google-cloud-binary_authorization-v1beta1 0.19.0 → 0.20.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/google/cloud/binary_authorization/v1beta1/binauthz_management_service/client.rb +81 -37
- data/lib/google/cloud/binary_authorization/v1beta1/binauthz_management_service/rest/client.rb +89 -37
- data/lib/google/cloud/binary_authorization/v1beta1/binauthz_management_service/rest.rb +1 -0
- data/lib/google/cloud/binary_authorization/v1beta1/bindings_override.rb +110 -0
- data/lib/google/cloud/binary_authorization/v1beta1/rest.rb +1 -0
- data/lib/google/cloud/binary_authorization/v1beta1/system_policy/client.rb +16 -0
- data/lib/google/cloud/binary_authorization/v1beta1/system_policy/rest/client.rb +24 -0
- data/lib/google/cloud/binary_authorization/v1beta1/system_policy/rest.rb +1 -0
- data/lib/google/cloud/binary_authorization/v1beta1/version.rb +1 -1
- data/lib/google/cloud/binaryauthorization/v1beta1/resources_pb.rb +1 -1
- data/lib/google/cloud/binaryauthorization/v1beta1/service_pb.rb +1 -1
- data/lib/google/cloud/binaryauthorization/v1beta1/service_services_pb.rb +31 -17
- data/proto_docs/google/cloud/binaryauthorization/v1beta1/resources.rb +51 -24
- data/proto_docs/google/cloud/binaryauthorization/v1beta1/service.rb +37 -22
- data/proto_docs/google/protobuf/field_mask.rb +229 -0
- data/proto_docs/google/type/expr.rb +75 -0
- metadata +21 -4
|
@@ -18,6 +18,7 @@
|
|
|
18
18
|
|
|
19
19
|
require "google/cloud/errors"
|
|
20
20
|
require "google/cloud/binaryauthorization/v1beta1/service_pb"
|
|
21
|
+
require "google/iam/v1"
|
|
21
22
|
|
|
22
23
|
module Google
|
|
23
24
|
module Cloud
|
|
@@ -170,8 +171,23 @@ module Google
|
|
|
170
171
|
entry.set "defaultTimeout", @config.timeout if @config.timeout
|
|
171
172
|
entry.set "quotaProject", @quota_project_id if @quota_project_id
|
|
172
173
|
end
|
|
174
|
+
|
|
175
|
+
@iam_policy_client = Google::Iam::V1::IAMPolicy::Client.new do |config|
|
|
176
|
+
config.credentials = credentials
|
|
177
|
+
config.quota_project = @quota_project_id
|
|
178
|
+
config.endpoint = @system_policy_stub.endpoint
|
|
179
|
+
config.universe_domain = @system_policy_stub.universe_domain
|
|
180
|
+
config.logger = @system_policy_stub.logger if config.respond_to? :logger=
|
|
181
|
+
end
|
|
173
182
|
end
|
|
174
183
|
|
|
184
|
+
##
|
|
185
|
+
# Get the associated client for mix-in of the IAMPolicy.
|
|
186
|
+
#
|
|
187
|
+
# @return [Google::Iam::V1::IAMPolicy::Client]
|
|
188
|
+
#
|
|
189
|
+
attr_reader :iam_policy_client
|
|
190
|
+
|
|
175
191
|
##
|
|
176
192
|
# The logger used for request/response debug logging.
|
|
177
193
|
#
|
|
@@ -19,6 +19,7 @@
|
|
|
19
19
|
require "google/cloud/errors"
|
|
20
20
|
require "google/cloud/binaryauthorization/v1beta1/service_pb"
|
|
21
21
|
require "google/cloud/binary_authorization/v1beta1/system_policy/rest/service_stub"
|
|
22
|
+
require "google/iam/v1/rest"
|
|
22
23
|
|
|
23
24
|
module Google
|
|
24
25
|
module Cloud
|
|
@@ -163,8 +164,24 @@ module Google
|
|
|
163
164
|
entry.set "defaultTimeout", @config.timeout if @config.timeout
|
|
164
165
|
entry.set "quotaProject", @quota_project_id if @quota_project_id
|
|
165
166
|
end
|
|
167
|
+
|
|
168
|
+
@iam_policy_client = Google::Iam::V1::IAMPolicy::Rest::Client.new do |config|
|
|
169
|
+
config.credentials = credentials
|
|
170
|
+
config.quota_project = @quota_project_id
|
|
171
|
+
config.endpoint = @system_policy_stub.endpoint
|
|
172
|
+
config.universe_domain = @system_policy_stub.universe_domain
|
|
173
|
+
config.bindings_override = @config.bindings_override
|
|
174
|
+
config.logger = @system_policy_stub.logger if config.respond_to? :logger=
|
|
175
|
+
end
|
|
166
176
|
end
|
|
167
177
|
|
|
178
|
+
##
|
|
179
|
+
# Get the associated client for mix-in of the IAMPolicy.
|
|
180
|
+
#
|
|
181
|
+
# @return [Google::Iam::V1::IAMPolicy::Rest::Client]
|
|
182
|
+
#
|
|
183
|
+
attr_reader :iam_policy_client
|
|
184
|
+
|
|
168
185
|
##
|
|
169
186
|
# The logger used for request/response debug logging.
|
|
170
187
|
#
|
|
@@ -363,6 +380,13 @@ module Google
|
|
|
363
380
|
config_attr :retry_policy, nil, ::Hash, ::Proc, nil
|
|
364
381
|
config_attr :quota_project, nil, ::String, nil
|
|
365
382
|
config_attr :universe_domain, nil, ::String, nil
|
|
383
|
+
|
|
384
|
+
# @private
|
|
385
|
+
# Overrides for http bindings for the RPCs of this service
|
|
386
|
+
# are only used when this service is used as mixin, and only
|
|
387
|
+
# by the host service.
|
|
388
|
+
# @return [::Hash{::Symbol=>::Array<::Gapic::Rest::GrpcTranscoder::HttpBinding>}]
|
|
389
|
+
config_attr :bindings_override, {}, ::Hash, nil
|
|
366
390
|
config_attr :logger, :default, ::Logger, nil, :default
|
|
367
391
|
|
|
368
392
|
# @private
|
|
@@ -21,6 +21,7 @@ require "gapic/config"
|
|
|
21
21
|
require "gapic/config/method"
|
|
22
22
|
|
|
23
23
|
require "google/cloud/binary_authorization/v1beta1/version"
|
|
24
|
+
require "google/cloud/binary_authorization/v1beta1/bindings_override"
|
|
24
25
|
|
|
25
26
|
require "google/cloud/binary_authorization/v1beta1/system_policy/credentials"
|
|
26
27
|
require "google/cloud/binary_authorization/v1beta1/system_policy/paths"
|
|
@@ -9,7 +9,7 @@ require 'google/api/resource_pb'
|
|
|
9
9
|
require 'google/protobuf/timestamp_pb'
|
|
10
10
|
|
|
11
11
|
|
|
12
|
-
descriptor_data = "\n8google/cloud/binaryauthorization/v1beta1/resources.proto\x12(google.cloud.binaryauthorization.v1beta1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\
|
|
12
|
+
descriptor_data = "\n8google/cloud/binaryauthorization/v1beta1/resources.proto\x12(google.cloud.binaryauthorization.v1beta1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\xc4\r\n\x06Policy\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x03\x12\x18\n\x0b\x64\x65scription\x18\x06 \x01(\tB\x03\xe0\x41\x01\x12w\n\x1dglobal_policy_evaluation_mode\x18\x07 \x01(\x0e\x32K.google.cloud.binaryauthorization.v1beta1.Policy.GlobalPolicyEvaluationModeB\x03\xe0\x41\x01\x12n\n\x1c\x61\x64mission_whitelist_patterns\x18\x02 \x03(\x0b\x32\x43.google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPatternB\x03\xe0\x41\x01\x12q\n\x17\x63luster_admission_rules\x18\x03 \x03(\x0b\x32K.google.cloud.binaryauthorization.v1beta1.Policy.ClusterAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x8a\x01\n$kubernetes_namespace_admission_rules\x18\n \x03(\x0b\x32W.google.cloud.binaryauthorization.v1beta1.Policy.KubernetesNamespaceAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x95\x01\n*kubernetes_service_account_admission_rules\x18\x08 \x03(\x0b\x32\\.google.cloud.binaryauthorization.v1beta1.Policy.KubernetesServiceAccountAdmissionRulesEntryB\x03\xe0\x41\x01\x12\x8d\x01\n&istio_service_identity_admission_rules\x18\t \x03(\x0b\x32X.google.cloud.binaryauthorization.v1beta1.Policy.IstioServiceIdentityAdmissionRulesEntryB\x03\xe0\x41\x01\x12\\\n\x16\x64\x65\x66\x61ult_admission_rule\x18\x04 \x01(\x0b\x32\x37.google.cloud.binaryauthorization.v1beta1.AdmissionRuleB\x03\xe0\x41\x02\x12\x34\n\x0bupdate_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x11\n\x04\x65tag\x18\x0b \x01(\tB\x03\xe0\x41\x01\x1au\n\x1a\x43lusterAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x46\n\x05value\x18\x02 \x01(\x0b\x32\x37.google.cloud.binaryauthorization.v1beta1.AdmissionRule:\x02\x38\x01\x1a\x81\x01\n&KubernetesNamespaceAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x46\n\x05value\x18\x02 \x01(\x0b\x32\x37.google.cloud.binaryauthorization.v1beta1.AdmissionRule:\x02\x38\x01\x1a\x86\x01\n+KubernetesServiceAccountAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x46\n\x05value\x18\x02 \x01(\x0b\x32\x37.google.cloud.binaryauthorization.v1beta1.AdmissionRule:\x02\x38\x01\x1a\x82\x01\n\'IstioServiceIdentityAdmissionRulesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x46\n\x05value\x18\x02 \x01(\x0b\x32\x37.google.cloud.binaryauthorization.v1beta1.AdmissionRule:\x02\x38\x01\"d\n\x1aGlobalPolicyEvaluationMode\x12-\n)GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED\x10\x00\x12\n\n\x06\x45NABLE\x10\x01\x12\x0b\n\x07\x44ISABLE\x10\x02:f\xea\x41\x63\n)binaryauthorization.googleapis.com/Policy\x12\x19projects/{project}/policy\x12\x1blocations/{location}/policy\"1\n\x19\x41\x64missionWhitelistPattern\x12\x14\n\x0cname_pattern\x18\x01 \x01(\t\"\xe4\x03\n\rAdmissionRule\x12\x64\n\x0f\x65valuation_mode\x18\x01 \x01(\x0e\x32\x46.google.cloud.binaryauthorization.v1beta1.AdmissionRule.EvaluationModeB\x03\xe0\x41\x02\x12$\n\x17require_attestations_by\x18\x02 \x03(\tB\x03\xe0\x41\x01\x12\x66\n\x10\x65nforcement_mode\x18\x03 \x01(\x0e\x32G.google.cloud.binaryauthorization.v1beta1.AdmissionRule.EnforcementModeB\x03\xe0\x41\x02\"m\n\x0e\x45valuationMode\x12\x1f\n\x1b\x45VALUATION_MODE_UNSPECIFIED\x10\x00\x12\x10\n\x0c\x41LWAYS_ALLOW\x10\x01\x12\x17\n\x13REQUIRE_ATTESTATION\x10\x02\x12\x0f\n\x0b\x41LWAYS_DENY\x10\x03\"p\n\x0f\x45nforcementMode\x12 \n\x1c\x45NFORCEMENT_MODE_UNSPECIFIED\x10\x00\x12 \n\x1c\x45NFORCED_BLOCK_AND_AUDIT_LOG\x10\x01\x12\x19\n\x15\x44RYRUN_AUDIT_LOG_ONLY\x10\x02\"\xcf\x02\n\x08\x41ttestor\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x18\n\x0b\x64\x65scription\x18\x06 \x01(\tB\x03\xe0\x41\x01\x12\x61\n\x17user_owned_drydock_note\x18\x03 \x01(\x0b\x32>.google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNoteH\x00\x12\x34\n\x0bupdate_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x11\n\x04\x65tag\x18\x07 \x01(\tB\x03\xe0\x41\x01:Y\xea\x41V\n+binaryauthorization.googleapis.com/Attestor\x12\'projects/{project}/attestors/{attestor}B\x0f\n\rattestor_type\"\xb9\x01\n\x14UserOwnedDrydockNote\x12\x1b\n\x0enote_reference\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12U\n\x0bpublic_keys\x18\x02 \x03(\x0b\x32;.google.cloud.binaryauthorization.v1beta1.AttestorPublicKeyB\x03\xe0\x41\x01\x12-\n delegation_service_account_email\x18\x03 \x01(\tB\x03\xe0\x41\x03\"\xcb\x05\n\rPkixPublicKey\x12\x16\n\x0epublic_key_pem\x18\x01 \x01(\t\x12g\n\x13signature_algorithm\x18\x02 \x01(\x0e\x32J.google.cloud.binaryauthorization.v1beta1.PkixPublicKey.SignatureAlgorithm\"\xb8\x04\n\x12SignatureAlgorithm\x12#\n\x1fSIGNATURE_ALGORITHM_UNSPECIFIED\x10\x00\x12\x17\n\x13RSA_PSS_2048_SHA256\x10\x01\x12\x1c\n\x18RSA_SIGN_PSS_2048_SHA256\x10\x01\x12\x17\n\x13RSA_PSS_3072_SHA256\x10\x02\x12\x1c\n\x18RSA_SIGN_PSS_3072_SHA256\x10\x02\x12\x17\n\x13RSA_PSS_4096_SHA256\x10\x03\x12\x1c\n\x18RSA_SIGN_PSS_4096_SHA256\x10\x03\x12\x17\n\x13RSA_PSS_4096_SHA512\x10\x04\x12\x1c\n\x18RSA_SIGN_PSS_4096_SHA512\x10\x04\x12\x1e\n\x1aRSA_SIGN_PKCS1_2048_SHA256\x10\x05\x12\x1e\n\x1aRSA_SIGN_PKCS1_3072_SHA256\x10\x06\x12\x1e\n\x1aRSA_SIGN_PKCS1_4096_SHA256\x10\x07\x12\x1e\n\x1aRSA_SIGN_PKCS1_4096_SHA512\x10\x08\x12\x15\n\x11\x45\x43\x44SA_P256_SHA256\x10\t\x12\x17\n\x13\x45\x43_SIGN_P256_SHA256\x10\t\x12\x15\n\x11\x45\x43\x44SA_P384_SHA384\x10\n\x12\x17\n\x13\x45\x43_SIGN_P384_SHA384\x10\n\x12\x15\n\x11\x45\x43\x44SA_P521_SHA512\x10\x0b\x12\x17\n\x13\x45\x43_SIGN_P521_SHA512\x10\x0b\x12\r\n\tML_DSA_65\x10\r\x1a\x02\x10\x01\"\xbf\x01\n\x11\x41ttestorPublicKey\x12\x14\n\x07\x63omment\x18\x01 \x01(\tB\x03\xe0\x41\x01\x12\n\n\x02id\x18\x02 \x01(\t\x12&\n\x1c\x61scii_armored_pgp_public_key\x18\x03 \x01(\tH\x00\x12R\n\x0fpkix_public_key\x18\x05 \x01(\x0b\x32\x37.google.cloud.binaryauthorization.v1beta1.PkixPublicKeyH\x00\x42\x0c\n\npublic_keyB\xb7\x02\n,com.google.cloud.binaryauthorization.v1beta1B!BinaryAuthorizationResourcesProtoP\x01Z^cloud.google.com/go/binaryauthorization/apiv1beta1/binaryauthorizationpb;binaryauthorizationpb\xaa\x02(Google.Cloud.BinaryAuthorization.V1Beta1\xca\x02(Google\\Cloud\\BinaryAuthorization\\V1beta1\xea\x02+Google::Cloud::BinaryAuthorization::V1beta1b\x06proto3"
|
|
13
13
|
|
|
14
14
|
pool = ::Google::Protobuf::DescriptorPool.generated_pool
|
|
15
15
|
pool.add_serialized_file(descriptor_data)
|
|
@@ -12,7 +12,7 @@ require 'google/cloud/binaryauthorization/v1beta1/resources_pb'
|
|
|
12
12
|
require 'google/protobuf/empty_pb'
|
|
13
13
|
|
|
14
14
|
|
|
15
|
-
descriptor_data = "\n6google/cloud/binaryauthorization/v1beta1/service.proto\x12(google.cloud.binaryauthorization.v1beta1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x38google/cloud/binaryauthorization/v1beta1/resources.proto\x1a\x1bgoogle/protobuf/empty.proto\"S\n\x10GetPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy\"\\\n\x13UpdatePolicyRequest\x12\x45\n\x06policy\x18\x01 \x01(\x0b\x32\x30.google.cloud.binaryauthorization.v1beta1.PolicyB\x03\xe0\x41\x02\"\xc1\x01\n\x15\x43reateAttestorRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x18\n\x0b\x61ttestor_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12I\n\x08\x61ttestor\x18\x03 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1beta1.AttestorB\x03\xe0\x41\x02\"W\n\x12GetAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"b\n\x15UpdateAttestorRequest\x12I\n\x08\x61ttestor\x18\x01 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1beta1.AttestorB\x03\xe0\x41\x02\"\x82\x01\n\x14ListAttestorsRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x11\n\tpage_size\x18\x02 \x01(\x05\x12\x12\n\npage_token\x18\x03 \x01(\t\"w\n\x15ListAttestorsResponse\x12\x45\n\tattestors\x18\x01 \x03(\x0b\x32\x32.google.cloud.binaryauthorization.v1beta1.Attestor\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"Z\n\x15\x44\x65leteAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"Y\n\x16GetSystemPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy2\xcb\x0b\n BinauthzManagementServiceV1Beta1\x12\xab\x01\n\tGetPolicy\x12:.google.cloud.binaryauthorization.v1beta1.GetPolicyRequest\x1a\x30.google.cloud.binaryauthorization.v1beta1.Policy\"0\xda\x41\x04name\x82\xd3\xe4\x93\x02#\x12!/v1beta1/{name=projects/*/policy}\x12\xc2\x01\n\x0cUpdatePolicy\x12=.google.cloud.binaryauthorization.v1beta1.UpdatePolicyRequest\x1a\x30.google.cloud.binaryauthorization.v1beta1.Policy\"A\xda\x41\x06policy\x82\xd3\xe4\x93\x02\x32\x1a(/v1beta1/{policy.name=projects/*/policy}:\x06policy\x12\xdd\x01\n\x0e\x43reateAttestor\x12?.google.cloud.binaryauthorization.v1beta1.CreateAttestorRequest\x1a\x32.google.cloud.binaryauthorization.v1beta1.Attestor\"V\xda\x41\x1bparent,attestor_id,attestor\x82\xd3\xe4\x93\x02\x32\"&/v1beta1/{parent=projects/*}/attestors:\x08\x61ttestor\x12\xb6\x01\n\x0bGetAttestor\x12<.google.cloud.binaryauthorization.v1beta1.GetAttestorRequest\x1a\x32.google.cloud.binaryauthorization.v1beta1.Attestor\"5\xda\x41\x04name\x82\xd3\xe4\x93\x02(\x12&/v1beta1/{name=projects/*/attestors/*}\x12\xd3\x01\n\x0eUpdateAttestor\x12?.google.cloud.binaryauthorization.v1beta1.UpdateAttestorRequest\x1a\x32.google.cloud.binaryauthorization.v1beta1.Attestor\"L\xda\x41\x08\x61ttestor\x82\xd3\xe4\x93\x02;\x1a//v1beta1/{attestor.name=projects/*/attestors/*}:\x08\x61ttestor\x12\xc9\x01\n\rListAttestors\x12>.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest\x1a?.google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse\"7\xda\x41\x06parent\x82\xd3\xe4\x93\x02(\x12&/v1beta1/{parent=projects/*}/attestors\x12\xa0\x01\n\x0e\x44\x65leteAttestor\x12?.google.cloud.binaryauthorization.v1beta1.DeleteAttestorRequest\x1a\x16.google.protobuf.Empty\"5\xda\x41\x04name\x82\xd3\xe4\x93\x02(*&/v1beta1/{name=projects/*/attestors/*}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platform2\xa8\x02\n\x13SystemPolicyV1Beta1\x12\xb8\x01\n\x0fGetSystemPolicy\x12@.google.cloud.binaryauthorization.v1beta1.GetSystemPolicyRequest\x1a\x30.google.cloud.binaryauthorization.v1beta1.Policy\"1\xda\x41\x04name\x82\xd3\xe4\x93\x02$\x12\"/v1beta1/{name=locations/*/policy}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\
|
|
15
|
+
descriptor_data = "\n6google/cloud/binaryauthorization/v1beta1/service.proto\x12(google.cloud.binaryauthorization.v1beta1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x38google/cloud/binaryauthorization/v1beta1/resources.proto\x1a\x1bgoogle/protobuf/empty.proto\"S\n\x10GetPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy\"\\\n\x13UpdatePolicyRequest\x12\x45\n\x06policy\x18\x01 \x01(\x0b\x32\x30.google.cloud.binaryauthorization.v1beta1.PolicyB\x03\xe0\x41\x02\"\xc1\x01\n\x15\x43reateAttestorRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x18\n\x0b\x61ttestor_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12I\n\x08\x61ttestor\x18\x03 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1beta1.AttestorB\x03\xe0\x41\x02\"W\n\x12GetAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"b\n\x15UpdateAttestorRequest\x12I\n\x08\x61ttestor\x18\x01 \x01(\x0b\x32\x32.google.cloud.binaryauthorization.v1beta1.AttestorB\x03\xe0\x41\x02\"\x82\x01\n\x14ListAttestorsRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x11\n\tpage_size\x18\x02 \x01(\x05\x12\x12\n\npage_token\x18\x03 \x01(\t\"w\n\x15ListAttestorsResponse\x12\x45\n\tattestors\x18\x01 \x03(\x0b\x32\x32.google.cloud.binaryauthorization.v1beta1.Attestor\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"Z\n\x15\x44\x65leteAttestorRequest\x12\x41\n\x04name\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+binaryauthorization.googleapis.com/Attestor\"Y\n\x16GetSystemPolicyRequest\x12?\n\x04name\x18\x01 \x01(\tB1\xe0\x41\x02\xfa\x41+\n)binaryauthorization.googleapis.com/Policy2\xcb\x0b\n BinauthzManagementServiceV1Beta1\x12\xab\x01\n\tGetPolicy\x12:.google.cloud.binaryauthorization.v1beta1.GetPolicyRequest\x1a\x30.google.cloud.binaryauthorization.v1beta1.Policy\"0\xda\x41\x04name\x82\xd3\xe4\x93\x02#\x12!/v1beta1/{name=projects/*/policy}\x12\xc2\x01\n\x0cUpdatePolicy\x12=.google.cloud.binaryauthorization.v1beta1.UpdatePolicyRequest\x1a\x30.google.cloud.binaryauthorization.v1beta1.Policy\"A\xda\x41\x06policy\x82\xd3\xe4\x93\x02\x32\x1a(/v1beta1/{policy.name=projects/*/policy}:\x06policy\x12\xdd\x01\n\x0e\x43reateAttestor\x12?.google.cloud.binaryauthorization.v1beta1.CreateAttestorRequest\x1a\x32.google.cloud.binaryauthorization.v1beta1.Attestor\"V\xda\x41\x1bparent,attestor_id,attestor\x82\xd3\xe4\x93\x02\x32\"&/v1beta1/{parent=projects/*}/attestors:\x08\x61ttestor\x12\xb6\x01\n\x0bGetAttestor\x12<.google.cloud.binaryauthorization.v1beta1.GetAttestorRequest\x1a\x32.google.cloud.binaryauthorization.v1beta1.Attestor\"5\xda\x41\x04name\x82\xd3\xe4\x93\x02(\x12&/v1beta1/{name=projects/*/attestors/*}\x12\xd3\x01\n\x0eUpdateAttestor\x12?.google.cloud.binaryauthorization.v1beta1.UpdateAttestorRequest\x1a\x32.google.cloud.binaryauthorization.v1beta1.Attestor\"L\xda\x41\x08\x61ttestor\x82\xd3\xe4\x93\x02;\x1a//v1beta1/{attestor.name=projects/*/attestors/*}:\x08\x61ttestor\x12\xc9\x01\n\rListAttestors\x12>.google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest\x1a?.google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse\"7\xda\x41\x06parent\x82\xd3\xe4\x93\x02(\x12&/v1beta1/{parent=projects/*}/attestors\x12\xa0\x01\n\x0e\x44\x65leteAttestor\x12?.google.cloud.binaryauthorization.v1beta1.DeleteAttestorRequest\x1a\x16.google.protobuf.Empty\"5\xda\x41\x04name\x82\xd3\xe4\x93\x02(*&/v1beta1/{name=projects/*/attestors/*}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platform2\xa8\x02\n\x13SystemPolicyV1Beta1\x12\xb8\x01\n\x0fGetSystemPolicy\x12@.google.cloud.binaryauthorization.v1beta1.GetSystemPolicyRequest\x1a\x30.google.cloud.binaryauthorization.v1beta1.Policy\"1\xda\x41\x04name\x82\xd3\xe4\x93\x02$\x12\"/v1beta1/{name=locations/*/policy}\x1aV\xca\x41\"binaryauthorization.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\xb5\x02\n,com.google.cloud.binaryauthorization.v1beta1B\x1f\x42inaryAuthorizationServiceProtoP\x01Z^cloud.google.com/go/binaryauthorization/apiv1beta1/binaryauthorizationpb;binaryauthorizationpb\xaa\x02(Google.Cloud.BinaryAuthorization.V1Beta1\xca\x02(Google\\Cloud\\BinaryAuthorization\\V1beta1\xea\x02+Google::Cloud::BinaryAuthorization::V1beta1b\x06proto3"
|
|
16
16
|
|
|
17
17
|
pool = ::Google::Protobuf::DescriptorPool.generated_pool
|
|
18
18
|
pool.add_serialized_file(descriptor_data)
|
|
@@ -41,36 +41,50 @@ module Google
|
|
|
41
41
|
self.unmarshal_class_method = :decode
|
|
42
42
|
self.service_name = 'google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1'
|
|
43
43
|
|
|
44
|
-
# A [policy][google.cloud.binaryauthorization.v1beta1.Policy] specifies the
|
|
45
|
-
#
|
|
44
|
+
# A [policy][google.cloud.binaryauthorization.v1beta1.Policy] specifies the
|
|
45
|
+
# [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] that must
|
|
46
|
+
# attest to a container image, before the project is allowed to deploy that
|
|
46
47
|
# image. There is at most one policy per project. All image admission
|
|
47
48
|
# requests are permitted if a project has no policy.
|
|
48
49
|
#
|
|
49
|
-
# Gets the [policy][google.cloud.binaryauthorization.v1beta1.Policy] for this
|
|
50
|
-
#
|
|
50
|
+
# Gets the [policy][google.cloud.binaryauthorization.v1beta1.Policy] for this
|
|
51
|
+
# project. Returns a default
|
|
52
|
+
# [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the project
|
|
53
|
+
# does not have one.
|
|
51
54
|
rpc :GetPolicy, ::Google::Cloud::BinaryAuthorization::V1beta1::GetPolicyRequest, ::Google::Cloud::BinaryAuthorization::V1beta1::Policy
|
|
52
|
-
# Creates or updates a project's
|
|
53
|
-
#
|
|
54
|
-
#
|
|
55
|
-
#
|
|
56
|
-
#
|
|
55
|
+
# Creates or updates a project's
|
|
56
|
+
# [policy][google.cloud.binaryauthorization.v1beta1.Policy], and returns a
|
|
57
|
+
# copy of the new [policy][google.cloud.binaryauthorization.v1beta1.Policy].
|
|
58
|
+
# A policy is always updated as a whole, to avoid race conditions with
|
|
59
|
+
# concurrent policy enforcement (or management!) requests. Returns NOT_FOUND
|
|
60
|
+
# if the project does not exist, INVALID_ARGUMENT if the request is
|
|
61
|
+
# malformed.
|
|
57
62
|
rpc :UpdatePolicy, ::Google::Cloud::BinaryAuthorization::V1beta1::UpdatePolicyRequest, ::Google::Cloud::BinaryAuthorization::V1beta1::Policy
|
|
58
|
-
# Creates an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor],
|
|
59
|
-
#
|
|
60
|
-
#
|
|
61
|
-
#
|
|
63
|
+
# Creates an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor],
|
|
64
|
+
# and returns a copy of the new
|
|
65
|
+
# [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. Returns
|
|
66
|
+
# NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the request is
|
|
67
|
+
# malformed, ALREADY_EXISTS if the
|
|
68
|
+
# [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] already
|
|
69
|
+
# exists.
|
|
62
70
|
rpc :CreateAttestor, ::Google::Cloud::BinaryAuthorization::V1beta1::CreateAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1beta1::Attestor
|
|
63
71
|
# Gets an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor].
|
|
64
|
-
# Returns NOT_FOUND if the
|
|
72
|
+
# Returns NOT_FOUND if the
|
|
73
|
+
# [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not
|
|
74
|
+
# exist.
|
|
65
75
|
rpc :GetAttestor, ::Google::Cloud::BinaryAuthorization::V1beta1::GetAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1beta1::Attestor
|
|
66
76
|
# Updates an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor].
|
|
67
|
-
# Returns NOT_FOUND if the
|
|
77
|
+
# Returns NOT_FOUND if the
|
|
78
|
+
# [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not
|
|
79
|
+
# exist.
|
|
68
80
|
rpc :UpdateAttestor, ::Google::Cloud::BinaryAuthorization::V1beta1::UpdateAttestorRequest, ::Google::Cloud::BinaryAuthorization::V1beta1::Attestor
|
|
69
81
|
# Lists [attestors][google.cloud.binaryauthorization.v1beta1.Attestor].
|
|
70
82
|
# Returns INVALID_ARGUMENT if the project does not exist.
|
|
71
83
|
rpc :ListAttestors, ::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsRequest, ::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsResponse
|
|
72
|
-
# Deletes an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor].
|
|
73
|
-
#
|
|
84
|
+
# Deletes an [attestor][google.cloud.binaryauthorization.v1beta1.Attestor].
|
|
85
|
+
# Returns NOT_FOUND if the
|
|
86
|
+
# [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] does not
|
|
87
|
+
# exist.
|
|
74
88
|
rpc :DeleteAttestor, ::Google::Cloud::BinaryAuthorization::V1beta1::DeleteAttestorRequest, ::Google::Protobuf::Empty
|
|
75
89
|
end
|
|
76
90
|
|
|
@@ -21,7 +21,8 @@ module Google
|
|
|
21
21
|
module Cloud
|
|
22
22
|
module BinaryAuthorization
|
|
23
23
|
module V1beta1
|
|
24
|
-
# A {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} for Binary
|
|
24
|
+
# A {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} for Binary
|
|
25
|
+
# Authorization.
|
|
25
26
|
# @!attribute [r] name
|
|
26
27
|
# @return [::String]
|
|
27
28
|
# Output only. The resource name, in the format `projects/*/policy`. There is
|
|
@@ -51,7 +52,8 @@ module Google
|
|
|
51
52
|
# https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.
|
|
52
53
|
# @!attribute [rw] kubernetes_namespace_admission_rules
|
|
53
54
|
# @return [::Google::Protobuf::Map{::String => ::Google::Cloud::BinaryAuthorization::V1beta1::AdmissionRule}]
|
|
54
|
-
# Optional. Per-kubernetes-namespace admission rules. K8s namespace spec
|
|
55
|
+
# Optional. Per-kubernetes-namespace admission rules. K8s namespace spec
|
|
56
|
+
# format:
|
|
55
57
|
# `[a-z.-]+`, e.g. `some-namespace`
|
|
56
58
|
# @!attribute [rw] kubernetes_service_account_admission_rules
|
|
57
59
|
# @return [::Google::Protobuf::Map{::String => ::Google::Cloud::BinaryAuthorization::V1beta1::AdmissionRule}]
|
|
@@ -71,6 +73,11 @@ module Google
|
|
|
71
73
|
# @!attribute [r] update_time
|
|
72
74
|
# @return [::Google::Protobuf::Timestamp]
|
|
73
75
|
# Output only. Time when the policy was last updated.
|
|
76
|
+
# @!attribute [rw] etag
|
|
77
|
+
# @return [::String]
|
|
78
|
+
# Optional. A checksum, returned by the server, that can be sent on update
|
|
79
|
+
# requests to ensure the policy has an up-to-date value before attempting to
|
|
80
|
+
# update it. See https://google.aip.dev/154.
|
|
74
81
|
class Policy
|
|
75
82
|
include ::Google::Protobuf::MessageExts
|
|
76
83
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -123,8 +130,10 @@ module Google
|
|
|
123
130
|
end
|
|
124
131
|
end
|
|
125
132
|
|
|
126
|
-
# An
|
|
127
|
-
#
|
|
133
|
+
# An [admission allowlist
|
|
134
|
+
# pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern]
|
|
135
|
+
# exempts images from checks by [admission
|
|
136
|
+
# rules][google.cloud.binaryauthorization.v1beta1.AdmissionRule].
|
|
128
137
|
# @!attribute [rw] name_pattern
|
|
129
138
|
# @return [::String]
|
|
130
139
|
# An image name pattern to allowlist, in the form `registry/path/to/image`.
|
|
@@ -139,26 +148,20 @@ module Google
|
|
|
139
148
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
140
149
|
end
|
|
141
150
|
|
|
142
|
-
# An {::Google::Cloud::BinaryAuthorization::V1beta1::AdmissionRule admission rule}
|
|
143
|
-
# used in a pod creation request
|
|
144
|
-
#
|
|
145
|
-
#
|
|
151
|
+
# An {::Google::Cloud::BinaryAuthorization::V1beta1::AdmissionRule admission rule}
|
|
152
|
+
# specifies either that all container images used in a pod creation request
|
|
153
|
+
# must be attested to by one or more
|
|
154
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors}, that all pod
|
|
155
|
+
# creations will be allowed, or that all pod creations will be denied.
|
|
146
156
|
#
|
|
147
|
-
# Images matching an
|
|
157
|
+
# Images matching an [admission allowlist
|
|
158
|
+
# pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern]
|
|
148
159
|
# are exempted from admission rules and will never block a pod creation.
|
|
149
160
|
# @!attribute [rw] evaluation_mode
|
|
150
161
|
# @return [::Google::Cloud::BinaryAuthorization::V1beta1::AdmissionRule::EvaluationMode]
|
|
151
162
|
# Required. How this admission rule will be evaluated.
|
|
152
163
|
# @!attribute [rw] require_attestations_by
|
|
153
164
|
# @return [::Array<::String>]
|
|
154
|
-
# Optional. The resource names of the attestors that must attest to
|
|
155
|
-
# a container image, in the format `projects/*/attestors/*`. Each
|
|
156
|
-
# attestor must exist before a policy can reference it. To add an attestor
|
|
157
|
-
# to a policy the principal issuing the policy change request must be able
|
|
158
|
-
# to read the attestor resource.
|
|
159
|
-
#
|
|
160
|
-
# Note: this field must be non-empty when the evaluation_mode field specifies
|
|
161
|
-
# REQUIRE_ATTESTATION, otherwise it must be empty.
|
|
162
165
|
# @!attribute [rw] enforcement_mode
|
|
163
166
|
# @return [::Google::Cloud::BinaryAuthorization::V1beta1::AdmissionRule::EnforcementMode]
|
|
164
167
|
# Required. The action when a pod creation is denied by the admission rule.
|
|
@@ -182,6 +185,8 @@ module Google
|
|
|
182
185
|
ALWAYS_DENY = 3
|
|
183
186
|
end
|
|
184
187
|
|
|
188
|
+
# TODO(wietse) re-word this text to 'per-image' instead of 'per-pod' and to
|
|
189
|
+
# allow for three-way evaluation (allow, deny, delegate).
|
|
185
190
|
# Defines the possible actions when a pod creation is denied by an admission
|
|
186
191
|
# rule.
|
|
187
192
|
module EnforcementMode
|
|
@@ -197,9 +202,9 @@ module Google
|
|
|
197
202
|
end
|
|
198
203
|
end
|
|
199
204
|
|
|
200
|
-
# An {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} that attests
|
|
201
|
-
# artifacts. An existing attestor cannot be modified except
|
|
202
|
-
# indicated.
|
|
205
|
+
# An {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} that attests
|
|
206
|
+
# to container image artifacts. An existing attestor cannot be modified except
|
|
207
|
+
# where indicated.
|
|
203
208
|
# @!attribute [rw] name
|
|
204
209
|
# @return [::String]
|
|
205
210
|
# Required. The resource name, in the format:
|
|
@@ -214,13 +219,19 @@ module Google
|
|
|
214
219
|
# @!attribute [r] update_time
|
|
215
220
|
# @return [::Google::Protobuf::Timestamp]
|
|
216
221
|
# Output only. Time when the attestor was last updated.
|
|
222
|
+
# @!attribute [rw] etag
|
|
223
|
+
# @return [::String]
|
|
224
|
+
# Optional. A checksum, returned by the server, that can be sent on update
|
|
225
|
+
# requests to ensure the attestor has an up-to-date value before attempting
|
|
226
|
+
# to update it. See https://google.aip.dev/154.
|
|
217
227
|
class Attestor
|
|
218
228
|
include ::Google::Protobuf::MessageExts
|
|
219
229
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
220
230
|
end
|
|
221
231
|
|
|
222
|
-
# An
|
|
223
|
-
#
|
|
232
|
+
# An [user owned drydock
|
|
233
|
+
# note][google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote]
|
|
234
|
+
# references a Drydock ATTESTATION_AUTHORITY Note created by the user.
|
|
224
235
|
# @!attribute [rw] note_reference
|
|
225
236
|
# @return [::String]
|
|
226
237
|
# Required. The Drydock resource name of a ATTESTATION_AUTHORITY Note,
|
|
@@ -289,15 +300,27 @@ module Google
|
|
|
289
300
|
# RSASSA-PSS 2048 bit key with a SHA256 digest.
|
|
290
301
|
RSA_PSS_2048_SHA256 = 1
|
|
291
302
|
|
|
303
|
+
# RSASSA-PSS 2048 bit key with a SHA256 digest.
|
|
304
|
+
RSA_SIGN_PSS_2048_SHA256 = 1
|
|
305
|
+
|
|
292
306
|
# RSASSA-PSS 3072 bit key with a SHA256 digest.
|
|
293
307
|
RSA_PSS_3072_SHA256 = 2
|
|
294
308
|
|
|
309
|
+
# RSASSA-PSS 3072 bit key with a SHA256 digest.
|
|
310
|
+
RSA_SIGN_PSS_3072_SHA256 = 2
|
|
311
|
+
|
|
295
312
|
# RSASSA-PSS 4096 bit key with a SHA256 digest.
|
|
296
313
|
RSA_PSS_4096_SHA256 = 3
|
|
297
314
|
|
|
315
|
+
# RSASSA-PSS 4096 bit key with a SHA256 digest.
|
|
316
|
+
RSA_SIGN_PSS_4096_SHA256 = 3
|
|
317
|
+
|
|
298
318
|
# RSASSA-PSS 4096 bit key with a SHA512 digest.
|
|
299
319
|
RSA_PSS_4096_SHA512 = 4
|
|
300
320
|
|
|
321
|
+
# RSASSA-PSS 4096 bit key with a SHA512 digest.
|
|
322
|
+
RSA_SIGN_PSS_4096_SHA512 = 4
|
|
323
|
+
|
|
301
324
|
# RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest.
|
|
302
325
|
RSA_SIGN_PKCS1_2048_SHA256 = 5
|
|
303
326
|
|
|
@@ -327,11 +350,15 @@ module Google
|
|
|
327
350
|
|
|
328
351
|
# ECDSA on the NIST P-521 curve with a SHA512 digest.
|
|
329
352
|
EC_SIGN_P521_SHA512 = 11
|
|
353
|
+
|
|
354
|
+
# ML-DSA-65 Post-Quantum Cryptography signature algorithm.
|
|
355
|
+
ML_DSA_65 = 13
|
|
330
356
|
end
|
|
331
357
|
end
|
|
332
358
|
|
|
333
|
-
# An
|
|
334
|
-
#
|
|
359
|
+
# An [attestor public
|
|
360
|
+
# key][google.cloud.binaryauthorization.v1beta1.AttestorPublicKey] that will be
|
|
361
|
+
# used to verify attestations signed by this attestor.
|
|
335
362
|
# @!attribute [rw] comment
|
|
336
363
|
# @return [::String]
|
|
337
364
|
# Optional. A descriptive comment. This field may be updated.
|
|
@@ -24,8 +24,9 @@ module Google
|
|
|
24
24
|
# Request message for [BinauthzManagementService.GetPolicy][].
|
|
25
25
|
# @!attribute [rw] name
|
|
26
26
|
# @return [::String]
|
|
27
|
-
# Required. The resource name of the
|
|
28
|
-
#
|
|
27
|
+
# Required. The resource name of the
|
|
28
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} to retrieve, in
|
|
29
|
+
# the format `projects/*/policy`.
|
|
29
30
|
class GetPolicyRequest
|
|
30
31
|
include ::Google::Protobuf::MessageExts
|
|
31
32
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -34,9 +35,11 @@ module Google
|
|
|
34
35
|
# Request message for [BinauthzManagementService.UpdatePolicy][].
|
|
35
36
|
# @!attribute [rw] policy
|
|
36
37
|
# @return [::Google::Cloud::BinaryAuthorization::V1beta1::Policy]
|
|
37
|
-
# Required. A new or updated
|
|
38
|
-
#
|
|
39
|
-
#
|
|
38
|
+
# Required. A new or updated
|
|
39
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} value. The
|
|
40
|
+
# service will overwrite the [policy
|
|
41
|
+
# name][google.cloud.binaryauthorization.v1beta1.Policy.name] field with the
|
|
42
|
+
# resource name in the request URL, in the format `projects/*/policy`.
|
|
40
43
|
class UpdatePolicyRequest
|
|
41
44
|
include ::Google::Protobuf::MessageExts
|
|
42
45
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -45,15 +48,19 @@ module Google
|
|
|
45
48
|
# Request message for [BinauthzManagementService.CreateAttestor][].
|
|
46
49
|
# @!attribute [rw] parent
|
|
47
50
|
# @return [::String]
|
|
48
|
-
# Required. The parent of this
|
|
51
|
+
# Required. The parent of this
|
|
52
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}.
|
|
49
53
|
# @!attribute [rw] attestor_id
|
|
50
54
|
# @return [::String]
|
|
51
|
-
# Required. The
|
|
55
|
+
# Required. The
|
|
56
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors} ID.
|
|
52
57
|
# @!attribute [rw] attestor
|
|
53
58
|
# @return [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor]
|
|
54
|
-
# Required. The initial
|
|
55
|
-
#
|
|
56
|
-
#
|
|
59
|
+
# Required. The initial
|
|
60
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} value. The
|
|
61
|
+
# service will overwrite the [attestor
|
|
62
|
+
# name][google.cloud.binaryauthorization.v1beta1.Attestor.name] field with
|
|
63
|
+
# the resource name, in the format `projects/*/attestors/*`.
|
|
57
64
|
class CreateAttestorRequest
|
|
58
65
|
include ::Google::Protobuf::MessageExts
|
|
59
66
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -62,8 +69,9 @@ module Google
|
|
|
62
69
|
# Request message for [BinauthzManagementService.GetAttestor][].
|
|
63
70
|
# @!attribute [rw] name
|
|
64
71
|
# @return [::String]
|
|
65
|
-
# Required. The name of the
|
|
66
|
-
#
|
|
72
|
+
# Required. The name of the
|
|
73
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} to retrieve,
|
|
74
|
+
# in the format `projects/*/attestors/*`.
|
|
67
75
|
class GetAttestorRequest
|
|
68
76
|
include ::Google::Protobuf::MessageExts
|
|
69
77
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -72,9 +80,12 @@ module Google
|
|
|
72
80
|
# Request message for [BinauthzManagementService.UpdateAttestor][].
|
|
73
81
|
# @!attribute [rw] attestor
|
|
74
82
|
# @return [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor]
|
|
75
|
-
# Required. The updated
|
|
76
|
-
#
|
|
77
|
-
#
|
|
83
|
+
# Required. The updated
|
|
84
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} value. The
|
|
85
|
+
# service will overwrite the [attestor
|
|
86
|
+
# name][google.cloud.binaryauthorization.v1beta1.Attestor.name] field with
|
|
87
|
+
# the resource name in the request URL, in the format
|
|
88
|
+
# `projects/*/attestors/*`.
|
|
78
89
|
class UpdateAttestorRequest
|
|
79
90
|
include ::Google::Protobuf::MessageExts
|
|
80
91
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -84,7 +95,8 @@ module Google
|
|
|
84
95
|
# @!attribute [rw] parent
|
|
85
96
|
# @return [::String]
|
|
86
97
|
# Required. The resource name of the project associated with the
|
|
87
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors}, in the
|
|
98
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors}, in the
|
|
99
|
+
# format `projects/*`.
|
|
88
100
|
# @!attribute [rw] page_size
|
|
89
101
|
# @return [::Integer]
|
|
90
102
|
# Requested page size. The server may return fewer results than requested. If
|
|
@@ -92,8 +104,9 @@ module Google
|
|
|
92
104
|
# @!attribute [rw] page_token
|
|
93
105
|
# @return [::String]
|
|
94
106
|
# A token identifying a page of results the server should return. Typically,
|
|
95
|
-
# this is the value of
|
|
96
|
-
#
|
|
107
|
+
# this is the value of
|
|
108
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsResponse#next_page_token ListAttestorsResponse.next_page_token}
|
|
109
|
+
# returned from the previous call to the `ListAttestors` method.
|
|
97
110
|
class ListAttestorsRequest
|
|
98
111
|
include ::Google::Protobuf::MessageExts
|
|
99
112
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -106,8 +119,9 @@ module Google
|
|
|
106
119
|
# @!attribute [rw] next_page_token
|
|
107
120
|
# @return [::String]
|
|
108
121
|
# A token to retrieve the next page of results. Pass this value in the
|
|
109
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsRequest#page_token ListAttestorsRequest.page_token}
|
|
110
|
-
# `ListAttestors` method to retrieve the
|
|
122
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsRequest#page_token ListAttestorsRequest.page_token}
|
|
123
|
+
# field in the subsequent call to the `ListAttestors` method to retrieve the
|
|
124
|
+
# next page of results.
|
|
111
125
|
class ListAttestorsResponse
|
|
112
126
|
include ::Google::Protobuf::MessageExts
|
|
113
127
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -116,8 +130,9 @@ module Google
|
|
|
116
130
|
# Request message for [BinauthzManagementService.DeleteAttestor][].
|
|
117
131
|
# @!attribute [rw] name
|
|
118
132
|
# @return [::String]
|
|
119
|
-
# Required. The name of the
|
|
120
|
-
#
|
|
133
|
+
# Required. The name of the
|
|
134
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors} to delete,
|
|
135
|
+
# in the format `projects/*/attestors/*`.
|
|
121
136
|
class DeleteAttestorRequest
|
|
122
137
|
include ::Google::Protobuf::MessageExts
|
|
123
138
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|