrBuilder()

public TimestampOrBuilder getUpdateTimeOrBuilder()

Output only. Time when the policy was last updated.

.google.protobuf.Timestamp update_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
TimestampOrBuilder

hasDefaultAdmissionRule()

public boolean hasDefaultAdmissionRule()

Required. Default admission rule for a cluster without a per-cluster, per- kubernetes-service-account, or per-istio-service-identity admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule default_admission_rule = 4 [(.google.api.field_behavior) = REQUIRED];

Returns
TypeDescription
boolean

Whether the defaultAdmissionRule field is set.

hasUpdateTime()

public boolean hasUpdateTime()

Output only. Time when the policy was last updated.

.google.protobuf.Timestamp update_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
boolean

Whether the updateTime field is set.

internalGetFieldAccessorTable()

protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns
TypeDescription
FieldAccessorTable
Overrides

internalGetMapField(int number)

protected MapField internalGetMapField(int number)
Parameter
NameDescription
numberint
Returns
TypeDescription
MapField
Overrides

internalGetMutableMapField(int number)

protected MapField internalGetMutableMapField(int number)
Parameter
NameDescription
numberint
Returns
TypeDescription
MapField
Overrides

isInitialized()

public final boolean isInitialized()
Returns
TypeDescription
boolean
Overrides

mergeDefaultAdmissionRule(Resources.AdmissionRule value)

public Resources.Policy.Builder mergeDefaultAdmissionRule(Resources.AdmissionRule value)

Required. Default admission rule for a cluster without a per-cluster, per- kubernetes-service-account, or per-istio-service-identity admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule default_admission_rule = 4 [(.google.api.field_behavior) = REQUIRED];

Parameter
NameDescription
valueResources.AdmissionRule
Returns
TypeDescription
Resources.Policy.Builder

mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)

public Resources.Policy.Builder mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputCodedInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
Resources.Policy.Builder
Overrides Exceptions
TypeDescription
IOException

mergeFrom(Message other)

public Resources.Policy.Builder mergeFrom(Message other)
Parameter
NameDescription
otherMessage<