Package com.hashicorp.cdktf.providers.google.binary_authorization_policy

Interface BinaryAuthorizationPolicyDefaultAdmissionRule

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

BinaryAuthorizationPolicyDefaultAdmissionRule.Jsii$Proxy

@Generated(value="jsii-pacmak/1.102.0 (build e354887)",
           date="2024-08-31T03:59:17.846Z")
@Stability(Stable)
public interface BinaryAuthorizationPolicyDefaultAdmissionRule
extends software.amazon.jsii.JsiiSerializable

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static class	BinaryAuthorizationPolicyDefaultAdmissionRule.Builder	A builder for BinaryAuthorizationPolicyDefaultAdmissionRule
static class	BinaryAuthorizationPolicyDefaultAdmissionRule.Jsii$Proxy	An implementation for BinaryAuthorizationPolicyDefaultAdmissionRule

Method Summary

Modifier and Type	Method	Description
static BinaryAuthorizationPolicyDefaultAdmissionRule.Builder	builder()
String	getEnforcementMode()	The action when a pod creation is denied by the admission rule.
String	getEvaluationMode()	How this admission rule will be evaluated.
default List<String>	getRequireAttestationsBy()	The resource names of the attestors that must attest to a container image.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Detail

getEnforcementMode

@Stability(Stable)
@NotNull
String getEnforcementMode()

The action when a pod creation is denied by the admission rule. Possible values: ["ENFORCED_BLOCK_AND_AUDIT_LOG", "DRYRUN_AUDIT_LOG_ONLY"].

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/5.43.1/docs/resources/binary_authorization_policy#enforcement_mode BinaryAuthorizationPolicy#enforcement_mode}

getEvaluationMode

@Stability(Stable)
@NotNull
String getEvaluationMode()

How this admission rule will be evaluated. Possible values: ["ALWAYS_ALLOW", "REQUIRE_ATTESTATION", "ALWAYS_DENY"].

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/5.43.1/docs/resources/binary_authorization_policy#evaluation_mode BinaryAuthorizationPolicy#evaluation_mode}

getRequireAttestationsBy

@Stability(Stable)
@Nullable
default List<String> getRequireAttestationsBy()

The resource names of the attestors that must attest to a container image.

If the attestor is in a different project from the policy, it should be specified in the format 'projects/* /attestors/*'. Each attestor must exist before a policy can reference it. To add an attestor to a policy the principal issuing the policy change request must be able to read the attestor resource. Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty. Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/5.43.1/docs/resources/binary_authorization_policy#require_attestations_by BinaryAuthorizationPolicy#require_attestations_by} Note: The above comment contained a comment block ending sequence (* followed by /). We have introduced a space between to prevent syntax errors. Please ignore the space.

builder

@Stability(Stable)
static BinaryAuthorizationPolicyDefaultAdmissionRule.Builder builder()

Returns:

a BinaryAuthorizationPolicyDefaultAdmissionRule.Builder of BinaryAuthorizationPolicyDefaultAdmissionRule