File: binaryauthorization_v1.projects.platforms.gke.policies.html

package info (click to toggle)
python-googleapi 2.182.0-1
  • links: PTS
  • area: main
  • in suites: forky, sid
  • size: 533,852 kB
  • sloc: python: 11,076; javascript: 249; sh: 114; makefile: 59
file content (163 lines) | stat: -rw-r--r-- 7,204 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
 
<html><body>
<style>

body, h1, h2, h3, div, span, p, pre, a {
  margin: 0;
  padding: 0;
  border: 0;
  font-weight: inherit;
  font-style: inherit;
  font-size: 100%;
  font-family: inherit;
  vertical-align: baseline;
}

body {
  font-size: 13px;
  padding: 1em;
}

h1 {
  font-size: 26px;
  margin-bottom: 1em;
}

h2 {
  font-size: 24px;
  margin-bottom: 1em;
}

h3 {
  font-size: 20px;
  margin-bottom: 1em;
  margin-top: 1em;
}

pre, code {
  line-height: 1.5;
  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
}

pre {
  margin-top: 0.5em;
}

h1, h2, h3, p {
  font-family: Arial, sans serif;
}

h1, h2, h3 {
  border-bottom: solid #CCC 1px;
}

.toc_element {
  margin-top: 0.5em;
}

.firstline {
  margin-left: 2 em;
}

.method  {
  margin-top: 1em;
  border: solid 1px #CCC;
  padding: 1em;
  background: #EEE;
}

.details {
  font-weight: bold;
  font-size: 14px;
}

</style>

<h1><a href="binaryauthorization_v1.html">Binary Authorization API</a> . <a href="binaryauthorization_v1.projects.html">projects</a> . <a href="binaryauthorization_v1.projects.platforms.html">platforms</a> . <a href="binaryauthorization_v1.projects.platforms.gke.html">gke</a> . <a href="binaryauthorization_v1.projects.platforms.gke.policies.html">policies</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
  <code><a href="#close">close()</a></code></p>
<p class="firstline">Close httplib2 connections.</p>
<p class="toc_element">
  <code><a href="#evaluate">evaluate(name, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Evaluates a Kubernetes object versus a GKE platform policy. Returns `NOT_FOUND` if the policy doesn't exist, `INVALID_ARGUMENT` if the policy or request is malformed and `PERMISSION_DENIED` if the client does not have sufficient permissions.</p>
<h3>Method Details</h3>
<div class="method">
    <code class="details" id="close">close()</code>
  <pre>Close httplib2 connections.</pre>
</div>

<div class="method">
    <code class="details" id="evaluate">evaluate(name, body=None, x__xgafv=None)</code>
  <pre>Evaluates a Kubernetes object versus a GKE platform policy. Returns `NOT_FOUND` if the policy doesn&#x27;t exist, `INVALID_ARGUMENT` if the policy or request is malformed and `PERMISSION_DENIED` if the client does not have sufficient permissions.

Args:
  name: string, Required. The name of the platform policy to evaluate in the format `projects/*/platforms/*/policies/*`. (required)
  body: object, The request body.
    The object takes the form of:

{ # Request message for PlatformPolicyEvaluationService.EvaluateGkePolicy.
  &quot;resource&quot;: { # Required. JSON or YAML blob representing a Kubernetes resource.
    &quot;a_key&quot;: &quot;&quot;, # Properties of the object.
  },
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response message for PlatformPolicyEvaluationService.EvaluateGkePolicy.
  &quot;results&quot;: [ # Evaluation result for each Pod contained in the request.
    { # Result of evaluating the whole GKE policy for one Pod.
      &quot;imageResults&quot;: [ # Per-image details.
        { # Result of evaluating one image.
          &quot;allowlistResult&quot;: { # Result of evaluating an image name allowlist. # If the image was exempted by a top-level allow_pattern, contains the allowlist pattern that the image name matched.
            &quot;matchedPattern&quot;: &quot;A String&quot;, # The allowlist pattern that the image matched.
          },
          &quot;checkSetResult&quot;: { # Result of evaluating one check set. # If a check set was evaluated, contains the result of the check set. Empty if there were no check sets.
            &quot;allowlistResult&quot;: { # Result of evaluating an image name allowlist. # If the image was exempted by an allow_pattern in the check set, contains the pattern that the image name matched.
              &quot;matchedPattern&quot;: &quot;A String&quot;, # The allowlist pattern that the image matched.
            },
            &quot;checkResults&quot;: { # Result of evaluating one or more checks. # If checks were evaluated, contains the results of evaluating each check.
              &quot;results&quot;: [ # Per-check details.
                { # Result of evaluating one check.
                  &quot;allowlistResult&quot;: { # Result of evaluating an image name allowlist. # If the image was exempted by an allow_pattern in the check, contains the pattern that the image name matched.
                    &quot;matchedPattern&quot;: &quot;A String&quot;, # The allowlist pattern that the image matched.
                  },
                  &quot;displayName&quot;: &quot;A String&quot;, # The name of the check.
                  &quot;evaluationResult&quot;: { # Result of evaluating one check. # If a check was evaluated, contains the result of the check.
                    &quot;verdict&quot;: &quot;A String&quot;, # The result of evaluating this check.
                  },
                  &quot;explanation&quot;: &quot;A String&quot;, # Explanation of this check result.
                  &quot;index&quot;: &quot;A String&quot;, # The index of the check.
                  &quot;type&quot;: &quot;A String&quot;, # The type of the check.
                },
              ],
            },
            &quot;displayName&quot;: &quot;A String&quot;, # The name of the check set.
            &quot;explanation&quot;: &quot;A String&quot;, # Explanation of this check set result. Only populated if no checks were evaluated.
            &quot;index&quot;: &quot;A String&quot;, # The index of the check set.
            &quot;scope&quot;: { # A scope specifier for `CheckSet` objects. # The scope of the check set.
              &quot;kubernetesNamespace&quot;: &quot;A String&quot;, # Optional. Matches all Kubernetes service accounts in the provided namespace, unless a more specific `kubernetes_service_account` scope already matched.
              &quot;kubernetesServiceAccount&quot;: &quot;A String&quot;, # Optional. Matches a single Kubernetes service account, e.g. `my-namespace:my-service-account`. `kubernetes_service_account` scope is always more specific than `kubernetes_namespace` scope for the same namespace.
            },
          },
          &quot;explanation&quot;: &quot;A String&quot;, # Explanation of this image result. Only populated if no check sets were evaluated.
          &quot;imageUri&quot;: &quot;A String&quot;, # Image URI from the request.
          &quot;verdict&quot;: &quot;A String&quot;, # The result of evaluating this image.
        },
      ],
      &quot;kubernetesNamespace&quot;: &quot;A String&quot;, # The Kubernetes namespace of the Pod.
      &quot;kubernetesServiceAccount&quot;: &quot;A String&quot;, # The Kubernetes service account of the Pod.
      &quot;podName&quot;: &quot;A String&quot;, # The name of the Pod.
      &quot;verdict&quot;: &quot;A String&quot;, # The result of evaluating this Pod.
    },
  ],
  &quot;verdict&quot;: &quot;A String&quot;, # The result of evaluating all Pods in the request.
}</pre>
</div>

</body></html>