Class: Google::Cloud::Container::V1beta1::BinaryAuthorization

Inherits:

Object

• Object
• Google::Cloud::Container::V1beta1::BinaryAuthorization

Extended by:

Protobuf::MessageExts::ClassMethods

Includes:

Protobuf::MessageExts

Defined in:

proto_docs/google/container/v1beta1/cluster_service.rb

Overview

Configuration for Binary Authorization.

Defined Under Namespace

Modules: EvaluationMode Classes: PolicyBinding

Instance Attribute Summary

• #enabled ⇒ ::Boolean deprecated Deprecated.

  This field is deprecated and may be removed in the next major version update.

• #evaluation_mode ⇒ ::Google::Cloud::Container::V1beta1::BinaryAuthorization::EvaluationMode

  Mode of operation for binauthz policy evaluation.

• #policy_bindings ⇒ ::Array<::Google::Cloud::Container::V1beta1::BinaryAuthorization::PolicyBinding>

  Optional.

Instance Attribute Details

#enabled ⇒ ::Boolean

Deprecated.

This field is deprecated and may be removed in the next major version update.

Returns This field is deprecated. Leave this unset and instead configure BinaryAuthorization using evaluation_mode. If evaluation_mode is set to anything other than EVALUATION_MODE_UNSPECIFIED, this field is ignored.

Returns:

• (::Boolean) —

  This field is deprecated. Leave this unset and instead configure BinaryAuthorization using evaluation_mode. If evaluation_mode is set to anything other than EVALUATION_MODE_UNSPECIFIED, this field is ignored.

# File 'proto_docs/google/container/v1beta1/cluster_service.rb', line 1531

class BinaryAuthorization
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Binauthz policy that applies to this cluster.
  # @!attribute [rw] name
  #   @return [::String]
  #     The relative resource name of the binauthz platform policy to audit. GKE
  #     platform policies have the following format:
  #     `projects/{project_number}/platforms/gke/policies/{policy_id}`.
  class PolicyBinding
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Binary Authorization mode of operation.
  module EvaluationMode
    # Default value
    EVALUATION_MODE_UNSPECIFIED = 0

    # Disable BinaryAuthorization
    DISABLED = 1

    # Enforce Kubernetes admission requests with BinaryAuthorization using the
    # project's singleton policy. This is equivalent to setting the
    # enabled boolean to true.
    PROJECT_SINGLETON_POLICY_ENFORCE = 2

    # Use Binary Authorization Continuous Validation with the policies
    # specified in policy_bindings.
    POLICY_BINDINGS = 5

    # Use Binary Authorization Continuous Validation with the policies
    # specified in policy_bindings and enforce Kubernetes admission requests
    # with Binary Authorization using the project's singleton policy.
    POLICY_BINDINGS_AND_PROJECT_SINGLETON_POLICY_ENFORCE = 6
  end
end

#evaluation_mode ⇒ ::Google::Cloud::Container::V1beta1::BinaryAuthorization::EvaluationMode

Returns Mode of operation for binauthz policy evaluation. If unspecified, defaults to DISABLED.

Returns:

• (::Google::Cloud::Container::V1beta1::BinaryAuthorization::EvaluationMode) —

  Mode of operation for binauthz policy evaluation. If unspecified, defaults to DISABLED.

# File 'proto_docs/google/container/v1beta1/cluster_service.rb', line 1531

class BinaryAuthorization
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Binauthz policy that applies to this cluster.
  # @!attribute [rw] name
  #   @return [::String]
  #     The relative resource name of the binauthz platform policy to audit. GKE
  #     platform policies have the following format:
  #     `projects/{project_number}/platforms/gke/policies/{policy_id}`.
  class PolicyBinding
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Binary Authorization mode of operation.
  module EvaluationMode
    # Default value
    EVALUATION_MODE_UNSPECIFIED = 0

    # Disable BinaryAuthorization
    DISABLED = 1

    # Enforce Kubernetes admission requests with BinaryAuthorization using the
    # project's singleton policy. This is equivalent to setting the
    # enabled boolean to true.
    PROJECT_SINGLETON_POLICY_ENFORCE = 2

    # Use Binary Authorization Continuous Validation with the policies
    # specified in policy_bindings.
    POLICY_BINDINGS = 5

    # Use Binary Authorization Continuous Validation with the policies
    # specified in policy_bindings and enforce Kubernetes admission requests
    # with Binary Authorization using the project's singleton policy.
    POLICY_BINDINGS_AND_PROJECT_SINGLETON_POLICY_ENFORCE = 6
  end
end

#policy_bindings ⇒ ::Array<::Google::Cloud::Container::V1beta1::BinaryAuthorization::PolicyBinding>

Returns Optional. Binauthz policies that apply to this cluster.

Returns:

• (::Array<::Google::Cloud::Container::V1beta1::BinaryAuthorization::PolicyBinding>) —

  Optional. Binauthz policies that apply to this cluster.

# File 'proto_docs/google/container/v1beta1/cluster_service.rb', line 1531

class BinaryAuthorization
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Binauthz policy that applies to this cluster.
  # @!attribute [rw] name
  #   @return [::String]
  #     The relative resource name of the binauthz platform policy to audit. GKE
  #     platform policies have the following format:
  #     `projects/{project_number}/platforms/gke/policies/{policy_id}`.
  class PolicyBinding
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Binary Authorization mode of operation.
  module EvaluationMode
    # Default value
    EVALUATION_MODE_UNSPECIFIED = 0

    # Disable BinaryAuthorization
    DISABLED = 1

    # Enforce Kubernetes admission requests with BinaryAuthorization using the
    # project's singleton policy. This is equivalent to setting the
    # enabled boolean to true.
    PROJECT_SINGLETON_POLICY_ENFORCE = 2

    # Use Binary Authorization Continuous Validation with the policies
    # specified in policy_bindings.
    POLICY_BINDINGS = 5

    # Use Binary Authorization Continuous Validation with the policies
    # specified in policy_bindings and enforce Kubernetes admission requests
    # with Binary Authorization using the project's singleton policy.
    POLICY_BINDINGS_AND_PROJECT_SINGLETON_POLICY_ENFORCE = 6
  end
end