1label: Config Connector BinaryAuthorizationPolicy
2markdownDescription: Creates yaml for a BinaryAuthorizationPolicy resource
3insertText: |
4 apiVersion: binaryauthorization.cnrm.cloud.google.com/v1beta1
5 kind: BinaryAuthorizationPolicy
6 metadata:
7 name: \${1:binaryauthorizationpolicy-name}
8 spec:
9 projectRef:
10 name: \${2:binauthzpolicy-dep-cluster}
11 admissionWhitelistPatterns:
12 - namePattern: \${3:gcr.io/*}
13 clusterAdmissionRules:
14 us-west1-a.test-cluster:
15 evaluationMode: \${4:REQUIRE_ATTESTATION}
16 requireAttestationsBy:
17 - name: \${5:binaryauthorizationpolicy-dep-cluster}
18 enforcementMode: \${6:ENFORCED_BLOCK_AND_AUDIT_LOG}
19 defaultAdmissionRule:
20 evaluationMode: \${7:REQUIRE_ATTESTATION}
21 requireAttestationsBy:
22 - name: \${8:binaryauthorizationpolicy-dep-cluster}
23 enforcementMode: \${9:ENFORCED_BLOCK_AND_AUDIT_LOG}
24 description: \${10:A sample Binary Authorization policy with a cluster admission
25 rule}
26 globalPolicyEvaluationMode: \${11:DISABLE}
View as plain text