All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.pulumi.gcp.binaryauthorization.kotlin.inputs.PolicyDefaultAdmissionRuleArgs.kt Maven / Gradle / Ivy

Go to download

Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.

There is a newer version: 8.10.0.0
Show newest version
@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.binaryauthorization.kotlin.inputs

import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.binaryauthorization.inputs.PolicyDefaultAdmissionRuleArgs.builder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiNullFieldException
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.String
import kotlin.Suppress
import kotlin.collections.List
import kotlin.jvm.JvmName

/**
 *
 * @property enforcementMode The action when a pod creation is denied by the admission rule.
 * Possible values are: `ENFORCED_BLOCK_AND_AUDIT_LOG`, `DRYRUN_AUDIT_LOG_ONLY`.
 * - - -
 * @property evaluationMode How this admission rule will be evaluated.
 * Possible values are: `ALWAYS_ALLOW`, `REQUIRE_ATTESTATION`, `ALWAYS_DENY`.
 * @property requireAttestationsBies The resource names of the attestors that must attest to a
 * container image. If the attestor is in a different project from the
 * policy, it should be specified in the format `projects/*/attestors/*`.
 * Each attestor must exist before a policy can reference it. To add an
 * attestor to a policy the principal issuing the policy change
 * request must be able to read the attestor resource.
 * Note: this field must be non-empty when the evaluation_mode field
 * specifies REQUIRE_ATTESTATION, otherwise it must be empty.
 * */*/
 */
public data class PolicyDefaultAdmissionRuleArgs(
    public val enforcementMode: Output,
    public val evaluationMode: Output,
    public val requireAttestationsBies: Output>? = null,
) : ConvertibleToJava {
    override fun toJava(): com.pulumi.gcp.binaryauthorization.inputs.PolicyDefaultAdmissionRuleArgs =
        com.pulumi.gcp.binaryauthorization.inputs.PolicyDefaultAdmissionRuleArgs.builder()
            .enforcementMode(enforcementMode.applyValue({ args0 -> args0 }))
            .evaluationMode(evaluationMode.applyValue({ args0 -> args0 }))
            .requireAttestationsBies(
                requireAttestationsBies?.applyValue({ args0 ->
                    args0.map({ args0 ->
                        args0
                    })
                }),
            ).build()
}

/**
 * Builder for [PolicyDefaultAdmissionRuleArgs].
 */
@PulumiTagMarker
public class PolicyDefaultAdmissionRuleArgsBuilder internal constructor() {
    private var enforcementMode: Output? = null

    private var evaluationMode: Output? = null

    private var requireAttestationsBies: Output>? = null

    /**
     * @param value The action when a pod creation is denied by the admission rule.
     * Possible values are: `ENFORCED_BLOCK_AND_AUDIT_LOG`, `DRYRUN_AUDIT_LOG_ONLY`.
     * - - -
     */
    @JvmName("npfjkrofwaclewqw")
    public suspend fun enforcementMode(`value`: Output) {
        this.enforcementMode = value
    }

    /**
     * @param value How this admission rule will be evaluated.
     * Possible values are: `ALWAYS_ALLOW`, `REQUIRE_ATTESTATION`, `ALWAYS_DENY`.
     */
    @JvmName("ejkemsttellcgnsi")
    public suspend fun evaluationMode(`value`: Output) {
        this.evaluationMode = value
    }

    /**
     * @param value The resource names of the attestors that must attest to a
     * container image. If the attestor is in a different project from the
     * policy, it should be specified in the format `projects/*/attestors/*`.
     * Each attestor must exist before a policy can reference it. To add an
     * attestor to a policy the principal issuing the policy change
     * request must be able to read the attestor resource.
     * Note: this field must be non-empty when the evaluation_mode field
     * specifies REQUIRE_ATTESTATION, otherwise it must be empty.
     * */*/
     */
    @JvmName("bkgjbeyxralmxhho")
    public suspend fun requireAttestationsBies(`value`: Output>) {
        this.requireAttestationsBies = value
    }

    @JvmName("jamaljojnjovjqrm")
    public suspend fun requireAttestationsBies(vararg values: Output) {
        this.requireAttestationsBies = Output.all(values.asList())
    }

    /**
     * @param values The resource names of the attestors that must attest to a
     * container image. If the attestor is in a different project from the
     * policy, it should be specified in the format `projects/*/attestors/*`.
     * Each attestor must exist before a policy can reference it. To add an
     * attestor to a policy the principal issuing the policy change
     * request must be able to read the attestor resource.
     * Note: this field must be non-empty when the evaluation_mode field
     * specifies REQUIRE_ATTESTATION, otherwise it must be empty.
     * */*/
     */
    @JvmName("nrjxcvsghjocukip")
    public suspend fun requireAttestationsBies(values: List>) {
        this.requireAttestationsBies = Output.all(values)
    }

    /**
     * @param value The action when a pod creation is denied by the admission rule.
     * Possible values are: `ENFORCED_BLOCK_AND_AUDIT_LOG`, `DRYRUN_AUDIT_LOG_ONLY`.
     * - - -
     */
    @JvmName("erwkambvbbvxjmaq")
    public suspend fun enforcementMode(`value`: String) {
        val toBeMapped = value
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.enforcementMode = mapped
    }

    /**
     * @param value How this admission rule will be evaluated.
     * Possible values are: `ALWAYS_ALLOW`, `REQUIRE_ATTESTATION`, `ALWAYS_DENY`.
     */
    @JvmName("gindqpqkduaygbon")
    public suspend fun evaluationMode(`value`: String) {
        val toBeMapped = value
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.evaluationMode = mapped
    }

    /**
     * @param value The resource names of the attestors that must attest to a
     * container image. If the attestor is in a different project from the
     * policy, it should be specified in the format `projects/*/attestors/*`.
     * Each attestor must exist before a policy can reference it. To add an
     * attestor to a policy the principal issuing the policy change
     * request must be able to read the attestor resource.
     * Note: this field must be non-empty when the evaluation_mode field
     * specifies REQUIRE_ATTESTATION, otherwise it must be empty.
     * */*/
     */
    @JvmName("fivkspfpfbjhqnqd")
    public suspend fun requireAttestationsBies(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.requireAttestationsBies = mapped
    }

    /**
     * @param values The resource names of the attestors that must attest to a
     * container image. If the attestor is in a different project from the
     * policy, it should be specified in the format `projects/*/attestors/*`.
     * Each attestor must exist before a policy can reference it. To add an
     * attestor to a policy the principal issuing the policy change
     * request must be able to read the attestor resource.
     * Note: this field must be non-empty when the evaluation_mode field
     * specifies REQUIRE_ATTESTATION, otherwise it must be empty.
     * */*/
     */
    @JvmName("aatlfnuwxoxpgjtr")
    public suspend fun requireAttestationsBies(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.requireAttestationsBies = mapped
    }

    internal fun build(): PolicyDefaultAdmissionRuleArgs = PolicyDefaultAdmissionRuleArgs(
        enforcementMode = enforcementMode ?: throw PulumiNullFieldException("enforcementMode"),
        evaluationMode = evaluationMode ?: throw PulumiNullFieldException("evaluationMode"),
        requireAttestationsBies = requireAttestationsBies,
    )
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy