» google_container_analysis_note

A Container Analysis note is a high-level piece of metadata that describes a type of analysis that can be done for a resource.

To get more information about Note, see:

» Example Usage - Container Analysis Note Basic

resource "google_container_analysis_note" "note" {
  name = "attestor-note"
  attestation_authority {
    hint {
      human_readable_name = "Attestor Note"
    }
  }
}

» Example Usage - Container Analysis Note Attestation Full

resource "google_container_analysis_note" "note" {
  name = "attestor-note"

  short_description = "test note"
  long_description = "a longer description of test note"
  expiration_time = "2120-10-02T15:01:23.045123456Z"

  related_url {
    url = "some.url"
    label = "foo"
  }

  related_url {
    url = "google.com"
  }

  attestation_authority {
    hint {
      human_readable_name = "Attestor Note"
    }
  }
}

» Argument Reference

The following arguments are supported:

  • name - (Required) The name of the note.

  • attestation_authority - (Required) Note kind that represents a logical attestation "role" or "authority". For example, an organization might have one AttestationAuthority for "QA" and one for "build". This Note is intended to act strictly as a grouping mechanism for the attached Occurrences (Attestations). This grouping mechanism also provides a security boundary, since IAM ACLs gate the ability for a principle to attach an Occurrence to a given Note. It also provides a single point of lookup to find all attached Attestation Occurrences, even if they don't all live in the same project. Structure is documented below.

The attestation_authority block supports:

  • hint - (Required) This submessage provides human-readable hints about the purpose of the AttestationAuthority. Because the name of a Note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from "readable" names more suitable for debug output. Note that these hints should NOT be used to look up AttestationAuthorities in security sensitive contexts, such as when looking up Attestations to verify. Structure is documented below.

The hint block supports:

  • human_readable_name - (Required) The human readable name of this Attestation Authority, for example "qa".

  • short_description - (Optional) A one sentence description of the note.

  • long_description - (Optional) A detailed description of the note

  • related_url - (Optional) URLs associated with this note and related metadata. Structure is documented below.

  • expiration_time - (Optional) Time of expiration for this note. Leave empty if note does not expire.

  • related_note_names - (Optional) Names of other notes related to this note.

  • project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

The related_url block supports:

  • url - (Required) Specific URL associated with the resource.

  • label - (Optional) Label to describe usage of the URL

» Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

  • id - an identifier for the resource with format projects/{{project}}/notes/{{name}}

  • kind - The type of analysis this note describes

  • create_time - The time this note was created.

  • update_time - The time this note was last updated.

» Timeouts

This resource provides the following Timeouts configuration options:

  • create - Default is 4 minutes.
  • update - Default is 4 minutes.
  • delete - Default is 4 minutes.

» Import

Note can be imported using any of these accepted formats:

$ terraform import google_container_analysis_note.default projects/{{project}}/notes/{{name}}
$ terraform import google_container_analysis_note.default {{project}}/{{name}}
$ terraform import google_container_analysis_note.default {{name}}

» User Project Overrides

This resource supports User Project Overrides.