Class BinaryAuthorization (2.30.0)

BinaryAuthorization(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Configuration for Binary Authorization.

Attributes

NameDescription
enabled bool
This field is deprecated. Leave this unset and instead configure BinaryAuthorization using evaluation_mode. If evaluation_mode is set to anything other than EVALUATION_MODE_UNSPECIFIED, this field is ignored.
evaluation_mode google.cloud.container_v1beta1.types.BinaryAuthorization.EvaluationMode
Mode of operation for binauthz policy evaluation. If unspecified, defaults to DISABLED.
policy_bindings MutableSequence[google.cloud.container_v1beta1.types.BinaryAuthorization.PolicyBinding]
Optional. Binauthz policies that apply to this cluster.

Classes

EvaluationMode

EvaluationMode(value)

Binary Authorization mode of operation.

Values: EVALUATION_MODE_UNSPECIFIED (0): Default value DISABLED (1): Disable BinaryAuthorization PROJECT_SINGLETON_POLICY_ENFORCE (2): Enforce Kubernetes admission requests with BinaryAuthorization using the project's singleton policy. This is equivalent to setting the enabled boolean to true. POLICY_BINDINGS (5): Use Binary Authorization with the policies specified in policy_bindings. POLICY_BINDINGS_AND_PROJECT_SINGLETON_POLICY_ENFORCE (6): Use Binary Authorization with the policies specified in policy_bindings, and also with the project's singleton policy in enforcement mode.

PolicyBinding

PolicyBinding(mapping=None, *, ignore_unknown_fields=False, **kwargs)