Google Binary Authorization Attestor

This page shows how to write Terraform for Binary Authorization Attestor and write them securely.


Fix issues in your cloud & app configurations

Test for misconfigurations of this resource in your cloud.


Terraform Example (google_binary_authorization_attestor)

An attestor that attests to container image artifacts. To get more information about Attestor, see:


  • description optional - string
    • A descriptive comment. This field may be updated. The field may be displayed in chooser dialogs.

  • id optionalcomputed - string
  • name required - string
    • The resource name.

  • project optionalcomputed - string

Example Usage (from GitHub)

resource "google_binary_authorization_attestor" "this" {
  description = var.description
  name        =
  project     = var.project

  dynamic "attestation_authority_note" {
resource "google_binary_authorization_attestor" "attestor" {
  name    = format("%s-attestor", var.attestor_name)
  project = var.project_id

  attestation_authority_note {
    note_reference =

Frequently asked questions

What is Google Binary Authorization Attestor?

Google Binary Authorization Attestor is a resource for Binary Authorization of Google Cloud Platform. Settings can be wrote in Terraform.

Where can I find the example code for the Google Binary Authorization Attestor?

For Terraform, the niveklabs/google and rosmo/gke-commonground-haven source code examples are useful. See the Terraform Example section for further details.