Struct gcp_client::google::cloud::binaryauthorization::v1beta1::AdmissionRule

pub struct AdmissionRule {
    pub evaluation_mode: i32,
    pub require_attestations_by: Vec<String>,
    pub enforcement_mode: i32,
}

An [admission rule][google.cloud.binaryauthorization.v1beta1.AdmissionRule] specifies either that all container images used in a pod creation request must be attested to by one or more [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], that all pod creations will be allowed, or that all pod creations will be denied.

Images matching an [admission whitelist pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] are exempted from admission rules and will never block a pod creation.

Fields

evaluation_mode: i32

Required. How this admission rule will be evaluated.

require_attestations_by: Vec<String>

Optional. The resource names of the attestors that must attest to a container image, in the format projects/*/attestors/*. Each attestor must exist before a policy can reference it. To add an attestor to a policy the principal issuing the policy change request must be able to read the attestor resource.

Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty.

enforcement_mode: i32

Required. The action when a pod creation is denied by the admission rule.

Implementations

impl AdmissionRule

pub fn evaluation_mode(&self) -> EvaluationMode

Returns the enum value of evaluation_mode, or the default if the field is set to an invalid enum value.

pub fn set_evaluation_mode(&mut self, value: EvaluationMode)

Sets evaluation_mode to the provided enum value.

pub fn enforcement_mode(&self) -> EnforcementMode

Returns the enum value of enforcement_mode, or the default if the field is set to an invalid enum value.

pub fn set_enforcement_mode(&mut self, value: EnforcementMode)

Sets enforcement_mode to the provided enum value.

Trait Implementations

impl Clone for AdmissionRule

fn clone(&self) -> AdmissionRule

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for AdmissionRule

fn fmt(&self, f: &mut Formatter) -> Result

Formats the value using the given formatter.

impl Default for AdmissionRule

fn default() -> AdmissionRule

Returns the "default value" for a type.

impl Message for AdmissionRule

fn encode_raw<B>(&self, buf: &mut B) where
    B: BufMut, 

fn merge_field<B>(
    &mut self,
    tag: u32,
    wire_type: WireType,
    buf: &mut B,
    ctx: DecodeContext
) -> Result<(), DecodeError> where
    B: Buf, 

fn encoded_len(&self) -> usize

Returns the encoded length of the message without a length delimiter.

fn clear(&mut self)

Clears the message, resetting all fields to their default.

fn encode<B>(&self, buf: &mut B) -> Result<(), EncodeError> where
    B: BufMut, 

Encodes the message to a buffer.

fn encode_length_delimited<B>(&self, buf: &mut B) -> Result<(), EncodeError> where
    B: BufMut, 

Encodes the message with a length-delimiter to a buffer.

fn decode<B>(buf: B) -> Result<Self, DecodeError> where
    B: Buf,
    Self: Default, 

Decodes an instance of the message from a buffer.

fn decode_length_delimited<B>(buf: B) -> Result<Self, DecodeError> where
    B: Buf,
    Self: Default, 

Decodes a length-delimited instance of the message from the buffer.

fn merge<B>(&mut self, buf: B) -> Result<(), DecodeError> where
    B: Buf, 

Decodes an instance of the message from a buffer, and merges it into self.

fn merge_length_delimited<B>(&mut self, buf: B) -> Result<(), DecodeError> where
    B: Buf, 

Decodes a length-delimited instance of the message from buffer, and merges it into self.

impl PartialEq<AdmissionRule> for AdmissionRule

fn eq(&self, other: &AdmissionRule) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &AdmissionRule) -> bool

This method tests for !=.

impl StructuralPartialEq for AdmissionRule