com.pulumi.gcp.binaryauthorization.kotlin.inputs.PolicyClusterAdmissionRuleArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.binaryauthorization.kotlin.inputs
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.binaryauthorization.inputs.PolicyClusterAdmissionRuleArgs.builder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiNullFieldException
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.String
import kotlin.Suppress
import kotlin.collections.List
import kotlin.jvm.JvmName
/**
*
* @property cluster The identifier for this object. Format specified above.
* @property enforcementMode The action when a pod creation is denied by the admission rule.
* Possible values are: `ENFORCED_BLOCK_AND_AUDIT_LOG`, `DRYRUN_AUDIT_LOG_ONLY`.
* @property evaluationMode How this admission rule will be evaluated.
* Possible values are: `ALWAYS_ALLOW`, `REQUIRE_ATTESTATION`, `ALWAYS_DENY`.
* @property requireAttestationsBies The resource names of the attestors that must attest to a
* container image. If the attestor is in a different project from the
* policy, it should be specified in the format `projects/*/attestors/*`.
* Each attestor must exist before a policy can reference it. To add an
* attestor to a policy the principal issuing the policy change
* request must be able to read the attestor resource.
* Note: this field must be non-empty when the evaluation_mode field
* specifies REQUIRE_ATTESTATION, otherwise it must be empty.
* */*/
*/
public data class PolicyClusterAdmissionRuleArgs(
public val cluster: Output,
public val enforcementMode: Output,
public val evaluationMode: Output,
public val requireAttestationsBies: Output>? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.gcp.binaryauthorization.inputs.PolicyClusterAdmissionRuleArgs =
com.pulumi.gcp.binaryauthorization.inputs.PolicyClusterAdmissionRuleArgs.builder()
.cluster(cluster.applyValue({ args0 -> args0 }))
.enforcementMode(enforcementMode.applyValue({ args0 -> args0 }))
.evaluationMode(evaluationMode.applyValue({ args0 -> args0 }))
.requireAttestationsBies(
requireAttestationsBies?.applyValue({ args0 ->
args0.map({ args0 ->
args0
})
}),
).build()
}
/**
* Builder for [PolicyClusterAdmissionRuleArgs].
*/
@PulumiTagMarker
public class PolicyClusterAdmissionRuleArgsBuilder internal constructor() {
private var cluster: Output? = null
private var enforcementMode: Output? = null
private var evaluationMode: Output? = null
private var requireAttestationsBies: Output>? = null
/**
* @param value The identifier for this object. Format specified above.
*/
@JvmName("mxxyiimnhydtjuwu")
public suspend fun cluster(`value`: Output) {
this.cluster = value
}
/**
* @param value The action when a pod creation is denied by the admission rule.
* Possible values are: `ENFORCED_BLOCK_AND_AUDIT_LOG`, `DRYRUN_AUDIT_LOG_ONLY`.
*/
@JvmName("iqhsnkpsrehprrkq")
public suspend fun enforcementMode(`value`: Output) {
this.enforcementMode = value
}
/**
* @param value How this admission rule will be evaluated.
* Possible values are: `ALWAYS_ALLOW`, `REQUIRE_ATTESTATION`, `ALWAYS_DENY`.
*/
@JvmName("ndnxqbibwssllpmo")
public suspend fun evaluationMode(`value`: Output) {
this.evaluationMode = value
}
/**
* @param value The resource names of the attestors that must attest to a
* container image. If the attestor is in a different project from the
* policy, it should be specified in the format `projects/*/attestors/*`.
* Each attestor must exist before a policy can reference it. To add an
* attestor to a policy the principal issuing the policy change
* request must be able to read the attestor resource.
* Note: this field must be non-empty when the evaluation_mode field
* specifies REQUIRE_ATTESTATION, otherwise it must be empty.
* */*/
*/
@JvmName("lobysqvnwqsemput")
public suspend fun requireAttestationsBies(`value`: Output>) {
this.requireAttestationsBies = value
}
@JvmName("qculdswtynilfuwt")
public suspend fun requireAttestationsBies(vararg values: Output) {
this.requireAttestationsBies = Output.all(values.asList())
}
/**
* @param values The resource names of the attestors that must attest to a
* container image. If the attestor is in a different project from the
* policy, it should be specified in the format `projects/*/attestors/*`.
* Each attestor must exist before a policy can reference it. To add an
* attestor to a policy the principal issuing the policy change
* request must be able to read the attestor resource.
* Note: this field must be non-empty when the evaluation_mode field
* specifies REQUIRE_ATTESTATION, otherwise it must be empty.
* */*/
*/
@JvmName("qclbojrikgjcbemh")
public suspend fun requireAttestationsBies(values: List>) {
this.requireAttestationsBies = Output.all(values)
}
/**
* @param value The identifier for this object. Format specified above.
*/
@JvmName("oyghrxkpuehuwvrf")
public suspend fun cluster(`value`: String) {
val toBeMapped = value
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.cluster = mapped
}
/**
* @param value The action when a pod creation is denied by the admission rule.
* Possible values are: `ENFORCED_BLOCK_AND_AUDIT_LOG`, `DRYRUN_AUDIT_LOG_ONLY`.
*/
@JvmName("ucvregxcqqlvdwrd")
public suspend fun enforcementMode(`value`: String) {
val toBeMapped = value
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.enforcementMode = mapped
}
/**
* @param value How this admission rule will be evaluated.
* Possible values are: `ALWAYS_ALLOW`, `REQUIRE_ATTESTATION`, `ALWAYS_DENY`.
*/
@JvmName("hcmpyjhakrtyyxdm")
public suspend fun evaluationMode(`value`: String) {
val toBeMapped = value
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.evaluationMode = mapped
}
/**
* @param value The resource names of the attestors that must attest to a
* container image. If the attestor is in a different project from the
* policy, it should be specified in the format `projects/*/attestors/*`.
* Each attestor must exist before a policy can reference it. To add an
* attestor to a policy the principal issuing the policy change
* request must be able to read the attestor resource.
* Note: this field must be non-empty when the evaluation_mode field
* specifies REQUIRE_ATTESTATION, otherwise it must be empty.
* */*/
*/
@JvmName("mfgxgxajewcjrtso")
public suspend fun requireAttestationsBies(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.requireAttestationsBies = mapped
}
/**
* @param values The resource names of the attestors that must attest to a
* container image. If the attestor is in a different project from the
* policy, it should be specified in the format `projects/*/attestors/*`.
* Each attestor must exist before a policy can reference it. To add an
* attestor to a policy the principal issuing the policy change
* request must be able to read the attestor resource.
* Note: this field must be non-empty when the evaluation_mode field
* specifies REQUIRE_ATTESTATION, otherwise it must be empty.
* */*/
*/
@JvmName("jsocpaubchtptcir")
public suspend fun requireAttestationsBies(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.requireAttestationsBies = mapped
}
internal fun build(): PolicyClusterAdmissionRuleArgs = PolicyClusterAdmissionRuleArgs(
cluster = cluster ?: throw PulumiNullFieldException("cluster"),
enforcementMode = enforcementMode ?: throw PulumiNullFieldException("enforcementMode"),
evaluationMode = evaluationMode ?: throw PulumiNullFieldException("evaluationMode"),
requireAttestationsBies = requireAttestationsBies,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy