com.pulumi.gcp.binaryauthorization.kotlin.Attestor.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.binaryauthorization.kotlin
import com.pulumi.core.Output
import com.pulumi.gcp.binaryauthorization.kotlin.outputs.AttestorAttestationAuthorityNote
import com.pulumi.gcp.binaryauthorization.kotlin.outputs.AttestorAttestationAuthorityNote.Companion.toKotlin
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
/**
* Builder for [Attestor].
*/
@PulumiTagMarker
public class AttestorResourceBuilder internal constructor() {
public var name: String? = null
public var args: AttestorArgs = AttestorArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend AttestorArgsBuilder.() -> Unit) {
val builder = AttestorArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): Attestor {
val builtJavaResource = com.pulumi.gcp.binaryauthorization.Attestor(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return Attestor(builtJavaResource)
}
}
/**
* An attestor that attests to container image artifacts.
* To get more information about Attestor, see:
* * [API documentation](https://cloud.google.com/binary-authorization/docs/reference/rest/)
* * How-to Guides
* * [Official Documentation](https://cloud.google.com/binary-authorization/)
* ## Example Usage
* ### Binary Authorization Attestor Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const note = new gcp.containeranalysis.Note("note", {
* name: "test-attestor-note",
* attestationAuthority: {
* hint: {
* humanReadableName: "Attestor Note",
* },
* },
* });
* const attestor = new gcp.binaryauthorization.Attestor("attestor", {
* name: "test-attestor",
* attestationAuthorityNote: {
* noteReference: note.name,
* publicKeys: [{
* asciiArmoredPgpPublicKey: `mQENBFtP0doBCADF+joTiXWKVuP8kJt3fgpBSjT9h8ezMfKA4aXZctYLx5wslWQl
* bB7Iu2ezkECNzoEeU7WxUe8a61pMCh9cisS9H5mB2K2uM4Jnf8tgFeXn3akJDVo0
* oR1IC+Dp9mXbRSK3MAvKkOwWlG99sx3uEdvmeBRHBOO+grchLx24EThXFOyP9Fk6
* V39j6xMjw4aggLD15B4V0v9JqBDdJiIYFzszZDL6pJwZrzcP0z8JO4rTZd+f64bD
* Mpj52j/pQfA8lZHOaAgb1OrthLdMrBAjoDjArV4Ek7vSbrcgYWcI6BhsQrFoxKdX
* 83TZKai55ZCfCLIskwUIzA1NLVwyzCS+fSN/ABEBAAG0KCJUZXN0IEF0dGVzdG9y
* IiA8ZGFuYWhvZmZtYW5AZ29vZ2xlLmNvbT6JAU4EEwEIADgWIQRfWkqHt6hpTA1L
* uY060eeM4dc66AUCW0/R2gIbLwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRA6
* 0eeM4dc66HdpCAC4ot3b0OyxPb0Ip+WT2U0PbpTBPJklesuwpIrM4Lh0N+1nVRLC
* 51WSmVbM8BiAFhLbN9LpdHhds1kUrHF7+wWAjdR8sqAj9otc6HGRM/3qfa2qgh+U
* WTEk/3us/rYSi7T7TkMuutRMIa1IkR13uKiW56csEMnbOQpn9rDqwIr5R8nlZP5h
* MAU9vdm1DIv567meMqTaVZgR3w7bck2P49AO8lO5ERFpVkErtu/98y+rUy9d789l
* +OPuS1NGnxI1YKsNaWJF4uJVuvQuZ1twrhCbGNtVorO2U12+cEq+YtUxj7kmdOC1
* qoIRW6y0+UlAc+MbqfL0ziHDOAmcqz1GnROg
* =6Bvm
* `,
* }],
* },
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* note = gcp.containeranalysis.Note("note",
* name="test-attestor-note",
* attestation_authority=gcp.containeranalysis.NoteAttestationAuthorityArgs(
* hint=gcp.containeranalysis.NoteAttestationAuthorityHintArgs(
* human_readable_name="Attestor Note",
* ),
* ))
* attestor = gcp.binaryauthorization.Attestor("attestor",
* name="test-attestor",
* attestation_authority_note=gcp.binaryauthorization.AttestorAttestationAuthorityNoteArgs(
* note_reference=note.name,
* public_keys=[gcp.binaryauthorization.AttestorAttestationAuthorityNotePublicKeyArgs(
* ascii_armored_pgp_public_key="""mQENBFtP0doBCADF+joTiXWKVuP8kJt3fgpBSjT9h8ezMfKA4aXZctYLx5wslWQl
* bB7Iu2ezkECNzoEeU7WxUe8a61pMCh9cisS9H5mB2K2uM4Jnf8tgFeXn3akJDVo0
* oR1IC+Dp9mXbRSK3MAvKkOwWlG99sx3uEdvmeBRHBOO+grchLx24EThXFOyP9Fk6
* V39j6xMjw4aggLD15B4V0v9JqBDdJiIYFzszZDL6pJwZrzcP0z8JO4rTZd+f64bD
* Mpj52j/pQfA8lZHOaAgb1OrthLdMrBAjoDjArV4Ek7vSbrcgYWcI6BhsQrFoxKdX
* 83TZKai55ZCfCLIskwUIzA1NLVwyzCS+fSN/ABEBAAG0KCJUZXN0IEF0dGVzdG9y
* IiA8ZGFuYWhvZmZtYW5AZ29vZ2xlLmNvbT6JAU4EEwEIADgWIQRfWkqHt6hpTA1L
* uY060eeM4dc66AUCW0/R2gIbLwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRA6
* 0eeM4dc66HdpCAC4ot3b0OyxPb0Ip+WT2U0PbpTBPJklesuwpIrM4Lh0N+1nVRLC
* 51WSmVbM8BiAFhLbN9LpdHhds1kUrHF7+wWAjdR8sqAj9otc6HGRM/3qfa2qgh+U
* WTEk/3us/rYSi7T7TkMuutRMIa1IkR13uKiW56csEMnbOQpn9rDqwIr5R8nlZP5h
* MAU9vdm1DIv567meMqTaVZgR3w7bck2P49AO8lO5ERFpVkErtu/98y+rUy9d789l
* +OPuS1NGnxI1YKsNaWJF4uJVuvQuZ1twrhCbGNtVorO2U12+cEq+YtUxj7kmdOC1
* qoIRW6y0+UlAc+MbqfL0ziHDOAmcqz1GnROg
* =6Bvm
* """,
* )],
* ))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var note = new Gcp.ContainerAnalysis.Note("note", new()
* {
* Name = "test-attestor-note",
* AttestationAuthority = new Gcp.ContainerAnalysis.Inputs.NoteAttestationAuthorityArgs
* {
* Hint = new Gcp.ContainerAnalysis.Inputs.NoteAttestationAuthorityHintArgs
* {
* HumanReadableName = "Attestor Note",
* },
* },
* });
* var attestor = new Gcp.BinaryAuthorization.Attestor("attestor", new()
* {
* Name = "test-attestor",
* AttestationAuthorityNote = new Gcp.BinaryAuthorization.Inputs.AttestorAttestationAuthorityNoteArgs
* {
* NoteReference = note.Name,
* PublicKeys = new[]
* {
* new Gcp.BinaryAuthorization.Inputs.AttestorAttestationAuthorityNotePublicKeyArgs
* {
* AsciiArmoredPgpPublicKey = @"mQENBFtP0doBCADF+joTiXWKVuP8kJt3fgpBSjT9h8ezMfKA4aXZctYLx5wslWQl
* bB7Iu2ezkECNzoEeU7WxUe8a61pMCh9cisS9H5mB2K2uM4Jnf8tgFeXn3akJDVo0
* oR1IC+Dp9mXbRSK3MAvKkOwWlG99sx3uEdvmeBRHBOO+grchLx24EThXFOyP9Fk6
* V39j6xMjw4aggLD15B4V0v9JqBDdJiIYFzszZDL6pJwZrzcP0z8JO4rTZd+f64bD
* Mpj52j/pQfA8lZHOaAgb1OrthLdMrBAjoDjArV4Ek7vSbrcgYWcI6BhsQrFoxKdX
* 83TZKai55ZCfCLIskwUIzA1NLVwyzCS+fSN/ABEBAAG0KCJUZXN0IEF0dGVzdG9y
* IiA8ZGFuYWhvZmZtYW5AZ29vZ2xlLmNvbT6JAU4EEwEIADgWIQRfWkqHt6hpTA1L
* uY060eeM4dc66AUCW0/R2gIbLwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRA6
* 0eeM4dc66HdpCAC4ot3b0OyxPb0Ip+WT2U0PbpTBPJklesuwpIrM4Lh0N+1nVRLC
* 51WSmVbM8BiAFhLbN9LpdHhds1kUrHF7+wWAjdR8sqAj9otc6HGRM/3qfa2qgh+U
* WTEk/3us/rYSi7T7TkMuutRMIa1IkR13uKiW56csEMnbOQpn9rDqwIr5R8nlZP5h
* MAU9vdm1DIv567meMqTaVZgR3w7bck2P49AO8lO5ERFpVkErtu/98y+rUy9d789l
* +OPuS1NGnxI1YKsNaWJF4uJVuvQuZ1twrhCbGNtVorO2U12+cEq+YtUxj7kmdOC1
* qoIRW6y0+UlAc+MbqfL0ziHDOAmcqz1GnROg
* =6Bvm
* ",
* },
* },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/binaryauthorization"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/containeranalysis"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* note, err := containeranalysis.NewNote(ctx, "note", &containeranalysis.NoteArgs{
* Name: pulumi.String("test-attestor-note"),
* AttestationAuthority: &containeranalysis.NoteAttestationAuthorityArgs{
* Hint: &containeranalysis.NoteAttestationAuthorityHintArgs{
* HumanReadableName: pulumi.String("Attestor Note"),
* },
* },
* })
* if err != nil {
* return err
* }
* _, err = binaryauthorization.NewAttestor(ctx, "attestor", &binaryauthorization.AttestorArgs{
* Name: pulumi.String("test-attestor"),
* AttestationAuthorityNote: &binaryauthorization.AttestorAttestationAuthorityNoteArgs{
* NoteReference: note.Name,
* PublicKeys: binaryauthorization.AttestorAttestationAuthorityNotePublicKeyArray{
* &binaryauthorization.AttestorAttestationAuthorityNotePublicKeyArgs{
* AsciiArmoredPgpPublicKey: pulumi.String(`mQENBFtP0doBCADF+joTiXWKVuP8kJt3fgpBSjT9h8ezMfKA4aXZctYLx5wslWQl
* bB7Iu2ezkECNzoEeU7WxUe8a61pMCh9cisS9H5mB2K2uM4Jnf8tgFeXn3akJDVo0
* oR1IC+Dp9mXbRSK3MAvKkOwWlG99sx3uEdvmeBRHBOO+grchLx24EThXFOyP9Fk6
* V39j6xMjw4aggLD15B4V0v9JqBDdJiIYFzszZDL6pJwZrzcP0z8JO4rTZd+f64bD
* Mpj52j/pQfA8lZHOaAgb1OrthLdMrBAjoDjArV4Ek7vSbrcgYWcI6BhsQrFoxKdX
* 83TZKai55ZCfCLIskwUIzA1NLVwyzCS+fSN/ABEBAAG0KCJUZXN0IEF0dGVzdG9y
* IiA8ZGFuYWhvZmZtYW5AZ29vZ2xlLmNvbT6JAU4EEwEIADgWIQRfWkqHt6hpTA1L
* uY060eeM4dc66AUCW0/R2gIbLwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRA6
* 0eeM4dc66HdpCAC4ot3b0OyxPb0Ip+WT2U0PbpTBPJklesuwpIrM4Lh0N+1nVRLC
* 51WSmVbM8BiAFhLbN9LpdHhds1kUrHF7+wWAjdR8sqAj9otc6HGRM/3qfa2qgh+U
* WTEk/3us/rYSi7T7TkMuutRMIa1IkR13uKiW56csEMnbOQpn9rDqwIr5R8nlZP5h
* MAU9vdm1DIv567meMqTaVZgR3w7bck2P49AO8lO5ERFpVkErtu/98y+rUy9d789l
* +OPuS1NGnxI1YKsNaWJF4uJVuvQuZ1twrhCbGNtVorO2U12+cEq+YtUxj7kmdOC1
* qoIRW6y0+UlAc+MbqfL0ziHDOAmcqz1GnROg
* =6Bvm
* `),
* },
* },
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.containeranalysis.Note;
* import com.pulumi.gcp.containeranalysis.NoteArgs;
* import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityArgs;
* import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityHintArgs;
* import com.pulumi.gcp.binaryauthorization.Attestor;
* import com.pulumi.gcp.binaryauthorization.AttestorArgs;
* import com.pulumi.gcp.binaryauthorization.inputs.AttestorAttestationAuthorityNoteArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var note = new Note("note", NoteArgs.builder()
* .name("test-attestor-note")
* .attestationAuthority(NoteAttestationAuthorityArgs.builder()
* .hint(NoteAttestationAuthorityHintArgs.builder()
* .humanReadableName("Attestor Note")
* .build())
* .build())
* .build());
* var attestor = new Attestor("attestor", AttestorArgs.builder()
* .name("test-attestor")
* .attestationAuthorityNote(AttestorAttestationAuthorityNoteArgs.builder()
* .noteReference(note.name())
* .publicKeys(AttestorAttestationAuthorityNotePublicKeyArgs.builder()
* .asciiArmoredPgpPublicKey("""
* mQENBFtP0doBCADF+joTiXWKVuP8kJt3fgpBSjT9h8ezMfKA4aXZctYLx5wslWQl
* bB7Iu2ezkECNzoEeU7WxUe8a61pMCh9cisS9H5mB2K2uM4Jnf8tgFeXn3akJDVo0
* oR1IC+Dp9mXbRSK3MAvKkOwWlG99sx3uEdvmeBRHBOO+grchLx24EThXFOyP9Fk6
* V39j6xMjw4aggLD15B4V0v9JqBDdJiIYFzszZDL6pJwZrzcP0z8JO4rTZd+f64bD
* Mpj52j/pQfA8lZHOaAgb1OrthLdMrBAjoDjArV4Ek7vSbrcgYWcI6BhsQrFoxKdX
* 83TZKai55ZCfCLIskwUIzA1NLVwyzCS+fSN/ABEBAAG0KCJUZXN0IEF0dGVzdG9y
* IiA8ZGFuYWhvZmZtYW5AZ29vZ2xlLmNvbT6JAU4EEwEIADgWIQRfWkqHt6hpTA1L
* uY060eeM4dc66AUCW0/R2gIbLwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRA6
* 0eeM4dc66HdpCAC4ot3b0OyxPb0Ip+WT2U0PbpTBPJklesuwpIrM4Lh0N+1nVRLC
* 51WSmVbM8BiAFhLbN9LpdHhds1kUrHF7+wWAjdR8sqAj9otc6HGRM/3qfa2qgh+U
* WTEk/3us/rYSi7T7TkMuutRMIa1IkR13uKiW56csEMnbOQpn9rDqwIr5R8nlZP5h
* MAU9vdm1DIv567meMqTaVZgR3w7bck2P49AO8lO5ERFpVkErtu/98y+rUy9d789l
* +OPuS1NGnxI1YKsNaWJF4uJVuvQuZ1twrhCbGNtVorO2U12+cEq+YtUxj7kmdOC1
* qoIRW6y0+UlAc+MbqfL0ziHDOAmcqz1GnROg
* =6Bvm
* """)
* .build())
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* attestor:
* type: gcp:binaryauthorization:Attestor
* properties:
* name: test-attestor
* attestationAuthorityNote:
* noteReference: ${note.name}
* publicKeys:
* - asciiArmoredPgpPublicKey: |
* mQENBFtP0doBCADF+joTiXWKVuP8kJt3fgpBSjT9h8ezMfKA4aXZctYLx5wslWQl
* bB7Iu2ezkECNzoEeU7WxUe8a61pMCh9cisS9H5mB2K2uM4Jnf8tgFeXn3akJDVo0
* oR1IC+Dp9mXbRSK3MAvKkOwWlG99sx3uEdvmeBRHBOO+grchLx24EThXFOyP9Fk6
* V39j6xMjw4aggLD15B4V0v9JqBDdJiIYFzszZDL6pJwZrzcP0z8JO4rTZd+f64bD
* Mpj52j/pQfA8lZHOaAgb1OrthLdMrBAjoDjArV4Ek7vSbrcgYWcI6BhsQrFoxKdX
* 83TZKai55ZCfCLIskwUIzA1NLVwyzCS+fSN/ABEBAAG0KCJUZXN0IEF0dGVzdG9y
* IiA8ZGFuYWhvZmZtYW5AZ29vZ2xlLmNvbT6JAU4EEwEIADgWIQRfWkqHt6hpTA1L
* uY060eeM4dc66AUCW0/R2gIbLwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRA6
* 0eeM4dc66HdpCAC4ot3b0OyxPb0Ip+WT2U0PbpTBPJklesuwpIrM4Lh0N+1nVRLC
* 51WSmVbM8BiAFhLbN9LpdHhds1kUrHF7+wWAjdR8sqAj9otc6HGRM/3qfa2qgh+U
* WTEk/3us/rYSi7T7TkMuutRMIa1IkR13uKiW56csEMnbOQpn9rDqwIr5R8nlZP5h
* MAU9vdm1DIv567meMqTaVZgR3w7bck2P49AO8lO5ERFpVkErtu/98y+rUy9d789l
* +OPuS1NGnxI1YKsNaWJF4uJVuvQuZ1twrhCbGNtVorO2U12+cEq+YtUxj7kmdOC1
* qoIRW6y0+UlAc+MbqfL0ziHDOAmcqz1GnROg
* =6Bvm
* note:
* type: gcp:containeranalysis:Note
* properties:
* name: test-attestor-note
* attestationAuthority:
* hint:
* humanReadableName: Attestor Note
* ```
*
* ### Binary Authorization Attestor Kms
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const keyring = new gcp.kms.KeyRing("keyring", {
* name: "test-attestor-key-ring",
* location: "global",
* });
* const crypto_key = new gcp.kms.CryptoKey("crypto-key", {
* name: "test-attestor-key",
* keyRing: keyring.id,
* purpose: "ASYMMETRIC_SIGN",
* versionTemplate: {
* algorithm: "RSA_SIGN_PKCS1_4096_SHA512",
* },
* });
* const version = gcp.kms.getKMSCryptoKeyVersionOutput({
* cryptoKey: crypto_key.id,
* });
* const note = new gcp.containeranalysis.Note("note", {
* name: "test-attestor-note",
* attestationAuthority: {
* hint: {
* humanReadableName: "Attestor Note",
* },
* },
* });
* const attestor = new gcp.binaryauthorization.Attestor("attestor", {
* name: "test-attestor",
* attestationAuthorityNote: {
* noteReference: note.name,
* publicKeys: [{
* id: version.apply(version => version.id),
* pkixPublicKey: {
* publicKeyPem: version.apply(version => version.publicKeys?.[0]?.pem),
* signatureAlgorithm: version.apply(version => version.publicKeys?.[0]?.algorithm),
* },
* }],
* },
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* keyring = gcp.kms.KeyRing("keyring",
* name="test-attestor-key-ring",
* location="global")
* crypto_key = gcp.kms.CryptoKey("crypto-key",
* name="test-attestor-key",
* key_ring=keyring.id,
* purpose="ASYMMETRIC_SIGN",
* version_template=gcp.kms.CryptoKeyVersionTemplateArgs(
* algorithm="RSA_SIGN_PKCS1_4096_SHA512",
* ))
* version = gcp.kms.get_kms_crypto_key_version_output(crypto_key=crypto_key.id)
* note = gcp.containeranalysis.Note("note",
* name="test-attestor-note",
* attestation_authority=gcp.containeranalysis.NoteAttestationAuthorityArgs(
* hint=gcp.containeranalysis.NoteAttestationAuthorityHintArgs(
* human_readable_name="Attestor Note",
* ),
* ))
* attestor = gcp.binaryauthorization.Attestor("attestor",
* name="test-attestor",
* attestation_authority_note=gcp.binaryauthorization.AttestorAttestationAuthorityNoteArgs(
* note_reference=note.name,
* public_keys=[gcp.binaryauthorization.AttestorAttestationAuthorityNotePublicKeyArgs(
* id=version.id,
* pkix_public_key=gcp.binaryauthorization.AttestorAttestationAuthorityNotePublicKeyPkixPublicKeyArgs(
* public_key_pem=version.public_keys[0].pem,
* signature_algorithm=version.public_keys[0].algorithm,
* ),
* )],
* ))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var keyring = new Gcp.Kms.KeyRing("keyring", new()
* {
* Name = "test-attestor-key-ring",
* Location = "global",
* });
* var crypto_key = new Gcp.Kms.CryptoKey("crypto-key", new()
* {
* Name = "test-attestor-key",
* KeyRing = keyring.Id,
* Purpose = "ASYMMETRIC_SIGN",
* VersionTemplate = new Gcp.Kms.Inputs.CryptoKeyVersionTemplateArgs
* {
* Algorithm = "RSA_SIGN_PKCS1_4096_SHA512",
* },
* });
* var version = Gcp.Kms.GetKMSCryptoKeyVersion.Invoke(new()
* {
* CryptoKey = crypto_key.Id,
* });
* var note = new Gcp.ContainerAnalysis.Note("note", new()
* {
* Name = "test-attestor-note",
* AttestationAuthority = new Gcp.ContainerAnalysis.Inputs.NoteAttestationAuthorityArgs
* {
* Hint = new Gcp.ContainerAnalysis.Inputs.NoteAttestationAuthorityHintArgs
* {
* HumanReadableName = "Attestor Note",
* },
* },
* });
* var attestor = new Gcp.BinaryAuthorization.Attestor("attestor", new()
* {
* Name = "test-attestor",
* AttestationAuthorityNote = new Gcp.BinaryAuthorization.Inputs.AttestorAttestationAuthorityNoteArgs
* {
* NoteReference = note.Name,
* PublicKeys = new[]
* {
* new Gcp.BinaryAuthorization.Inputs.AttestorAttestationAuthorityNotePublicKeyArgs
* {
* Id = version.Apply(getKMSCryptoKeyVersionResult => getKMSCryptoKeyVersionResult.Id),
* PkixPublicKey = new Gcp.BinaryAuthorization.Inputs.AttestorAttestationAuthorityNotePublicKeyPkixPublicKeyArgs
* {
* PublicKeyPem = version.Apply(getKMSCryptoKeyVersionResult => getKMSCryptoKeyVersionResult.PublicKeys[0]?.Pem),
* SignatureAlgorithm = version.Apply(getKMSCryptoKeyVersionResult => getKMSCryptoKeyVersionResult.PublicKeys[0]?.Algorithm),
* },
* },
* },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/binaryauthorization"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/containeranalysis"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
* Name: pulumi.String("test-attestor-key-ring"),
* Location: pulumi.String("global"),
* })
* if err != nil {
* return err
* }
* _, err = kms.NewCryptoKey(ctx, "crypto-key", &kms.CryptoKeyArgs{
* Name: pulumi.String("test-attestor-key"),
* KeyRing: keyring.ID(),
* Purpose: pulumi.String("ASYMMETRIC_SIGN"),
* VersionTemplate: &kms.CryptoKeyVersionTemplateArgs{
* Algorithm: pulumi.String("RSA_SIGN_PKCS1_4096_SHA512"),
* },
* })
* if err != nil {
* return err
* }
* version := kms.GetKMSCryptoKeyVersionOutput(ctx, kms.GetKMSCryptoKeyVersionOutputArgs{
* CryptoKey: crypto_key.ID(),
* }, nil)
* note, err := containeranalysis.NewNote(ctx, "note", &containeranalysis.NoteArgs{
* Name: pulumi.String("test-attestor-note"),
* AttestationAuthority: &containeranalysis.NoteAttestationAuthorityArgs{
* Hint: &containeranalysis.NoteAttestationAuthorityHintArgs{
* HumanReadableName: pulumi.String("Attestor Note"),
* },
* },
* })
* if err != nil {
* return err
* }
* _, err = binaryauthorization.NewAttestor(ctx, "attestor", &binaryauthorization.AttestorArgs{
* Name: pulumi.String("test-attestor"),
* AttestationAuthorityNote: &binaryauthorization.AttestorAttestationAuthorityNoteArgs{
* NoteReference: note.Name,
* PublicKeys: binaryauthorization.AttestorAttestationAuthorityNotePublicKeyArray{
* &binaryauthorization.AttestorAttestationAuthorityNotePublicKeyArgs{
* Id: version.ApplyT(func(version kms.GetKMSCryptoKeyVersionResult) (*string, error) {
* return &version.Id, nil
* }).(pulumi.StringPtrOutput),
* PkixPublicKey: &binaryauthorization.AttestorAttestationAuthorityNotePublicKeyPkixPublicKeyArgs{
* PublicKeyPem: version.ApplyT(func(version kms.GetKMSCryptoKeyVersionResult) (*string, error) {
* return &version.PublicKeys[0].Pem, nil
* }).(pulumi.StringPtrOutput),
* SignatureAlgorithm: version.ApplyT(func(version kms.GetKMSCryptoKeyVersionResult) (*string, error) {
* return &version.PublicKeys[0].Algorithm, nil
* }).(pulumi.StringPtrOutput),
* },
* },
* },
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.kms.KeyRing;
* import com.pulumi.gcp.kms.KeyRingArgs;
* import com.pulumi.gcp.kms.CryptoKey;
* import com.pulumi.gcp.kms.CryptoKeyArgs;
* import com.pulumi.gcp.kms.inputs.CryptoKeyVersionTemplateArgs;
* import com.pulumi.gcp.kms.KmsFunctions;
* import com.pulumi.gcp.kms.inputs.GetKMSCryptoKeyVersionArgs;
* import com.pulumi.gcp.containeranalysis.Note;
* import com.pulumi.gcp.containeranalysis.NoteArgs;
* import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityArgs;
* import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityHintArgs;
* import com.pulumi.gcp.binaryauthorization.Attestor;
* import com.pulumi.gcp.binaryauthorization.AttestorArgs;
* import com.pulumi.gcp.binaryauthorization.inputs.AttestorAttestationAuthorityNoteArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var keyring = new KeyRing("keyring", KeyRingArgs.builder()
* .name("test-attestor-key-ring")
* .location("global")
* .build());
* var crypto_key = new CryptoKey("crypto-key", CryptoKeyArgs.builder()
* .name("test-attestor-key")
* .keyRing(keyring.id())
* .purpose("ASYMMETRIC_SIGN")
* .versionTemplate(CryptoKeyVersionTemplateArgs.builder()
* .algorithm("RSA_SIGN_PKCS1_4096_SHA512")
* .build())
* .build());
* final var version = KmsFunctions.getKMSCryptoKeyVersion(GetKMSCryptoKeyVersionArgs.builder()
* .cryptoKey(crypto_key.id())
* .build());
* var note = new Note("note", NoteArgs.builder()
* .name("test-attestor-note")
* .attestationAuthority(NoteAttestationAuthorityArgs.builder()
* .hint(NoteAttestationAuthorityHintArgs.builder()
* .humanReadableName("Attestor Note")
* .build())
* .build())
* .build());
* var attestor = new Attestor("attestor", AttestorArgs.builder()
* .name("test-attestor")
* .attestationAuthorityNote(AttestorAttestationAuthorityNoteArgs.builder()
* .noteReference(note.name())
* .publicKeys(AttestorAttestationAuthorityNotePublicKeyArgs.builder()
* .id(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult).applyValue(version -> version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.id())))
* .pkixPublicKey(AttestorAttestationAuthorityNotePublicKeyPkixPublicKeyArgs.builder()
* .publicKeyPem(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult).applyValue(version -> version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.publicKeys()[0].pem())))
* .signatureAlgorithm(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult).applyValue(version -> version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.publicKeys()[0].algorithm())))
* .build())
* .build())
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* attestor:
* type: gcp:binaryauthorization:Attestor
* properties:
* name: test-attestor
* attestationAuthorityNote:
* noteReference: ${note.name}
* publicKeys:
* - id: ${version.id}
* pkixPublicKey:
* publicKeyPem: ${version.publicKeys[0].pem}
* signatureAlgorithm: ${version.publicKeys[0].algorithm}
* note:
* type: gcp:containeranalysis:Note
* properties:
* name: test-attestor-note
* attestationAuthority:
* hint:
* humanReadableName: Attestor Note
* crypto-key:
* type: gcp:kms:CryptoKey
* properties:
* name: test-attestor-key
* keyRing: ${keyring.id}
* purpose: ASYMMETRIC_SIGN
* versionTemplate:
* algorithm: RSA_SIGN_PKCS1_4096_SHA512
* keyring:
* type: gcp:kms:KeyRing
* properties:
* name: test-attestor-key-ring
* location: global
* variables:
* version:
* fn::invoke:
* Function: gcp:kms:getKMSCryptoKeyVersion
* Arguments:
* cryptoKey: ${["crypto-key"].id}
* ```
*
* ## Import
* Attestor can be imported using any of these accepted formats:
* * `projects/{{project}}/attestors/{{name}}`
* * `{{project}}/{{name}}`
* * `{{name}}`
* When using the `pulumi import` command, Attestor can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:binaryauthorization/attestor:Attestor default projects/{{project}}/attestors/{{name}}
* ```
* ```sh
* $ pulumi import gcp:binaryauthorization/attestor:Attestor default {{project}}/{{name}}
* ```
* ```sh
* $ pulumi import gcp:binaryauthorization/attestor:Attestor default {{name}}
* ```
*/
public class Attestor internal constructor(
override val javaResource: com.pulumi.gcp.binaryauthorization.Attestor,
) : KotlinCustomResource(javaResource, AttestorMapper) {
/**
* A Container Analysis ATTESTATION_AUTHORITY Note, created by the user.
* Structure is documented below.
*/
public val attestationAuthorityNote: Output
get() = javaResource.attestationAuthorityNote().applyValue({ args0 ->
args0.let({ args0 ->
toKotlin(args0)
})
})
/**
* A descriptive comment. This field may be updated. The field may be displayed in chooser dialogs.
*/
public val description: Output?
get() = javaResource.description().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The resource name.
*/
public val name: Output
get() = javaResource.name().applyValue({ args0 -> args0 })
public val project: Output
get() = javaResource.project().applyValue({ args0 -> args0 })
}
public object AttestorMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.gcp.binaryauthorization.Attestor::class == javaResource::class
override fun map(javaResource: Resource): Attestor = Attestor(
javaResource as
com.pulumi.gcp.binaryauthorization.Attestor,
)
}
/**
* @see [Attestor].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [Attestor].
*/
public suspend fun attestor(name: String, block: suspend AttestorResourceBuilder.() -> Unit): Attestor {
val builder = AttestorResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [Attestor].
* @param name The _unique_ name of the resulting resource.
*/
public fun attestor(name: String): Attestor {
val builder = AttestorResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy