Describes the way in which a [Certificate][google.cloud.security.privateca.v1.Certificate]'s [Subject][google.cloud.security.privateca.v1.Subject] and/or
[SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] will be resolved.
The default mode used in most cases. Indicates that the certificate's
[Subject][google.cloud.security.privateca.v1.Subject] and/or [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] are specified in the certificate
request. This mode requires the caller to have the
privateca.certificates.create permission.
ReflectedSpiffe
A mode reserved for special cases. Indicates that the certificate should
have one or more SPIFFE [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] set by the service based
on the caller's identity. This mode will ignore any explicitly specified
[Subject][google.cloud.security.privateca.v1.Subject] and/or [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] in the certificate request.
This mode requires the caller to have the
privateca.certificates.createForSelf permission.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-21 UTC."],[[["The content provides a comprehensive list of versions for the `SubjectRequestMode` within the `Google.Cloud.Security.PrivateCA.V1` namespace, ranging from version 1.0.0 to the latest version 3.9.0."],["`SubjectRequestMode` is an enum that determines how a Certificate's Subject and/or SubjectAltNames are resolved."],["There are three defined fields within the `SubjectRequestMode` enum, which are `Default`, `ReflectedSpiffe`, and `Unspecified`, each serving different purposes for handling certificate subject information."],["The `Default` mode requires the `privateca.certificates.create` permission and uses the Subject and SubjectAltNames from the certificate request, while the `ReflectedSpiffe` mode requires the `privateca.certificates.createForSelf` permission and sets SPIFFE SubjectAltNames based on the caller's identity, ignoring any explicitly specified Subject or SubjectAltNames in the certificate request."]]],[]]