# Functions

New creates a new Service.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
NewService creates a new Service.
No description provided by the author

# Constants

See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.

# Structs

AdmissionRule: An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied.
AdmissionWhitelistPattern: An admission allowlist pattern exempts images from checks by admission rules.
AllowlistResult: Result of evaluating an image name allowlist.
AttestationAuthenticator: An attestation authenticator that will be used to verify attestations.
AttestationOccurrence: Occurrence that represents a single "attestation".
AttestationSource: Specifies the locations for fetching the provenance attestations.
Attestor: An attestor that attests to container image artifacts.
AttestorPublicKey: An attestor public key that will be used to verify attestations signed by this attestor.
Binding: Associates `members`, or principals, with a `role`.
Check: A single check to perform against a Pod.
CheckResult: Result of evaluating one check.
CheckResults: Result of evaluating one or more checks.
CheckSet: A conjunction of policy checks, scoped to a particular namespace or Kubernetes service account.
CheckSetResult: Result of evaluating one check set.
Empty: A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs.
EvaluateGkePolicyRequest: Request message for PlatformPolicyEvaluationService.EvaluateGkePolicy.
EvaluateGkePolicyResponse: Response message for PlatformPolicyEvaluationService.EvaluateGkePolicy.
EvaluationResult: Result of evaluating one check.
Expr: Represents a textual expression in the Common Expression Language (CEL) syntax.
GkePolicy: A Binary Authorization policy for a GKE cluster.
IamPolicy: An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
ImageAllowlist: Images that are exempted from normal checks based on name pattern only.
ImageFreshnessCheck: An image freshness check, which rejects images that were uploaded before the set number of days ago to the supported repositories.
ImageResult: Result of evaluating one image.
No description provided by the author
ListAttestorsResponse: Response message for BinauthzManagementServiceV1.ListAttestors.
ListPlatformPoliciesResponse: Response message for PlatformPolicyManagementService.ListPlatformPolicies.
PkixPublicKey: A public key in the PkixPublicKey format (https://tools.ietf.org/html/rfc5280#section-4.1.2.7).
PkixPublicKeySet: A bundle of PKIX public keys, used to authenticate attestation signatures.
PlatformPolicy: A Binary Authorization platform policy for deployments on various platforms.
PodResult: Result of evaluating the whole GKE policy for one Pod.
Policy: A policy for container image binary authorization.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
Scope: A scope specifier for `CheckSet` objects.
No description provided by the author
SetIamPolicyRequest: Request message for `SetIamPolicy` method.
Signature: Verifiers (e.g.
SigstoreAuthority: A Sigstore authority, used to verify signatures that are created by Sigstore.
SigstorePublicKey: A Sigstore public key.
SigstorePublicKeySet: A bundle of Sigstore public keys, used to verify Sigstore signatures.
SigstoreSignatureCheck: A Sigstore signature check, which verifies the Sigstore signature associated with an image.
SimpleSigningAttestationCheck: Require a signed DSSE (https://github.com/secure-systems-lab/dsse) attestation with type SimpleSigning.
SlsaCheck: A SLSA provenance attestation check, which ensures that images are built by a trusted builder using source code from its trusted repositories only.
No description provided by the author
No description provided by the author
TestIamPermissionsRequest: Request message for `TestIamPermissions` method.
TestIamPermissionsResponse: Response message for `TestIamPermissions` method.
TrustedDirectoryCheck: A trusted directory check, which rejects images that do not come from the set of user-configured trusted directories.
UserOwnedGrafeasNote: An user owned Grafeas note references a Grafeas Attestation.Authority Note created by the user.
ValidateAttestationOccurrenceRequest: Request message for ValidationHelperV1.ValidateAttestationOccurrence.
ValidateAttestationOccurrenceResponse: Response message for ValidationHelperV1.ValidateAttestationOccurrence.
VerificationRule: Specifies verification rules for evaluating the SLSA attestations including: which builders to trust, where to fetch the SLSA attestations generated by those builders, and other builder-specific evaluation rules such as which source repositories are trusted.
VulnerabilityCheck: An image vulnerability check, which rejects images that violate the configured vulnerability rules.