import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * An attestor that attests to container image artifacts. * * To get more information about Attestor, see: * * * [API documentation](https://cloud.google.com/binary-authorization/docs/reference/rest/) * * How-to Guides * * [Official Documentation](https://cloud.google.com/binary-authorization/) * * ## Example Usage * * ### Binary Authorization Attestor Basic * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const note = new gcp.containeranalysis.Note("note", { * name: "test-attestor-note", * attestationAuthority: { * hint: { * humanReadableName: "Attestor Note", * }, * }, * }); * const attestor = new gcp.binaryauthorization.Attestor("attestor", { * name: "test-attestor", * attestationAuthorityNote: { * noteReference: note.name, * publicKeys: [{ * asciiArmoredPgpPublicKey: `mQENBFtP0doBCADF+joTiXWKVuP8kJt3fgpBSjT9h8ezMfKA4aXZctYLx5wslWQl * bB7Iu2ezkECNzoEeU7WxUe8a61pMCh9cisS9H5mB2K2uM4Jnf8tgFeXn3akJDVo0 * oR1IC+Dp9mXbRSK3MAvKkOwWlG99sx3uEdvmeBRHBOO+grchLx24EThXFOyP9Fk6 * V39j6xMjw4aggLD15B4V0v9JqBDdJiIYFzszZDL6pJwZrzcP0z8JO4rTZd+f64bD * Mpj52j/pQfA8lZHOaAgb1OrthLdMrBAjoDjArV4Ek7vSbrcgYWcI6BhsQrFoxKdX * 83TZKai55ZCfCLIskwUIzA1NLVwyzCS+fSN/ABEBAAG0KCJUZXN0IEF0dGVzdG9y * IiA8ZGFuYWhvZmZtYW5AZ29vZ2xlLmNvbT6JAU4EEwEIADgWIQRfWkqHt6hpTA1L * uY060eeM4dc66AUCW0/R2gIbLwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRA6 * 0eeM4dc66HdpCAC4ot3b0OyxPb0Ip+WT2U0PbpTBPJklesuwpIrM4Lh0N+1nVRLC * 51WSmVbM8BiAFhLbN9LpdHhds1kUrHF7+wWAjdR8sqAj9otc6HGRM/3qfa2qgh+U * WTEk/3us/rYSi7T7TkMuutRMIa1IkR13uKiW56csEMnbOQpn9rDqwIr5R8nlZP5h * MAU9vdm1DIv567meMqTaVZgR3w7bck2P49AO8lO5ERFpVkErtu/98y+rUy9d789l * +OPuS1NGnxI1YKsNaWJF4uJVuvQuZ1twrhCbGNtVorO2U12+cEq+YtUxj7kmdOC1 * qoIRW6y0+UlAc+MbqfL0ziHDOAmcqz1GnROg * =6Bvm * `, * }], * }, * }); * ``` * ### Binary Authorization Attestor Kms * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const keyring = new gcp.kms.KeyRing("keyring", { * name: "test-attestor-key-ring", * location: "global", * }); * const crypto_key = new gcp.kms.CryptoKey("crypto-key", { * name: "test-attestor-key", * keyRing: keyring.id, * purpose: "ASYMMETRIC_SIGN", * versionTemplate: { * algorithm: "RSA_SIGN_PKCS1_4096_SHA512", * }, * }); * const version = gcp.kms.getKMSCryptoKeyVersionOutput({ * cryptoKey: crypto_key.id, * }); * const note = new gcp.containeranalysis.Note("note", { * name: "test-attestor-note", * attestationAuthority: { * hint: { * humanReadableName: "Attestor Note", * }, * }, * }); * const attestor = new gcp.binaryauthorization.Attestor("attestor", { * name: "test-attestor", * attestationAuthorityNote: { * noteReference: note.name, * publicKeys: [{ * id: version.apply(version => version.id), * pkixPublicKey: { * publicKeyPem: version.apply(version => version.publicKeys?.[0]?.pem), * signatureAlgorithm: version.apply(version => version.publicKeys?.[0]?.algorithm), * }, * }], * }, * }); * ``` * * ## Import * * Attestor can be imported using any of these accepted formats: * * * `projects/{{project}}/attestors/{{name}}` * * `{{project}}/{{name}}` * * `{{name}}` * * When using the `pulumi import` command, Attestor can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:binaryauthorization/attestor:Attestor default projects/{{project}}/attestors/{{name}} * $ pulumi import gcp:binaryauthorization/attestor:Attestor default {{project}}/{{name}} * $ pulumi import gcp:binaryauthorization/attestor:Attestor default {{name}} * ``` */ export declare class Attestor extends pulumi.CustomResource { /** * Get an existing Attestor resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: AttestorState, opts?: pulumi.CustomResourceOptions): Attestor; /** * Returns true if the given object is an instance of Attestor. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Attestor; /** * A Container Analysis ATTESTATION_AUTHORITY Note, created by the user. * Structure is documented below. */ readonly attestationAuthorityNote: pulumi.Output; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ readonly deletionPolicy: pulumi.Output; /** * A descriptive comment. This field may be updated. The field may be * displayed in chooser dialogs. */ readonly description: pulumi.Output; /** * The resource name. */ readonly name: pulumi.Output; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ readonly project: pulumi.Output; /** * Create a Attestor resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: AttestorArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering Attestor resources. */ export interface AttestorState { /** * A Container Analysis ATTESTATION_AUTHORITY Note, created by the user. * Structure is documented below. */ attestationAuthorityNote?: pulumi.Input; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ deletionPolicy?: pulumi.Input; /** * A descriptive comment. This field may be updated. The field may be * displayed in chooser dialogs. */ description?: pulumi.Input; /** * The resource name. */ name?: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; } /** * The set of arguments for constructing a Attestor resource. */ export interface AttestorArgs { /** * A Container Analysis ATTESTATION_AUTHORITY Note, created by the user. * Structure is documented below. */ attestationAuthorityNote: pulumi.Input; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ deletionPolicy?: pulumi.Input; /** * A descriptive comment. This field may be updated. The field may be * displayed in chooser dialogs. */ description?: pulumi.Input; /** * The resource name. */ name?: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; } //# sourceMappingURL=attestor.d.ts.map