Cloud Build의 규제 지원

이 문서에서는 지원되는 제어 패키지의 제어와 일치하는 Cloud Build의 기능, 구성, API를 설명합니다. 이 문서에서는 Assured Workloads를 사용한다고 가정합니다.

ITAR의 데이터 경계

지원되는 서비스

다음 표에는 ITAR의 데이터 경계 요구사항을 충족하는 Cloud Build API 및 버전이 나와 있습니다.

서비스 버전 상태
cloudbuild.googleapis.com v1 지원됨
cloudbuild.googleapis.com v2 지원됨

규정 준수 지원 리전

Cloud Build는 다음 Google Cloud 리전에서 ITAR용 데이터 경계에 사용할 수 있습니다.

  • us-central1
  • us-central2
  • us-east1
  • us-east4
  • us-east5
  • us-south1
  • us-west1
  • us-west2
  • us-west3
  • us-west4

민감한 정보의 API 필드

리소스: 리소스 없음

다음 표에는 ITAR의 데이터 경계에 따라 보호되는 데이터를 처리하도록 설계된 API 리소스와 필드가 명시되어 있습니다.

API 메서드 보호된 필드

서비스: cloudbuild.googleapis.com

REST API: POST /v1/appmanifest:constructAppManifest

RPC 메서드:

  • google.devtools.cloudbuild.v1.CloudBuild.ConstructAppManifest
  • apiKey
  • hostUrl
  • sslCa

서비스: cloudbuild.googleapis.com

REST API: POST /v1/{parent=projects/*/locations/*}/appmanifest:constructAppManifest

RPC 메서드:

  • google.devtools.cloudbuild.v1.CloudBuild.ConstructAppManifest
  • apiKey
  • hostUrl
  • sslCa

리소스: cloudbuild.googleapis.com/Build

다음 표에는 ITAR의 데이터 경계에 따라 보호되는 데이터를 처리하도록 설계된 API 리소스와 필드가 명시되어 있습니다.

API 메서드 보호된 필드

서비스: cloudbuild.googleapis.com

REST API: GET /v1/projects/{project_id}/builds

RPC 메서드:

  • google.devtools.cloudbuild.v1.CloudBuild.ListBuilds
  • filter

서비스: cloudbuild.googleapis.com

REST API: GET /v1/{parent=projects/*/locations/*}/builds

RPC 메서드:

  • google.devtools.cloudbuild.v1.CloudBuild.ListBuilds
  • filter

서비스: cloudbuild.googleapis.com

REST API: POST /v1/projects/{project_id}/builds

RPC 메서드:

  • google.devtools.cloudbuild.v1.CloudBuild.CreateBuild
  • build.artifacts.genericArtifacts.contentHandling
  • build.artifacts.genericArtifacts.folder
  • build.artifacts.genericArtifacts.registryPath
  • build.artifacts.goModules.modulePath
  • build.artifacts.goModules.moduleVersion
  • build.artifacts.goModules.sourcePath
  • build.artifacts.images
  • build.artifacts.mavenArtifacts.artifactId
  • build.artifacts.mavenArtifacts.deployFolder
  • build.artifacts.mavenArtifacts.groupId
  • build.artifacts.mavenArtifacts.path
  • build.artifacts.mavenArtifacts.pomPath
  • build.artifacts.mavenArtifacts.version
  • build.artifacts.npmPackages.archive
  • build.artifacts.npmPackages.packagePath
  • build.artifacts.npmPackages.repository
  • build.artifacts.objects.location
  • build.artifacts.objects.paths
  • build.artifacts.oci.file
  • build.artifacts.oci.registryPath
  • build.artifacts.oci.tags
  • build.artifacts.pythonPackages.paths
  • build.artifacts.testResults.bucketUri
  • build.artifacts.testResults.format
  • build.artifacts.testResults.paths
  • build.artifacts.volumes.name
  • build.artifacts.volumes.path
  • build.availableSecrets.inline.envMap.key
  • build.availableSecrets.inline.envMap.value
  • build.availableSecrets.inline.kmsKeyName
  • build.availableSecrets.secretManager.env
  • build.availableSecrets.secretManager.versionName
  • build.buildReceipt.workerDiagnostics.identityEndpointSuccesses
  • build.dependencies.empty
  • build.dependencies.genericArtifact.destPath
  • build.dependencies.genericArtifact.resource
  • build.dependencies.gitSource.depth
  • build.dependencies.gitSource.destPath
  • build.dependencies.gitSource.recurseSubmodules
  • build.dependencies.gitSource.repository.developerConnect
  • build.dependencies.gitSource.repository.proxyUrlEnabled
  • build.dependencies.gitSource.repository.url
  • build.dependencies.gitSource.revision
  • build.gitConfig.http.proxySecretVersionName
  • build.gitConfig.http.sslCaInfo
  • build.images
  • build.logsBucket
  • build.options.env
  • build.options.secretEnv
  • build.options.volumes.name
  • build.options.volumes.path
  • build.secrets.kmsKeyName
  • build.secrets.secretEnv.key
  • build.secrets.secretEnv.value
  • build.serviceAccount
  • build.source.buildConfigFileName
  • build.source.connectedRepository.dir
  • build.source.connectedRepository.repository
  • build.source.connectedRepository.revision
  • build.source.developerConnectConfig.dir
  • build.source.developerConnectConfig.gitRepositoryLink
  • build.source.developerConnectConfig.revision
  • build.source.gitSource.commitSha
  • build.source.gitSource.dir
  • build.source.gitSource.revision
  • build.source.gitSource.url
  • build.source.repoSource.branchName
  • build.source.repoSource.commitSha
  • build.source.repoSource.dir
  • build.source.repoSource.invertRegex
  • build.source.repoSource.projectId
  • build.source.repoSource.repoName
  • build.source.repoSource.substitutions.key
  • build.source.repoSource.substitutions.value
  • build.source.repoSource.tagName
  • build.source.storageSource.bucket
  • build.source.storageSource.generation
  • build.source.storageSource.object
  • build.source.storageSource.sourceFetcher
  • build.source.storageSource.stripComponents
  • build.source.storageSourceManifest.bucket
  • build.source.storageSourceManifest.generation
  • build.source.storageSourceManifest.object
  • build.steps.args
  • build.steps.dir
  • build.steps.entrypoint
  • build.steps.env
  • build.steps.id
  • build.steps.name
  • build.steps.remoteConfig
  • build.steps.results.attestationContent
  • build.steps.results.attestationType
  • build.steps.results.name
  • build.steps.script
  • build.steps.secretEnv
  • build.steps.volumes.name
  • build.steps.volumes.path
  • build.steps.waitFor
  • build.substitutions.key
  • build.substitutions.value
  • build.tags

서비스: cloudbuild.googleapis.com

REST API: POST /v1/{name=projects/*/builds/*}:approve

RPC 메서드:

  • google.devtools.cloudbuild.v1.CloudBuild.ApproveBuild
  • approvalResult.comment
  • approvalResult.url

서비스: cloudbuild.googleapis.com

REST API: POST /v1/{name=projects/*/locations/*/builds/*}:approve

RPC 메서드:

  • google.devtools.cloudbuild.v1.CloudBuild.ApproveBuild
  • approvalResult.comment
  • approvalResult.url

서비스: cloudbuild.googleapis.com

REST API: POST /v1/{parent=projects/*/locations/*}/builds

RPC 메서드:

  • google.devtools.cloudbuild.v1.CloudBuild.CreateBuild
  • build.artifacts.genericArtifacts.contentHandling
  • build.artifacts.genericArtifacts.folder
  • build.artifacts.genericArtifacts.registryPath
  • build.artifacts.goModules.modulePath
  • build.artifacts.goModules.moduleVersion
  • build.artifacts.goModules.sourcePath
  • build.artifacts.images
  • build.artifacts.mavenArtifacts.artifactId
  • build.artifacts.mavenArtifacts.deployFolder
  • build.artifacts.mavenArtifacts.groupId
  • build.artifacts.mavenArtifacts.path
  • build.artifacts.mavenArtifacts.pomPath
  • build.artifacts.mavenArtifacts.version
  • build.artifacts.npmPackages.archive
  • build.artifacts.npmPackages.packagePath
  • build.artifacts.npmPackages.repository
  • build.artifacts.objects.location
  • build.artifacts.objects.paths
  • build.artifacts.oci.file
  • build.artifacts.oci.registryPath
  • build.artifacts.oci.tags
  • build.artifacts.pythonPackages.paths
  • build.artifacts.testResults.bucketUri
  • build.artifacts.testResults.format
  • build.artifacts.testResults.paths
  • build.artifacts.volumes.name
  • build.artifacts.volumes.path
  • build.availableSecrets.inline.envMap.key
  • build.availableSecrets.inline.envMap.value
  • build.availableSecrets.inline.kmsKeyName
  • build.availableSecrets.secretManager.env
  • build.availableSecrets.secretManager.versionName
  • build.buildReceipt.workerDiagnostics.identityEndpointSuccesses
  • build.dependencies.empty
  • build.dependencies.genericArtifact.destPath
  • build.dependencies.genericArtifact.resource
  • build.dependencies.gitSource.depth
  • build.dependencies.gitSource.destPath
  • build.dependencies.gitSource.recurseSubmodules
  • build.dependencies.gitSource.repository.developerConnect
  • build.dependencies.gitSource.repository.proxyUrlEnabled
  • build.dependencies.gitSource.repository.url
  • build.dependencies.gitSource.revision
  • build.gitConfig.http.proxySecretVersionName
  • build.gitConfig.http.sslCaInfo
  • build.images
  • build.logsBucket
  • build.options.env
  • build.options.secretEnv
  • build.options.volumes.name
  • build.options.volumes.path
  • build.secrets.kmsKeyName
  • build.secrets.secretEnv.key
  • build.secrets.secretEnv.value
  • build.serviceAccount
  • build.source.buildConfigFileName
  • build.source.connectedRepository.dir
  • build.source.connectedRepository.repository
  • build.source.connectedRepository.revision
  • build.source.developerConnectConfig.dir
  • build.source.developerConnectConfig.gitRepositoryLink
  • build.source.developerConnectConfig.revision
  • build.source.gitSource.commitSha
  • build.source.gitSource.dir
  • build.source.gitSource.revision
  • build.source.gitSource.url
  • build.source.repoSource.branchName
  • build.source.repoSource.commitSha
  • build.source.repoSource.dir
  • build.source.repoSource.invertRegex
  • build.source.repoSource.projectId
  • build.source.repoSource.repoName
  • build.source.repoSource.substitutions.key
  • build.source.repoSource.substitutions.value
  • build.source.repoSource.tagName
  • build.source.storageSource.bucket
  • build.source.storageSource.generation
  • build.source.storageSource.object
  • build.source.storageSource.sourceFetcher
  • build.source.storageSource.stripComponents
  • build.source.storageSourceManifest.bucket
  • build.source.storageSourceManifest.generation
  • build.source.storageSourceManifest.object
  • build.steps.args
  • build.steps.dir
  • build.steps.entrypoint
  • build.steps.env
  • build.steps.id
  • build.steps.name
  • build.steps.remoteConfig
  • build.steps.results.attestationContent
  • build.steps.results.attestationType
  • build.steps.results.name
  • build.steps.script
  • build.steps.secretEnv
  • build.steps.volumes.name
  • build.steps.volumes.path
  • build.steps.waitFor
  • build.substitutions.key
  • build.substitutions.value
  • build.tags

리소스: cloudbuild.googleapis.com/BuildTrigger

다음 표에는 ITAR의 데이터 경계에 따라 보호되는 데이터를 처리하도록 설계된 API 리소스와 필드가 명시되어 있습니다.

API 메서드 보호된 필드

서비스: cloudbuild.googleapis.com

REST API: PATCH /v1/projects/{project_id}/triggers/{trigger_id}

RPC 메서드:

  • google.devtools.cloudbuild.v1.CloudBuild.UpdateBuildTrigger
  • trigger.baseImage.imageName
  • trigger.bitbucketServerTriggerConfig.pullRequest.branch
  • trigger.bitbucketServerTriggerConfig.push.branch
  • trigger.bitbucketServerTriggerConfig.push.tag
  • trigger.build.artifacts.genericArtifacts.contentHandling
  • trigger.build.artifacts.genericArtifacts.folder
  • trigger.build.artifacts.genericArtifacts.registryPath
  • trigger.build.artifacts.goModules.modulePath
  • trigger.build.artifacts.goModules.moduleVersion
  • trigger.build.artifacts.goModules.sourcePath
  • trigger.build.artifacts.images
  • trigger.build.artifacts.mavenArtifacts.artifactId
  • trigger.build.artifacts.mavenArtifacts.deployFolder
  • trigger.build.artifacts.mavenArtifacts.groupId
  • trigger.build.artifacts.mavenArtifacts.path
  • trigger.build.artifacts.mavenArtifacts.pomPath
  • trigger.build.artifacts.mavenArtifacts.version
  • trigger.build.artifacts.npmPackages.archive
  • trigger.build.artifacts.npmPackages.packagePath
  • trigger.build.artifacts.npmPackages.repository
  • trigger.build.artifacts.objects.location
  • trigger.build.artifacts.objects.paths
  • trigger.build.artifacts.oci.file
  • trigger.build.artifacts.oci.registryPath
  • trigger.build.artifacts.oci.tags
  • trigger.build.artifacts.pythonPackages.paths
  • trigger.build.artifacts.testResults.bucketUri
  • trigger.build.artifacts.testResults.format
  • trigger.build.artifacts.testResults.paths
  • trigger.build.artifacts.volumes.name
  • trigger.build.artifacts.volumes.path
  • trigger.build.availableSecrets.inline.envMap.key
  • trigger.build.availableSecrets.inline.envMap.value
  • trigger.build.availableSecrets.inline.kmsKeyName
  • trigger.build.availableSecrets.secretManager.env
  • trigger.build.availableSecrets.secretManager.versionName
  • trigger.build.buildReceipt.workerDiagnostics.identityEndpointSuccesses
  • trigger.build.dependencies.empty
  • trigger.build.dependencies.genericArtifact.destPath
  • trigger.build.dependencies.genericArtifact.resource
  • trigger.build.dependencies.gitSource.depth
  • trigger.build.dependencies.gitSource.destPath
  • trigger.build.dependencies.gitSource.recurseSubmodules
  • trigger.build.dependencies.gitSource.repository.developerConnect
  • trigger.build.dependencies.gitSource.repository.proxyUrlEnabled
  • trigger.build.dependencies.gitSource.repository.url
  • trigger.build.dependencies.gitSource.revision
  • trigger.build.gitConfig.http.proxySecretVersionName
  • trigger.build.gitConfig.http.sslCaInfo
  • trigger.build.images
  • trigger.build.logsBucket
  • trigger.build.options.env
  • trigger.build.options.secretEnv
  • trigger.build.options.volumes.name
  • trigger.build.options.volumes.path
  • trigger.build.secrets.kmsKeyName
  • trigger.build.secrets.secretEnv.key
  • trigger.build.secrets.secretEnv.value
  • trigger.build.serviceAccount
  • trigger.build.source.buildConfigFileName
  • trigger.build.source.connectedRepository.dir
  • trigger.build.source.connectedRepository.repository
  • trigger.build.source.connectedRepository.revision
  • trigger.build.source.developerConnectConfig.dir
  • trigger.build.source.developerConnectConfig.gitRepositoryLink
  • trigger.build.source.developerConnectConfig.revision
  • trigger.build.source.gitSource.commitSha
  • trigger.build.source.gitSource.dir
  • trigger.build.source.gitSource.revision
  • trigger.build.source.gitSource.url
  • trigger.build.source.repoSource.branchName
  • trigger.build.source.repoSource.commitSha
  • trigger.build.source.repoSource.dir
  • trigger.build.source.repoSource.invertRegex
  • trigger.build.source.repoSource.projectId
  • trigger.build.source.repoSource.repoName
  • trigger.build.source.repoSource.substitutions.key
  • trigger.build.source.repoSource.substitutions.value
  • trigger.build.source.repoSource.tagName
  • trigger.build.source.storageSource.bucket
  • trigger.build.source.storageSource.generation
  • trigger.build.source.storageSource.object
  • trigger.build.source.storageSource.sourceFetcher
  • trigger.build.source.storageSource.stripComponents
  • trigger.build.source.storageSourceManifest.bucket
  • trigger.build.source.storageSourceManifest.generation
  • trigger.build.source.storageSourceManifest.object
  • trigger.build.steps.args
  • trigger.build.steps.dir
  • trigger.build.steps.entrypoint
  • trigger.build.steps.env
  • trigger.build.steps.id
  • trigger.build.steps.name
  • trigger.build.steps.remoteConfig
  • trigger.build.steps.results.attestationContent
  • trigger.build.steps.results.attestationType
  • trigger.build.steps.results.name
  • trigger.build.steps.script
  • trigger.build.steps.secretEnv
  • trigger.build.steps.volumes.name
  • trigger.build.steps.volumes.path
  • trigger.build.steps.waitFor
  • trigger.build.substitutions.key
  • trigger.build.substitutions.value
  • trigger.build.tags
  • trigger.cloudCode.codeReview.branch
  • trigger.cloudCode.project
  • trigger.cloudCode.repo
  • trigger.description
  • trigger.developerConnectEventConfig.gitRepositoryLink
  • trigger.developerConnectEventConfig.pullRequest.branch
  • trigger.developerConnectEventConfig.pullRequest.commentControl
  • trigger.developerConnectEventConfig.pullRequest.invertRegex
  • trigger.developerConnectEventConfig.push.branch
  • trigger.developerConnectEventConfig.push.invertRegex
  • trigger.developerConnectEventConfig.push.tag
  • trigger.dir
  • trigger.eventType
  • trigger.filename
  • trigger.gitFileSource.bitbucketServerConfig
  • trigger.gitFileSource.githubEnterpriseConfig
  • trigger.gitFileSource.path
  • trigger.gitFileSource.repoType
  • trigger.gitFileSource.repository
  • trigger.gitFileSource.revision
  • trigger.gitFileSource.uri
  • trigger.github.pullRequest.branch
  • trigger.github.push.branch
  • trigger.github.push.tag
  • trigger.gitlabEnterpriseEventsConfig.pullRequest.branch
  • trigger.gitlabEnterpriseEventsConfig.push.branch
  • trigger.gitlabEnterpriseEventsConfig.push.tag
  • trigger.gitlabEventsConfig.pullRequest.branch
  • trigger.gitlabEventsConfig.push.branch
  • trigger.gitlabEventsConfig.push.tag
  • trigger.ignoredFiles
  • trigger.includeBuildLogs
  • trigger.includedFiles
  • trigger.internalAnnotations.tags
  • trigger.name
  • trigger.repositoryEventConfig.pullRequest.branch
  • trigger.repositoryEventConfig.pullRequest.commentControl
  • trigger.repositoryEventConfig.pullRequest.invertRegex
  • trigger.repositoryEventConfig.push.branch
  • trigger.repositoryEventConfig.push.invertRegex
  • trigger.repositoryEventConfig.push.tag
  • trigger.repositoryEventConfig.repository
  • trigger.serviceAccount
  • trigger.sourceToBuild.bitbucketServerConfig
  • trigger.sourceToBuild.githubEnterpriseConfig
  • trigger.sourceToBuild.ref
  • trigger.sourceToBuild.repoType
  • trigger.sourceToBuild.repository
  • trigger.sourceToBuild.uri
  • trigger.substitutions.key
  • trigger.substitutions.value
  • trigger.tags
  • trigger.triggerTemplate.branchName
  • trigger.triggerTemplate.commitSha
  • trigger.triggerTemplate.dir
  • trigger.triggerTemplate.invertRegex
  • trigger.triggerTemplate.repoName
  • trigger.triggerTemplate.substitutions.key
  • trigger.triggerTemplate.substitutions.value
  • trigger.triggerTemplate.tagName
  • trigger.uri
  • trigger.webhookConfig.secret

서비스: cloudbuild.googleapis.com

REST API: PATCH /v1/{trigger.resource_name=projects/*/locations/*/triggers/*}

RPC 메서드:

  • google.devtools.cloudbuild.v1.CloudBuild.UpdateBuildTrigger
  • trigger.baseImage.imageName
  • trigger.bitbucketServerTriggerConfig.pullRequest.branch
  • trigger.bitbucketServerTriggerConfig.push.branch
  • trigger.bitbucketServerTriggerConfig.push.tag
  • trigger.build.artifacts.genericArtifacts.contentHandling
  • trigger.build.artifacts.genericArtifacts.folder
  • trigger.build.artifacts.genericArtifacts.registryPath
  • trigger.build.artifacts.goModules.modulePath
  • trigger.build.artifacts.goModules.moduleVersion
  • trigger.build.artifacts.goModules.sourcePath
  • trigger.build.artifacts.images
  • trigger.build.artifacts.mavenArtifacts.artifactId
  • trigger.build.artifacts.mavenArtifacts.deployFolder
  • trigger.build.artifacts.mavenArtifacts.groupId
  • trigger.build.artifacts.mavenArtifacts.path
  • trigger.build.artifacts.mavenArtifacts.pomPath
  • trigger.build.artifacts.mavenArtifacts.version
  • trigger.build.artifacts.npmPackages.archive
  • trigger.build.artifacts.npmPackages.packagePath
  • trigger.build.artifacts.npmPackages.repository
  • trigger.build.artifacts.objects.location
  • trigger.build.artifacts.objects.paths
  • trigger.build.artifacts.oci.file
  • trigger.build.artifacts.oci.registryPath
  • trigger.build.artifacts.oci.tags
  • trigger.build.artifacts.pythonPackages.paths
  • trigger.build.artifacts.testResults.bucketUri
  • trigger.build.artifacts.testResults.format
  • trigger.build.artifacts.testResults.paths
  • trigger.build.artifacts.volumes.name
  • trigger.build.artifacts.volumes.path
  • trigger.build.availableSecrets.inline.envMap.key
  • trigger.build.availableSecrets.inline.envMap.value
  • trigger.build.availableSecrets.inline.kmsKeyName
  • trigger.build.availableSecrets.secretManager.env
  • trigger.build.availableSecrets.secretManager.versionName
  • trigger.build.buildReceipt.workerDiagnostics.identityEndpointSuccesses
  • trigger.build.dependencies.empty
  • trigger.build.dependencies.genericArtifact.destPath
  • trigger.build.dependencies.genericArtifact.resource
  • trigger.build.dependencies.gitSource.depth
  • trigger.build.dependencies.gitSource.destPath
  • trigger.build.dependencies.gitSource.recurseSubmodules
  • trigger.build.dependencies.gitSource.repository.developerConnect
  • trigger.build.dependencies.gitSource.repository.proxyUrlEnabled
  • trigger.build.dependencies.gitSource.repository.url
  • trigger.build.dependencies.gitSource.revision
  • trigger.build.gitConfig.http.proxySecretVersionName
  • trigger.build.gitConfig.http.sslCaInfo
  • trigger.build.images
  • trigger.build.logsBucket
  • trigger.build.options.env
  • trigger.build.options.secretEnv
  • trigger.build.options.volumes.name
  • trigger.build.options.volumes.path
  • trigger.build.secrets.kmsKeyName
  • trigger.build.secrets.secretEnv.key
  • trigger.build.secrets.secretEnv.value
  • trigger.build.serviceAccount
  • trigger.build.source.buildConfigFileName
  • trigger.build.source.connectedRepository.dir
  • trigger.build.source.connectedRepository.repository
  • trigger.build.source.connectedRepository.revision
  • trigger.build.source.developerConnectConfig.dir
  • trigger.build.source.developerConnectConfig.gitRepositoryLink
  • trigger.build.source.developerConnectConfig.revision
  • trigger.build.source.gitSource.commitSha
  • trigger.build.source.gitSource.dir
  • trigger.build.source.gitSource.revision
  • trigger.build.source.gitSource.url
  • trigger.build.source.repoSource.branchName
  • trigger.build.source.repoSource.commitSha
  • trigger.build.source.repoSource.dir
  • trigger.build.source.repoSource.invertRegex
  • trigger.build.source.repoSource.projectId
  • trigger.build.source.repoSource.repoName
  • trigger.build.source.repoSource.substitutions.key
  • trigger.build.source.repoSource.substitutions.value
  • trigger.build.source.repoSource.tagName
  • trigger.build.source.storageSource.bucket
  • trigger.build.source.storageSource.generation
  • trigger.build.source.storageSource.object
  • trigger.build.source.storageSource.sourceFetcher
  • trigger.build.source.storageSource.stripComponents
  • trigger.build.source.storageSourceManifest.bucket
  • trigger.build.source.storageSourceManifest.generation
  • trigger.build.source.storageSourceManifest.object
  • trigger.build.steps.args
  • trigger.build.steps.dir
  • trigger.build.steps.entrypoint
  • trigger.build.steps.env
  • trigger.build.steps.id
  • trigger.build.steps.name
  • trigger.build.steps.remoteConfig
  • trigger.build.steps.results.attestationContent
  • trigger.build.steps.results.attestationType
  • trigger.build.steps.results.name
  • trigger.build.steps.script
  • trigger.build.steps.secretEnv
  • trigger.build.steps.volumes.name
  • trigger.build.steps.volumes.path
  • trigger.build.steps.waitFor
  • trigger.build.substitutions.key
  • trigger.build.substitutions.value
  • trigger.build.tags
  • trigger.cloudCode.codeReview.branch
  • trigger.cloudCode.project
  • trigger.cloudCode.repo
  • trigger.description
  • trigger.developerConnectEventConfig.gitRepositoryLink
  • trigger.developerConnectEventConfig.pullRequest.branch
  • trigger.developerConnectEventConfig.pullRequest.commentControl
  • trigger.developerConnectEventConfig.pullRequest.invertRegex
  • trigger.developerConnectEventConfig.push.branch
  • trigger.developerConnectEventConfig.push.invertRegex
  • trigger.developerConnectEventConfig.push.tag
  • trigger.dir
  • trigger.eventType
  • trigger.filename
  • trigger.gitFileSource.bitbucketServerConfig
  • trigger.gitFileSource.githubEnterpriseConfig
  • trigger.gitFileSource.path
  • trigger.gitFileSource.repoType
  • trigger.gitFileSource.repository
  • trigger.gitFileSource.revision
  • trigger.gitFileSource.uri
  • trigger.github.pullRequest.branch
  • trigger.github.push.branch
  • trigger.github.push.tag
  • trigger.gitlabEnterpriseEventsConfig.pullRequest.branch
  • trigger.gitlabEnterpriseEventsConfig.push.branch
  • trigger.gitlabEnterpriseEventsConfig.push.tag
  • trigger.gitlabEventsConfig.pullRequest.branch
  • trigger.gitlabEventsConfig.push.branch
  • trigger.gitlabEventsConfig.push.tag
  • trigger.ignoredFiles
  • trigger.includeBuildLogs
  • trigger.includedFiles
  • trigger.internalAnnotations.tags
  • trigger.name
  • trigger.repositoryEventConfig.pullRequest.branch
  • trigger.repositoryEventConfig.pullRequest.commentControl
  • trigger.repositoryEventConfig.pullRequest.invertRegex
  • trigger.repositoryEventConfig.push.branch
  • trigger.repositoryEventConfig.push.invertRegex
  • trigger.repositoryEventConfig.push.tag
  • trigger.repositoryEventConfig.repository
  • trigger.serviceAccount
  • trigger.sourceToBuild.bitbucketServerConfig
  • trigger.sourceToBuild.githubEnterpriseConfig
  • trigger.sourceToBuild.ref
  • trigger.sourceToBuild.repoType
  • trigger.sourceToBuild.repository
  • trigger.sourceToBuild.uri
  • trigger.substitutions.key
  • trigger.substitutions.value
  • trigger.tags
  • trigger.triggerTemplate.branchName
  • trigger.triggerTemplate.commitSha
  • trigger.triggerTemplate.dir
  • trigger.triggerTemplate.invertRegex
  • trigger.triggerTemplate.repoName
  • trigger.triggerTemplate.substitutions.key
  • trigger.triggerTemplate.substitutions.value
  • trigger.triggerTemplate.tagName
  • trigger.uri
  • trigger.webhookConfig.secret

서비스: cloudbuild.googleapis.com

REST API: POST /v1/projects/{project_id}/triggers

RPC 메서드:

  • google.devtools.cloudbuild.v1.CloudBuild.CreateBuildTrigger
  • trigger.baseImage.imageName
  • trigger.bitbucketServerTriggerConfig.pullRequest.branch
  • trigger.bitbucketServerTriggerConfig.push.branch
  • trigger.bitbucketServerTriggerConfig.push.tag
  • trigger.build.artifacts.genericArtifacts.contentHandling
  • trigger.build.artifacts.genericArtifacts.folder
  • trigger.build.artifacts.genericArtifacts.registryPath
  • trigger.build.artifacts.goModules.modulePath
  • trigger.build.artifacts.goModules.moduleVersion
  • trigger.build.artifacts.goModules.sourcePath
  • trigger.build.artifacts.images
  • trigger.build.artifacts.mavenArtifacts.artifactId
  • trigger.build.artifacts.mavenArtifacts.deployFolder
  • trigger.build.artifacts.mavenArtifacts.groupId
  • trigger.build.artifacts.mavenArtifacts.path
  • trigger.build.artifacts.mavenArtifacts.pomPath
  • trigger.build.artifacts.mavenArtifacts.version
  • trigger.build.artifacts.npmPackages.archive
  • trigger.build.artifacts.npmPackages.packagePath
  • trigger.build.artifacts.npmPackages.repository
  • trigger.build.artifacts.objects.location
  • trigger.build.artifacts.objects.paths
  • trigger.build.artifacts.oci.file
  • trigger.build.artifacts.oci.registryPath
  • trigger.build.artifacts.oci.tags
  • trigger.build.artifacts.pythonPackages.paths
  • trigger.build.artifacts.testResults.bucketUri
  • trigger.build.artifacts.testResults.format
  • trigger.build.artifacts.testResults.paths
  • trigger.build.artifacts.volumes.name
  • trigger.build.artifacts.volumes.path
  • trigger.build.availableSecrets.inline.envMap.key
  • trigger.build.availableSecrets.inline.envMap.value
  • trigger.build.availableSecrets.inline.kmsKeyName
  • trigger.build.availableSecrets.secretManager.env
  • trigger.build.availableSecrets.secretManager.versionName
  • trigger.build.buildReceipt.workerDiagnostics.identityEndpointSuccesses
  • trigger.build.dependencies.empty
  • trigger.build.dependencies.genericArtifact.destPath
  • trigger.build.dependencies.genericArtifact.resource
  • trigger.build.dependencies.gitSource.depth
  • trigger.build.dependencies.gitSource.destPath
  • trigger.build.dependencies.gitSource.recurseSubmodules
  • trigger.build.dependencies.gitSource.repository.developerConnect
  • trigger.build.dependencies.gitSource.repository.proxyUrlEnabled
  • trigger.build.dependencies.gitSource.repository.url
  • trigger.build.dependencies.gitSource.revision
  • trigger.build.gitConfig.http.proxySecretVersionName
  • trigger.build.gitConfig.http.sslCaInfo
  • trigger.build.images
  • trigger.build.logsBucket
  • trigger.build.options.env
  • trigger.build.options.secretEnv
  • trigger.build.options.volumes.name
  • trigger.build.options.volumes.path
  • trigger.build.secrets.kmsKeyName
  • trigger.build.secrets.secretEnv.key
  • trigger.build.secrets.secretEnv.value
  • trigger.build.serviceAccount
  • trigger.build.source.buildConfigFileName
  • trigger.build.source.connectedRepository.dir
  • trigger.build.source.connectedRepository.repository
  • trigger.build.source.connectedRepository.revision
  • trigger.build.source.developerConnectConfig.dir
  • trigger.build.source.developerConnectConfig.gitRepositoryLink
  • trigger.build.source.developerConnectConfig.revision
  • trigger.build.source.gitSource.commitSha
  • trigger.build.source.gitSource.dir
  • trigger.build.source.gitSource.revision
  • trigger.build.source.gitSource.url
  • trigger.build.source.repoSource.branchName
  • trigger.build.source.repoSource.commitSha
  • trigger.build.source.repoSource.dir
  • trigger.build.source.repoSource.invertRegex
  • trigger.build.source.repoSource.projectId
  • trigger.build.source.repoSource.repoName
  • trigger.build.source.repoSource.substitutions.key
  • trigger.build.source.repoSource.substitutions.value
  • trigger.build.source.repoSource.tagName
  • trigger.build.source.storageSource.bucket
  • trigger.build.source.storageSource.generation
  • trigger.build.source.storageSource.object
  • trigger.build.source.storageSource.sourceFetcher
  • trigger.build.source.storageSource.stripComponents
  • trigger.build.source.storageSourceManifest.bucket
  • trigger.build.source.storageSourceManifest.generation
  • trigger.build.source.storageSourceManifest.object
  • trigger.build.steps.args
  • trigger.build.steps.dir
  • trigger.build.steps.entrypoint
  • trigger.build.steps.env
  • trigger.build.steps.id
  • trigger.build.steps.name
  • trigger.build.steps.remoteConfig
  • trigger.build.steps.results.attestationContent
  • trigger.build.steps.results.attestationType
  • trigger.build.steps.results.name
  • trigger.build.steps.script
  • trigger.build.steps.secretEnv
  • trigger.build.steps.volumes.name
  • trigger.build.steps.volumes.path
  • trigger.build.steps.waitFor
  • trigger.build.substitutions.key
  • trigger.build.substitutions.value
  • trigger.build.tags
  • trigger.cloudCode.codeReview.branch
  • trigger.cloudCode.project
  • trigger.cloudCode.repo
  • trigger.description
  • trigger.developerConnectEventConfig.gitRepositoryLink
  • trigger.developerConnectEventConfig.pullRequest.branch
  • trigger.developerConnectEventConfig.pullRequest.commentControl
  • trigger.developerConnectEventConfig.pullRequest.invertRegex
  • trigger.developerConnectEventConfig.push.branch
  • trigger.developerConnectEventConfig.push.invertRegex
  • trigger.developerConnectEventConfig.push.tag
  • trigger.dir
  • trigger.eventType
  • trigger.filename
  • trigger.gitFileSource.bitbucketServerConfig
  • trigger.gitFileSource.githubEnterpriseConfig
  • trigger.gitFileSource.path
  • trigger.gitFileSource.repoType
  • trigger.gitFileSource.repository
  • trigger.gitFileSource.revision
  • trigger.gitFileSource.uri
  • trigger.github.pullRequest.branch
  • trigger.github.push.branch
  • trigger.github.push.tag
  • trigger.gitlabEnterpriseEventsConfig.pullRequest.branch
  • trigger.gitlabEnterpriseEventsConfig.push.branch
  • trigger.gitlabEnterpriseEventsConfig.push.tag
  • trigger.gitlabEventsConfig.pullRequest.branch
  • trigger.gitlabEventsConfig.push.branch
  • trigger.gitlabEventsConfig.push.tag
  • trigger.ignoredFiles
  • trigger.includeBuildLogs
  • trigger.includedFiles
  • trigger.internalAnnotations.tags
  • trigger.name
  • trigger.repositoryEventConfig.pullRequest.branch
  • trigger.repositoryEventConfig.pullRequest.commentControl
  • trigger.repositoryEventConfig.pullRequest.invertRegex
  • trigger.repositoryEventConfig.push.branch
  • trigger.repositoryEventConfig.push.invertRegex
  • trigger.repositoryEventConfig.push.tag
  • trigger.repositoryEventConfig.repository
  • trigger.serviceAccount
  • trigger.sourceToBuild.bitbucketServerConfig
  • trigger.sourceToBuild.githubEnterpriseConfig
  • trigger.sourceToBuild.ref
  • trigger.sourceToBuild.repoType
  • trigger.sourceToBuild.repository
  • trigger.sourceToBuild.uri
  • trigger.substitutions.key
  • trigger.substitutions.value
  • trigger.tags
  • trigger.triggerTemplate.branchName
  • trigger.triggerTemplate.commitSha
  • trigger.triggerTemplate.dir
  • trigger.triggerTemplate.invertRegex
  • trigger.triggerTemplate.repoName
  • trigger.triggerTemplate.substitutions.key
  • trigger.triggerTemplate.substitutions.value
  • trigger.triggerTemplate.tagName
  • trigger.uri
  • trigger.webhookConfig.secret

서비스: cloudbuild.googleapis.com

REST API: POST /v1/projects/{project_id}/triggers/{trigger_id}:run

RPC 메서드:

  • google.devtools.cloudbuild.v1.CloudBuild.RunBuildTrigger
  • source.branchName
  • source.commitSha
  • source.dir
  • source.invertRegex
  • source.projectId
  • source.repoName
  • source.substitutions.key
  • source.substitutions.value
  • source.tagName

서비스: cloudbuild.googleapis.com

REST API: POST /v1/{name=projects/*/locations/*/triggers/*}:run

RPC 메서드:

  • google.devtools.cloudbuild.v1.CloudBuild.RunBuildTrigger
  • source.branchName
  • source.commitSha
  • source.dir
  • source.invertRegex
  • source.projectId
  • source.repoName
  • source.substitutions.key
  • source.substitutions.value
  • source.tagName

서비스: cloudbuild.googleapis.com

REST API: POST /v1/{parent=projects/*/locations/*}/triggers

RPC 메서드:

  • google.devtools.cloudbuild.v1.CloudBuild.CreateBuildTrigger
  • trigger.baseImage.imageName
  • trigger.bitbucketServerTriggerConfig.pullRequest.branch
  • trigger.bitbucketServerTriggerConfig.push.branch
  • trigger.bitbucketServerTriggerConfig.push.tag
  • trigger.build.artifacts.genericArtifacts.contentHandling
  • trigger.build.artifacts.genericArtifacts.folder
  • trigger.build.artifacts.genericArtifacts.registryPath
  • trigger.build.artifacts.goModules.modulePath
  • trigger.build.artifacts.goModules.moduleVersion
  • trigger.build.artifacts.goModules.sourcePath
  • trigger.build.artifacts.images
  • trigger.build.artifacts.mavenArtifacts.artifactId
  • trigger.build.artifacts.mavenArtifacts.deployFolder
  • trigger.build.artifacts.mavenArtifacts.groupId
  • trigger.build.artifacts.mavenArtifacts.path
  • trigger.build.artifacts.mavenArtifacts.pomPath
  • trigger.build.artifacts.mavenArtifacts.version
  • trigger.build.artifacts.npmPackages.archive
  • trigger.build.artifacts.npmPackages.packagePath
  • trigger.build.artifacts.npmPackages.repository
  • trigger.build.artifacts.objects.location
  • trigger.build.artifacts.objects.paths
  • trigger.build.artifacts.oci.file
  • trigger.build.artifacts.oci.registryPath
  • trigger.build.artifacts.oci.tags
  • trigger.build.artifacts.pythonPackages.paths
  • trigger.build.artifacts.testResults.bucketUri
  • trigger.build.artifacts.testResults.format
  • trigger.build.artifacts.testResults.paths
  • trigger.build.artifacts.volumes.name
  • trigger.build.artifacts.volumes.path
  • trigger.build.availableSecrets.inline.envMap.key
  • trigger.build.availableSecrets.inline.envMap.value
  • trigger.build.availableSecrets.inline.kmsKeyName
  • trigger.build.availableSecrets.secretManager.env
  • trigger.build.availableSecrets.secretManager.versionName
  • trigger.build.buildReceipt.workerDiagnostics.identityEndpointSuccesses
  • trigger.build.dependencies.empty
  • trigger.build.dependencies.genericArtifact.destPath
  • trigger.build.dependencies.genericArtifact.resource
  • trigger.build.dependencies.gitSource.depth
  • trigger.build.dependencies.gitSource.destPath
  • trigger.build.dependencies.gitSource.recurseSubmodules
  • trigger.build.dependencies.gitSource.repository.developerConnect
  • trigger.build.dependencies.gitSource.repository.proxyUrlEnabled
  • trigger.build.dependencies.gitSource.repository.url
  • trigger.build.dependencies.gitSource.revision
  • trigger.build.gitConfig.http.proxySecretVersionName
  • trigger.build.gitConfig.http.sslCaInfo
  • trigger.build.images
  • trigger.build.logsBucket
  • trigger.build.options.env
  • trigger.build.options.secretEnv
  • trigger.build.options.volumes.name
  • trigger.build.options.volumes.path
  • trigger.build.secrets.kmsKeyName
  • trigger.build.secrets.secretEnv.key
  • trigger.build.secrets.secretEnv.value
  • trigger.build.serviceAccount
  • trigger.build.source.buildConfigFileName
  • trigger.build.source.connectedRepository.dir
  • trigger.build.source.connectedRepository.repository
  • trigger.build.source.connectedRepository.revision
  • trigger.build.source.developerConnectConfig.dir
  • trigger.build.source.developerConnectConfig.gitRepositoryLink
  • trigger.build.source.developerConnectConfig.revision
  • trigger.build.source.gitSource.commitSha
  • trigger.build.source.gitSource.dir
  • trigger.build.source.gitSource.revision
  • trigger.build.source.gitSource.url
  • trigger.build.source.repoSource.branchName
  • trigger.build.source.repoSource.commitSha
  • trigger.build.source.repoSource.dir
  • trigger.build.source.repoSource.invertRegex
  • trigger.build.source.repoSource.projectId
  • trigger.build.source.repoSource.repoName
  • trigger.build.source.repoSource.substitutions.key
  • trigger.build.source.repoSource.substitutions.value
  • trigger.build.source.repoSource.tagName
  • trigger.build.source.storageSource.bucket
  • trigger.build.source.storageSource.generation
  • trigger.build.source.storageSource.object
  • trigger.build.source.storageSource.sourceFetcher
  • trigger.build.source.storageSource.stripComponents
  • trigger.build.source.storageSourceManifest.bucket
  • trigger.build.source.storageSourceManifest.generation
  • trigger.build.source.storageSourceManifest.object
  • trigger.build.steps.args
  • trigger.build.steps.dir
  • trigger.build.steps.entrypoint
  • trigger.build.steps.env
  • trigger.build.steps.id
  • trigger.build.steps.name
  • trigger.build.steps.remoteConfig
  • trigger.build.steps.results.attestationContent
  • trigger.build.steps.results.attestationType
  • trigger.build.steps.results.name
  • trigger.build.steps.script
  • trigger.build.steps.secretEnv
  • trigger.build.steps.volumes.name
  • trigger.build.steps.volumes.path
  • trigger.build.steps.waitFor
  • trigger.build.substitutions.key
  • trigger.build.substitutions.value
  • trigger.build.tags
  • trigger.cloudCode.codeReview.branch
  • trigger.cloudCode.project
  • trigger.cloudCode.repo
  • trigger.description
  • trigger.developerConnectEventConfig.gitRepositoryLink
  • trigger.developerConnectEventConfig.pullRequest.branch
  • trigger.developerConnectEventConfig.pullRequest.commentControl
  • trigger.developerConnectEventConfig.pullRequest.invertRegex
  • trigger.developerConnectEventConfig.push.branch
  • trigger.developerConnectEventConfig.push.invertRegex
  • trigger.developerConnectEventConfig.push.tag
  • trigger.dir
  • trigger.eventType
  • trigger.filename
  • trigger.gitFileSource.bitbucketServerConfig
  • trigger.gitFileSource.githubEnterpriseConfig
  • trigger.gitFileSource.path
  • trigger.gitFileSource.repoType
  • trigger.gitFileSource.repository
  • trigger.gitFileSource.revision
  • trigger.gitFileSource.uri
  • trigger.github.pullRequest.branch
  • trigger.github.push.branch
  • trigger.github.push.tag
  • trigger.gitlabEnterpriseEventsConfig.pullRequest.branch
  • trigger.gitlabEnterpriseEventsConfig.push.branch
  • trigger.gitlabEnterpriseEventsConfig.push.tag
  • trigger.gitlabEventsConfig.pullRequest.branch
  • trigger.gitlabEventsConfig.push.branch
  • trigger.gitlabEventsConfig.push.tag
  • trigger.ignoredFiles
  • trigger.includeBuildLogs
  • trigger.includedFiles
  • trigger.internalAnnotations.tags
  • trigger.name
  • trigger.repositoryEventConfig.pullRequest.branch
  • trigger.repositoryEventConfig.pullRequest.commentControl
  • trigger.repositoryEventConfig.pullRequest.invertRegex
  • trigger.repositoryEventConfig.push.branch
  • trigger.repositoryEventConfig.push.invertRegex
  • trigger.repositoryEventConfig.push.tag
  • trigger.repositoryEventConfig.repository
  • trigger.serviceAccount
  • trigger.sourceToBuild.bitbucketServerConfig
  • trigger.sourceToBuild.githubEnterpriseConfig
  • trigger.sourceToBuild.ref
  • trigger.sourceToBuild.repoType
  • trigger.sourceToBuild.repository
  • trigger.sourceToBuild.uri
  • trigger.substitutions.key
  • trigger.substitutions.value
  • trigger.tags
  • trigger.triggerTemplate.branchName
  • trigger.triggerTemplate.commitSha
  • trigger.triggerTemplate.dir
  • trigger.triggerTemplate.invertRegex
  • trigger.triggerTemplate.repoName
  • trigger.triggerTemplate.substitutions.key
  • trigger.triggerTemplate.substitutions.value
  • trigger.triggerTemplate.tagName
  • trigger.uri
  • trigger.webhookConfig.secret

민감한 정보에 적합하지 않은 필드

다음 표에는 민감한 정보에 적합하지 않은 필드 카테고리와 구체적인 필드의 예시 목록이 나와 있습니다. 규정을 준수하려면 보호된 데이터를 이러한 필드에 배치하지 마세요. 전체 목록은 Google Cloud 담당자에게 문의하세요.

카테고리 필드
인증
  • authUser
  • userOauthCode
빌드/트리거 관련 세부정보
  • build.buildReceipt.buildConfigSubstitutions.value
  • build.buildReceipt.queue
  • build.options.pool.name
  • build.source.gitSource.gitCredential.password
  • build.source.gitSource.gitCredential.username
  • triggerId
구성
  • appConfigJson.bucket
  • appConfigJson.object
  • code
  • eventSource
  • hostUrl
  • peeredNetwork
연결 세부정보
  • connection.bitbucketCloudConfig.authorizerCredential.userTokenSecretVersion
  • connection.bitbucketCloudConfig.readAuthorizerCredential.userTokenSecretVersion
  • connection.bitbucketCloudConfig.webhookSecretSecretVersion
  • connection.githubEnterpriseConfig.oauthClientIdSecretVersion
  • connection.githubEnterpriseConfig.oauthSecretSecretVersion
  • connection.gitlabConfig.readAuthorizerCredential.userTokenSecretVersion
네트워크 구성 해당 사항 없음
저장소/프로젝트 세부정보
  • installation.repositorySettingList.repositorySettings.name
  • installation.repositorySettingList.repositorySettings.owner
  • owner
리소스 식별
  • enterpriseConfigResourceName
  • id
  • name
  • parent
  • projectId
  • repo
보안 비밀 관리
  • sslCa
  • webhookKey
서비스/API 액세스
  • connection.githubEnterpriseConfig.serviceDirectoryConfig.service
  • connection.gitlabConfig.serviceDirectoryConfig.service
  • gitlabConfig.secrets.apiAccessTokenVersion
  • gitlabConfig.secrets.apiKeyVersion
상태 관리
  • etag
  • pageToken
  • state
  • updateMask.paths

다음 단계