篩選憑證

import com.google.cloud.security.privateca.v1.CaPoolName;
import com.google.cloud.security.privateca.v1.Certificate;
import com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient;
import com.google.cloud.security.privateca.v1.ListCertificatesRequest;
import java.io.IOException;

public class FilterCertificates {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    // location: For a list of locations, see:
    // https://cloud.google.com/certificate-authority-service/docs/locations
    // poolId: Id of the CA pool which contains the certificates to be listed.
    String project = "your-project-id";
    String location = "ca-location";
    String poolId = "ca-pool-id";

    filterCertificates(project, location, poolId);
  }

  // Filter certificates based on a condition and list them.
  public static void filterCertificates(String project, String location, String poolId)
      throws IOException {
    // Initialize client that will be used to send requests. This client only needs to be created
    // once, and can be reused for multiple requests. After completing all of your requests, call
    // the `certificateAuthorityServiceClient.close()` method on the client to safely
    // clean up any remaining background resources.
    try (CertificateAuthorityServiceClient certificateAuthorityServiceClient =
        CertificateAuthorityServiceClient.create()) {

      CaPoolName caPool =
          CaPoolName.newBuilder()
              .setProject(project)
              .setLocation(location)
              .setCaPool(poolId)
              .build();

      // Create the certificate request and set the filter condition.
      ListCertificatesRequest listCertificatesRequest =
          ListCertificatesRequest.newBuilder()
              .setParent(caPool.toString())
              /* Filter certificates based on the given condition.
              For more info on conditions supported,
              see:
              https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#filtering_support
              Few examples for constructing conditions:
              certificate_description.subject_description.not_after_time=
                  timestamp(com.google.protobuf)
              certificate_description.subject_description.subject_alt_name.dns_names:my-dns
              Here, we are filtering certificates which has organization name = csr-org-name */
              .setFilter(
                  "certificate_description.subject_description.subject.organization=csr-org-name")
              .build();

      // Retrieve and print the certificate names.
      System.out.println("Available certificates: ");
      for (Certificate certificate :
          certificateAuthorityServiceClient
              .listCertificates(listCertificatesRequest)
              .iterateAll()) {
        System.out.println(certificate.getName());
      }
    }
  }
}

import google.cloud.security.privateca_v1 as privateca_v1


def filter_certificates(
    project_id: str, location: str, ca_pool_name: str, filter_condition: str
) -> None:
    """
    Filter certificates based on a condition and list them.

    Args:
        project_id: project ID or project number of the Cloud project you want to use.
        location: location you want to use. For a list of locations, see: https://cloud.google.com/certificate-authority-service/docs/locations.
        ca_pool_name: name of the CA pool which contains the certificates to be listed.
    """

    caServiceClient = privateca_v1.CertificateAuthorityServiceClient()

    ca_pool_path = caServiceClient.ca_pool_path(project_id, location, ca_pool_name)

    # Create the certificate request and set the filter condition.
    request = privateca_v1.ListCertificatesRequest(
        parent=ca_pool_path,
        filter=filter_condition,
    )

    # Retrieve and print the certificate names.
    print("Available certificates: ")
    for cert in caServiceClient.list_certificates(request=request):
        print(f"- {cert.name}")