Skip to content

googleContainerAnalysisNote

A Container Analysis note is a high-level piece of metadata that describes a type of analysis that can be done for a resource.

To get more information about Note, see:

Open in Cloud Shell

Example Usage - Container Analysis Note Basic

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
new google.containerAnalysisNote.ContainerAnalysisNote(this, "note", {
  attestation_authority: [
    {
      hint: [
        {
          human_readable_name: "Attestor Note",
        },
      ],
    },
  ],
  name: "attestor-note",
});
Open in Cloud Shell

Example Usage - Container Analysis Note Attestation Full

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
new google.containerAnalysisNote.ContainerAnalysisNote(this, "note", {
  attestation_authority: [
    {
      hint: [
        {
          human_readable_name: "Attestor Note",
        },
      ],
    },
  ],
  expiration_time: "2120-10-02T15:01:23.045123456Z",
  long_description: "a longer description of test note",
  name: "attestor-note",
  related_url: [
    {
      label: "foo",
      url: "some.url",
    },
    {
      url: "google.com",
    },
  ],
  short_description: "test note",
});

Argument Reference

The following arguments are supported:

  • name - (Required) The name of the note.

  • attestationAuthority - (Required) Note kind that represents a logical attestation "role" or "authority". For example, an organization might have one AttestationAuthority for "QA" and one for "build". This Note is intended to act strictly as a grouping mechanism for the attached Occurrences (Attestations). This grouping mechanism also provides a security boundary, since IAM ACLs gate the ability for a principle to attach an Occurrence to a given Note. It also provides a single point of lookup to find all attached Attestation Occurrences, even if they don't all live in the same project. Structure is documented below.

The attestationAuthority block supports:

  • hint - (Required) This submessage provides human-readable hints about the purpose of the AttestationAuthority. Because the name of a Note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from "readable" names more suitable for debug output. Note that these hints should NOT be used to look up AttestationAuthorities in security sensitive contexts, such as when looking up Attestations to verify. Structure is documented below.

The hint block supports:

  • humanReadableName - (Required) The human readable name of this Attestation Authority, for example "qa".

  • shortDescription - (Optional) A one sentence description of the note.

  • longDescription - (Optional) A detailed description of the note

  • relatedUrl - (Optional) URLs associated with this note and related metadata. Structure is documented below.

  • expirationTime - (Optional) Time of expiration for this note. Leave empty if note does not expire.

  • relatedNoteNames - (Optional) Names of other notes related to this note.

  • project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

The relatedUrl block supports:

  • url - (Required) Specific URL associated with the resource.

  • label - (Optional) Label to describe usage of the URL

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

  • id - an identifier for the resource with format projects/{{project}}/notes/{{name}}

  • kind - The type of analysis this note describes

  • createTime - The time this note was created.

  • updateTime - The time this note was last updated.

Timeouts

This resource provides the following Timeouts configuration options:

  • create - Default is 20 minutes.
  • update - Default is 20 minutes.
  • delete - Default is 20 minutes.

Import

Note can be imported using any of these accepted formats:

$ terraform import google_container_analysis_note.default projects/{{project}}/notes/{{name}}
$ terraform import google_container_analysis_note.default {{project}}/{{name}}
$ terraform import google_container_analysis_note.default {{name}}

User Project Overrides

This resource supports User Project Overrides.