Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $
You can buy this project and download/modify it how often you want.
com.pulumi.gcp.binaryauthorization.kotlin.Policy.kt Maven / Gradle / Ivy
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.binaryauthorization.kotlin
import com.pulumi.core.Output
import com.pulumi.gcp.binaryauthorization.kotlin.outputs.PolicyAdmissionWhitelistPattern
import com.pulumi.gcp.binaryauthorization.kotlin.outputs.PolicyClusterAdmissionRule
import com.pulumi.gcp.binaryauthorization.kotlin.outputs.PolicyDefaultAdmissionRule
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import com.pulumi.gcp.binaryauthorization.kotlin.outputs.PolicyAdmissionWhitelistPattern.Companion.toKotlin as policyAdmissionWhitelistPatternToKotlin
import com.pulumi.gcp.binaryauthorization.kotlin.outputs.PolicyClusterAdmissionRule.Companion.toKotlin as policyClusterAdmissionRuleToKotlin
import com.pulumi.gcp.binaryauthorization.kotlin.outputs.PolicyDefaultAdmissionRule.Companion.toKotlin as policyDefaultAdmissionRuleToKotlin
/**
* Builder for [Policy].
*/
@PulumiTagMarker
public class PolicyResourceBuilder internal constructor() {
public var name: String? = null
public var args: PolicyArgs = PolicyArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend PolicyArgsBuilder.() -> Unit) {
val builder = PolicyArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): Policy {
val builtJavaResource = com.pulumi.gcp.binaryauthorization.Policy(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return Policy(builtJavaResource)
}
}
/**
* A policy for container image binary authorization.
* To get more information about Policy, see:
* * [API documentation](https://cloud.google.com/binary-authorization/docs/reference/rest/)
* * How-to Guides
* * [Official Documentation](https://cloud.google.com/binary-authorization/)
* ## Example Usage
* ### Binary Authorization Policy Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const note = new gcp.containeranalysis.Note("note", {
* name: "test-attestor-note",
* attestationAuthority: {
* hint: {
* humanReadableName: "My attestor",
* },
* },
* });
* const attestor = new gcp.binaryauthorization.Attestor("attestor", {
* name: "test-attestor",
* attestationAuthorityNote: {
* noteReference: note.name,
* },
* });
* const policy = new gcp.binaryauthorization.Policy("policy", {
* admissionWhitelistPatterns: [{
* namePattern: "gcr.io/google_containers/*",
* }],
* defaultAdmissionRule: {
* evaluationMode: "ALWAYS_ALLOW",
* enforcementMode: "ENFORCED_BLOCK_AND_AUDIT_LOG",
* },
* clusterAdmissionRules: [{
* cluster: "us-central1-a.prod-cluster",
* evaluationMode: "REQUIRE_ATTESTATION",
* enforcementMode: "ENFORCED_BLOCK_AND_AUDIT_LOG",
* requireAttestationsBies: [attestor.name],
* }],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* note = gcp.containeranalysis.Note("note",
* name="test-attestor-note",
* attestation_authority={
* "hint": {
* "human_readable_name": "My attestor",
* },
* })
* attestor = gcp.binaryauthorization.Attestor("attestor",
* name="test-attestor",
* attestation_authority_note={
* "note_reference": note.name,
* })
* policy = gcp.binaryauthorization.Policy("policy",
* admission_whitelist_patterns=[{
* "name_pattern": "gcr.io/google_containers/*",
* }],
* default_admission_rule={
* "evaluation_mode": "ALWAYS_ALLOW",
* "enforcement_mode": "ENFORCED_BLOCK_AND_AUDIT_LOG",
* },
* cluster_admission_rules=[{
* "cluster": "us-central1-a.prod-cluster",
* "evaluation_mode": "REQUIRE_ATTESTATION",
* "enforcement_mode": "ENFORCED_BLOCK_AND_AUDIT_LOG",
* "require_attestations_bies": [attestor.name],
* }])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var note = new Gcp.ContainerAnalysis.Note("note", new()
* {
* Name = "test-attestor-note",
* AttestationAuthority = new Gcp.ContainerAnalysis.Inputs.NoteAttestationAuthorityArgs
* {
* Hint = new Gcp.ContainerAnalysis.Inputs.NoteAttestationAuthorityHintArgs
* {
* HumanReadableName = "My attestor",
* },
* },
* });
* var attestor = new Gcp.BinaryAuthorization.Attestor("attestor", new()
* {
* Name = "test-attestor",
* AttestationAuthorityNote = new Gcp.BinaryAuthorization.Inputs.AttestorAttestationAuthorityNoteArgs
* {
* NoteReference = note.Name,
* },
* });
* var policy = new Gcp.BinaryAuthorization.Policy("policy", new()
* {
* AdmissionWhitelistPatterns = new[]
* {
* new Gcp.BinaryAuthorization.Inputs.PolicyAdmissionWhitelistPatternArgs
* {
* NamePattern = "gcr.io/google_containers/*",
* },
* },
* DefaultAdmissionRule = new Gcp.BinaryAuthorization.Inputs.PolicyDefaultAdmissionRuleArgs
* {
* EvaluationMode = "ALWAYS_ALLOW",
* EnforcementMode = "ENFORCED_BLOCK_AND_AUDIT_LOG",
* },
* ClusterAdmissionRules = new[]
* {
* new Gcp.BinaryAuthorization.Inputs.PolicyClusterAdmissionRuleArgs
* {
* Cluster = "us-central1-a.prod-cluster",
* EvaluationMode = "REQUIRE_ATTESTATION",
* EnforcementMode = "ENFORCED_BLOCK_AND_AUDIT_LOG",
* RequireAttestationsBies = new[]
* {
* attestor.Name,
* },
* },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/binaryauthorization"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/containeranalysis"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* note, err := containeranalysis.NewNote(ctx, "note", &containeranalysis.NoteArgs{
* Name: pulumi.String("test-attestor-note"),
* AttestationAuthority: &containeranalysis.NoteAttestationAuthorityArgs{
* Hint: &containeranalysis.NoteAttestationAuthorityHintArgs{
* HumanReadableName: pulumi.String("My attestor"),
* },
* },
* })
* if err != nil {
* return err
* }
* attestor, err := binaryauthorization.NewAttestor(ctx, "attestor", &binaryauthorization.AttestorArgs{
* Name: pulumi.String("test-attestor"),
* AttestationAuthorityNote: &binaryauthorization.AttestorAttestationAuthorityNoteArgs{
* NoteReference: note.Name,
* },
* })
* if err != nil {
* return err
* }
* _, err = binaryauthorization.NewPolicy(ctx, "policy", &binaryauthorization.PolicyArgs{
* AdmissionWhitelistPatterns: binaryauthorization.PolicyAdmissionWhitelistPatternArray{
* &binaryauthorization.PolicyAdmissionWhitelistPatternArgs{
* NamePattern: pulumi.String("gcr.io/google_containers/*"),
* },
* },
* DefaultAdmissionRule: &binaryauthorization.PolicyDefaultAdmissionRuleArgs{
* EvaluationMode: pulumi.String("ALWAYS_ALLOW"),
* EnforcementMode: pulumi.String("ENFORCED_BLOCK_AND_AUDIT_LOG"),
* },
* ClusterAdmissionRules: binaryauthorization.PolicyClusterAdmissionRuleArray{
* &binaryauthorization.PolicyClusterAdmissionRuleArgs{
* Cluster: pulumi.String("us-central1-a.prod-cluster"),
* EvaluationMode: pulumi.String("REQUIRE_ATTESTATION"),
* EnforcementMode: pulumi.String("ENFORCED_BLOCK_AND_AUDIT_LOG"),
* RequireAttestationsBies: pulumi.StringArray{
* attestor.Name,
* },
* },
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.containeranalysis.Note;
* import com.pulumi.gcp.containeranalysis.NoteArgs;
* import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityArgs;
* import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityHintArgs;
* import com.pulumi.gcp.binaryauthorization.Attestor;
* import com.pulumi.gcp.binaryauthorization.AttestorArgs;
* import com.pulumi.gcp.binaryauthorization.inputs.AttestorAttestationAuthorityNoteArgs;
* import com.pulumi.gcp.binaryauthorization.Policy;
* import com.pulumi.gcp.binaryauthorization.PolicyArgs;
* import com.pulumi.gcp.binaryauthorization.inputs.PolicyAdmissionWhitelistPatternArgs;
* import com.pulumi.gcp.binaryauthorization.inputs.PolicyDefaultAdmissionRuleArgs;
* import com.pulumi.gcp.binaryauthorization.inputs.PolicyClusterAdmissionRuleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var note = new Note("note", NoteArgs.builder()
* .name("test-attestor-note")
* .attestationAuthority(NoteAttestationAuthorityArgs.builder()
* .hint(NoteAttestationAuthorityHintArgs.builder()
* .humanReadableName("My attestor")
* .build())
* .build())
* .build());
* var attestor = new Attestor("attestor", AttestorArgs.builder()
* .name("test-attestor")
* .attestationAuthorityNote(AttestorAttestationAuthorityNoteArgs.builder()
* .noteReference(note.name())
* .build())
* .build());
* var policy = new Policy("policy", PolicyArgs.builder()
* .admissionWhitelistPatterns(PolicyAdmissionWhitelistPatternArgs.builder()
* .namePattern("gcr.io/google_containers/*")
* .build())
* .defaultAdmissionRule(PolicyDefaultAdmissionRuleArgs.builder()
* .evaluationMode("ALWAYS_ALLOW")
* .enforcementMode("ENFORCED_BLOCK_AND_AUDIT_LOG")
* .build())
* .clusterAdmissionRules(PolicyClusterAdmissionRuleArgs.builder()
* .cluster("us-central1-a.prod-cluster")
* .evaluationMode("REQUIRE_ATTESTATION")
* .enforcementMode("ENFORCED_BLOCK_AND_AUDIT_LOG")
* .requireAttestationsBies(attestor.name())
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* policy:
* type: gcp:binaryauthorization:Policy
* properties:
* admissionWhitelistPatterns:
* - namePattern: gcr.io/google_containers/*
* defaultAdmissionRule:
* evaluationMode: ALWAYS_ALLOW
* enforcementMode: ENFORCED_BLOCK_AND_AUDIT_LOG
* clusterAdmissionRules:
* - cluster: us-central1-a.prod-cluster
* evaluationMode: REQUIRE_ATTESTATION
* enforcementMode: ENFORCED_BLOCK_AND_AUDIT_LOG
* requireAttestationsBies:
* - ${attestor.name}
* note:
* type: gcp:containeranalysis:Note
* properties:
* name: test-attestor-note
* attestationAuthority:
* hint:
* humanReadableName: My attestor
* attestor:
* type: gcp:binaryauthorization:Attestor
* properties:
* name: test-attestor
* attestationAuthorityNote:
* noteReference: ${note.name}
* ```
*
* ### Binary Authorization Policy Global Evaluation
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const note = new gcp.containeranalysis.Note("note", {
* name: "test-attestor-note",
* attestationAuthority: {
* hint: {
* humanReadableName: "My attestor",
* },
* },
* });
* const attestor = new gcp.binaryauthorization.Attestor("attestor", {
* name: "test-attestor",
* attestationAuthorityNote: {
* noteReference: note.name,
* },
* });
* const policy = new gcp.binaryauthorization.Policy("policy", {
* defaultAdmissionRule: {
* evaluationMode: "REQUIRE_ATTESTATION",
* enforcementMode: "ENFORCED_BLOCK_AND_AUDIT_LOG",
* requireAttestationsBies: [attestor.name],
* },
* globalPolicyEvaluationMode: "ENABLE",
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* note = gcp.containeranalysis.Note("note",
* name="test-attestor-note",
* attestation_authority={
* "hint": {
* "human_readable_name": "My attestor",
* },
* })
* attestor = gcp.binaryauthorization.Attestor("attestor",
* name="test-attestor",
* attestation_authority_note={
* "note_reference": note.name,
* })
* policy = gcp.binaryauthorization.Policy("policy",
* default_admission_rule={
* "evaluation_mode": "REQUIRE_ATTESTATION",
* "enforcement_mode": "ENFORCED_BLOCK_AND_AUDIT_LOG",
* "require_attestations_bies": [attestor.name],
* },
* global_policy_evaluation_mode="ENABLE")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var note = new Gcp.ContainerAnalysis.Note("note", new()
* {
* Name = "test-attestor-note",
* AttestationAuthority = new Gcp.ContainerAnalysis.Inputs.NoteAttestationAuthorityArgs
* {
* Hint = new Gcp.ContainerAnalysis.Inputs.NoteAttestationAuthorityHintArgs
* {
* HumanReadableName = "My attestor",
* },
* },
* });
* var attestor = new Gcp.BinaryAuthorization.Attestor("attestor", new()
* {
* Name = "test-attestor",
* AttestationAuthorityNote = new Gcp.BinaryAuthorization.Inputs.AttestorAttestationAuthorityNoteArgs
* {
* NoteReference = note.Name,
* },
* });
* var policy = new Gcp.BinaryAuthorization.Policy("policy", new()
* {
* DefaultAdmissionRule = new Gcp.BinaryAuthorization.Inputs.PolicyDefaultAdmissionRuleArgs
* {
* EvaluationMode = "REQUIRE_ATTESTATION",
* EnforcementMode = "ENFORCED_BLOCK_AND_AUDIT_LOG",
* RequireAttestationsBies = new[]
* {
* attestor.Name,
* },
* },
* GlobalPolicyEvaluationMode = "ENABLE",
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/binaryauthorization"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/containeranalysis"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* note, err := containeranalysis.NewNote(ctx, "note", &containeranalysis.NoteArgs{
* Name: pulumi.String("test-attestor-note"),
* AttestationAuthority: &containeranalysis.NoteAttestationAuthorityArgs{
* Hint: &containeranalysis.NoteAttestationAuthorityHintArgs{
* HumanReadableName: pulumi.String("My attestor"),
* },
* },
* })
* if err != nil {
* return err
* }
* attestor, err := binaryauthorization.NewAttestor(ctx, "attestor", &binaryauthorization.AttestorArgs{
* Name: pulumi.String("test-attestor"),
* AttestationAuthorityNote: &binaryauthorization.AttestorAttestationAuthorityNoteArgs{
* NoteReference: note.Name,
* },
* })
* if err != nil {
* return err
* }
* _, err = binaryauthorization.NewPolicy(ctx, "policy", &binaryauthorization.PolicyArgs{
* DefaultAdmissionRule: &binaryauthorization.PolicyDefaultAdmissionRuleArgs{
* EvaluationMode: pulumi.String("REQUIRE_ATTESTATION"),
* EnforcementMode: pulumi.String("ENFORCED_BLOCK_AND_AUDIT_LOG"),
* RequireAttestationsBies: pulumi.StringArray{
* attestor.Name,
* },
* },
* GlobalPolicyEvaluationMode: pulumi.String("ENABLE"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.containeranalysis.Note;
* import com.pulumi.gcp.containeranalysis.NoteArgs;
* import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityArgs;
* import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityHintArgs;
* import com.pulumi.gcp.binaryauthorization.Attestor;
* import com.pulumi.gcp.binaryauthorization.AttestorArgs;
* import com.pulumi.gcp.binaryauthorization.inputs.AttestorAttestationAuthorityNoteArgs;
* import com.pulumi.gcp.binaryauthorization.Policy;
* import com.pulumi.gcp.binaryauthorization.PolicyArgs;
* import com.pulumi.gcp.binaryauthorization.inputs.PolicyDefaultAdmissionRuleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var note = new Note("note", NoteArgs.builder()
* .name("test-attestor-note")
* .attestationAuthority(NoteAttestationAuthorityArgs.builder()
* .hint(NoteAttestationAuthorityHintArgs.builder()
* .humanReadableName("My attestor")
* .build())
* .build())
* .build());
* var attestor = new Attestor("attestor", AttestorArgs.builder()
* .name("test-attestor")
* .attestationAuthorityNote(AttestorAttestationAuthorityNoteArgs.builder()
* .noteReference(note.name())
* .build())
* .build());
* var policy = new Policy("policy", PolicyArgs.builder()
* .defaultAdmissionRule(PolicyDefaultAdmissionRuleArgs.builder()
* .evaluationMode("REQUIRE_ATTESTATION")
* .enforcementMode("ENFORCED_BLOCK_AND_AUDIT_LOG")
* .requireAttestationsBies(attestor.name())
* .build())
* .globalPolicyEvaluationMode("ENABLE")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* policy:
* type: gcp:binaryauthorization:Policy
* properties:
* defaultAdmissionRule:
* evaluationMode: REQUIRE_ATTESTATION
* enforcementMode: ENFORCED_BLOCK_AND_AUDIT_LOG
* requireAttestationsBies:
* - ${attestor.name}
* globalPolicyEvaluationMode: ENABLE
* note:
* type: gcp:containeranalysis:Note
* properties:
* name: test-attestor-note
* attestationAuthority:
* hint:
* humanReadableName: My attestor
* attestor:
* type: gcp:binaryauthorization:Attestor
* properties:
* name: test-attestor
* attestationAuthorityNote:
* noteReference: ${note.name}
* ```
*
* ## Import
* Policy can be imported using any of these accepted formats:
* * `projects/{{project}}`
* * `{{project}}`
* When using the `pulumi import` command, Policy can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:binaryauthorization/policy:Policy default projects/{{project}}
* ```
* ```sh
* $ pulumi import gcp:binaryauthorization/policy:Policy default {{project}}
* ```
* */*/*/*/*/*/
*/
public class Policy internal constructor(
override val javaResource: com.pulumi.gcp.binaryauthorization.Policy,
) : KotlinCustomResource(javaResource, PolicyMapper) {
/**
* A whitelist of image patterns to exclude from admission rules. If an image's name matches a whitelist pattern, the
* image's admission requests will always be permitted regardless of your admission rules.
*/
public val admissionWhitelistPatterns: Output>?
get() = javaResource.admissionWhitelistPatterns().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
policyAdmissionWhitelistPatternToKotlin(args0)
})
})
}).orElse(null)
})
/**
* Per-cluster admission rules. An admission rule specifies either that all container images used in a pod creation request
* must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be
* denied. There can be at most one admission rule per cluster spec. Identifier format: '{{location}}.{{clusterId}}'. A
* location is either a compute zone (e.g. 'us-central1-a') or a region (e.g. 'us-central1').
*/
public val clusterAdmissionRules: Output>?
get() = javaResource.clusterAdmissionRules().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
policyClusterAdmissionRuleToKotlin(args0)
})
})
}).orElse(null)
})
/**
* Default admission rule for a cluster without a per-cluster admission
* rule.
* Structure is documented below.
*/
public val defaultAdmissionRule: Output
get() = javaResource.defaultAdmissionRule().applyValue({ args0 ->
args0.let({ args0 ->
policyDefaultAdmissionRuleToKotlin(args0)
})
})
/**
* A descriptive comment.
*/
public val description: Output?
get() = javaResource.description().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not
* covered by the global policy will be subject to the project admission policy. Possible values: ["ENABLE", "DISABLE"]
*/
public val globalPolicyEvaluationMode: Output
get() = javaResource.globalPolicyEvaluationMode().applyValue({ args0 -> args0 })
public val project: Output
get() = javaResource.project().applyValue({ args0 -> args0 })
}
public object PolicyMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.gcp.binaryauthorization.Policy::class == javaResource::class
override fun map(javaResource: Resource): Policy = Policy(
javaResource as
com.pulumi.gcp.binaryauthorization.Policy,
)
}
/**
* @see [Policy].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [Policy].
*/
public suspend fun policy(name: String, block: suspend PolicyResourceBuilder.() -> Unit): Policy {
val builder = PolicyResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [Policy].
* @param name The _unique_ name of the resulting resource.
*/
public fun policy(name: String): Policy {
val builder = PolicyResourceBuilder()
builder.name(name)
return builder.build()
}
