gcp.containeranalysis.Occurence
Explore with Pulumi AI
An occurrence is an instance of a Note, or type of analysis that can be done for a resource.
To get more information about Occurrence, see:
- API documentation
- How-to Guides
Example Usage
Container Analysis Occurrence Kms
Coming soon!
Coming soon!
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.containeranalysis.Note;
import com.pulumi.gcp.containeranalysis.NoteArgs;
import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityArgs;
import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityHintArgs;
import com.pulumi.gcp.kms.KmsFunctions;
import com.pulumi.gcp.kms.inputs.GetKMSKeyRingArgs;
import com.pulumi.gcp.kms.inputs.GetKMSCryptoKeyArgs;
import com.pulumi.gcp.kms.inputs.GetKMSCryptoKeyVersionArgs;
import com.pulumi.gcp.binaryauthorization.Attestor;
import com.pulumi.gcp.binaryauthorization.AttestorArgs;
import com.pulumi.gcp.binaryauthorization.inputs.AttestorAttestationAuthorityNoteArgs;
import com.pulumi.gcp.containeranalysis.Occurence;
import com.pulumi.gcp.containeranalysis.OccurenceArgs;
import com.pulumi.gcp.containeranalysis.inputs.OccurenceAttestationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var note = new Note("note", NoteArgs.builder()
.name("attestation-note")
.attestationAuthority(NoteAttestationAuthorityArgs.builder()
.hint(NoteAttestationAuthorityHintArgs.builder()
.humanReadableName("Attestor Note")
.build())
.build())
.build());
final var keyring = KmsFunctions.getKMSKeyRing(GetKMSKeyRingArgs.builder()
.name("my-key-ring")
.location("global")
.build());
final var crypto-key = KmsFunctions.getKMSCryptoKey(GetKMSCryptoKeyArgs.builder()
.name("my-key")
.keyRing(keyring.applyValue(getKMSKeyRingResult -> getKMSKeyRingResult.id()))
.build());
final var version = KmsFunctions.getKMSCryptoKeyVersion(GetKMSCryptoKeyVersionArgs.builder()
.cryptoKey(crypto_key.id())
.build());
var attestor = new Attestor("attestor", AttestorArgs.builder()
.name("attestor")
.attestationAuthorityNote(AttestorAttestationAuthorityNoteArgs.builder()
.noteReference(note.name())
.publicKeys(AttestorAttestationAuthorityNotePublicKeyArgs.builder()
.id(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.id()))
.pkixPublicKey(AttestorAttestationAuthorityNotePublicKeyPkixPublicKeyArgs.builder()
.publicKeyPem(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.publicKeys()[0].pem()))
.signatureAlgorithm(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.publicKeys()[0].algorithm()))
.build())
.build())
.build())
.build());
var occurrence = new Occurence("occurrence", OccurenceArgs.builder()
.resourceUri("gcr.io/my-project/my-image")
.noteName(note.id())
.attestation(OccurenceAttestationArgs.builder()
.serializedPayload(StdFunctions.filebase64(Filebase64Args.builder()
.input("path/to/my/payload.json")
.build()).result())
.signatures(OccurenceAttestationSignatureArgs.builder()
.publicKeyId(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.id()))
.serializedPayload(StdFunctions.filebase64(Filebase64Args.builder()
.input("path/to/my/payload.json.sig")
.build()).result())
.build())
.build())
.build());
}
}
resources:
attestor:
type: gcp:binaryauthorization:Attestor
properties:
name: attestor
attestationAuthorityNote:
noteReference: ${note.name}
publicKeys:
- id: ${version.id}
pkixPublicKey:
publicKeyPem: ${version.publicKeys[0].pem}
signatureAlgorithm: ${version.publicKeys[0].algorithm}
note:
type: gcp:containeranalysis:Note
properties:
name: attestation-note
attestationAuthority:
hint:
humanReadableName: Attestor Note
occurrence:
type: gcp:containeranalysis:Occurence
properties:
resourceUri: gcr.io/my-project/my-image
noteName: ${note.id}
attestation:
serializedPayload:
fn::invoke:
Function: std:filebase64
Arguments:
input: path/to/my/payload.json
Return: result
signatures:
- publicKeyId: ${version.id}
serializedPayload:
fn::invoke:
Function: std:filebase64
Arguments:
input: path/to/my/payload.json.sig
Return: result
variables:
keyring:
fn::invoke:
Function: gcp:kms:getKMSKeyRing
Arguments:
name: my-key-ring
location: global
crypto-key:
fn::invoke:
Function: gcp:kms:getKMSCryptoKey
Arguments:
name: my-key
keyRing: ${keyring.id}
version:
fn::invoke:
Function: gcp:kms:getKMSCryptoKeyVersion
Arguments:
cryptoKey: ${["crypto-key"].id}
Create Occurence Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Occurence(name: string, args: OccurenceArgs, opts?: CustomResourceOptions);
@overload
def Occurence(resource_name: str,
args: OccurenceArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Occurence(resource_name: str,
opts: Optional[ResourceOptions] = None,
attestation: Optional[OccurenceAttestationArgs] = None,
note_name: Optional[str] = None,
resource_uri: Optional[str] = None,
project: Optional[str] = None,
remediation: Optional[str] = None)
func NewOccurence(ctx *Context, name string, args OccurenceArgs, opts ...ResourceOption) (*Occurence, error)
public Occurence(string name, OccurenceArgs args, CustomResourceOptions? opts = null)
public Occurence(String name, OccurenceArgs args)
public Occurence(String name, OccurenceArgs args, CustomResourceOptions options)
type: gcp:containeranalysis:Occurence
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args OccurenceArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args OccurenceArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args OccurenceArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args OccurenceArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args OccurenceArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var occurenceResource = new Gcp.ContainerAnalysis.Occurence("occurenceResource", new()
{
Attestation = new Gcp.ContainerAnalysis.Inputs.OccurenceAttestationArgs
{
SerializedPayload = "string",
Signatures = new[]
{
new Gcp.ContainerAnalysis.Inputs.OccurenceAttestationSignatureArgs
{
PublicKeyId = "string",
Signature = "string",
},
},
},
NoteName = "string",
ResourceUri = "string",
Project = "string",
Remediation = "string",
});
example, err := containeranalysis.NewOccurence(ctx, "occurenceResource", &containeranalysis.OccurenceArgs{
Attestation: &containeranalysis.OccurenceAttestationArgs{
SerializedPayload: pulumi.String("string"),
Signatures: containeranalysis.OccurenceAttestationSignatureArray{
&containeranalysis.OccurenceAttestationSignatureArgs{
PublicKeyId: pulumi.String("string"),
Signature: pulumi.String("string"),
},
},
},
NoteName: pulumi.String("string"),
ResourceUri: pulumi.String("string"),
Project: pulumi.String("string"),
Remediation: pulumi.String("string"),
})
var occurenceResource = new Occurence("occurenceResource", OccurenceArgs.builder()
.attestation(OccurenceAttestationArgs.builder()
.serializedPayload("string")
.signatures(OccurenceAttestationSignatureArgs.builder()
.publicKeyId("string")
.signature("string")
.build())
.build())
.noteName("string")
.resourceUri("string")
.project("string")
.remediation("string")
.build());
occurence_resource = gcp.containeranalysis.Occurence("occurenceResource",
attestation={
"serialized_payload": "string",
"signatures": [{
"public_key_id": "string",
"signature": "string",
}],
},
note_name="string",
resource_uri="string",
project="string",
remediation="string")
const occurenceResource = new gcp.containeranalysis.Occurence("occurenceResource", {
attestation: {
serializedPayload: "string",
signatures: [{
publicKeyId: "string",
signature: "string",
}],
},
noteName: "string",
resourceUri: "string",
project: "string",
remediation: "string",
});
type: gcp:containeranalysis:Occurence
properties:
attestation:
serializedPayload: string
signatures:
- publicKeyId: string
signature: string
noteName: string
project: string
remediation: string
resourceUri: string
Occurence Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Occurence resource accepts the following input properties:
- Attestation
Occurence
Attestation - Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
- Note
Name string - The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
- Resource
Uri string - Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
- Project string
- Remediation string
- A description of actions that can be taken to remedy the note.
- Attestation
Occurence
Attestation Args - Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
- Note
Name string - The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
- Resource
Uri string - Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
- Project string
- Remediation string
- A description of actions that can be taken to remedy the note.
- attestation
Occurence
Attestation - Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
- note
Name String - The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
- resource
Uri String - Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
- project String
- remediation String
- A description of actions that can be taken to remedy the note.
- attestation
Occurence
Attestation - Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
- note
Name string - The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
- resource
Uri string - Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
- project string
- remediation string
- A description of actions that can be taken to remedy the note.
- attestation
Occurence
Attestation Args - Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
- note_
name str - The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
- resource_
uri str - Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
- project str
- remediation str
- A description of actions that can be taken to remedy the note.
- attestation Property Map
- Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
- note
Name String - The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
- resource
Uri String - Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
- project String
- remediation String
- A description of actions that can be taken to remedy the note.
Outputs
All input properties are implicitly available as output properties. Additionally, the Occurence resource produces the following output properties:
- Create
Time string - The time when the repository was created.
- Id string
- The provider-assigned unique ID for this managed resource.
- Kind string
- The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- Name string
- The name of the occurrence.
- Update
Time string - The time when the repository was last updated.
- Create
Time string - The time when the repository was created.
- Id string
- The provider-assigned unique ID for this managed resource.
- Kind string
- The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- Name string
- The name of the occurrence.
- Update
Time string - The time when the repository was last updated.
- create
Time String - The time when the repository was created.
- id String
- The provider-assigned unique ID for this managed resource.
- kind String
- The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- name String
- The name of the occurrence.
- update
Time String - The time when the repository was last updated.
- create
Time string - The time when the repository was created.
- id string
- The provider-assigned unique ID for this managed resource.
- kind string
- The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- name string
- The name of the occurrence.
- update
Time string - The time when the repository was last updated.
- create_
time str - The time when the repository was created.
- id str
- The provider-assigned unique ID for this managed resource.
- kind str
- The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- name str
- The name of the occurrence.
- update_
time str - The time when the repository was last updated.
- create
Time String - The time when the repository was created.
- id String
- The provider-assigned unique ID for this managed resource.
- kind String
- The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- name String
- The name of the occurrence.
- update
Time String - The time when the repository was last updated.
Look up Existing Occurence Resource
Get an existing Occurence resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: OccurenceState, opts?: CustomResourceOptions): Occurence
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
attestation: Optional[OccurenceAttestationArgs] = None,
create_time: Optional[str] = None,
kind: Optional[str] = None,
name: Optional[str] = None,
note_name: Optional[str] = None,
project: Optional[str] = None,
remediation: Optional[str] = None,
resource_uri: Optional[str] = None,
update_time: Optional[str] = None) -> Occurence
func GetOccurence(ctx *Context, name string, id IDInput, state *OccurenceState, opts ...ResourceOption) (*Occurence, error)
public static Occurence Get(string name, Input<string> id, OccurenceState? state, CustomResourceOptions? opts = null)
public static Occurence get(String name, Output<String> id, OccurenceState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Attestation
Occurence
Attestation - Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
- Create
Time string - The time when the repository was created.
- Kind string
- The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- Name string
- The name of the occurrence.
- Note
Name string - The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
- Project string
- Remediation string
- A description of actions that can be taken to remedy the note.
- Resource
Uri string - Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
- Update
Time string - The time when the repository was last updated.
- Attestation
Occurence
Attestation Args - Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
- Create
Time string - The time when the repository was created.
- Kind string
- The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- Name string
- The name of the occurrence.
- Note
Name string - The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
- Project string
- Remediation string
- A description of actions that can be taken to remedy the note.
- Resource
Uri string - Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
- Update
Time string - The time when the repository was last updated.
- attestation
Occurence
Attestation - Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
- create
Time String - The time when the repository was created.
- kind String
- The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- name String
- The name of the occurrence.
- note
Name String - The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
- project String
- remediation String
- A description of actions that can be taken to remedy the note.
- resource
Uri String - Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
- update
Time String - The time when the repository was last updated.
- attestation
Occurence
Attestation - Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
- create
Time string - The time when the repository was created.
- kind string
- The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- name string
- The name of the occurrence.
- note
Name string - The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
- project string
- remediation string
- A description of actions that can be taken to remedy the note.
- resource
Uri string - Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
- update
Time string - The time when the repository was last updated.
- attestation
Occurence
Attestation Args - Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
- create_
time str - The time when the repository was created.
- kind str
- The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- name str
- The name of the occurrence.
- note_
name str - The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
- project str
- remediation str
- A description of actions that can be taken to remedy the note.
- resource_
uri str - Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
- update_
time str - The time when the repository was last updated.
- attestation Property Map
- Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
- create
Time String - The time when the repository was created.
- kind String
- The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
- name String
- The name of the occurrence.
- note
Name String - The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
- project String
- remediation String
- A description of actions that can be taken to remedy the note.
- resource
Uri String - Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
- update
Time String - The time when the repository was last updated.
Supporting Types
OccurenceAttestation, OccurenceAttestationArgs
- Serialized
Payload string - The serialized payload that is verified by one or more signatures. A base64-encoded string.
- Signatures
List<Occurence
Attestation Signature> - One or more signatures over serializedPayload. Verifier implementations should consider this attestation message verified if at least one signature verifies serializedPayload. See Signature in common.proto for more details on signature structure and verification. Structure is documented below.
- Serialized
Payload string - The serialized payload that is verified by one or more signatures. A base64-encoded string.
- Signatures
[]Occurence
Attestation Signature - One or more signatures over serializedPayload. Verifier implementations should consider this attestation message verified if at least one signature verifies serializedPayload. See Signature in common.proto for more details on signature structure and verification. Structure is documented below.
- serialized
Payload String - The serialized payload that is verified by one or more signatures. A base64-encoded string.
- signatures
List<Occurence
Attestation Signature> - One or more signatures over serializedPayload. Verifier implementations should consider this attestation message verified if at least one signature verifies serializedPayload. See Signature in common.proto for more details on signature structure and verification. Structure is documented below.
- serialized
Payload string - The serialized payload that is verified by one or more signatures. A base64-encoded string.
- signatures
Occurence
Attestation Signature[] - One or more signatures over serializedPayload. Verifier implementations should consider this attestation message verified if at least one signature verifies serializedPayload. See Signature in common.proto for more details on signature structure and verification. Structure is documented below.
- serialized_
payload str - The serialized payload that is verified by one or more signatures. A base64-encoded string.
- signatures
Sequence[Occurence
Attestation Signature] - One or more signatures over serializedPayload. Verifier implementations should consider this attestation message verified if at least one signature verifies serializedPayload. See Signature in common.proto for more details on signature structure and verification. Structure is documented below.
- serialized
Payload String - The serialized payload that is verified by one or more signatures. A base64-encoded string.
- signatures List<Property Map>
- One or more signatures over serializedPayload. Verifier implementations should consider this attestation message verified if at least one signature verifies serializedPayload. See Signature in common.proto for more details on signature structure and verification. Structure is documented below.
OccurenceAttestationSignature, OccurenceAttestationSignatureArgs
- Public
Key stringId - The identifier for the public key that verifies this
signature. MUST be an RFC3986 conformant
URI. * When possible, the key id should be an
immutable reference, such as a cryptographic digest.
Examples of valid values:
- OpenPGP V4 public key fingerprint. See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.
openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA
- RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):
- "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
- Signature string
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
- Public
Key stringId - The identifier for the public key that verifies this
signature. MUST be an RFC3986 conformant
URI. * When possible, the key id should be an
immutable reference, such as a cryptographic digest.
Examples of valid values:
- OpenPGP V4 public key fingerprint. See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.
openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA
- RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):
- "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
- Signature string
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
- public
Key StringId - The identifier for the public key that verifies this
signature. MUST be an RFC3986 conformant
URI. * When possible, the key id should be an
immutable reference, such as a cryptographic digest.
Examples of valid values:
- OpenPGP V4 public key fingerprint. See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.
openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA
- RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):
- "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
- signature String
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
- public
Key stringId - The identifier for the public key that verifies this
signature. MUST be an RFC3986 conformant
URI. * When possible, the key id should be an
immutable reference, such as a cryptographic digest.
Examples of valid values:
- OpenPGP V4 public key fingerprint. See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.
openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA
- RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):
- "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
- signature string
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
- public_
key_ strid - The identifier for the public key that verifies this
signature. MUST be an RFC3986 conformant
URI. * When possible, the key id should be an
immutable reference, such as a cryptographic digest.
Examples of valid values:
- OpenPGP V4 public key fingerprint. See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.
openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA
- RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):
- "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
- signature str
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
- public
Key StringId - The identifier for the public key that verifies this
signature. MUST be an RFC3986 conformant
URI. * When possible, the key id should be an
immutable reference, such as a cryptographic digest.
Examples of valid values:
- OpenPGP V4 public key fingerprint. See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.
openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA
- RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):
- "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
- signature String
- The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.
Import
Occurrence can be imported using any of these accepted formats:
projects/{{project}}/occurrences/{{name}}
{{project}}/{{name}}
{{name}}
When using the pulumi import
command, Occurrence can be imported using one of the formats above. For example:
$ pulumi import gcp:containeranalysis/occurence:Occurence default projects/{{project}}/occurrences/{{name}}
$ pulumi import gcp:containeranalysis/occurence:Occurence default {{project}}/{{name}}
$ pulumi import gcp:containeranalysis/occurence:Occurence default {{name}}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
google-beta
Terraform Provider.