Struct google_binaryauthorization1::api::AdmissionRule
source · [−]pub struct AdmissionRule {
pub enforcement_mode: Option<String>,
pub evaluation_mode: Option<String>,
pub require_attestations_by: Option<Vec<String>>,
}Expand description
An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.
This type is not used in any activity, and only used as part of another schema.
Fields
enforcement_mode: Option<String>Required. The action when a pod creation is denied by the admission rule.
evaluation_mode: Option<String>Required. How this admission rule will be evaluated.
require_attestations_by: Option<Vec<String>>Optional. The resource names of the attestors that must attest to a container image, in the format projects/*/attestors/*. Each attestor must exist before a policy can reference it. To add an attestor to a policy the principal issuing the policy change request must be able to read the attestor resource. Note: this field must be non-empty when the evaluation_mode field specifies REQUIRE_ATTESTATION, otherwise it must be empty.
Trait Implementations
sourceimpl Clone for AdmissionRule
impl Clone for AdmissionRule
sourcefn clone(&self) -> AdmissionRule
fn clone(&self) -> AdmissionRule
Returns a copy of the value. Read more
1.0.0 · sourcefn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from source. Read more
sourceimpl Debug for AdmissionRule
impl Debug for AdmissionRule
sourceimpl Default for AdmissionRule
impl Default for AdmissionRule
sourcefn default() -> AdmissionRule
fn default() -> AdmissionRule
Returns the “default value” for a type. Read more
sourceimpl<'de> Deserialize<'de> for AdmissionRule
impl<'de> Deserialize<'de> for AdmissionRule
sourcefn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
sourceimpl Serialize for AdmissionRule
impl Serialize for AdmissionRule
impl Part for AdmissionRule
Auto Trait Implementations
impl RefUnwindSafe for AdmissionRule
impl Send for AdmissionRule
impl Sync for AdmissionRule
impl Unpin for AdmissionRule
impl UnwindSafe for AdmissionRule
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
sourceimpl<T> Instrument for T
impl<T> Instrument for T
sourcefn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
sourcefn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
sourceimpl<T> ToOwned for T where
T: Clone,
impl<T> ToOwned for T where
T: Clone,
type Owned = T
type Owned = T
The resulting type after obtaining ownership.
sourcefn clone_into(&self, target: &mut T)
fn clone_into(&self, target: &mut T)
toowned_clone_into)Uses borrowed data to replace owned data, usually by cloning. Read more
sourceimpl<T> WithSubscriber for T
impl<T> WithSubscriber for T
sourcefn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
Attaches the provided Subscriber to this type, returning a
WithDispatch wrapper. Read more
sourcefn with_current_subscriber(self) -> WithDispatch<Self>
fn with_current_subscriber(self) -> WithDispatch<Self>
Attaches the current default Subscriber to this type, returning a
WithDispatch wrapper. Read more