A Container Analysis note is a high-level piece of metadata that describes a type of analysis that can be done for a resource.
To get more information about Note, see:
resource "google_container_analysis_note" "note" {
name = "attestor-note"
attestation_authority {
hint {
human_readable_name = "Attestor Note"
}
}
}
resource "google_container_analysis_note" "note" {
name = "attestor-note"
short_description = "test note"
long_description = "a longer description of test note"
expiration_time = "2120-10-02T15:01:23.045123456Z"
related_url {
url = "some.url"
label = "foo"
}
related_url {
url = "google.com"
}
attestation_authority {
hint {
human_readable_name = "Attestor Note"
}
}
}
The following arguments are supported:
name
-
(Required)
The name of the note.
attestation_authority
-
(Required)
Note kind that represents a logical attestation "role" or "authority".
For example, an organization might have one AttestationAuthority for
"QA" and one for "build". This Note is intended to act strictly as a
grouping mechanism for the attached Occurrences (Attestations). This
grouping mechanism also provides a security boundary, since IAM ACLs
gate the ability for a principle to attach an Occurrence to a given
Note. It also provides a single point of lookup to find all attached
Attestation Occurrences, even if they don't all live in the same
project.
Structure is documented below.
The attestation_authority
block supports:
hint
-
(Required)
This submessage provides human-readable hints about the purpose of
the AttestationAuthority. Because the name of a Note acts as its
resource reference, it is important to disambiguate the canonical
name of the Note (which might be a UUID for security purposes)
from "readable" names more suitable for debug output. Note that
these hints should NOT be used to look up AttestationAuthorities
in security sensitive contexts, such as when looking up
Attestations to verify.
Structure is documented below.human_readable_name
-
(Required)
The human readable name of this Attestation Authority, for
example "qa".short_description
-
(Optional)
A one sentence description of the note.
long_description
-
(Optional)
A detailed description of the note
related_url
-
(Optional)
URLs associated with this note and related metadata.
Structure is documented below.
expiration_time
-
(Optional)
Time of expiration for this note. Leave empty if note does not expire.
related_note_names
-
(Optional)
Names of other notes related to this note.
project
- (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
The related_url
block supports:
url
-
(Required)
Specific URL associated with the resource.
label
-
(Optional)
Label to describe usage of the URL
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format projects/{{project}}/notes/{{name}}
kind
-
The type of analysis this note describes
create_time
-
The time this note was created.
update_time
-
The time this note was last updated.
This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.update
- Default is 20 minutes.delete
- Default is 20 minutes.Note can be imported using any of these accepted formats:
projects/{{project}}/notes/{{name}}
{{project}}/{{name}}
{{name}}
In Terraform v1.5.0 and later, use an import
block to import Note using one of the formats above. For example:
import {
id = "projects/{{project}}/notes/{{name}}"
to = google_container_analysis_note.default
}
When using the terraform import
command, Note can be imported using one of the formats above. For example:
$ terraform import google_container_analysis_note.default projects/{{project}}/notes/{{name}}
$ terraform import google_container_analysis_note.default {{project}}/{{name}}
$ terraform import google_container_analysis_note.default {{name}}
This resource supports User Project Overrides.