import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * An occurrence is an instance of a Note, or type of analysis that * can be done for a resource. * * To get more information about Occurrence, see: * * * [API documentation](https://cloud.google.com/container-analysis/api/reference/rest/) * * How-to Guides * * [Official Documentation](https://cloud.google.com/container-analysis/) * * ## Example Usage * * ### Container Analysis Occurrence Kms * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * import * as std from "@pulumi/std"; * * const note = new gcp.containeranalysis.Note("note", { * name: "attestation-note", * attestationAuthority: { * hint: { * humanReadableName: "Attestor Note", * }, * }, * }); * const keyring = gcp.kms.getKMSKeyRing({ * name: "my-key-ring", * location: "global", * }); * const crypto_key = keyring.then(keyring => gcp.kms.getKMSCryptoKey({ * name: "my-key", * keyRing: keyring.id, * })); * const version = crypto_key.then(crypto_key => gcp.kms.getKMSCryptoKeyVersion({ * cryptoKey: crypto_key.id, * })); * const attestor = new gcp.binaryauthorization.Attestor("attestor", { * name: "attestor", * attestationAuthorityNote: { * noteReference: note.name, * publicKeys: [{ * id: version.then(version => version.id), * pkixPublicKey: { * publicKeyPem: version.then(version => version.publicKeys?.[0]?.pem), * signatureAlgorithm: version.then(version => version.publicKeys?.[0]?.algorithm), * }, * }], * }, * }); * const occurrence = new gcp.containeranalysis.Occurence("occurrence", { * resourceUri: "gcr.io/my-project/my-image", * noteName: note.id, * attestation: { * serializedPayload: std.filebase64({ * input: "path/to/my/payload.json", * }).then(invoke => invoke.result), * signatures: [{ * publicKeyId: version.then(version => version.id), * serializedPayload: std.filebase64({ * input: "path/to/my/payload.json.sig", * }).then(invoke => invoke.result), * }], * }, * }); * ``` * * ## Import * * Occurrence can be imported using any of these accepted formats: * * * `projects/{{project}}/occurrences/{{name}}` * * `{{project}}/{{name}}` * * `{{name}}` * * When using the `pulumi import` command, Occurrence can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:containeranalysis/occurence:Occurence default projects/{{project}}/occurrences/{{name}} * $ pulumi import gcp:containeranalysis/occurence:Occurence default {{project}}/{{name}} * $ pulumi import gcp:containeranalysis/occurence:Occurence default {{name}} * ``` */ export declare class Occurence extends pulumi.CustomResource { /** * Get an existing Occurence resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: OccurenceState, opts?: pulumi.CustomResourceOptions): Occurence; /** * Returns true if the given object is an instance of Occurence. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Occurence; /** * Occurrence that represents a single "attestation". The authenticity * of an attestation can be verified using the attached signature. * If the verifier trusts the public key of the signer, then verifying * the signature is sufficient to establish trust. In this circumstance, * the authority to which this attestation is attached is primarily * useful for lookup (how to find this attestation if you already * know the authority and artifact to be verified) and intent (for * which authority this attestation was intended to sign. * Structure is documented below. */ readonly attestation: pulumi.Output; /** * The time when the repository was created. */ readonly createTime: pulumi.Output; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ readonly deletionPolicy: pulumi.Output; /** * The note kind which explicitly denotes which of the occurrence * details are specified. This field can be used as a filter in list * requests. */ readonly kind: pulumi.Output; /** * The name of the occurrence. */ readonly name: pulumi.Output; /** * The analysis note associated with this occurrence, in the form of * projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a * filter in list requests. */ readonly noteName: pulumi.Output; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ readonly project: pulumi.Output; /** * A description of actions that can be taken to remedy the note. */ readonly remediation: pulumi.Output; /** * Required. Immutable. A URI that represents the resource for which * the occurrence applies. For example, * https://gcr.io/project/image@sha256:123abc for a Docker image. */ readonly resourceUri: pulumi.Output; /** * The time when the repository was last updated. */ readonly updateTime: pulumi.Output; /** * Create a Occurence resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: OccurenceArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering Occurence resources. */ export interface OccurenceState { /** * Occurrence that represents a single "attestation". The authenticity * of an attestation can be verified using the attached signature. * If the verifier trusts the public key of the signer, then verifying * the signature is sufficient to establish trust. In this circumstance, * the authority to which this attestation is attached is primarily * useful for lookup (how to find this attestation if you already * know the authority and artifact to be verified) and intent (for * which authority this attestation was intended to sign. * Structure is documented below. */ attestation?: pulumi.Input; /** * The time when the repository was created. */ createTime?: pulumi.Input; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ deletionPolicy?: pulumi.Input; /** * The note kind which explicitly denotes which of the occurrence * details are specified. This field can be used as a filter in list * requests. */ kind?: pulumi.Input; /** * The name of the occurrence. */ name?: pulumi.Input; /** * The analysis note associated with this occurrence, in the form of * projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a * filter in list requests. */ noteName?: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; /** * A description of actions that can be taken to remedy the note. */ remediation?: pulumi.Input; /** * Required. Immutable. A URI that represents the resource for which * the occurrence applies. For example, * https://gcr.io/project/image@sha256:123abc for a Docker image. */ resourceUri?: pulumi.Input; /** * The time when the repository was last updated. */ updateTime?: pulumi.Input; } /** * The set of arguments for constructing a Occurence resource. */ export interface OccurenceArgs { /** * Occurrence that represents a single "attestation". The authenticity * of an attestation can be verified using the attached signature. * If the verifier trusts the public key of the signer, then verifying * the signature is sufficient to establish trust. In this circumstance, * the authority to which this attestation is attached is primarily * useful for lookup (how to find this attestation if you already * know the authority and artifact to be verified) and intent (for * which authority this attestation was intended to sign. * Structure is documented below. */ attestation: pulumi.Input; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ deletionPolicy?: pulumi.Input; /** * The analysis note associated with this occurrence, in the form of * projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a * filter in list requests. */ noteName: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; /** * A description of actions that can be taken to remedy the note. */ remediation?: pulumi.Input; /** * Required. Immutable. A URI that represents the resource for which * the occurrence applies. For example, * https://gcr.io/project/image@sha256:123abc for a Docker image. */ resourceUri: pulumi.Input; } //# sourceMappingURL=occurence.d.ts.map