Class Resources.Policy.Builder (1.79.0) 

publicstaticfinalclass Resources.Policy.BuilderextendsGeneratedMessageV3.Builder<Resources.Policy.Builder>implementsResources.PolicyOrBuilder

A policy for container image binary authorization.

Protobuf type google.cloud.binaryauthorization.v1.Policy

Inherited Members

com.google.protobuf.GeneratedMessageV3.Builder.getUnknownFieldSetBuilder()
com.google.protobuf.GeneratedMessageV3.Builder.internalGetMapFieldReflection(int)
com.google.protobuf.GeneratedMessageV3.Builder.internalGetMutableMapFieldReflection(int)
com.google.protobuf.GeneratedMessageV3.Builder.mergeUnknownLengthDelimitedField(int,com.google.protobuf.ByteString)
com.google.protobuf.GeneratedMessageV3.Builder.mergeUnknownVarintField(int,int)
com.google.protobuf.GeneratedMessageV3.Builder.parseUnknownField(com.google.protobuf.CodedInputStream,com.google.protobuf.ExtensionRegistryLite,int)
com.google.protobuf.GeneratedMessageV3.Builder.setUnknownFieldSetBuilder(com.google.protobuf.UnknownFieldSet.Builder)

Static Methods

getDescriptor()

publicstaticfinalDescriptors.DescriptorgetDescriptor()
Returns
Type Description
Descriptor

Methods

addAdmissionWhitelistPatterns(Resources.AdmissionWhitelistPattern value)

publicResources.Policy.BuilderaddAdmissionWhitelistPatterns(Resources.AdmissionWhitelistPatternvalue)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
value Resources.AdmissionWhitelistPattern
Returns
Type Description
Resources.Policy.Builder

addAdmissionWhitelistPatterns(Resources.AdmissionWhitelistPattern.Builder builderForValue)

publicResources.Policy.BuilderaddAdmissionWhitelistPatterns(Resources.AdmissionWhitelistPattern.BuilderbuilderForValue)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
builderForValue Resources.AdmissionWhitelistPattern.Builder
Returns
Type Description
Resources.Policy.Builder

addAdmissionWhitelistPatterns(int index, Resources.AdmissionWhitelistPattern value)

publicResources.Policy.BuilderaddAdmissionWhitelistPatterns(intindex,Resources.AdmissionWhitelistPatternvalue)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameters
Name Description
index int
value Resources.AdmissionWhitelistPattern
Returns
Type Description
Resources.Policy.Builder

addAdmissionWhitelistPatterns(int index, Resources.AdmissionWhitelistPattern.Builder builderForValue)

publicResources.Policy.BuilderaddAdmissionWhitelistPatterns(intindex,Resources.AdmissionWhitelistPattern.BuilderbuilderForValue)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameters
Name Description
index int
builderForValue Resources.AdmissionWhitelistPattern.Builder
Returns
Type Description
Resources.Policy.Builder

addAdmissionWhitelistPatternsBuilder()

publicResources.AdmissionWhitelistPattern.BuilderaddAdmissionWhitelistPatternsBuilder()

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
Resources.AdmissionWhitelistPattern.Builder

addAdmissionWhitelistPatternsBuilder(int index)

publicResources.AdmissionWhitelistPattern.BuilderaddAdmissionWhitelistPatternsBuilder(intindex)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
index int
Returns
Type Description
Resources.AdmissionWhitelistPattern.Builder

addAllAdmissionWhitelistPatterns(Iterable<? extends Resources.AdmissionWhitelistPattern> values)

publicResources.Policy.BuilderaddAllAdmissionWhitelistPatterns(Iterable<?extendsResources.AdmissionWhitelistPattern>values)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
values Iterable<? extends com.google.protos.google.cloud.binaryauthorization.v1.Resources.AdmissionWhitelistPattern>
Returns
Type Description
Resources.Policy.Builder

addRepeatedField(Descriptors.FieldDescriptor field, Object value)

publicResources.Policy.BuilderaddRepeatedField(Descriptors.FieldDescriptorfield,Objectvalue)
Parameters
Name Description
field FieldDescriptor
value Object
Returns
Type Description
Resources.Policy.Builder
Overrides

build()

publicResources.Policybuild()
Returns
Type Description
Resources.Policy

buildPartial()

publicResources.PolicybuildPartial()
Returns
Type Description
Resources.Policy

clear()

publicResources.Policy.Builderclear()
Returns
Type Description
Resources.Policy.Builder
Overrides

clearAdmissionWhitelistPatterns()

publicResources.Policy.BuilderclearAdmissionWhitelistPatterns()

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
Resources.Policy.Builder

clearClusterAdmissionRules()

publicResources.Policy.BuilderclearClusterAdmissionRules()
Returns
Type Description
Resources.Policy.Builder

clearDefaultAdmissionRule()

publicResources.Policy.BuilderclearDefaultAdmissionRule()

Required. Default admission rule for a cluster without a per-cluster, per- kubernetes-service-account, or per-istio-service-identity admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule default_admission_rule = 4 [(.google.api.field_behavior) = REQUIRED];

Returns
Type Description
Resources.Policy.Builder

clearDescription()

publicResources.Policy.BuilderclearDescription()

Optional. A descriptive comment.

string description = 6 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
Resources.Policy.Builder

This builder for chaining.

clearField(Descriptors.FieldDescriptor field)

publicResources.Policy.BuilderclearField(Descriptors.FieldDescriptorfield)
Parameter
Name Description
field FieldDescriptor
Returns
Type Description
Resources.Policy.Builder
Overrides

clearGlobalPolicyEvaluationMode()

publicResources.Policy.BuilderclearGlobalPolicyEvaluationMode()

Optional. Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. This setting has no effect when specified inside a global admission policy.

.google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode global_policy_evaluation_mode = 7 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
Resources.Policy.Builder

This builder for chaining.

clearIstioServiceIdentityAdmissionRules()

publicResources.Policy.BuilderclearIstioServiceIdentityAdmissionRules()
Returns
Type Description
Resources.Policy.Builder

clearKubernetesNamespaceAdmissionRules()

publicResources.Policy.BuilderclearKubernetesNamespaceAdmissionRules()
Returns
Type Description
Resources.Policy.Builder

clearKubernetesServiceAccountAdmissionRules()

publicResources.Policy.BuilderclearKubernetesServiceAccountAdmissionRules()
Returns
Type Description
Resources.Policy.Builder

clearName()

publicResources.Policy.BuilderclearName()

Output only. The resource name, in the format projects/*/policy. There is at most one policy per project.

string name = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
Type Description
Resources.Policy.Builder

This builder for chaining.

clearOneof(Descriptors.OneofDescriptor oneof)

publicResources.Policy.BuilderclearOneof(Descriptors.OneofDescriptoroneof)
Parameter
Name Description
oneof OneofDescriptor
Returns
Type Description
Resources.Policy.Builder
Overrides

clearUpdateTime()

publicResources.Policy.BuilderclearUpdateTime()

Output only. Time when the policy was last updated.

.google.protobuf.Timestamp update_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
Type Description
Resources.Policy.Builder

clone()

publicResources.Policy.Builderclone()
Returns
Type Description
Resources.Policy.Builder
Overrides

containsClusterAdmissionRules(String key)

publicbooleancontainsClusterAdmissionRules(Stringkey)

Optional. Per-cluster admission rules. Cluster spec format: location.clusterId. There can be at most one admission rule per cluster spec. A location is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For clusterId syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> cluster_admission_rules = 3 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
boolean

containsIstioServiceIdentityAdmissionRules(String key)

publicbooleancontainsIstioServiceIdentityAdmissionRules(Stringkey)

Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe://<domain>/ns/<namespace>/sa/<serviceaccount> or <domain>/ns/<namespace>/sa/<serviceaccount> e.g. spiffe://example.com/ns/test-ns/sa/default

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> istio_service_identity_admission_rules = 9 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
boolean

containsKubernetesNamespaceAdmissionRules(String key)

publicbooleancontainsKubernetesNamespaceAdmissionRules(Stringkey)

Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_namespace_admission_rules = 10 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
boolean

containsKubernetesServiceAccountAdmissionRules(String key)

publicbooleancontainsKubernetesServiceAccountAdmissionRules(Stringkey)

Optional. Per-kubernetes-service-account admission rules. Service account spec format: namespace:serviceaccount. e.g. 'test-ns:default'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_service_account_admission_rules = 8 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
boolean

getAdmissionWhitelistPatterns(int index)

publicResources.AdmissionWhitelistPatterngetAdmissionWhitelistPatterns(intindex)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
index int
Returns
Type Description
Resources.AdmissionWhitelistPattern

getAdmissionWhitelistPatternsBuilder(int index)

publicResources.AdmissionWhitelistPattern.BuildergetAdmissionWhitelistPatternsBuilder(intindex)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
index int
Returns
Type Description
Resources.AdmissionWhitelistPattern.Builder

getAdmissionWhitelistPatternsBuilderList()

publicList<Resources.AdmissionWhitelistPattern.Builder>getAdmissionWhitelistPatternsBuilderList()

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
List<Builder>

getAdmissionWhitelistPatternsCount()

publicintgetAdmissionWhitelistPatternsCount()

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
int

getAdmissionWhitelistPatternsList()

publicList<Resources.AdmissionWhitelistPattern>getAdmissionWhitelistPatternsList()

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
List<AdmissionWhitelistPattern>

getAdmissionWhitelistPatternsOrBuilder(int index)

publicResources.AdmissionWhitelistPatternOrBuildergetAdmissionWhitelistPatternsOrBuilder(intindex)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
index int
Returns
Type Description
Resources.AdmissionWhitelistPatternOrBuilder

getAdmissionWhitelistPatternsOrBuilderList()

publicList<?extendsResources.AdmissionWhitelistPatternOrBuilder>getAdmissionWhitelistPatternsOrBuilderList()

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
List<? extends com.google.protos.google.cloud.binaryauthorization.v1.Resources.AdmissionWhitelistPatternOrBuilder>

getClusterAdmissionRules() (deprecated)

publicMap<String,Resources.AdmissionRule>getClusterAdmissionRules()
Returns
Type Description
Map<String,AdmissionRule>

getClusterAdmissionRulesCount()

publicintgetClusterAdmissionRulesCount()

Optional. Per-cluster admission rules. Cluster spec format: location.clusterId. There can be at most one admission rule per cluster spec. A location is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For clusterId syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> cluster_admission_rules = 3 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
int

getClusterAdmissionRulesMap()

publicMap<String,Resources.AdmissionRule>getClusterAdmissionRulesMap()

Optional. Per-cluster admission rules. Cluster spec format: location.clusterId. There can be at most one admission rule per cluster spec. A location is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For clusterId syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> cluster_admission_rules = 3 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
Map<String,AdmissionRule>

getClusterAdmissionRulesOrDefault(String key, Resources.AdmissionRule defaultValue)

publicResources.AdmissionRulegetClusterAdmissionRulesOrDefault(Stringkey,Resources.AdmissionRuledefaultValue)

Optional. Per-cluster admission rules. Cluster spec format: location.clusterId. There can be at most one admission rule per cluster spec. A location is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For clusterId syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> cluster_admission_rules = 3 [(.google.api.field_behavior) = OPTIONAL];

Parameters
Name Description
key String
defaultValue Resources.AdmissionRule
Returns
Type Description
Resources.AdmissionRule

getClusterAdmissionRulesOrThrow(String key)

publicResources.AdmissionRulegetClusterAdmissionRulesOrThrow(Stringkey)

Optional. Per-cluster admission rules. Cluster spec format: location.clusterId. There can be at most one admission rule per cluster spec. A location is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For clusterId syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> cluster_admission_rules = 3 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
Resources.AdmissionRule

getDefaultAdmissionRule()

publicResources.AdmissionRulegetDefaultAdmissionRule()

Required. Default admission rule for a cluster without a per-cluster, per- kubernetes-service-account, or per-istio-service-identity admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule default_admission_rule = 4 [(.google.api.field_behavior) = REQUIRED];

Returns
Type Description
Resources.AdmissionRule

The defaultAdmissionRule.

getDefaultAdmissionRuleBuilder()

publicResources.AdmissionRule.BuildergetDefaultAdmissionRuleBuilder()

Required. Default admission rule for a cluster without a per-cluster, per- kubernetes-service-account, or per-istio-service-identity admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule default_admission_rule = 4 [(.google.api.field_behavior) = REQUIRED];

Returns
Type Description
Resources.AdmissionRule.Builder

getDefaultAdmissionRuleOrBuilder()

publicResources.AdmissionRuleOrBuildergetDefaultAdmissionRuleOrBuilder()

Required. Default admission rule for a cluster without a per-cluster, per- kubernetes-service-account, or per-istio-service-identity admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule default_admission_rule = 4 [(.google.api.field_behavior) = REQUIRED];

Returns
Type Description
Resources.AdmissionRuleOrBuilder

getDefaultInstanceForType()

publicResources.PolicygetDefaultInstanceForType()
Returns
Type Description
Resources.Policy

getDescription()

publicStringgetDescription()

Optional. A descriptive comment.

string description = 6 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
String

The description.

getDescriptionBytes()

publicByteStringgetDescriptionBytes()

Optional. A descriptive comment.

string description = 6 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
ByteString

The bytes for description.

getDescriptorForType()

publicDescriptors.DescriptorgetDescriptorForType()
Returns
Type Description
Descriptor
Overrides

getGlobalPolicyEvaluationMode()

publicResources.Policy.GlobalPolicyEvaluationModegetGlobalPolicyEvaluationMode()

Optional. Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. This setting has no effect when specified inside a global admission policy.

.google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode global_policy_evaluation_mode = 7 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
Resources.Policy.GlobalPolicyEvaluationMode

The globalPolicyEvaluationMode.

getGlobalPolicyEvaluationModeValue()

publicintgetGlobalPolicyEvaluationModeValue()

Optional. Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. This setting has no effect when specified inside a global admission policy.

.google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode global_policy_evaluation_mode = 7 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
int

The enum numeric value on the wire for globalPolicyEvaluationMode.

getIstioServiceIdentityAdmissionRules() (deprecated)

publicMap<String,Resources.AdmissionRule>getIstioServiceIdentityAdmissionRules()
Returns
Type Description
Map<String,AdmissionRule>

getIstioServiceIdentityAdmissionRulesCount()

publicintgetIstioServiceIdentityAdmissionRulesCount()

Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe://<domain>/ns/<namespace>/sa/<serviceaccount> or <domain>/ns/<namespace>/sa/<serviceaccount> e.g. spiffe://example.com/ns/test-ns/sa/default

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> istio_service_identity_admission_rules = 9 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
int

getIstioServiceIdentityAdmissionRulesMap()

publicMap<String,Resources.AdmissionRule>getIstioServiceIdentityAdmissionRulesMap()

Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe://<domain>/ns/<namespace>/sa/<serviceaccount> or <domain>/ns/<namespace>/sa/<serviceaccount> e.g. spiffe://example.com/ns/test-ns/sa/default

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> istio_service_identity_admission_rules = 9 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
Map<String,AdmissionRule>

getIstioServiceIdentityAdmissionRulesOrDefault(String key, Resources.AdmissionRule defaultValue)

publicResources.AdmissionRulegetIstioServiceIdentityAdmissionRulesOrDefault(Stringkey,Resources.AdmissionRuledefaultValue)

Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe://<domain>/ns/<namespace>/sa/<serviceaccount> or <domain>/ns/<namespace>/sa/<serviceaccount> e.g. spiffe://example.com/ns/test-ns/sa/default

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> istio_service_identity_admission_rules = 9 [(.google.api.field_behavior) = OPTIONAL];

Parameters
Name Description
key String
defaultValue Resources.AdmissionRule
Returns
Type Description
Resources.AdmissionRule

getIstioServiceIdentityAdmissionRulesOrThrow(String key)

publicResources.AdmissionRulegetIstioServiceIdentityAdmissionRulesOrThrow(Stringkey)

Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe://<domain>/ns/<namespace>/sa/<serviceaccount> or <domain>/ns/<namespace>/sa/<serviceaccount> e.g. spiffe://example.com/ns/test-ns/sa/default

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> istio_service_identity_admission_rules = 9 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
Resources.AdmissionRule

getKubernetesNamespaceAdmissionRules() (deprecated)

publicMap<String,Resources.AdmissionRule>getKubernetesNamespaceAdmissionRules()
Returns
Type Description
Map<String,AdmissionRule>

getKubernetesNamespaceAdmissionRulesCount()

publicintgetKubernetesNamespaceAdmissionRulesCount()

Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_namespace_admission_rules = 10 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
int

getKubernetesNamespaceAdmissionRulesMap()

publicMap<String,Resources.AdmissionRule>getKubernetesNamespaceAdmissionRulesMap()

Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_namespace_admission_rules = 10 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
Map<String,AdmissionRule>

getKubernetesNamespaceAdmissionRulesOrDefault(String key, Resources.AdmissionRule defaultValue)

publicResources.AdmissionRulegetKubernetesNamespaceAdmissionRulesOrDefault(Stringkey,Resources.AdmissionRuledefaultValue)

Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_namespace_admission_rules = 10 [(.google.api.field_behavior) = OPTIONAL];

Parameters
Name Description
key String
defaultValue Resources.AdmissionRule
Returns
Type Description
Resources.AdmissionRule

getKubernetesNamespaceAdmissionRulesOrThrow(String key)

publicResources.AdmissionRulegetKubernetesNamespaceAdmissionRulesOrThrow(Stringkey)

Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_namespace_admission_rules = 10 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
Resources.AdmissionRule

getKubernetesServiceAccountAdmissionRules() (deprecated)

publicMap<String,Resources.AdmissionRule>getKubernetesServiceAccountAdmissionRules()
Returns
Type Description
Map<String,AdmissionRule>

getKubernetesServiceAccountAdmissionRulesCount()

publicintgetKubernetesServiceAccountAdmissionRulesCount()

Optional. Per-kubernetes-service-account admission rules. Service account spec format: namespace:serviceaccount. e.g. 'test-ns:default'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_service_account_admission_rules = 8 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
int

getKubernetesServiceAccountAdmissionRulesMap()

publicMap<String,Resources.AdmissionRule>getKubernetesServiceAccountAdmissionRulesMap()

Optional. Per-kubernetes-service-account admission rules. Service account spec format: namespace:serviceaccount. e.g. 'test-ns:default'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_service_account_admission_rules = 8 [(.google.api.field_behavior) = OPTIONAL];

Returns
Type Description
Map<String,AdmissionRule>

getKubernetesServiceAccountAdmissionRulesOrDefault(String key, Resources.AdmissionRule defaultValue)

publicResources.AdmissionRulegetKubernetesServiceAccountAdmissionRulesOrDefault(Stringkey,Resources.AdmissionRuledefaultValue)

Optional. Per-kubernetes-service-account admission rules. Service account spec format: namespace:serviceaccount. e.g. 'test-ns:default'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_service_account_admission_rules = 8 [(.google.api.field_behavior) = OPTIONAL];

Parameters
Name Description
key String
defaultValue Resources.AdmissionRule
Returns
Type Description
Resources.AdmissionRule

getKubernetesServiceAccountAdmissionRulesOrThrow(String key)

publicResources.AdmissionRulegetKubernetesServiceAccountAdmissionRulesOrThrow(Stringkey)

Optional. Per-kubernetes-service-account admission rules. Service account spec format: namespace:serviceaccount. e.g. 'test-ns:default'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_service_account_admission_rules = 8 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
Resources.AdmissionRule

getMutableClusterAdmissionRules() (deprecated)

publicMap<String,Resources.AdmissionRule>getMutableClusterAdmissionRules()

Use alternate mutation accessors instead.

Returns
Type Description
Map<String,AdmissionRule>

getMutableIstioServiceIdentityAdmissionRules() (deprecated)

publicMap<String,Resources.AdmissionRule>getMutableIstioServiceIdentityAdmissionRules()

Use alternate mutation accessors instead.

Returns
Type Description
Map<String,AdmissionRule>

getMutableKubernetesNamespaceAdmissionRules() (deprecated)

publicMap<String,Resources.AdmissionRule>getMutableKubernetesNamespaceAdmissionRules()

Use alternate mutation accessors instead.

Returns
Type Description
Map<String,AdmissionRule>

getMutableKubernetesServiceAccountAdmissionRules() (deprecated)

publicMap<String,Resources.AdmissionRule>getMutableKubernetesServiceAccountAdmissionRules()

Use alternate mutation accessors instead.

Returns
Type Description
Map<String,AdmissionRule>

getName()

publicStringgetName()

Output only. The resource name, in the format projects/*/policy. There is at most one policy per project.

string name = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
Type Description
String

The name.

getNameBytes()

publicByteStringgetNameBytes()

Output only. The resource name, in the format projects/*/policy. There is at most one policy per project.

string name = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
Type Description
ByteString

The bytes for name.

getUpdateTime()

publicTimestampgetUpdateTime()

Output only. Time when the policy was last updated.

.google.protobuf.Timestamp update_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
Type Description
Timestamp

The updateTime.

getUpdateTimeBuilder()

publicTimestamp.BuildergetUpdateTimeBuilder()

Output only. Time when the policy was last updated.

.google.protobuf.Timestamp update_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
Type Description
Builder

getUpdateTimeOrBuilder()

publicTimestampOrBuildergetUpdateTimeOrBuilder()

Output only. Time when the policy was last updated.

.google.protobuf.Timestamp update_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
Type Description
TimestampOrBuilder

hasDefaultAdmissionRule()

publicbooleanhasDefaultAdmissionRule()

Required. Default admission rule for a cluster without a per-cluster, per- kubernetes-service-account, or per-istio-service-identity admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule default_admission_rule = 4 [(.google.api.field_behavior) = REQUIRED];

Returns
Type Description
boolean

Whether the defaultAdmissionRule field is set.

hasUpdateTime()

publicbooleanhasUpdateTime()

Output only. Time when the policy was last updated.

.google.protobuf.Timestamp update_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
Type Description
boolean

Whether the updateTime field is set.

internalGetFieldAccessorTable()

protectedGeneratedMessageV3.FieldAccessorTableinternalGetFieldAccessorTable()
Returns
Type Description
FieldAccessorTable
Overrides

internalGetMapFieldReflection(int number)

protectedMapFieldReflectionAccessorinternalGetMapFieldReflection(intnumber)
Parameter
Name Description
number int
Returns
Type Description
com.google.protobuf.MapFieldReflectionAccessor
Overrides
com.google.protobuf.GeneratedMessageV3.Builder.internalGetMapFieldReflection(int)

internalGetMutableMapFieldReflection(int number)

protectedMapFieldReflectionAccessorinternalGetMutableMapFieldReflection(intnumber)
Parameter
Name Description
number int
Returns
Type Description
com.google.protobuf.MapFieldReflectionAccessor
Overrides
com.google.protobuf.GeneratedMessageV3.Builder.internalGetMutableMapFieldReflection(int)

isInitialized()

publicfinalbooleanisInitialized()
Returns
Type Description
boolean
Overrides

mergeDefaultAdmissionRule(Resources.AdmissionRule value)

publicResources.Policy.BuildermergeDefaultAdmissionRule(Resources.AdmissionRulevalue)

Required. Default admission rule for a cluster without a per-cluster, per- kubernetes-service-account, or per-istio-service-identity admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule default_admission_rule = 4 [(.google.api.field_behavior) = REQUIRED];

Parameter
Name Description
value Resources.AdmissionRule
Returns
Type Description
Resources.Policy.Builder

mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)

publicResources.Policy.BuildermergeFrom(CodedInputStreaminput,ExtensionRegistryLiteextensionRegistry)
Parameters
Name Description
input CodedInputStream
extensionRegistry ExtensionRegistryLite
Returns
Type Description
Resources.Policy.Builder
Overrides
Exceptions
Type Description
IOException

mergeFrom(Message other)

publicResources.Policy.BuildermergeFrom(Messageother)
Parameter
Name Description
other Message
Returns
Type Description
Resources.Policy.Builder
Overrides

mergeFrom(Resources.Policy other)

publicResources.Policy.BuildermergeFrom(Resources.Policyother)
Parameter
Name Description
other Resources.Policy
Returns
Type Description
Resources.Policy.Builder

mergeUnknownFields(UnknownFieldSet unknownFields)

publicfinalResources.Policy.BuildermergeUnknownFields(UnknownFieldSetunknownFields)
Parameter
Name Description
unknownFields UnknownFieldSet
Returns
Type Description
Resources.Policy.Builder
Overrides

mergeUpdateTime(Timestamp value)

publicResources.Policy.BuildermergeUpdateTime(Timestampvalue)

Output only. Time when the policy was last updated.

.google.protobuf.Timestamp update_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Parameter
Name Description
value Timestamp
Returns
Type Description
Resources.Policy.Builder

putAllClusterAdmissionRules(Map<String,Resources.AdmissionRule> values)

publicResources.Policy.BuilderputAllClusterAdmissionRules(Map<String,Resources.AdmissionRule>values)

Optional. Per-cluster admission rules. Cluster spec format: location.clusterId. There can be at most one admission rule per cluster spec. A location is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For clusterId syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> cluster_admission_rules = 3 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
values Map<String,AdmissionRule>
Returns
Type Description
Resources.Policy.Builder

putAllIstioServiceIdentityAdmissionRules(Map<String,Resources.AdmissionRule> values)

publicResources.Policy.BuilderputAllIstioServiceIdentityAdmissionRules(Map<String,Resources.AdmissionRule>values)

Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe://<domain>/ns/<namespace>/sa/<serviceaccount> or <domain>/ns/<namespace>/sa/<serviceaccount> e.g. spiffe://example.com/ns/test-ns/sa/default

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> istio_service_identity_admission_rules = 9 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
values Map<String,AdmissionRule>
Returns
Type Description
Resources.Policy.Builder

putAllKubernetesNamespaceAdmissionRules(Map<String,Resources.AdmissionRule> values)

publicResources.Policy.BuilderputAllKubernetesNamespaceAdmissionRules(Map<String,Resources.AdmissionRule>values)

Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_namespace_admission_rules = 10 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
values Map<String,AdmissionRule>
Returns
Type Description
Resources.Policy.Builder

putAllKubernetesServiceAccountAdmissionRules(Map<String,Resources.AdmissionRule> values)

publicResources.Policy.BuilderputAllKubernetesServiceAccountAdmissionRules(Map<String,Resources.AdmissionRule>values)

Optional. Per-kubernetes-service-account admission rules. Service account spec format: namespace:serviceaccount. e.g. 'test-ns:default'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_service_account_admission_rules = 8 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
values Map<String,AdmissionRule>
Returns
Type Description
Resources.Policy.Builder

putClusterAdmissionRules(String key, Resources.AdmissionRule value)

publicResources.Policy.BuilderputClusterAdmissionRules(Stringkey,Resources.AdmissionRulevalue)

Optional. Per-cluster admission rules. Cluster spec format: location.clusterId. There can be at most one admission rule per cluster spec. A location is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For clusterId syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> cluster_admission_rules = 3 [(.google.api.field_behavior) = OPTIONAL];

Parameters
Name Description
key String
value Resources.AdmissionRule
Returns
Type Description
Resources.Policy.Builder

putClusterAdmissionRulesBuilderIfAbsent(String key)

publicResources.AdmissionRule.BuilderputClusterAdmissionRulesBuilderIfAbsent(Stringkey)

Optional. Per-cluster admission rules. Cluster spec format: location.clusterId. There can be at most one admission rule per cluster spec. A location is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For clusterId syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> cluster_admission_rules = 3 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
Resources.AdmissionRule.Builder

putIstioServiceIdentityAdmissionRules(String key, Resources.AdmissionRule value)

publicResources.Policy.BuilderputIstioServiceIdentityAdmissionRules(Stringkey,Resources.AdmissionRulevalue)

Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe://<domain>/ns/<namespace>/sa/<serviceaccount> or <domain>/ns/<namespace>/sa/<serviceaccount> e.g. spiffe://example.com/ns/test-ns/sa/default

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> istio_service_identity_admission_rules = 9 [(.google.api.field_behavior) = OPTIONAL];

Parameters
Name Description
key String
value Resources.AdmissionRule
Returns
Type Description
Resources.Policy.Builder

putIstioServiceIdentityAdmissionRulesBuilderIfAbsent(String key)

publicResources.AdmissionRule.BuilderputIstioServiceIdentityAdmissionRulesBuilderIfAbsent(Stringkey)

Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe://<domain>/ns/<namespace>/sa/<serviceaccount> or <domain>/ns/<namespace>/sa/<serviceaccount> e.g. spiffe://example.com/ns/test-ns/sa/default

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> istio_service_identity_admission_rules = 9 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
Resources.AdmissionRule.Builder

putKubernetesNamespaceAdmissionRules(String key, Resources.AdmissionRule value)

publicResources.Policy.BuilderputKubernetesNamespaceAdmissionRules(Stringkey,Resources.AdmissionRulevalue)

Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_namespace_admission_rules = 10 [(.google.api.field_behavior) = OPTIONAL];

Parameters
Name Description
key String
value Resources.AdmissionRule
Returns
Type Description
Resources.Policy.Builder

putKubernetesNamespaceAdmissionRulesBuilderIfAbsent(String key)

publicResources.AdmissionRule.BuilderputKubernetesNamespaceAdmissionRulesBuilderIfAbsent(Stringkey)

Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_namespace_admission_rules = 10 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
Resources.AdmissionRule.Builder

putKubernetesServiceAccountAdmissionRules(String key, Resources.AdmissionRule value)

publicResources.Policy.BuilderputKubernetesServiceAccountAdmissionRules(Stringkey,Resources.AdmissionRulevalue)

Optional. Per-kubernetes-service-account admission rules. Service account spec format: namespace:serviceaccount. e.g. 'test-ns:default'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_service_account_admission_rules = 8 [(.google.api.field_behavior) = OPTIONAL];

Parameters
Name Description
key String
value Resources.AdmissionRule
Returns
Type Description
Resources.Policy.Builder

putKubernetesServiceAccountAdmissionRulesBuilderIfAbsent(String key)

publicResources.AdmissionRule.BuilderputKubernetesServiceAccountAdmissionRulesBuilderIfAbsent(Stringkey)

Optional. Per-kubernetes-service-account admission rules. Service account spec format: namespace:serviceaccount. e.g. 'test-ns:default'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_service_account_admission_rules = 8 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
Resources.AdmissionRule.Builder

removeAdmissionWhitelistPatterns(int index)

publicResources.Policy.BuilderremoveAdmissionWhitelistPatterns(intindex)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
index int
Returns
Type Description
Resources.Policy.Builder

removeClusterAdmissionRules(String key)

publicResources.Policy.BuilderremoveClusterAdmissionRules(Stringkey)

Optional. Per-cluster admission rules. Cluster spec format: location.clusterId. There can be at most one admission rule per cluster spec. A location is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For clusterId syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters.

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> cluster_admission_rules = 3 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
Resources.Policy.Builder

removeIstioServiceIdentityAdmissionRules(String key)

publicResources.Policy.BuilderremoveIstioServiceIdentityAdmissionRules(Stringkey)

Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe://<domain>/ns/<namespace>/sa/<serviceaccount> or <domain>/ns/<namespace>/sa/<serviceaccount> e.g. spiffe://example.com/ns/test-ns/sa/default

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> istio_service_identity_admission_rules = 9 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
Resources.Policy.Builder

removeKubernetesNamespaceAdmissionRules(String key)

publicResources.Policy.BuilderremoveKubernetesNamespaceAdmissionRules(Stringkey)

Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_namespace_admission_rules = 10 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
Resources.Policy.Builder

removeKubernetesServiceAccountAdmissionRules(String key)

publicResources.Policy.BuilderremoveKubernetesServiceAccountAdmissionRules(Stringkey)

Optional. Per-kubernetes-service-account admission rules. Service account spec format: namespace:serviceaccount. e.g. 'test-ns:default'

map<string, .google.cloud.binaryauthorization.v1.AdmissionRule> kubernetes_service_account_admission_rules = 8 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
key String
Returns
Type Description
Resources.Policy.Builder

setAdmissionWhitelistPatterns(int index, Resources.AdmissionWhitelistPattern value)

publicResources.Policy.BuildersetAdmissionWhitelistPatterns(intindex,Resources.AdmissionWhitelistPatternvalue)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameters
Name Description
index int
value Resources.AdmissionWhitelistPattern
Returns
Type Description
Resources.Policy.Builder

setAdmissionWhitelistPatterns(int index, Resources.AdmissionWhitelistPattern.Builder builderForValue)

publicResources.Policy.BuildersetAdmissionWhitelistPatterns(intindex,Resources.AdmissionWhitelistPattern.BuilderbuilderForValue)

Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies.

repeated .google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern admission_whitelist_patterns = 2 [(.google.api.field_behavior) = OPTIONAL];

Parameters
Name Description
index int
builderForValue Resources.AdmissionWhitelistPattern.Builder
Returns
Type Description
Resources.Policy.Builder

setDefaultAdmissionRule(Resources.AdmissionRule value)

publicResources.Policy.BuildersetDefaultAdmissionRule(Resources.AdmissionRulevalue)

Required. Default admission rule for a cluster without a per-cluster, per- kubernetes-service-account, or per-istio-service-identity admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule default_admission_rule = 4 [(.google.api.field_behavior) = REQUIRED];

Parameter
Name Description
value Resources.AdmissionRule
Returns
Type Description
Resources.Policy.Builder

setDefaultAdmissionRule(Resources.AdmissionRule.Builder builderForValue)

publicResources.Policy.BuildersetDefaultAdmissionRule(Resources.AdmissionRule.BuilderbuilderForValue)

Required. Default admission rule for a cluster without a per-cluster, per- kubernetes-service-account, or per-istio-service-identity admission rule.

.google.cloud.binaryauthorization.v1.AdmissionRule default_admission_rule = 4 [(.google.api.field_behavior) = REQUIRED];

Parameter
Name Description
builderForValue Resources.AdmissionRule.Builder
Returns
Type Description
Resources.Policy.Builder

setDescription(String value)

publicResources.Policy.BuildersetDescription(Stringvalue)

Optional. A descriptive comment.

string description = 6 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
value String

The description to set.
Returns
Type Description
Resources.Policy.Builder

This builder for chaining.

setDescriptionBytes(ByteString value)

publicResources.Policy.BuildersetDescriptionBytes(ByteStringvalue)

Optional. A descriptive comment.

string description = 6 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
value ByteString

The bytes for description to set.
Returns
Type Description
Resources.Policy.Builder

This builder for chaining.

setField(Descriptors.FieldDescriptor field, Object value)

publicResources.Policy.BuildersetField(Descriptors.FieldDescriptorfield,Objectvalue)
Parameters
Name Description
field FieldDescriptor
value Object
Returns
Type Description
Resources.Policy.Builder
Overrides

setGlobalPolicyEvaluationMode(Resources.Policy.GlobalPolicyEvaluationMode value)

publicResources.Policy.BuildersetGlobalPolicyEvaluationMode(Resources.Policy.GlobalPolicyEvaluationModevalue)

Optional. Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. This setting has no effect when specified inside a global admission policy.

.google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode global_policy_evaluation_mode = 7 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
value Resources.Policy.GlobalPolicyEvaluationMode

The globalPolicyEvaluationMode to set.
Returns
Type Description
Resources.Policy.Builder

This builder for chaining.

setGlobalPolicyEvaluationModeValue(int value)

publicResources.Policy.BuildersetGlobalPolicyEvaluationModeValue(intvalue)

Optional. Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. This setting has no effect when specified inside a global admission policy.

.google.cloud.binaryauthorization.v1.Policy.GlobalPolicyEvaluationMode global_policy_evaluation_mode = 7 [(.google.api.field_behavior) = OPTIONAL];

Parameter
Name Description
value int

The enum numeric value on the wire for globalPolicyEvaluationMode to set.
Returns
Type Description
Resources.Policy.Builder

This builder for chaining.

setName(String value)

publicResources.Policy.BuildersetName(Stringvalue)

Output only. The resource name, in the format projects/*/policy. There is at most one policy per project.

string name = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];

Parameter
Name Description
value String

The name to set.
Returns
Type Description
Resources.Policy.Builder

This builder for chaining.

setNameBytes(ByteString value)

publicResources.Policy.BuildersetNameBytes(ByteStringvalue)

Output only. The resource name, in the format projects/*/policy. There is at most one policy per project.

string name = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];

Parameter
Name Description
value ByteString

The bytes for name to set.
Returns
Type Description
Resources.Policy.Builder

This builder for chaining.

setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)

publicResources.Policy.BuildersetRepeatedField(Descriptors.FieldDescriptorfield,intindex,Objectvalue)
Parameters
Name Description
field FieldDescriptor
index int
value Object
Returns
Type Description
Resources.Policy.Builder
Overrides

setUnknownFields(UnknownFieldSet unknownFields)

publicfinalResources.Policy.BuildersetUnknownFields(UnknownFieldSetunknownFields)
Parameter
Name Description
unknownFields UnknownFieldSet
Returns
Type Description
Resources.Policy.Builder
Overrides

setUpdateTime(Timestamp value)

publicResources.Policy.BuildersetUpdateTime(Timestampvalue)

Output only. Time when the policy was last updated.

.google.protobuf.Timestamp update_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Parameter
Name Description
value Timestamp
Returns
Type Description
Resources.Policy.Builder

setUpdateTime(Timestamp.Builder builderForValue)

publicResources.Policy.BuildersetUpdateTime(Timestamp.BuilderbuilderForValue)

Output only. Time when the policy was last updated.

.google.protobuf.Timestamp update_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Parameter
Name Description
builderForValue Builder
Returns
Type Description
Resources.Policy.Builder

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025年11月19日 UTC.