Index
FeatureSpec(message)FeatureSpec.GoogleCAProvisioning(enum)MembershipSpec(message)MembershipSpec.CertificateManagement(enum)
FeatureSpec
Workload Certificate: The Hub-wide input for the WorkloadCertificate feature.
| Fields | |
|---|---|
provision_google_ca |
Immutable. Specifies CA configuration. |
default_config |
Specifies default membership spec. Users can override the default in the member_configs for each member. |
GoogleCAProvisioning
Specifies if a default Google managed CA should be provisioned. If UNSPECIFIED, Google managed CA feature is disabled. If set to UNSPECIFIED/DISABLED, the "certificate_authority_config" field in WorkloadCertificateConfig must specify a CA endpoint.
| Enums | |
|---|---|
GOOGLE_CA_PROVISIONING_UNSPECIFIED |
Disable default Google managed CA. |
DISABLED |
Disable default Google managed CA. |
ENABLED |
Use default Google managed CA. |
ENABLED_WITH_MANAGED_CA |
Workload certificate feature is enabled, and the entire certificate provisioning process is managed by Google with managed CAS which is more secure than the default CA. |
ENABLED_WITH_DEFAULT_CA |
Workload certificate feature is enabled, and the entire certificate provisioning process is using the default CA which is free. |
MembershipSpec
Workload Certificate: The membership-specific input for WorkloadCertificate feature.
| Fields | |
|---|---|
certificate_management |
Specifies workload certificate management. |
CertificateManagement
Specifies whether or not the feature is enabled on the member cluster.
| Enums | |
|---|---|
CERTIFICATE_MANAGEMENT_UNSPECIFIED |
Disable workload certificate feature. |
DISABLED |
Disable workload certificate feature. |
ENABLED |
Enable workload certificate feature. |