gcloud alpha container binauthz attestors create

NAME
gcloud alpha container binauthz attestors create - create an Attestor
SYNOPSIS
gcloud alpha container binauthz attestors create ATTESTOR (--attestation-authority-note=ATTESTATION_AUTHORITY_NOTE : --attestation-authority-note-project=ATTESTATION_AUTHORITY_NOTE_PROJECT) [--description=DESCRIPTION] [GCLOUD_WIDE_FLAG]
DESCRIPTION
(ALPHA) Create an Attestor.
EXAMPLES
To create an Attestor with an existing Note projects/my_proj/notes/my_note:
gcloud alpha container binauthz attestors create my_new_attestor --attestation-authority-note=my_note --attestation-authority-note-project=my_proj
POSITIONAL ARGUMENTS
Attestor resource - The attestor to be created. This represents a Cloud resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.

To set the project attribute:

  • provide the argument ATTESTOR on the command line with a fully specified name;
  • provide the argument --project on the command line;
  • set the property core/project.

This must be specified.

ATTESTOR
ID of the attestor or fully qualified identifier for the attestor.

To set the name attribute:

  • provide the argument ATTESTOR on the command line.
REQUIRED FLAGS
Note resource - The Container Analysis Note to which the created attestor will be bound.

For the attestor to be able to access and use the Note, the Note must exist and the active gcloud account (core/account) must have the containeranalysis.notes.listOccurrences permission for the Note. This can be achieved by granting the containeranalysis.notes.occurrences.viewer role to the active account for the Note resource in question.

The arguments in this group can be used to specify the attributes of this resource.

This must be specified.

--attestation-authority-note=ATTESTATION_AUTHORITY_NOTE
ID of the note or fully qualified identifier for the note.

To set the note attribute:

  • provide the argument --attestation-authority-note on the command line.

This flag argument must be specified if any of the other arguments in this group are specified.

--attestation-authority-note-project=ATTESTATION_AUTHORITY_NOTE_PROJECT
The Container Analysis project for the note.

To set the project attribute:

  • provide the argument --attestation-authority-note on the command line with a fully specified name;
  • provide the argument --attestation-authority-note-project on the command line.
OPTIONAL FLAGS
--description=DESCRIPTION
A description for the attestor
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
gcloud container binauthz attestors create
gcloud beta container binauthz attestors create