Binary Authorization Attestor

A Binary Authorization Attestor in Google Cloud is a security resource that defines and manages trusted authorities for container image verification. It ensures that only images signed by approved attestors can be deployed to Google Kubernetes Engine or Cloud Run. This helps enforce policy compliance and prevents unauthorized or unverified software from running in production environments.

gcp.binaryauthorization_attestor

Fields

TitleIDTypeData TypeDescription
_keycorestring
ancestorscorearray<string>
datadog_display_namecorestring
descriptioncorestringOptional. A descriptive comment. This field may be updated. The field may be displayed in chooser dialogs.
etagcorestringOptional. A checksum, returned by the server, that can be sent on update requests to ensure the attestor has an up-to-date value before attempting to update it. See https://google.aip.dev/154.
labelscorearray<string>
namecorestringRequired. The resource name, in the format: `projects/*/attestors/*`. This field may not be updated.
organization_idcorestring
parentcorestring
project_idcorestring
project_numbercorestring
region_idcorestring
resource_namecorestring
tagscorehstore_csv
update_timecoretimestampOutput only. Time when the attestor was last updated.
user_owned_grafeas_notecorejsonThis specifies how an attestation will be read, and how it will be used during policy enforcement.
zone_idcorestring