Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $
You can buy this project and download/modify it how often you want.
com.pulumi.gcp.binaryauthorization.kotlin.AttestorArgs.kt Maven / Gradle / Ivy
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.binaryauthorization.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.binaryauthorization.AttestorArgs.builder
import com.pulumi.gcp.binaryauthorization.kotlin.inputs.AttestorAttestationAuthorityNoteArgs
import com.pulumi.gcp.binaryauthorization.kotlin.inputs.AttestorAttestationAuthorityNoteArgsBuilder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.jvm.JvmName
/**
* An attestor that attests to container image artifacts.
* To get more information about Attestor, see:
* * [API documentation](https://cloud.google.com/binary-authorization/docs/reference/rest/)
* * How-to Guides
* * [Official Documentation](https://cloud.google.com/binary-authorization/)
* ## Example Usage
* ### Binary Authorization Attestor Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const note = new gcp.containeranalysis.Note("note", {
* name: "test-attestor-note",
* attestationAuthority: {
* hint: {
* humanReadableName: "Attestor Note",
* },
* },
* });
* const attestor = new gcp.binaryauthorization.Attestor("attestor", {
* name: "test-attestor",
* attestationAuthorityNote: {
* noteReference: note.name,
* publicKeys: [{
* asciiArmoredPgpPublicKey: `mQENBFtP0doBCADF+joTiXWKVuP8kJt3fgpBSjT9h8ezMfKA4aXZctYLx5wslWQl
* bB7Iu2ezkECNzoEeU7WxUe8a61pMCh9cisS9H5mB2K2uM4Jnf8tgFeXn3akJDVo0
* oR1IC+Dp9mXbRSK3MAvKkOwWlG99sx3uEdvmeBRHBOO+grchLx24EThXFOyP9Fk6
* V39j6xMjw4aggLD15B4V0v9JqBDdJiIYFzszZDL6pJwZrzcP0z8JO4rTZd+f64bD
* Mpj52j/pQfA8lZHOaAgb1OrthLdMrBAjoDjArV4Ek7vSbrcgYWcI6BhsQrFoxKdX
* 83TZKai55ZCfCLIskwUIzA1NLVwyzCS+fSN/ABEBAAG0KCJUZXN0IEF0dGVzdG9y
* IiA8ZGFuYWhvZmZtYW5AZ29vZ2xlLmNvbT6JAU4EEwEIADgWIQRfWkqHt6hpTA1L
* uY060eeM4dc66AUCW0/R2gIbLwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRA6
* 0eeM4dc66HdpCAC4ot3b0OyxPb0Ip+WT2U0PbpTBPJklesuwpIrM4Lh0N+1nVRLC
* 51WSmVbM8BiAFhLbN9LpdHhds1kUrHF7+wWAjdR8sqAj9otc6HGRM/3qfa2qgh+U
* WTEk/3us/rYSi7T7TkMuutRMIa1IkR13uKiW56csEMnbOQpn9rDqwIr5R8nlZP5h
* MAU9vdm1DIv567meMqTaVZgR3w7bck2P49AO8lO5ERFpVkErtu/98y+rUy9d789l
* +OPuS1NGnxI1YKsNaWJF4uJVuvQuZ1twrhCbGNtVorO2U12+cEq+YtUxj7kmdOC1
* qoIRW6y0+UlAc+MbqfL0ziHDOAmcqz1GnROg
* =6Bvm
* `,
* }],
* },
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* note = gcp.containeranalysis.Note("note",
* name="test-attestor-note",
* attestation_authority={
* "hint": {
* "human_readable_name": "Attestor Note",
* },
* })
* attestor = gcp.binaryauthorization.Attestor("attestor",
* name="test-attestor",
* attestation_authority_note={
* "note_reference": note.name,
* "public_keys": [{
* "ascii_armored_pgp_public_key": """mQENBFtP0doBCADF+joTiXWKVuP8kJt3fgpBSjT9h8ezMfKA4aXZctYLx5wslWQl
* bB7Iu2ezkECNzoEeU7WxUe8a61pMCh9cisS9H5mB2K2uM4Jnf8tgFeXn3akJDVo0
* oR1IC+Dp9mXbRSK3MAvKkOwWlG99sx3uEdvmeBRHBOO+grchLx24EThXFOyP9Fk6
* V39j6xMjw4aggLD15B4V0v9JqBDdJiIYFzszZDL6pJwZrzcP0z8JO4rTZd+f64bD
* Mpj52j/pQfA8lZHOaAgb1OrthLdMrBAjoDjArV4Ek7vSbrcgYWcI6BhsQrFoxKdX
* 83TZKai55ZCfCLIskwUIzA1NLVwyzCS+fSN/ABEBAAG0KCJUZXN0IEF0dGVzdG9y
* IiA8ZGFuYWhvZmZtYW5AZ29vZ2xlLmNvbT6JAU4EEwEIADgWIQRfWkqHt6hpTA1L
* uY060eeM4dc66AUCW0/R2gIbLwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRA6
* 0eeM4dc66HdpCAC4ot3b0OyxPb0Ip+WT2U0PbpTBPJklesuwpIrM4Lh0N+1nVRLC
* 51WSmVbM8BiAFhLbN9LpdHhds1kUrHF7+wWAjdR8sqAj9otc6HGRM/3qfa2qgh+U
* WTEk/3us/rYSi7T7TkMuutRMIa1IkR13uKiW56csEMnbOQpn9rDqwIr5R8nlZP5h
* MAU9vdm1DIv567meMqTaVZgR3w7bck2P49AO8lO5ERFpVkErtu/98y+rUy9d789l
* +OPuS1NGnxI1YKsNaWJF4uJVuvQuZ1twrhCbGNtVorO2U12+cEq+YtUxj7kmdOC1
* qoIRW6y0+UlAc+MbqfL0ziHDOAmcqz1GnROg
* =6Bvm
* """,
* }],
* })
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var note = new Gcp.ContainerAnalysis.Note("note", new()
* {
* Name = "test-attestor-note",
* AttestationAuthority = new Gcp.ContainerAnalysis.Inputs.NoteAttestationAuthorityArgs
* {
* Hint = new Gcp.ContainerAnalysis.Inputs.NoteAttestationAuthorityHintArgs
* {
* HumanReadableName = "Attestor Note",
* },
* },
* });
* var attestor = new Gcp.BinaryAuthorization.Attestor("attestor", new()
* {
* Name = "test-attestor",
* AttestationAuthorityNote = new Gcp.BinaryAuthorization.Inputs.AttestorAttestationAuthorityNoteArgs
* {
* NoteReference = note.Name,
* PublicKeys = new[]
* {
* new Gcp.BinaryAuthorization.Inputs.AttestorAttestationAuthorityNotePublicKeyArgs
* {
* AsciiArmoredPgpPublicKey = @"mQENBFtP0doBCADF+joTiXWKVuP8kJt3fgpBSjT9h8ezMfKA4aXZctYLx5wslWQl
* bB7Iu2ezkECNzoEeU7WxUe8a61pMCh9cisS9H5mB2K2uM4Jnf8tgFeXn3akJDVo0
* oR1IC+Dp9mXbRSK3MAvKkOwWlG99sx3uEdvmeBRHBOO+grchLx24EThXFOyP9Fk6
* V39j6xMjw4aggLD15B4V0v9JqBDdJiIYFzszZDL6pJwZrzcP0z8JO4rTZd+f64bD
* Mpj52j/pQfA8lZHOaAgb1OrthLdMrBAjoDjArV4Ek7vSbrcgYWcI6BhsQrFoxKdX
* 83TZKai55ZCfCLIskwUIzA1NLVwyzCS+fSN/ABEBAAG0KCJUZXN0IEF0dGVzdG9y
* IiA8ZGFuYWhvZmZtYW5AZ29vZ2xlLmNvbT6JAU4EEwEIADgWIQRfWkqHt6hpTA1L
* uY060eeM4dc66AUCW0/R2gIbLwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRA6
* 0eeM4dc66HdpCAC4ot3b0OyxPb0Ip+WT2U0PbpTBPJklesuwpIrM4Lh0N+1nVRLC
* 51WSmVbM8BiAFhLbN9LpdHhds1kUrHF7+wWAjdR8sqAj9otc6HGRM/3qfa2qgh+U
* WTEk/3us/rYSi7T7TkMuutRMIa1IkR13uKiW56csEMnbOQpn9rDqwIr5R8nlZP5h
* MAU9vdm1DIv567meMqTaVZgR3w7bck2P49AO8lO5ERFpVkErtu/98y+rUy9d789l
* +OPuS1NGnxI1YKsNaWJF4uJVuvQuZ1twrhCbGNtVorO2U12+cEq+YtUxj7kmdOC1
* qoIRW6y0+UlAc+MbqfL0ziHDOAmcqz1GnROg
* =6Bvm
* ",
* },
* },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/binaryauthorization"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/containeranalysis"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* note, err := containeranalysis.NewNote(ctx, "note", &containeranalysis.NoteArgs{
* Name: pulumi.String("test-attestor-note"),
* AttestationAuthority: &containeranalysis.NoteAttestationAuthorityArgs{
* Hint: &containeranalysis.NoteAttestationAuthorityHintArgs{
* HumanReadableName: pulumi.String("Attestor Note"),
* },
* },
* })
* if err != nil {
* return err
* }
* _, err = binaryauthorization.NewAttestor(ctx, "attestor", &binaryauthorization.AttestorArgs{
* Name: pulumi.String("test-attestor"),
* AttestationAuthorityNote: &binaryauthorization.AttestorAttestationAuthorityNoteArgs{
* NoteReference: note.Name,
* PublicKeys: binaryauthorization.AttestorAttestationAuthorityNotePublicKeyArray{
* &binaryauthorization.AttestorAttestationAuthorityNotePublicKeyArgs{
* AsciiArmoredPgpPublicKey: pulumi.String(`mQENBFtP0doBCADF+joTiXWKVuP8kJt3fgpBSjT9h8ezMfKA4aXZctYLx5wslWQl
* bB7Iu2ezkECNzoEeU7WxUe8a61pMCh9cisS9H5mB2K2uM4Jnf8tgFeXn3akJDVo0
* oR1IC+Dp9mXbRSK3MAvKkOwWlG99sx3uEdvmeBRHBOO+grchLx24EThXFOyP9Fk6
* V39j6xMjw4aggLD15B4V0v9JqBDdJiIYFzszZDL6pJwZrzcP0z8JO4rTZd+f64bD
* Mpj52j/pQfA8lZHOaAgb1OrthLdMrBAjoDjArV4Ek7vSbrcgYWcI6BhsQrFoxKdX
* 83TZKai55ZCfCLIskwUIzA1NLVwyzCS+fSN/ABEBAAG0KCJUZXN0IEF0dGVzdG9y
* IiA8ZGFuYWhvZmZtYW5AZ29vZ2xlLmNvbT6JAU4EEwEIADgWIQRfWkqHt6hpTA1L
* uY060eeM4dc66AUCW0/R2gIbLwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRA6
* 0eeM4dc66HdpCAC4ot3b0OyxPb0Ip+WT2U0PbpTBPJklesuwpIrM4Lh0N+1nVRLC
* 51WSmVbM8BiAFhLbN9LpdHhds1kUrHF7+wWAjdR8sqAj9otc6HGRM/3qfa2qgh+U
* WTEk/3us/rYSi7T7TkMuutRMIa1IkR13uKiW56csEMnbOQpn9rDqwIr5R8nlZP5h
* MAU9vdm1DIv567meMqTaVZgR3w7bck2P49AO8lO5ERFpVkErtu/98y+rUy9d789l
* +OPuS1NGnxI1YKsNaWJF4uJVuvQuZ1twrhCbGNtVorO2U12+cEq+YtUxj7kmdOC1
* qoIRW6y0+UlAc+MbqfL0ziHDOAmcqz1GnROg
* =6Bvm
* `),
* },
* },
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.containeranalysis.Note;
* import com.pulumi.gcp.containeranalysis.NoteArgs;
* import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityArgs;
* import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityHintArgs;
* import com.pulumi.gcp.binaryauthorization.Attestor;
* import com.pulumi.gcp.binaryauthorization.AttestorArgs;
* import com.pulumi.gcp.binaryauthorization.inputs.AttestorAttestationAuthorityNoteArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var note = new Note("note", NoteArgs.builder()
* .name("test-attestor-note")
* .attestationAuthority(NoteAttestationAuthorityArgs.builder()
* .hint(NoteAttestationAuthorityHintArgs.builder()
* .humanReadableName("Attestor Note")
* .build())
* .build())
* .build());
* var attestor = new Attestor("attestor", AttestorArgs.builder()
* .name("test-attestor")
* .attestationAuthorityNote(AttestorAttestationAuthorityNoteArgs.builder()
* .noteReference(note.name())
* .publicKeys(AttestorAttestationAuthorityNotePublicKeyArgs.builder()
* .asciiArmoredPgpPublicKey("""
* mQENBFtP0doBCADF+joTiXWKVuP8kJt3fgpBSjT9h8ezMfKA4aXZctYLx5wslWQl
* bB7Iu2ezkECNzoEeU7WxUe8a61pMCh9cisS9H5mB2K2uM4Jnf8tgFeXn3akJDVo0
* oR1IC+Dp9mXbRSK3MAvKkOwWlG99sx3uEdvmeBRHBOO+grchLx24EThXFOyP9Fk6
* V39j6xMjw4aggLD15B4V0v9JqBDdJiIYFzszZDL6pJwZrzcP0z8JO4rTZd+f64bD
* Mpj52j/pQfA8lZHOaAgb1OrthLdMrBAjoDjArV4Ek7vSbrcgYWcI6BhsQrFoxKdX
* 83TZKai55ZCfCLIskwUIzA1NLVwyzCS+fSN/ABEBAAG0KCJUZXN0IEF0dGVzdG9y
* IiA8ZGFuYWhvZmZtYW5AZ29vZ2xlLmNvbT6JAU4EEwEIADgWIQRfWkqHt6hpTA1L
* uY060eeM4dc66AUCW0/R2gIbLwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRA6
* 0eeM4dc66HdpCAC4ot3b0OyxPb0Ip+WT2U0PbpTBPJklesuwpIrM4Lh0N+1nVRLC
* 51WSmVbM8BiAFhLbN9LpdHhds1kUrHF7+wWAjdR8sqAj9otc6HGRM/3qfa2qgh+U
* WTEk/3us/rYSi7T7TkMuutRMIa1IkR13uKiW56csEMnbOQpn9rDqwIr5R8nlZP5h
* MAU9vdm1DIv567meMqTaVZgR3w7bck2P49AO8lO5ERFpVkErtu/98y+rUy9d789l
* +OPuS1NGnxI1YKsNaWJF4uJVuvQuZ1twrhCbGNtVorO2U12+cEq+YtUxj7kmdOC1
* qoIRW6y0+UlAc+MbqfL0ziHDOAmcqz1GnROg
* =6Bvm
* """)
* .build())
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* attestor:
* type: gcp:binaryauthorization:Attestor
* properties:
* name: test-attestor
* attestationAuthorityNote:
* noteReference: ${note.name}
* publicKeys:
* - asciiArmoredPgpPublicKey: |
* mQENBFtP0doBCADF+joTiXWKVuP8kJt3fgpBSjT9h8ezMfKA4aXZctYLx5wslWQl
* bB7Iu2ezkECNzoEeU7WxUe8a61pMCh9cisS9H5mB2K2uM4Jnf8tgFeXn3akJDVo0
* oR1IC+Dp9mXbRSK3MAvKkOwWlG99sx3uEdvmeBRHBOO+grchLx24EThXFOyP9Fk6
* V39j6xMjw4aggLD15B4V0v9JqBDdJiIYFzszZDL6pJwZrzcP0z8JO4rTZd+f64bD
* Mpj52j/pQfA8lZHOaAgb1OrthLdMrBAjoDjArV4Ek7vSbrcgYWcI6BhsQrFoxKdX
* 83TZKai55ZCfCLIskwUIzA1NLVwyzCS+fSN/ABEBAAG0KCJUZXN0IEF0dGVzdG9y
* IiA8ZGFuYWhvZmZtYW5AZ29vZ2xlLmNvbT6JAU4EEwEIADgWIQRfWkqHt6hpTA1L
* uY060eeM4dc66AUCW0/R2gIbLwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRA6
* 0eeM4dc66HdpCAC4ot3b0OyxPb0Ip+WT2U0PbpTBPJklesuwpIrM4Lh0N+1nVRLC
* 51WSmVbM8BiAFhLbN9LpdHhds1kUrHF7+wWAjdR8sqAj9otc6HGRM/3qfa2qgh+U
* WTEk/3us/rYSi7T7TkMuutRMIa1IkR13uKiW56csEMnbOQpn9rDqwIr5R8nlZP5h
* MAU9vdm1DIv567meMqTaVZgR3w7bck2P49AO8lO5ERFpVkErtu/98y+rUy9d789l
* +OPuS1NGnxI1YKsNaWJF4uJVuvQuZ1twrhCbGNtVorO2U12+cEq+YtUxj7kmdOC1
* qoIRW6y0+UlAc+MbqfL0ziHDOAmcqz1GnROg
* =6Bvm
* note:
* type: gcp:containeranalysis:Note
* properties:
* name: test-attestor-note
* attestationAuthority:
* hint:
* humanReadableName: Attestor Note
* ```
*
* ### Binary Authorization Attestor Kms
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const keyring = new gcp.kms.KeyRing("keyring", {
* name: "test-attestor-key-ring",
* location: "global",
* });
* const crypto_key = new gcp.kms.CryptoKey("crypto-key", {
* name: "test-attestor-key",
* keyRing: keyring.id,
* purpose: "ASYMMETRIC_SIGN",
* versionTemplate: {
* algorithm: "RSA_SIGN_PKCS1_4096_SHA512",
* },
* });
* const version = gcp.kms.getKMSCryptoKeyVersionOutput({
* cryptoKey: crypto_key.id,
* });
* const note = new gcp.containeranalysis.Note("note", {
* name: "test-attestor-note",
* attestationAuthority: {
* hint: {
* humanReadableName: "Attestor Note",
* },
* },
* });
* const attestor = new gcp.binaryauthorization.Attestor("attestor", {
* name: "test-attestor",
* attestationAuthorityNote: {
* noteReference: note.name,
* publicKeys: [{
* id: version.apply(version => version.id),
* pkixPublicKey: {
* publicKeyPem: version.apply(version => version.publicKeys?.[0]?.pem),
* signatureAlgorithm: version.apply(version => version.publicKeys?.[0]?.algorithm),
* },
* }],
* },
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* keyring = gcp.kms.KeyRing("keyring",
* name="test-attestor-key-ring",
* location="global")
* crypto_key = gcp.kms.CryptoKey("crypto-key",
* name="test-attestor-key",
* key_ring=keyring.id,
* purpose="ASYMMETRIC_SIGN",
* version_template={
* "algorithm": "RSA_SIGN_PKCS1_4096_SHA512",
* })
* version = gcp.kms.get_kms_crypto_key_version_output(crypto_key=crypto_key.id)
* note = gcp.containeranalysis.Note("note",
* name="test-attestor-note",
* attestation_authority={
* "hint": {
* "human_readable_name": "Attestor Note",
* },
* })
* attestor = gcp.binaryauthorization.Attestor("attestor",
* name="test-attestor",
* attestation_authority_note={
* "note_reference": note.name,
* "public_keys": [{
* "id": version.id,
* "pkix_public_key": {
* "public_key_pem": version.public_keys[0].pem,
* "signature_algorithm": version.public_keys[0].algorithm,
* },
* }],
* })
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var keyring = new Gcp.Kms.KeyRing("keyring", new()
* {
* Name = "test-attestor-key-ring",
* Location = "global",
* });
* var crypto_key = new Gcp.Kms.CryptoKey("crypto-key", new()
* {
* Name = "test-attestor-key",
* KeyRing = keyring.Id,
* Purpose = "ASYMMETRIC_SIGN",
* VersionTemplate = new Gcp.Kms.Inputs.CryptoKeyVersionTemplateArgs
* {
* Algorithm = "RSA_SIGN_PKCS1_4096_SHA512",
* },
* });
* var version = Gcp.Kms.GetKMSCryptoKeyVersion.Invoke(new()
* {
* CryptoKey = crypto_key.Id,
* });
* var note = new Gcp.ContainerAnalysis.Note("note", new()
* {
* Name = "test-attestor-note",
* AttestationAuthority = new Gcp.ContainerAnalysis.Inputs.NoteAttestationAuthorityArgs
* {
* Hint = new Gcp.ContainerAnalysis.Inputs.NoteAttestationAuthorityHintArgs
* {
* HumanReadableName = "Attestor Note",
* },
* },
* });
* var attestor = new Gcp.BinaryAuthorization.Attestor("attestor", new()
* {
* Name = "test-attestor",
* AttestationAuthorityNote = new Gcp.BinaryAuthorization.Inputs.AttestorAttestationAuthorityNoteArgs
* {
* NoteReference = note.Name,
* PublicKeys = new[]
* {
* new Gcp.BinaryAuthorization.Inputs.AttestorAttestationAuthorityNotePublicKeyArgs
* {
* Id = version.Apply(getKMSCryptoKeyVersionResult => getKMSCryptoKeyVersionResult.Id),
* PkixPublicKey = new Gcp.BinaryAuthorization.Inputs.AttestorAttestationAuthorityNotePublicKeyPkixPublicKeyArgs
* {
* PublicKeyPem = version.Apply(getKMSCryptoKeyVersionResult => getKMSCryptoKeyVersionResult.PublicKeys[0]?.Pem),
* SignatureAlgorithm = version.Apply(getKMSCryptoKeyVersionResult => getKMSCryptoKeyVersionResult.PublicKeys[0]?.Algorithm),
* },
* },
* },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/binaryauthorization"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/containeranalysis"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
* Name: pulumi.String("test-attestor-key-ring"),
* Location: pulumi.String("global"),
* })
* if err != nil {
* return err
* }
* _, err = kms.NewCryptoKey(ctx, "crypto-key", &kms.CryptoKeyArgs{
* Name: pulumi.String("test-attestor-key"),
* KeyRing: keyring.ID(),
* Purpose: pulumi.String("ASYMMETRIC_SIGN"),
* VersionTemplate: &kms.CryptoKeyVersionTemplateArgs{
* Algorithm: pulumi.String("RSA_SIGN_PKCS1_4096_SHA512"),
* },
* })
* if err != nil {
* return err
* }
* version := kms.GetKMSCryptoKeyVersionOutput(ctx, kms.GetKMSCryptoKeyVersionOutputArgs{
* CryptoKey: crypto_key.ID(),
* }, nil)
* note, err := containeranalysis.NewNote(ctx, "note", &containeranalysis.NoteArgs{
* Name: pulumi.String("test-attestor-note"),
* AttestationAuthority: &containeranalysis.NoteAttestationAuthorityArgs{
* Hint: &containeranalysis.NoteAttestationAuthorityHintArgs{
* HumanReadableName: pulumi.String("Attestor Note"),
* },
* },
* })
* if err != nil {
* return err
* }
* _, err = binaryauthorization.NewAttestor(ctx, "attestor", &binaryauthorization.AttestorArgs{
* Name: pulumi.String("test-attestor"),
* AttestationAuthorityNote: &binaryauthorization.AttestorAttestationAuthorityNoteArgs{
* NoteReference: note.Name,
* PublicKeys: binaryauthorization.AttestorAttestationAuthorityNotePublicKeyArray{
* &binaryauthorization.AttestorAttestationAuthorityNotePublicKeyArgs{
* Id: version.ApplyT(func(version kms.GetKMSCryptoKeyVersionResult) (*string, error) {
* return &version.Id, nil
* }).(pulumi.StringPtrOutput),
* PkixPublicKey: &binaryauthorization.AttestorAttestationAuthorityNotePublicKeyPkixPublicKeyArgs{
* PublicKeyPem: version.ApplyT(func(version kms.GetKMSCryptoKeyVersionResult) (*string, error) {
* return &version.PublicKeys[0].Pem, nil
* }).(pulumi.StringPtrOutput),
* SignatureAlgorithm: version.ApplyT(func(version kms.GetKMSCryptoKeyVersionResult) (*string, error) {
* return &version.PublicKeys[0].Algorithm, nil
* }).(pulumi.StringPtrOutput),
* },
* },
* },
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.kms.KeyRing;
* import com.pulumi.gcp.kms.KeyRingArgs;
* import com.pulumi.gcp.kms.CryptoKey;
* import com.pulumi.gcp.kms.CryptoKeyArgs;
* import com.pulumi.gcp.kms.inputs.CryptoKeyVersionTemplateArgs;
* import com.pulumi.gcp.kms.KmsFunctions;
* import com.pulumi.gcp.kms.inputs.GetKMSCryptoKeyVersionArgs;
* import com.pulumi.gcp.containeranalysis.Note;
* import com.pulumi.gcp.containeranalysis.NoteArgs;
* import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityArgs;
* import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityHintArgs;
* import com.pulumi.gcp.binaryauthorization.Attestor;
* import com.pulumi.gcp.binaryauthorization.AttestorArgs;
* import com.pulumi.gcp.binaryauthorization.inputs.AttestorAttestationAuthorityNoteArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var keyring = new KeyRing("keyring", KeyRingArgs.builder()
* .name("test-attestor-key-ring")
* .location("global")
* .build());
* var crypto_key = new CryptoKey("crypto-key", CryptoKeyArgs.builder()
* .name("test-attestor-key")
* .keyRing(keyring.id())
* .purpose("ASYMMETRIC_SIGN")
* .versionTemplate(CryptoKeyVersionTemplateArgs.builder()
* .algorithm("RSA_SIGN_PKCS1_4096_SHA512")
* .build())
* .build());
* final var version = KmsFunctions.getKMSCryptoKeyVersion(GetKMSCryptoKeyVersionArgs.builder()
* .cryptoKey(crypto_key.id())
* .build());
* var note = new Note("note", NoteArgs.builder()
* .name("test-attestor-note")
* .attestationAuthority(NoteAttestationAuthorityArgs.builder()
* .hint(NoteAttestationAuthorityHintArgs.builder()
* .humanReadableName("Attestor Note")
* .build())
* .build())
* .build());
* var attestor = new Attestor("attestor", AttestorArgs.builder()
* .name("test-attestor")
* .attestationAuthorityNote(AttestorAttestationAuthorityNoteArgs.builder()
* .noteReference(note.name())
* .publicKeys(AttestorAttestationAuthorityNotePublicKeyArgs.builder()
* .id(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult).applyValue(version -> version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.id())))
* .pkixPublicKey(AttestorAttestationAuthorityNotePublicKeyPkixPublicKeyArgs.builder()
* .publicKeyPem(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult).applyValue(version -> version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.publicKeys()[0].pem())))
* .signatureAlgorithm(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult).applyValue(version -> version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.publicKeys()[0].algorithm())))
* .build())
* .build())
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* attestor:
* type: gcp:binaryauthorization:Attestor
* properties:
* name: test-attestor
* attestationAuthorityNote:
* noteReference: ${note.name}
* publicKeys:
* - id: ${version.id}
* pkixPublicKey:
* publicKeyPem: ${version.publicKeys[0].pem}
* signatureAlgorithm: ${version.publicKeys[0].algorithm}
* note:
* type: gcp:containeranalysis:Note
* properties:
* name: test-attestor-note
* attestationAuthority:
* hint:
* humanReadableName: Attestor Note
* crypto-key:
* type: gcp:kms:CryptoKey
* properties:
* name: test-attestor-key
* keyRing: ${keyring.id}
* purpose: ASYMMETRIC_SIGN
* versionTemplate:
* algorithm: RSA_SIGN_PKCS1_4096_SHA512
* keyring:
* type: gcp:kms:KeyRing
* properties:
* name: test-attestor-key-ring
* location: global
* variables:
* version:
* fn::invoke:
* Function: gcp:kms:getKMSCryptoKeyVersion
* Arguments:
* cryptoKey: ${["crypto-key"].id}
* ```
*
* ## Import
* Attestor can be imported using any of these accepted formats:
* * `projects/{{project}}/attestors/{{name}}`
* * `{{project}}/{{name}}`
* * `{{name}}`
* When using the `pulumi import` command, Attestor can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:binaryauthorization/attestor:Attestor default projects/{{project}}/attestors/{{name}}
* ```
* ```sh
* $ pulumi import gcp:binaryauthorization/attestor:Attestor default {{project}}/{{name}}
* ```
* ```sh
* $ pulumi import gcp:binaryauthorization/attestor:Attestor default {{name}}
* ```
* @property attestationAuthorityNote A Container Analysis ATTESTATION_AUTHORITY Note, created by the user.
* Structure is documented below.
* @property description A descriptive comment. This field may be updated. The field may be displayed in chooser dialogs.
* @property name The resource name.
* @property project
*/
public data class AttestorArgs(
public val attestationAuthorityNote: Output? = null,
public val description: Output? = null,
public val name: Output? = null,
public val project: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.gcp.binaryauthorization.AttestorArgs =
com.pulumi.gcp.binaryauthorization.AttestorArgs.builder()
.attestationAuthorityNote(
attestationAuthorityNote?.applyValue({ args0 ->
args0.let({ args0 ->
args0.toJava()
})
}),
)
.description(description?.applyValue({ args0 -> args0 }))
.name(name?.applyValue({ args0 -> args0 }))
.project(project?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [AttestorArgs].
*/
@PulumiTagMarker
public class AttestorArgsBuilder internal constructor() {
private var attestationAuthorityNote: Output? = null
private var description: Output? = null
private var name: Output? = null
private var project: Output? = null
/**
* @param value A Container Analysis ATTESTATION_AUTHORITY Note, created by the user.
* Structure is documented below.
*/
@JvmName("aafchyolrnvdetjx")
public suspend fun attestationAuthorityNote(`value`: Output) {
this.attestationAuthorityNote = value
}
/**
* @param value A descriptive comment. This field may be updated. The field may be displayed in chooser dialogs.
*/
@JvmName("rdfrbnnmbtgxsshn")
public suspend fun description(`value`: Output) {
this.description = value
}
/**
* @param value The resource name.
*/
@JvmName("gnqmhapfllcmvtcc")
public suspend fun name(`value`: Output) {
this.name = value
}
/**
* @param value
*/
@JvmName("duqsswhenjcdupnl")
public suspend fun project(`value`: Output) {
this.project = value
}
/**
* @param value A Container Analysis ATTESTATION_AUTHORITY Note, created by the user.
* Structure is documented below.
*/
@JvmName("uhoirluvqxfnrcux")
public suspend fun attestationAuthorityNote(`value`: AttestorAttestationAuthorityNoteArgs?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.attestationAuthorityNote = mapped
}
/**
* @param argument A Container Analysis ATTESTATION_AUTHORITY Note, created by the user.
* Structure is documented below.
*/
@JvmName("qejasbevfenkkvmm")
public suspend fun attestationAuthorityNote(argument: suspend AttestorAttestationAuthorityNoteArgsBuilder.() -> Unit) {
val toBeMapped = AttestorAttestationAuthorityNoteArgsBuilder().applySuspend {
argument()
}.build()
val mapped = of(toBeMapped)
this.attestationAuthorityNote = mapped
}
/**
* @param value A descriptive comment. This field may be updated. The field may be displayed in chooser dialogs.
*/
@JvmName("xbcasbkwepkmmonq")
public suspend fun description(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.description = mapped
}
/**
* @param value The resource name.
*/
@JvmName("ahldbsfskxqfkxpv")
public suspend fun name(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.name = mapped
}
/**
* @param value
*/
@JvmName("oiagtcmjmdmfdpdp")
public suspend fun project(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.project = mapped
}
internal fun build(): AttestorArgs = AttestorArgs(
attestationAuthorityNote = attestationAuthorityNote,
description = description,
name = name,
project = project,
)
}
