gcloud beta container binauthz attestors create
- NAME
- gcloud beta container binauthz attestors create - create an Attestor
- SYNOPSIS
gcloud beta container binauthz attestors createATTESTOR(--attestation-authority-note=ATTESTATION_AUTHORITY_NOTE:--attestation-authority-note-project=ATTESTATION_AUTHORITY_NOTE_PROJECT)[--description=DESCRIPTION][GCLOUD_WIDE_FLAG …]
- DESCRIPTION
(BETA)Create an Attestor.- EXAMPLES
- To create an Attestor with an existing Note
projects/my_proj/notes/my_note:gcloudbetacontainerbinauthzattestorscreatemy_new_attestor--attestation-authority-note=my_note--attestation-authority-note-project=my_proj - POSITIONAL ARGUMENTS
- Attestor resource - The attestor to be created. This represents a Cloudresource. (NOTE) Some attributes are not given arguments in this group but canbe set in other ways.
To set the
projectattribute:- provide the argument
ATTESTORon the command line with a fullyspecified name; - provide the argument
--projecton the command line; - set the property
core/project.
This must be specified.
ATTESTOR- ID of the attestor or fully qualified identifier for the attestor.
To set the
nameattribute:- provide the argument
ATTESTORon the command line.
- provide the argument
- provide the argument
- Attestor resource - The attestor to be created. This represents a Cloudresource. (NOTE) Some attributes are not given arguments in this group but canbe set in other ways.
- REQUIRED FLAGS
- Note resource - The Container Analysis Note to which the created attestor willbe bound.
For the attestor to be able to access and use the Note, the Note must exist andthe active gcloud account (core/account) must have the
containeranalysis.notes.listOccurrencespermission for the Note.This can be achieved by granting thecontaineranalysis.notes.occurrences.viewerrole to the activeaccount for the Note resource in question.Theargumentsinthisgroupcanbeusedtospecifytheattributesofthisresource.This must be specified.
--attestation-authority-note=ATTESTATION_AUTHORITY_NOTE- ID of the note or fully qualified identifier for the note.
To set the
noteattribute:- provide the argument
--attestation-authority-noteon the commandline.
This flag argument must be specified if any of the other arguments in this groupare specified.
- provide the argument
--attestation-authority-note-project=ATTESTATION_AUTHORITY_NOTE_PROJECT- The Container Analysis project for the note.
To set the
projectattribute:- provide the argument
--attestation-authority-noteon the commandline with a fully specified name; - provide the argument
--attestation-authority-note-projecton thecommand line.
- provide the argument
- Note resource - The Container Analysis Note to which the created attestor willbe bound.
- OPTIONAL FLAGS
--description=DESCRIPTION- A description for the attestor
- GCLOUD WIDE FLAGS
- These flags are available to all commands:
--access-token-file,--account,--billing-project,--configuration,--flags-file,--flatten,--format,--help,--impersonate-service-account,--log-http,--project,--quiet,--trace-token,--user-output-enabled,--verbosity.Run
$gcloud helpfor details. - NOTES
- This command is currently in beta and might change without notice. Thesevariants are also available:
gcloudcontainerbinauthzattestorscreategcloudalphacontainerbinauthzattestorscreate
Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-07-22 UTC.