Package types (0.6.0)

An [admission rule][google.cloud.binaryauthorization.v1beta1.AdmissionRule] specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied.

Images matching an [admission allowlist pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] are exempted from admission rules and will never block a pod creation.

An [admission allowlist pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] exempts images from checks by [admission rules][google.cloud.binaryauthorization.v1beta1.AdmissionRule].

An attestor that attests to container image artifacts. An existing attestor cannot be modified except where indicated.

An [attestor public key][google.cloud.binaryauthorization.v1beta1.AttestorPublicKey] that will be used to verify attestations signed by this attestor.

Represents an auditing event from Continuous Validation.

Request message for [BinauthzManagementService.CreateAttestor][].

Request message for [BinauthzManagementService.DeleteAttestor][].

Request message for [BinauthzManagementService.GetAttestor][].

Request message for [BinauthzManagementService.GetPolicy][].

Request message for [BinauthzManagementService.ListAttestors][].

Response message for [BinauthzManagementService.ListAttestors][].

A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.

A policy for container image binary authorization.

Request message for [BinauthzManagementService.UpdateAttestor][].

Request message for [BinauthzManagementService.UpdatePolicy][].

An [user owned drydock note][google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote] references a Drydock ATTESTATION_AUTHORITY Note created by the user.