google_api_binary_authorization v0.8.0 GoogleApi.BinaryAuthorization.V1.Model.Policy View Source
A policy for container image binary authorization.
Attributes
-
admissionWhitelistPatterns
(type:list(GoogleApi.BinaryAuthorization.V1.Model.AdmissionWhitelistPattern.t)
, default:nil
) - Optional. Admission policy whitelisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies. -
clusterAdmissionRules
(type:%{optional(String.t) => GoogleApi.BinaryAuthorization.V1.Model.AdmissionRule.t}
, default:nil
) - Optional. Per-cluster admission rules. Cluster spec format:location.clusterId
. There can be at most one admission rule per cluster spec. Alocation
is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). ForclusterId
syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. -
defaultAdmissionRule
(type:GoogleApi.BinaryAuthorization.V1.Model.AdmissionRule.t
, default:nil
) - Required. Default admission rule for a cluster without a per-cluster, per- kubernetes-service-account, or per-istio-service-identity admission rule. -
description
(type:String.t
, default:nil
) - Optional. A descriptive comment. -
globalPolicyEvaluationMode
(type:String.t
, default:nil
) - Optional. Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. This setting has no effect when specified inside a global admission policy. -
name
(type:String.t
, default:nil
) - Output only. The resource name, in the formatprojects/*/policy
. There is at most one policy per project. -
updateTime
(type:DateTime.t
, default:nil
) - Output only. Time when the policy was last updated.
Link to this section Summary
Functions
Unwrap a decoded JSON object into its complex fields.
Link to this section Types
Specs
t() :: %GoogleApi.BinaryAuthorization.V1.Model.Policy{ admissionWhitelistPatterns: [ GoogleApi.BinaryAuthorization.V1.Model.AdmissionWhitelistPattern.t() ], clusterAdmissionRules: %{ optional(String.t()) => GoogleApi.BinaryAuthorization.V1.Model.AdmissionRule.t() }, defaultAdmissionRule: GoogleApi.BinaryAuthorization.V1.Model.AdmissionRule.t(), description: String.t(), globalPolicyEvaluationMode: String.t(), name: String.t(), updateTime: DateTime.t() }
Link to this section Functions
Specs
Unwrap a decoded JSON object into its complex fields.