Class: Google::Apis::GkehubV1alpha::PolicyControllerHubConfig

Inherits:
Object
  • Object
show all
Includes:
Core::Hashable, Core::JsonObjectSupport
Defined in:
lib/google/apis/gkehub_v1alpha/classes.rb,
lib/google/apis/gkehub_v1alpha/representations.rb,
lib/google/apis/gkehub_v1alpha/representations.rb

Overview

Configuration for Policy Controller

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ PolicyControllerHubConfig

Returns a new instance of PolicyControllerHubConfig.



4712
4713
4714
 
# File 'lib/google/apis/gkehub_v1alpha/classes.rb', line 4712

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#audit_interval_secondsFixnum

Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether. Corresponds to the JSON property auditIntervalSeconds

Returns:

  • (Fixnum) 


4653
4654
4655
 
# File 'lib/google/apis/gkehub_v1alpha/classes.rb', line 4653

def audit_interval_seconds
  @audit_interval_seconds
end

#constraint_violation_limitFixnum

The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used. Corresponds to the JSON property constraintViolationLimit

Returns:

  • (Fixnum) 


4659
4660
4661
 
# File 'lib/google/apis/gkehub_v1alpha/classes.rb', line 4659

def constraint_violation_limit
  @constraint_violation_limit
end

#deployment_configsHash<String,Google::Apis::GkehubV1alpha::PolicyControllerPolicyControllerDeploymentConfig>

Map of deployment configs to deployments ("admission", "audit", "mutation'). Corresponds to the JSON property deploymentConfigs

Returns:



4664
4665
4666
 
# File 'lib/google/apis/gkehub_v1alpha/classes.rb', line 4664

def deployment_configs
  @deployment_configs
end

#exemptable_namespacesArray<String>

The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster. Corresponds to the JSON property exemptableNamespaces

Returns:

  • (Array<String>) 


4670
4671
4672
 
# File 'lib/google/apis/gkehub_v1alpha/classes.rb', line 4670

def exemptable_namespaces
  @exemptable_namespaces
end

#install_specString

The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state. Corresponds to the JSON property installSpec

Returns:

  • (String) 


4678
4679
4680
 
# File 'lib/google/apis/gkehub_v1alpha/classes.rb', line 4678

def install_spec
  @install_spec
end

#log_denies_enabledBoolean Also known as: log_denies_enabled?

Logs all denies and dry run failures. Corresponds to the JSON property logDeniesEnabled

Returns:

  • (Boolean) 


4683
4684
4685
 
# File 'lib/google/apis/gkehub_v1alpha/classes.rb', line 4683

def log_denies_enabled
  @log_denies_enabled
end

#monitoringGoogle::Apis::GkehubV1alpha::PolicyControllerMonitoringConfig

MonitoringConfig specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: ["cloudmonitoring", "prometheus"] Corresponds to the JSON property monitoring

Returns:



4691
4692
4693
 
# File 'lib/google/apis/gkehub_v1alpha/classes.rb', line 4691

def monitoring
  @monitoring
end

#mutation_enabledBoolean Also known as: mutation_enabled?

Enables the ability to mutate resources using Policy Controller. Corresponds to the JSON property mutationEnabled

Returns:

  • (Boolean) 


4696
4697
4698
 
# File 'lib/google/apis/gkehub_v1alpha/classes.rb', line 4696

def mutation_enabled
  @mutation_enabled
end

#policy_contentGoogle::Apis::GkehubV1alpha::PolicyControllerPolicyContentSpec

PolicyContentSpec defines the user's desired content configuration on the cluster. Corresponds to the JSON property policyContent

Returns:



4703
4704
4705
 
# File 'lib/google/apis/gkehub_v1alpha/classes.rb', line 4703

def policy_content
  @policy_content
end

#referential_rules_enabledBoolean Also known as: referential_rules_enabled?

Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated. Corresponds to the JSON property referentialRulesEnabled

Returns:

  • (Boolean) 


4709
4710
4711
 
# File 'lib/google/apis/gkehub_v1alpha/classes.rb', line 4709

def referential_rules_enabled
  @referential_rules_enabled
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



4717
4718
4719
4720
4721
4722
4723
4724
4725
4726
4727
4728
 
# File 'lib/google/apis/gkehub_v1alpha/classes.rb', line 4717

def update!(**args)
  @audit_interval_seconds = args[:audit_interval_seconds] if args.key?(:audit_interval_seconds)
  @constraint_violation_limit = args[:constraint_violation_limit] if args.key?(:constraint_violation_limit)
  @deployment_configs = args[:deployment_configs] if args.key?(:deployment_configs)
  @exemptable_namespaces = args[:exemptable_namespaces] if args.key?(:exemptable_namespaces)
  @install_spec = args[:install_spec] if args.key?(:install_spec)
  @log_denies_enabled = args[:log_denies_enabled] if args.key?(:log_denies_enabled)
  @monitoring = args[:monitoring] if args.key?(:monitoring)
  @mutation_enabled = args[:mutation_enabled] if args.key?(:mutation_enabled)
  @policy_content = args[:policy_content] if args.key?(:policy_content)
  @referential_rules_enabled = args[:referential_rules_enabled] if args.key?(:referential_rules_enabled)
end