public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-07-03 08:42:39 +00:00
Code Issues Projects Releases Wiki Activity

Remove bad docs (#2371)

Browse Source 
<!-- This change is generated by MagicModules. -->
/cc @rileykarson
This commit is contained in:
The Magician 2018-10-30 16:01:30 -07:00 committed by Nathan McKinley
parent 672ae729fa
commit 0a58f45f7e
3 changed files with 0 additions and 442 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

161
website/docs/r/binaryauthorization_attestor.html.markdown
View File

@ -1,161 +0,0 @@
---
# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in
# .github/CONTRIBUTING.md.
#
# ----------------------------------------------------------------------------
layout: "google"
page_title: "Google: google_binary_authorization_attestor"
sidebar_current: "docs-google-binary-authorization-attestor"
description: |-
An attestor that attests to container image artifacts.
---
# google\_binary\_authorization\_attestor
An attestor that attests to container image artifacts.
~> **Warning:** This resource is in beta, and should be used with the terraform-provider-google-beta provider.
See [Provider Versions](https://terraform.io/docs/providers/google/provider_versions.html) for more details on beta resources.
To get more information about Attestor, see:
* [API documentation](https://cloud.google.com/binary-authorization/docs/reference/rest/)
* How-to Guides
* [Official Documentation](https://cloud.google.com/binary-authorization/)
## Example Usage
```hcl
resource "google_binary_authorization_attestor" "attestor" {
name = "test-attestor"
attestation_authority_note {
note_reference = "${google_container_analysis_note.note.name}"
public_keys {
ascii_armored_pgp_public_key = <<EOF
mQENBFtP0doBCADF+joTiXWKVuP8kJt3fgpBSjT9h8ezMfKA4aXZctYLx5wslWQl
bB7Iu2ezkECNzoEeU7WxUe8a61pMCh9cisS9H5mB2K2uM4Jnf8tgFeXn3akJDVo0
oR1IC+Dp9mXbRSK3MAvKkOwWlG99sx3uEdvmeBRHBOO+grchLx24EThXFOyP9Fk6
V39j6xMjw4aggLD15B4V0v9JqBDdJiIYFzszZDL6pJwZrzcP0z8JO4rTZd+f64bD
Mpj52j/pQfA8lZHOaAgb1OrthLdMrBAjoDjArV4Ek7vSbrcgYWcI6BhsQrFoxKdX
83TZKai55ZCfCLIskwUIzA1NLVwyzCS+fSN/ABEBAAG0KCJUZXN0IEF0dGVzdG9y
IiA8ZGFuYWhvZmZtYW5AZ29vZ2xlLmNvbT6JAU4EEwEIADgWIQRfWkqHt6hpTA1L
uY060eeM4dc66AUCW0/R2gIbLwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRA6
0eeM4dc66HdpCAC4ot3b0OyxPb0Ip+WT2U0PbpTBPJklesuwpIrM4Lh0N+1nVRLC
51WSmVbM8BiAFhLbN9LpdHhds1kUrHF7+wWAjdR8sqAj9otc6HGRM/3qfa2qgh+U
WTEk/3us/rYSi7T7TkMuutRMIa1IkR13uKiW56csEMnbOQpn9rDqwIr5R8nlZP5h
MAU9vdm1DIv567meMqTaVZgR3w7bck2P49AO8lO5ERFpVkErtu/98y+rUy9d789l
+OPuS1NGnxI1YKsNaWJF4uJVuvQuZ1twrhCbGNtVorO2U12+cEq+YtUxj7kmdOC1
qoIRW6y0+UlAc+MbqfL0ziHDOAmcqz1GnROg
=6Bvm
EOF
}
}
}
resource "google_container_analysis_note" "note" {
name = "test-attestor-note"
attestation_authority {
hint {
human_readable_name = "Attestor Note"
}
}
}
```
## Argument Reference
The following arguments are supported:
* `name` -
(Required)
The resource name.
* `attestation_authority_note` -
(Required)
A Container Analysis ATTESTATION_AUTHORITY Note, created by the user. Structure is documented below.
The `attestation_authority_note` block supports:
* `note_reference` -
(Required)
The resource name of a ATTESTATION_AUTHORITY Note, created by the
user. If the Note is in a different project from the Attestor, it
should be specified in the format `projects/*/notes/*` (or the legacy
`providers/*/notes/*`). This field may not be updated.
An attestation by this attestor is stored as a Container Analysis
ATTESTATION_AUTHORITY Occurrence that names a container image
and that links to this Note.
* `public_keys` -
(Optional)
Public keys that verify attestations signed by this attestor. This
field may be updated.
If this field is non-empty, one of the specified public keys must
verify that an attestation was signed by this attestor for the
image specified in the admission request.
If this field is empty, this attestor always returns that no valid
attestations exist. Structure is documented below.
* `delegation_service_account_email` -
This field will contain the service account email address that
this Attestor will use as the principal when querying Container
Analysis. Attestor administrators must grant this service account
the IAM role needed to read attestations from the noteReference in
Container Analysis (containeranalysis.notes.occurrences.viewer).
This email address is fixed for the lifetime of the Attestor, but
callers should not make any other assumptions about the service
account email; future versions may use an email based on a
different naming pattern.
The `public_keys` block supports:
* `comment` -
(Optional)
A descriptive comment. This field may be updated.
* `id` -
This field will be overwritten with key ID information, for
example, an identifier extracted from a PGP public key. This
field may not be updated.
* `ascii_armored_pgp_public_key` -
(Required)
ASCII-armored representation of a PGP public key, as the
entire output by the command
`gpg --export --armor foo@example.com` (either LF or CRLF
line endings).
- - -
* `description` -
(Optional)
A descriptive comment. This field may be updated. The field may be
displayed in chooser dialogs.
* `project` - (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
## Import
Attestor can be imported using any of these accepted formats:
```
$ terraform import google_binary_authorization_attestor.default projects/{{project}}/attestors/{{name}}
$ terraform import google_binary_authorization_attestor.default {{project}}/{{name}}
$ terraform import google_binary_authorization_attestor.default {{name}}
```

174
website/docs/r/binaryauthorization_policy.html.markdown
View File

@ -1,174 +0,0 @@
---
# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in
# .github/CONTRIBUTING.md.
#
# ----------------------------------------------------------------------------
layout: "google"
page_title: "Google: google_binary_authorization_policy"
sidebar_current: "docs-google-binary-authorization-policy"
description: |-
A policy for container image binary authorization.
---
# google\_binary\_authorization\_policy
A policy for container image binary authorization.
~> **Warning:** This resource is in beta, and should be used with the terraform-provider-google-beta provider.
See [Provider Versions](https://terraform.io/docs/providers/google/provider_versions.html) for more details on beta resources.
To get more information about Policy, see:
* [API documentation](https://cloud.google.com/binary-authorization/docs/reference/rest/)
* How-to Guides
* [Official Documentation](https://cloud.google.com/binary-authorization/)
## Example Usage
```hcl
resource "google_binary_authorization_policy" "policy" {
admission_whitelist_patterns {
name_pattern= "gcr.io/google_containers/*"
}
default_admission_rule {
evaluation_mode = "ALWAYS_ALLOW"
enforcement_mode = "ENFORCED_BLOCK_AND_AUDIT_LOG"
}
cluster_admission_rules {
cluster = "us-central1-a.prod-cluster"
evaluation_mode = "REQUIRE_ATTESTATION"
enforcement_mode = "ENFORCED_BLOCK_AND_AUDIT_LOG"
require_attestations_by = ["${google_binary_authorization_attestor.attestor.name}"]
}
}
resource "google_container_analysis_note" "note" {
name = "test-attestor-note"
attestation_authority {
hint {
human_readable_name = "My attestor"
}
}
}
resource "google_binary_authorization_attestor" "attestor" {
name = "test-attestor"
attestation_authority_note {
note_reference = "${google_container_analysis_note.note.name}"
}
}
```
## Argument Reference
The following arguments are supported:
* `default_admission_rule` -
(Required)
Default admission rule for a cluster without a per-cluster admission
rule. Structure is documented below.
The `default_admission_rule` block supports:
* `evaluation_mode` -
(Required)
How this admission rule will be evaluated.
* `require_attestations_by` -
(Optional)
The resource names of the attestors that must attest to a
container image. If the attestor is in a different project from the
policy, it should be specified in the format `projects/*/attestors/*`.
Each attestor must exist before a policy can reference it. To add an
attestor to a policy the principal issuing the policy change
request must be able to read the attestor resource.
Note: this field must be non-empty when the evaluation_mode field
specifies REQUIRE_ATTESTATION, otherwise it must be empty.
* `enforcement_mode` -
(Required)
The action when a pod creation is denied by the admission rule.
- - -
* `description` -
(Optional)
A descriptive comment.
* `admission_whitelist_patterns` -
(Optional)
A whitelist of image patterns to exclude from admission rules. If an
image's name matches a whitelist pattern, the image's admission
requests will always be permitted regardless of your admission rules. Structure is documented below.
* `cluster_admission_rules` -
(Optional)
Per-cluster admission rules. An admission rule specifies either that
all container images used in a pod creation request must be attested
to by one or more attestors, that all pod creations will be allowed,
or that all pod creations will be denied. There can be at most one
admission rule per cluster spec.
Identifier format: `{{location}}.{{clusterId}}`.
A location is either a compute zone (e.g. `us-central1-a`) or a region
(e.g. `us-central1`). Structure is documented below.
* `project` - (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
The `admission_whitelist_patterns` block supports:
* `name_pattern` -
(Optional)
An image name pattern to whitelist, in the form
`registry/path/to/image`. This supports a trailing * as a
wildcard, but this is allowed only in text after the registry/
part.
The `cluster_admission_rules` block supports:
* `cluster` - (Required) The identifier for this object. Format specified above.
* `evaluation_mode` -
(Optional)
How this admission rule will be evaluated.
* `require_attestations_by` -
(Optional)
The resource names of the attestors that must attest to a
container image. If the attestor is in a different project from the
policy, it should be specified in the format `projects/*/attestors/*`.
Each attestor must exist before a policy can reference it. To add an
attestor to a policy the principal issuing the policy change
request must be able to read the attestor resource.
Note: this field must be non-empty when the evaluation_mode field
specifies REQUIRE_ATTESTATION, otherwise it must be empty.
* `enforcement_mode` -
(Optional)
The action when a pod creation is denied by the admission rule.
## Import
Policy can be imported using any of these accepted formats:
```
$ terraform import google_binary_authorization_policy.default projects/{{project}}
$ terraform import google_binary_authorization_policy.default {{project}}
```

107
website/docs/r/containeranalysis_note.html.markdown
View File

@ -1,107 +0,0 @@
---
# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in
# .github/CONTRIBUTING.md.
#
# ----------------------------------------------------------------------------
layout: "google"
page_title: "Google: google_container_analysis_note"
sidebar_current: "docs-google-container-analysis-note"
description: |-
Provides a detailed description of a Note.
---
# google\_container\_analysis\_note
Provides a detailed description of a Note.
~> **Warning:** This resource is in beta, and should be used with the terraform-provider-google-beta provider.
See [Provider Versions](https://terraform.io/docs/providers/google/provider_versions.html) for more details on beta resources.
To get more information about Note, see:
* [API documentation](https://cloud.google.com/container-analysis/api/reference/rest/)
* How-to Guides
* [Official Documentation](https://cloud.google.com/container-analysis/)
## Example Usage
```hcl
resource "google_container_analysis_note" "note" {
name = "test-attestor-note"
attestation_authority {
hint {
human_readable_name = "Attestor Note"
}
}
}
```
## Argument Reference
The following arguments are supported:
* `name` -
(Required)
The name of the note.
* `attestation_authority` -
(Required)
Note kind that represents a logical attestation "role" or "authority".
For example, an organization might have one AttestationAuthority for
"QA" and one for "build". This Note is intended to act strictly as a
grouping mechanism for the attached Occurrences (Attestations). This
grouping mechanism also provides a security boundary, since IAM ACLs
gate the ability for a principle to attach an Occurrence to a given
Note. It also provides a single point of lookup to find all attached
Attestation Occurrences, even if they don't all live in the same
project. Structure is documented below.
The `attestation_authority` block supports:
* `hint` -
(Required)
This submessage provides human-readable hints about the purpose of
the AttestationAuthority. Because the name of a Note acts as its
resource reference, it is important to disambiguate the canonical
name of the Note (which might be a UUID for security purposes)
from "readable" names more suitable for debug output. Note that
these hints should NOT be used to look up AttestationAuthorities
in security sensitive contexts, such as when looking up
Attestations to verify. Structure is documented below.
The `hint` block supports:
* `human_readable_name` -
(Required)
The human readable name of this Attestation Authority, for
example "qa".
- - -
* `project` - (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
## Import
Note can be imported using any of these accepted formats:
```
$ terraform import google_container_analysis_note.default projects/{{project}}/notes/{{name}}
$ terraform import google_container_analysis_note.default {{project}}/{{name}}
$ terraform import google_container_analysis_note.default {{name}}
```