Google Cloud v8.21.0, Mar 5 25

Google Cloud v8.21.0 published on Wednesday, Mar 5, 2025 by Pulumi

gcp.containeranalysis.Occurence

Explore with Pulumi AI

Google Cloud v8.21.0 published on Wednesday, Mar 5, 2025 by Pulumi

pulumi/pulumi-gcp

Example Usage

Container Analysis Occurrence Kms

Coming soon!

Coming soon!

Coming soon!

Coming soon!

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.containeranalysis.Note;
import com.pulumi.gcp.containeranalysis.NoteArgs;
import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityArgs;
import com.pulumi.gcp.containeranalysis.inputs.NoteAttestationAuthorityHintArgs;
import com.pulumi.gcp.kms.KmsFunctions;
import com.pulumi.gcp.kms.inputs.GetKMSKeyRingArgs;
import com.pulumi.gcp.kms.inputs.GetKMSCryptoKeyArgs;
import com.pulumi.gcp.kms.inputs.GetKMSCryptoKeyVersionArgs;
import com.pulumi.gcp.binaryauthorization.Attestor;
import com.pulumi.gcp.binaryauthorization.AttestorArgs;
import com.pulumi.gcp.binaryauthorization.inputs.AttestorAttestationAuthorityNoteArgs;
import com.pulumi.gcp.containeranalysis.Occurence;
import com.pulumi.gcp.containeranalysis.OccurenceArgs;
import com.pulumi.gcp.containeranalysis.inputs.OccurenceAttestationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var note = new Note("note", NoteArgs.builder()
            .name("attestation-note")
            .attestationAuthority(NoteAttestationAuthorityArgs.builder()
                .hint(NoteAttestationAuthorityHintArgs.builder()
                    .humanReadableName("Attestor Note")
                    .build())
                .build())
            .build());

        final var keyring = KmsFunctions.getKMSKeyRing(GetKMSKeyRingArgs.builder()
            .name("my-key-ring")
            .location("global")
            .build());

        final var crypto-key = KmsFunctions.getKMSCryptoKey(GetKMSCryptoKeyArgs.builder()
            .name("my-key")
            .keyRing(keyring.applyValue(getKMSKeyRingResult -> getKMSKeyRingResult.id()))
            .build());

        final var version = KmsFunctions.getKMSCryptoKeyVersion(GetKMSCryptoKeyVersionArgs.builder()
            .cryptoKey(crypto_key.id())
            .build());

        var attestor = new Attestor("attestor", AttestorArgs.builder()
            .name("attestor")
            .attestationAuthorityNote(AttestorAttestationAuthorityNoteArgs.builder()
                .noteReference(note.name())
                .publicKeys(AttestorAttestationAuthorityNotePublicKeyArgs.builder()
                    .id(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.id()))
                    .pkixPublicKey(AttestorAttestationAuthorityNotePublicKeyPkixPublicKeyArgs.builder()
                        .publicKeyPem(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.publicKeys()[0].pem()))
                        .signatureAlgorithm(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.publicKeys()[0].algorithm()))
                        .build())
                    .build())
                .build())
            .build());

        var occurrence = new Occurence("occurrence", OccurenceArgs.builder()
            .resourceUri("gcr.io/my-project/my-image")
            .noteName(note.id())
            .attestation(OccurenceAttestationArgs.builder()
                .serializedPayload(StdFunctions.filebase64(Filebase64Args.builder()
                    .input("path/to/my/payload.json")
                    .build()).result())
                .signatures(OccurenceAttestationSignatureArgs.builder()
                    .publicKeyId(version.applyValue(getKMSCryptoKeyVersionResult -> getKMSCryptoKeyVersionResult.id()))
                    .serializedPayload(StdFunctions.filebase64(Filebase64Args.builder()
                        .input("path/to/my/payload.json.sig")
                        .build()).result())
                    .build())
                .build())
            .build());

    }
}

resources:
  attestor:
    type: gcp:binaryauthorization:Attestor
    properties:
      name: attestor
      attestationAuthorityNote:
        noteReference: ${note.name}
        publicKeys:
          - id: ${version.id}
            pkixPublicKey:
              publicKeyPem: ${version.publicKeys[0].pem}
              signatureAlgorithm: ${version.publicKeys[0].algorithm}
  note:
    type: gcp:containeranalysis:Note
    properties:
      name: attestation-note
      attestationAuthority:
        hint:
          humanReadableName: Attestor Note
  occurrence:
    type: gcp:containeranalysis:Occurence
    properties:
      resourceUri: gcr.io/my-project/my-image
      noteName: ${note.id}
      attestation:
        serializedPayload:
          fn::invoke:
            function: std:filebase64
            arguments:
              input: path/to/my/payload.json
            return: result
        signatures:
          - publicKeyId: ${version.id}
            serializedPayload:
              fn::invoke:
                function: std:filebase64
                arguments:
                  input: path/to/my/payload.json.sig
                return: result
variables:
  keyring:
    fn::invoke:
      function: gcp:kms:getKMSKeyRing
      arguments:
        name: my-key-ring
        location: global
  crypto-key:
    fn::invoke:
      function: gcp:kms:getKMSCryptoKey
      arguments:
        name: my-key
        keyRing: ${keyring.id}
  version:
    fn::invoke:
      function: gcp:kms:getKMSCryptoKeyVersion
      arguments:
        cryptoKey: ${["crypto-key"].id}

Create Occurence Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Occurence(name: string, args: OccurenceArgs, opts?: CustomResourceOptions);

@overload
def Occurence(resource_name: str,
              args: OccurenceArgs,
              opts: Optional[ResourceOptions] = None)

@overload
def Occurence(resource_name: str,
              opts: Optional[ResourceOptions] = None,
              attestation: Optional[OccurenceAttestationArgs] = None,
              note_name: Optional[str] = None,
              resource_uri: Optional[str] = None,
              project: Optional[str] = None,
              remediation: Optional[str] = None)

func NewOccurence(ctx *Context, name string, args OccurenceArgs, opts ...ResourceOption) (*Occurence, error)

public Occurence(string name, OccurenceArgs args, CustomResourceOptions? opts = null)

public Occurence(String name, OccurenceArgs args)
public Occurence(String name, OccurenceArgs args, CustomResourceOptions options)

type: gcp:containeranalysis:Occurence
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args OccurenceArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args OccurenceArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args OccurenceArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args OccurenceArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args OccurenceArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var occurenceResource = new Gcp.ContainerAnalysis.Occurence("occurenceResource", new()
{
    Attestation = new Gcp.ContainerAnalysis.Inputs.OccurenceAttestationArgs
    {
        SerializedPayload = "string",
        Signatures = new[]
        {
            new Gcp.ContainerAnalysis.Inputs.OccurenceAttestationSignatureArgs
            {
                PublicKeyId = "string",
                Signature = "string",
            },
        },
    },
    NoteName = "string",
    ResourceUri = "string",
    Project = "string",
    Remediation = "string",
});

example, err := containeranalysis.NewOccurence(ctx, "occurenceResource", &containeranalysis.OccurenceArgs{
	Attestation: &containeranalysis.OccurenceAttestationArgs{
		SerializedPayload: pulumi.String("string"),
		Signatures: containeranalysis.OccurenceAttestationSignatureArray{
			&containeranalysis.OccurenceAttestationSignatureArgs{
				PublicKeyId: pulumi.String("string"),
				Signature:   pulumi.String("string"),
			},
		},
	},
	NoteName:    pulumi.String("string"),
	ResourceUri: pulumi.String("string"),
	Project:     pulumi.String("string"),
	Remediation: pulumi.String("string"),
})

var occurenceResource = new Occurence("occurenceResource", OccurenceArgs.builder()
    .attestation(OccurenceAttestationArgs.builder()
        .serializedPayload("string")
        .signatures(OccurenceAttestationSignatureArgs.builder()
            .publicKeyId("string")
            .signature("string")
            .build())
        .build())
    .noteName("string")
    .resourceUri("string")
    .project("string")
    .remediation("string")
    .build());

occurence_resource = gcp.containeranalysis.Occurence("occurenceResource",
    attestation={
        "serialized_payload": "string",
        "signatures": [{
            "public_key_id": "string",
            "signature": "string",
        }],
    },
    note_name="string",
    resource_uri="string",
    project="string",
    remediation="string")

const occurenceResource = new gcp.containeranalysis.Occurence("occurenceResource", {
    attestation: {
        serializedPayload: "string",
        signatures: [{
            publicKeyId: "string",
            signature: "string",
        }],
    },
    noteName: "string",
    resourceUri: "string",
    project: "string",
    remediation: "string",
});

type: gcp:containeranalysis:Occurence
properties:
    attestation:
        serializedPayload: string
        signatures:
            - publicKeyId: string
              signature: string
    noteName: string
    project: string
    remediation: string
    resourceUri: string

Occurence Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Occurence resource accepts the following input properties:

Attestation OccurenceAttestation: Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
NoteName string: The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
ResourceUri string: Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
Project string
Remediation string: A description of actions that can be taken to remedy the note.

Attestation OccurenceAttestationArgs: Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
NoteName string: The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
ResourceUri string: Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
Project string
Remediation string: A description of actions that can be taken to remedy the note.

attestation OccurenceAttestation: Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
noteName String: The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
resourceUri String: Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
project String
remediation String: A description of actions that can be taken to remedy the note.

attestation OccurenceAttestation: Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
noteName string: The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
resourceUri string: Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
project string
remediation string: A description of actions that can be taken to remedy the note.

attestation OccurenceAttestationArgs: Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
note_name str: The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
resource_uri str: Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
project str
remediation str: A description of actions that can be taken to remedy the note.

attestation Property Map: Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
noteName String: The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
resourceUri String: Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
project String
remediation String: A description of actions that can be taken to remedy the note.

Outputs

All input properties are implicitly available as output properties. Additionally, the Occurence resource produces the following output properties:

CreateTime string: The time when the repository was created.
Id string: The provider-assigned unique ID for this managed resource.
Kind string: The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
Name string: The name of the occurrence.
UpdateTime string: The time when the repository was last updated.

CreateTime string: The time when the repository was created.
Id string: The provider-assigned unique ID for this managed resource.
Kind string: The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
Name string: The name of the occurrence.
UpdateTime string: The time when the repository was last updated.

createTime String: The time when the repository was created.
id String: The provider-assigned unique ID for this managed resource.
kind String: The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
name String: The name of the occurrence.
updateTime String: The time when the repository was last updated.

createTime string: The time when the repository was created.
id string: The provider-assigned unique ID for this managed resource.
kind string: The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
name string: The name of the occurrence.
updateTime string: The time when the repository was last updated.

create_time str: The time when the repository was created.
id str: The provider-assigned unique ID for this managed resource.
kind str: The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
name str: The name of the occurrence.
update_time str: The time when the repository was last updated.

createTime String: The time when the repository was created.
id String: The provider-assigned unique ID for this managed resource.
kind String: The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
name String: The name of the occurrence.
updateTime String: The time when the repository was last updated.

Look up Existing Occurence Resource

Get an existing Occurence resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: OccurenceState, opts?: CustomResourceOptions): Occurence

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        attestation: Optional[OccurenceAttestationArgs] = None,
        create_time: Optional[str] = None,
        kind: Optional[str] = None,
        name: Optional[str] = None,
        note_name: Optional[str] = None,
        project: Optional[str] = None,
        remediation: Optional[str] = None,
        resource_uri: Optional[str] = None,
        update_time: Optional[str] = None) -> Occurence

func GetOccurence(ctx *Context, name string, id IDInput, state *OccurenceState, opts ...ResourceOption) (*Occurence, error)

public static Occurence Get(string name, Input<string> id, OccurenceState? state, CustomResourceOptions? opts = null)

public static Occurence get(String name, Output<String> id, OccurenceState state, CustomResourceOptions options)

resources:  _:    type: gcp:containeranalysis:Occurence    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Attestation OccurenceAttestation: Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
CreateTime string: The time when the repository was created.
Kind string: The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
Name string: The name of the occurrence.
NoteName string: The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
Project string
Remediation string: A description of actions that can be taken to remedy the note.
ResourceUri string: Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
UpdateTime string: The time when the repository was last updated.

Attestation OccurenceAttestationArgs: Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
CreateTime string: The time when the repository was created.
Kind string: The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
Name string: The name of the occurrence.
NoteName string: The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
Project string
Remediation string: A description of actions that can be taken to remedy the note.
ResourceUri string: Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
UpdateTime string: The time when the repository was last updated.

attestation OccurenceAttestation: Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
createTime String: The time when the repository was created.
kind String: The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
name String: The name of the occurrence.
noteName String: The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
project String
remediation String: A description of actions that can be taken to remedy the note.
resourceUri String: Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
updateTime String: The time when the repository was last updated.

attestation OccurenceAttestation: Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
createTime string: The time when the repository was created.
kind string: The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
name string: The name of the occurrence.
noteName string: The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
project string
remediation string: A description of actions that can be taken to remedy the note.
resourceUri string: Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
updateTime string: The time when the repository was last updated.

attestation OccurenceAttestationArgs: Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
create_time str: The time when the repository was created.
kind str: The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
name str: The name of the occurrence.
note_name str: The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
project str
remediation str: A description of actions that can be taken to remedy the note.
resource_uri str: Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
update_time str: The time when the repository was last updated.

attestation Property Map: Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. Structure is documented below.
createTime String: The time when the repository was created.
kind String: The note kind which explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests.
name String: The name of the occurrence.
noteName String: The analysis note associated with this occurrence, in the form of projects/[PROJECT]/notes/[NOTE_ID]. This field can be used as a filter in list requests.
project String
remediation String: A description of actions that can be taken to remedy the note.
resourceUri String: Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image.
updateTime String: The time when the repository was last updated.

Supporting Types

OccurenceAttestation, OccurenceAttestationArgs

SerializedPayload string: The serialized payload that is verified by one or more signatures. A base64-encoded string.
Signatures List<OccurenceAttestationSignature>: One or more signatures over serializedPayload. Verifier implementations should consider this attestation message verified if at least one signature verifies serializedPayload. See Signature in common.proto for more details on signature structure and verification. Structure is documented below.

SerializedPayload string: The serialized payload that is verified by one or more signatures. A base64-encoded string.
Signatures []OccurenceAttestationSignature: One or more signatures over serializedPayload. Verifier implementations should consider this attestation message verified if at least one signature verifies serializedPayload. See Signature in common.proto for more details on signature structure and verification. Structure is documented below.

serializedPayload String: The serialized payload that is verified by one or more signatures. A base64-encoded string.
signatures List<OccurenceAttestationSignature>: One or more signatures over serializedPayload. Verifier implementations should consider this attestation message verified if at least one signature verifies serializedPayload. See Signature in common.proto for more details on signature structure and verification. Structure is documented below.

serializedPayload string: The serialized payload that is verified by one or more signatures. A base64-encoded string.
signatures OccurenceAttestationSignature[]: One or more signatures over serializedPayload. Verifier implementations should consider this attestation message verified if at least one signature verifies serializedPayload. See Signature in common.proto for more details on signature structure and verification. Structure is documented below.

serialized_payload str: The serialized payload that is verified by one or more signatures. A base64-encoded string.
signatures Sequence[OccurenceAttestationSignature]: One or more signatures over serializedPayload. Verifier implementations should consider this attestation message verified if at least one signature verifies serializedPayload. See Signature in common.proto for more details on signature structure and verification. Structure is documented below.

serializedPayload String: The serialized payload that is verified by one or more signatures. A base64-encoded string.
signatures List<Property Map>: One or more signatures over serializedPayload. Verifier implementations should consider this attestation message verified if at least one signature verifies serializedPayload. See Signature in common.proto for more details on signature structure and verification. Structure is documented below.

OccurenceAttestationSignature, OccurenceAttestationSignatureArgs

PublicKeyId string

The identifier for the public key that verifies this signature. MUST be an RFC3986 conformant URI. * When possible, the key id should be an immutable reference, such as a cryptographic digest. Examples of valid values:

OpenPGP V4 public key fingerprint. See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.
openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA
RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):
"ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"

Signature string

The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.

PublicKeyId string

OpenPGP V4 public key fingerprint. See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.
openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA
RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):
"ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"

Signature string

publicKeyId String

OpenPGP V4 public key fingerprint. See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.
openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA
RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):
"ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"

signature String

publicKeyId string

OpenPGP V4 public key fingerprint. See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.
openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA
RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):
"ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"

signature string

public_key_id str

OpenPGP V4 public key fingerprint. See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.
openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA
RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):
"ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"

signature str

publicKeyId String

OpenPGP V4 public key fingerprint. See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.
openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA
RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):
"ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"

signature String

Import

Occurrence can be imported using any of these accepted formats:

projects/{{project}}/occurrences/{{name}}
{{project}}/{{name}}
{{name}}

When using the pulumi import command, Occurrence can be imported using one of the formats above. For example:

$ pulumi import gcp:containeranalysis/occurence:Occurence default projects/{{project}}/occurrences/{{name}}

$ pulumi import gcp:containeranalysis/occurence:Occurence default {{project}}/{{name}}

$ pulumi import gcp:containeranalysis/occurence:Occurence default {{name}}

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Google Cloud (GCP) Classic pulumi/pulumi-gcp
License: Apache-2.0
Notes: This Pulumi package is based on the google-beta Terraform Provider.

Google Cloud v8.21.0 published on Wednesday, Mar 5, 2025 by Pulumi

pulumi/pulumi-gcp

gcp.containeranalysis.Occurence

On this page

On this page

Example Usage

Container Analysis Occurrence Kms

Create Occurence Resource

Constructor syntax

Parameters

Constructor example

Occurence Resource Properties

Inputs

Outputs

Look up Existing Occurence Resource

Supporting Types

OccurenceAttestation, OccurenceAttestationArgs

OccurenceAttestationSignature, OccurenceAttestationSignatureArgs

Import

Package Details

On this page

On this page