Package cloud.google.com/go/security/privateca/apiv1/privatecapb (v1.13.0)

var (
	RevocationReason_name = map[int32]string{
		0: "REVOCATION_REASON_UNSPECIFIED",
		1: "KEY_COMPROMISE",
		2: "CERTIFICATE_AUTHORITY_COMPROMISE",
		3: "AFFILIATION_CHANGED",
		4: "SUPERSEDED",
		5: "CESSATION_OF_OPERATION",
		6: "CERTIFICATE_HOLD",
		7: "PRIVILEGE_WITHDRAWN",
		8: "ATTRIBUTE_AUTHORITY_COMPROMISE",
	}
	RevocationReason_value = map[string]int32{
		"REVOCATION_REASON_UNSPECIFIED":    0,
		"KEY_COMPROMISE":                   1,
		"CERTIFICATE_AUTHORITY_COMPROMISE": 2,
		"AFFILIATION_CHANGED":              3,
		"SUPERSEDED":                       4,
		"CESSATION_OF_OPERATION":           5,
		"CERTIFICATE_HOLD":                 6,
		"PRIVILEGE_WITHDRAWN":              7,
		"ATTRIBUTE_AUTHORITY_COMPROMISE":   8,
	}
)

var (
	SubjectRequestMode_name = map[int32]string{
		0: "SUBJECT_REQUEST_MODE_UNSPECIFIED",
		1: "DEFAULT",
		2: "REFLECTED_SPIFFE",
	}
	SubjectRequestMode_value = map[string]int32{
		"SUBJECT_REQUEST_MODE_UNSPECIFIED": 0,
		"DEFAULT":                          1,
		"REFLECTED_SPIFFE":                 2,
	}
)

var (
	CertificateAuthority_Type_name = map[int32]string{
		0: "TYPE_UNSPECIFIED",
		1: "SELF_SIGNED",
		2: "SUBORDINATE",
	}
	CertificateAuthority_Type_value = map[string]int32{
		"TYPE_UNSPECIFIED": 0,
		"SELF_SIGNED":      1,
		"SUBORDINATE":      2,
	}
)

var (
	CertificateAuthority_State_name = map[int32]string{
		0: "STATE_UNSPECIFIED",
		1: "ENABLED",
		2: "DISABLED",
		3: "STAGED",
		4: "AWAITING_USER_ACTIVATION",
		5: "DELETED",
	}
	CertificateAuthority_State_value = map[string]int32{
		"STATE_UNSPECIFIED":        0,
		"ENABLED":                  1,
		"DISABLED":                 2,
		"STAGED":                   3,
		"AWAITING_USER_ACTIVATION": 4,
		"DELETED":                  5,
	}
)

var (
	CertificateAuthority_SignHashAlgorithm_name = map[int32]string{
		0: "SIGN_HASH_ALGORITHM_UNSPECIFIED",
		1: "RSA_PSS_2048_SHA256",
		2: "RSA_PSS_3072_SHA256",
		3: "RSA_PSS_4096_SHA256",
		6: "RSA_PKCS1_2048_SHA256",
		7: "RSA_PKCS1_3072_SHA256",
		8: "RSA_PKCS1_4096_SHA256",
		4: "EC_P256_SHA256",
		5: "EC_P384_SHA384",
	}
	CertificateAuthority_SignHashAlgorithm_value = map[string]int32{
		"SIGN_HASH_ALGORITHM_UNSPECIFIED": 0,
		"RSA_PSS_2048_SHA256":             1,
		"RSA_PSS_3072_SHA256":             2,
		"RSA_PSS_4096_SHA256":             3,
		"RSA_PKCS1_2048_SHA256":           6,
		"RSA_PKCS1_3072_SHA256":           7,
		"RSA_PKCS1_4096_SHA256":           8,
		"EC_P256_SHA256":                  4,
		"EC_P384_SHA384":                  5,
	}
)

var (
	CaPool_Tier_name = map[int32]string{
		0: "TIER_UNSPECIFIED",
		1: "ENTERPRISE",
		2: "DEVOPS",
	}
	CaPool_Tier_value = map[string]int32{
		"TIER_UNSPECIFIED": 0,
		"ENTERPRISE":       1,
		"DEVOPS":           2,
	}
)

var (
	CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm_name = map[int32]string{
		0: "EC_SIGNATURE_ALGORITHM_UNSPECIFIED",
		1: "ECDSA_P256",
		2: "ECDSA_P384",
		3: "EDDSA_25519",
	}
	CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm_value = map[string]int32{
		"EC_SIGNATURE_ALGORITHM_UNSPECIFIED": 0,
		"ECDSA_P256":                         1,
		"ECDSA_P384":                         2,
		"EDDSA_25519":                        3,
	}
)

var (
	CertificateRevocationList_State_name = map[int32]string{
		0: "STATE_UNSPECIFIED",
		1: "ACTIVE",
		2: "SUPERSEDED",
	}
	CertificateRevocationList_State_value = map[string]int32{
		"STATE_UNSPECIFIED": 0,
		"ACTIVE":            1,
		"SUPERSEDED":        2,
	}
)

var (
	PublicKey_KeyFormat_name = map[int32]string{
		0: "KEY_FORMAT_UNSPECIFIED",
		1: "PEM",
	}
	PublicKey_KeyFormat_value = map[string]int32{
		"KEY_FORMAT_UNSPECIFIED": 0,
		"PEM":                    1,
	}
)

var (
	CertificateExtensionConstraints_KnownCertificateExtension_name = map[int32]string{
		0: "KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED",
		1: "BASE_KEY_USAGE",
		2: "EXTENDED_KEY_USAGE",
		3: "CA_OPTIONS",
		4: "POLICY_IDS",
		5: "AIA_OCSP_SERVERS",
		6: "NAME_CONSTRAINTS",
	}
	CertificateExtensionConstraints_KnownCertificateExtension_value = map[string]int32{
		"KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED": 0,
		"BASE_KEY_USAGE":     1,
		"EXTENDED_KEY_USAGE": 2,
		"CA_OPTIONS":         3,
		"POLICY_IDS":         4,
		"AIA_OCSP_SERVERS":   5,
		"NAME_CONSTRAINTS":   6,
	}
)

var File_google_cloud_security_privateca_v1_resources_proto protoreflect.FileDescriptor

var File_google_cloud_security_privateca_v1_service_proto protoreflect.FileDescriptor

func RegisterCertificateAuthorityServiceServer(s *grpc.Server, srv CertificateAuthorityServiceServer)

type ActivateCertificateAuthorityRequest struct {

	// Required. The resource name for this
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Required. The signed CA certificate issued from
	// [FetchCertificateAuthorityCsrResponse.pem_csr][google.cloud.security.privateca.v1.FetchCertificateAuthorityCsrResponse.pem_csr].
	PemCaCertificate string `protobuf:"bytes,2,opt,name=pem_ca_certificate,json=pemCaCertificate,proto3" json:"pem_ca_certificate,omitempty"`
	// Required. Must include information about the issuer of
	// 'pem_ca_certificate', and any further issuers until the self-signed CA.
	SubordinateConfig *SubordinateConfig `protobuf:"bytes,3,opt,name=subordinate_config,json=subordinateConfig,proto3" json:"subordinate_config,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that
	// if you must retry your request, the server will know to ignore the request
	// if it has already been completed. The server will guarantee that for at
	// least 60 minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and
	// the request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*ActivateCertificateAuthorityRequest) Descriptor() ([]byte, []int)

func (x *ActivateCertificateAuthorityRequest) GetName() string

func (x *ActivateCertificateAuthorityRequest) GetPemCaCertificate() string

func (x *ActivateCertificateAuthorityRequest) GetRequestId() string

func (x *ActivateCertificateAuthorityRequest) GetSubordinateConfig() *SubordinateConfig

func (*ActivateCertificateAuthorityRequest) ProtoMessage()

func (x *ActivateCertificateAuthorityRequest) ProtoReflect() protoreflect.Message

func (x *ActivateCertificateAuthorityRequest) Reset()

func (x *ActivateCertificateAuthorityRequest) String() string

type CaPool struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	Tier CaPool_Tier `protobuf:"varint,2,opt,name=tier,proto3,enum=google.cloud.security.privateca.v1.CaPool_Tier" json:"tier,omitempty"`

	IssuancePolicy *CaPool_IssuancePolicy `protobuf:"bytes,3,opt,name=issuance_policy,json=issuancePolicy,proto3" json:"issuance_policy,omitempty"`

	PublishingOptions *CaPool_PublishingOptions `protobuf:"bytes,4,opt,name=publishing_options,json=publishingOptions,proto3" json:"publishing_options,omitempty"`

	Labels map[string]string "" /* 153 byte string literal not displayed */

}

func (*CaPool) Descriptor() ([]byte, []int)

func (x *CaPool) GetIssuancePolicy() *CaPool_IssuancePolicy

func (x *CaPool) GetLabels() map[string]string

func (x *CaPool) GetName() string

func (x *CaPool) GetPublishingOptions() *CaPool_PublishingOptions

func (x *CaPool) GetTier() CaPool_Tier

func (*CaPool) ProtoMessage()

func (x *CaPool) ProtoReflect() protoreflect.Message

func (x *CaPool) Reset()

func (x *CaPool) String() string

type CaPool_IssuancePolicy struct {

	// Optional. If any
	// [AllowedKeyType][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType]
	// is specified, then the certificate request's public key must match one of
	// the key types listed here. Otherwise, any key may be used.
	AllowedKeyTypes []*CaPool_IssuancePolicy_AllowedKeyType `protobuf:"bytes,1,rep,name=allowed_key_types,json=allowedKeyTypes,proto3" json:"allowed_key_types,omitempty"`
	// Optional. The maximum lifetime allowed for issued
	// [Certificates][google.cloud.security.privateca.v1.Certificate]. Note that
	// if the issuing
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// expires before a
	// [Certificate][google.cloud.security.privateca.v1.Certificate]'s requested
	// maximum_lifetime, the effective lifetime will be explicitly truncated to
	// match it.
	MaximumLifetime *durationpb.Duration `protobuf:"bytes,2,opt,name=maximum_lifetime,json=maximumLifetime,proto3" json:"maximum_lifetime,omitempty"`
	// Optional. If specified, then only methods allowed in the
	// [IssuanceModes][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes]
	// may be used to issue
	// [Certificates][google.cloud.security.privateca.v1.Certificate].
	AllowedIssuanceModes *CaPool_IssuancePolicy_IssuanceModes `protobuf:"bytes,3,opt,name=allowed_issuance_modes,json=allowedIssuanceModes,proto3" json:"allowed_issuance_modes,omitempty"`
	// Optional. A set of X.509 values that will be applied to all certificates
	// issued through this [CaPool][google.cloud.security.privateca.v1.CaPool].
	// If a certificate request includes conflicting values for the same
	// properties, they will be overwritten by the values defined here. If a
	// certificate request uses a
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
	// that defines conflicting
	// [predefined_values][google.cloud.security.privateca.v1.CertificateTemplate.predefined_values]
	// for the same properties, the certificate issuance request will fail.
	BaselineValues *X509Parameters `protobuf:"bytes,4,opt,name=baseline_values,json=baselineValues,proto3" json:"baseline_values,omitempty"`
	// Optional. Describes constraints on identities that may appear in
	// [Certificates][google.cloud.security.privateca.v1.Certificate] issued
	// through this [CaPool][google.cloud.security.privateca.v1.CaPool]. If this
	// is omitted, then this [CaPool][google.cloud.security.privateca.v1.CaPool]
	// will not add restrictions on a certificate's identity.
	IdentityConstraints *CertificateIdentityConstraints `protobuf:"bytes,5,opt,name=identity_constraints,json=identityConstraints,proto3" json:"identity_constraints,omitempty"`
	// Optional. Describes the set of X.509 extensions that may appear in a
	// [Certificate][google.cloud.security.privateca.v1.Certificate] issued
	// through this [CaPool][google.cloud.security.privateca.v1.CaPool]. If a
	// certificate request sets extensions that don't appear in the
	// [passthrough_extensions][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.passthrough_extensions],
	// those extensions will be dropped. If a certificate request uses a
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
	// with
	// [predefined_values][google.cloud.security.privateca.v1.CertificateTemplate.predefined_values]
	// that don't appear here, the certificate issuance request will fail. If
	// this is omitted, then this
	// [CaPool][google.cloud.security.privateca.v1.CaPool] will not add
	// restrictions on a certificate's X.509 extensions. These constraints do
	// not apply to X.509 extensions set in this
	// [CaPool][google.cloud.security.privateca.v1.CaPool]'s
	// [baseline_values][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.baseline_values].
	PassthroughExtensions *CertificateExtensionConstraints `protobuf:"bytes,6,opt,name=passthrough_extensions,json=passthroughExtensions,proto3" json:"passthrough_extensions,omitempty"`
	// contains filtered or unexported fields
}

func (*CaPool_IssuancePolicy) Descriptor() ([]byte, []int)

func (x *CaPool_IssuancePolicy) GetAllowedIssuanceModes() *CaPool_IssuancePolicy_IssuanceModes

func (x *CaPool_IssuancePolicy) GetAllowedKeyTypes() []*CaPool_IssuancePolicy_AllowedKeyType

func (x *CaPool_IssuancePolicy) GetBaselineValues() *X509Parameters

func (x *CaPool_IssuancePolicy) GetIdentityConstraints() *CertificateIdentityConstraints

func (x *CaPool_IssuancePolicy) GetMaximumLifetime() *durationpb.Duration

func (x *CaPool_IssuancePolicy) GetPassthroughExtensions() *CertificateExtensionConstraints

func (*CaPool_IssuancePolicy) ProtoMessage()

func (x *CaPool_IssuancePolicy) ProtoReflect() protoreflect.Message

func (x *CaPool_IssuancePolicy) Reset()

func (x *CaPool_IssuancePolicy) String() string

type CaPool_IssuancePolicy_AllowedKeyType struct {

	// Types that are assignable to KeyType:
	//	*CaPool_IssuancePolicy_AllowedKeyType_Rsa
	//	*CaPool_IssuancePolicy_AllowedKeyType_EllipticCurve
	KeyType isCaPool_IssuancePolicy_AllowedKeyType_KeyType `protobuf_oneof:"key_type"`
	// contains filtered or unexported fields
}

func (*CaPool_IssuancePolicy_AllowedKeyType) Descriptor() ([]byte, []int)

func (x *CaPool_IssuancePolicy_AllowedKeyType) GetEllipticCurve() *CaPool_IssuancePolicy_AllowedKeyType_EcKeyType

func (m *CaPool_IssuancePolicy_AllowedKeyType) GetKeyType() isCaPool_IssuancePolicy_AllowedKeyType_KeyType

func (x *CaPool_IssuancePolicy_AllowedKeyType) GetRsa() *CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType

func (*CaPool_IssuancePolicy_AllowedKeyType) ProtoMessage()

func (x *CaPool_IssuancePolicy_AllowedKeyType) ProtoReflect() protoreflect.Message

func (x *CaPool_IssuancePolicy_AllowedKeyType) Reset()

func (x *CaPool_IssuancePolicy_AllowedKeyType) String() string

type CaPool_IssuancePolicy_AllowedKeyType_EcKeyType struct {
	SignatureAlgorithm CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm "" /* 224 byte string literal not displayed */

}

func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) Descriptor() ([]byte, []int)

func (x *CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) GetSignatureAlgorithm() CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm

func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) ProtoMessage()

func (x *CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) ProtoReflect() protoreflect.Message

func (x *CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) Reset()

func (x *CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) String() string

type CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm int32

const (
	// Not specified. Signifies that any signature algorithm may be used.
	CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EC_SIGNATURE_ALGORITHM_UNSPECIFIED CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm = 0
	// Refers to the Elliptic Curve Digital Signature Algorithm over the
	// NIST P-256 curve.
	CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_ECDSA_P256 CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm = 1
	// Refers to the Elliptic Curve Digital Signature Algorithm over the
	// NIST P-384 curve.
	CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_ECDSA_P384 CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm = 2
	// Refers to the Edwards-curve Digital Signature Algorithm over curve
	// 25519, as described in RFC 8410.
	CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EDDSA_25519 CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm = 3
)

func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Descriptor() protoreflect.EnumDescriptor

func (x CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Enum() *CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm

func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) EnumDescriptor() ([]byte, []int)

func (x CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Number() protoreflect.EnumNumber

func (x CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) String() string

func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Type() protoreflect.EnumType

type CaPool_IssuancePolicy_AllowedKeyType_EllipticCurve struct {
	// Represents an allowed Elliptic Curve key type.
	EllipticCurve *CaPool_IssuancePolicy_AllowedKeyType_EcKeyType `protobuf:"bytes,2,opt,name=elliptic_curve,json=ellipticCurve,proto3,oneof"`
}

type CaPool_IssuancePolicy_AllowedKeyType_Rsa struct {
	// Represents an allowed RSA key type.
	Rsa *CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType `protobuf:"bytes,1,opt,name=rsa,proto3,oneof"`
}

type CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType struct {

	// Optional. The minimum allowed RSA modulus size (inclusive), in bits.
	// If this is not set, or if set to zero, the service-level min RSA
	// modulus size will continue to apply.
	MinModulusSize int64 `protobuf:"varint,1,opt,name=min_modulus_size,json=minModulusSize,proto3" json:"min_modulus_size,omitempty"`
	// Optional. The maximum allowed RSA modulus size (inclusive), in bits.
	// If this is not set, or if set to zero, the service will not enforce
	// an explicit upper bound on RSA modulus sizes.
	MaxModulusSize int64 `protobuf:"varint,2,opt,name=max_modulus_size,json=maxModulusSize,proto3" json:"max_modulus_size,omitempty"`
	// contains filtered or unexported fields
}

func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) Descriptor() ([]byte, []int)

func (x *CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) GetMaxModulusSize() int64

func (x *CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) GetMinModulusSize() int64

func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) ProtoMessage()

func (x *CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) ProtoReflect() protoreflect.Message

func (x *CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) Reset()

func (x *CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) String() string

type CaPool_IssuancePolicy_IssuanceModes struct {
	AllowCsrBasedIssuance bool "" /* 129 byte string literal not displayed */

	AllowConfigBasedIssuance bool "" /* 138 byte string literal not displayed */

}

func (*CaPool_IssuancePolicy_IssuanceModes) Descriptor() ([]byte, []int)

func (x *CaPool_IssuancePolicy_IssuanceModes) GetAllowConfigBasedIssuance() bool

func (x *CaPool_IssuancePolicy_IssuanceModes) GetAllowCsrBasedIssuance() bool

func (*CaPool_IssuancePolicy_IssuanceModes) ProtoMessage()

func (x *CaPool_IssuancePolicy_IssuanceModes) ProtoReflect() protoreflect.Message

func (x *CaPool_IssuancePolicy_IssuanceModes) Reset()

func (x *CaPool_IssuancePolicy_IssuanceModes) String() string

type CaPool_PublishingOptions struct {

	// Optional. When true, publishes each
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s
	// CA certificate and includes its URL in the "Authority Information Access"
	// X.509 extension in all issued
	// [Certificates][google.cloud.security.privateca.v1.Certificate]. If this
	// is false, the CA certificate will not be published and the corresponding
	// X.509 extension will not be written in issued certificates.
	PublishCaCert bool `protobuf:"varint,1,opt,name=publish_ca_cert,json=publishCaCert,proto3" json:"publish_ca_cert,omitempty"`
	// Optional. When true, publishes each
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s
	// CRL and includes its URL in the "CRL Distribution Points" X.509 extension
	// in all issued
	// [Certificates][google.cloud.security.privateca.v1.Certificate]. If this
	// is false, CRLs will not be published and the corresponding X.509
	// extension will not be written in issued certificates. CRLs will expire 7
	// days from their creation. However, we will rebuild daily. CRLs are also
	// rebuilt shortly after a certificate is revoked.
	PublishCrl bool `protobuf:"varint,2,opt,name=publish_crl,json=publishCrl,proto3" json:"publish_crl,omitempty"`
	// contains filtered or unexported fields
}

func (*CaPool_PublishingOptions) Descriptor() ([]byte, []int)

func (x *CaPool_PublishingOptions) GetPublishCaCert() bool

func (x *CaPool_PublishingOptions) GetPublishCrl() bool

func (*CaPool_PublishingOptions) ProtoMessage()

func (x *CaPool_PublishingOptions) ProtoReflect() protoreflect.Message

func (x *CaPool_PublishingOptions) Reset()

func (x *CaPool_PublishingOptions) String() string

type CaPool_Tier int32

const (
	// Not specified.
	CaPool_TIER_UNSPECIFIED CaPool_Tier = 0
	// Enterprise tier.
	CaPool_ENTERPRISE CaPool_Tier = 1
	// DevOps tier.
	CaPool_DEVOPS CaPool_Tier = 2
)

func (CaPool_Tier) Descriptor() protoreflect.EnumDescriptor

func (x CaPool_Tier) Enum() *CaPool_Tier

func (CaPool_Tier) EnumDescriptor() ([]byte, []int)

func (x CaPool_Tier) Number() protoreflect.EnumNumber

func (x CaPool_Tier) String() string

func (CaPool_Tier) Type() protoreflect.EnumType

type Certificate struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	CertificateConfig isCertificate_CertificateConfig `protobuf_oneof:"certificate_config"`

	IssuerCertificateAuthority string "" /* 141 byte string literal not displayed */

	Lifetime *durationpb.Duration `protobuf:"bytes,5,opt,name=lifetime,proto3" json:"lifetime,omitempty"`

	CertificateTemplate string `protobuf:"bytes,6,opt,name=certificate_template,json=certificateTemplate,proto3" json:"certificate_template,omitempty"`

	SubjectMode SubjectRequestMode "" /* 154 byte string literal not displayed */

	RevocationDetails *Certificate_RevocationDetails `protobuf:"bytes,8,opt,name=revocation_details,json=revocationDetails,proto3" json:"revocation_details,omitempty"`

	PemCertificate string `protobuf:"bytes,9,opt,name=pem_certificate,json=pemCertificate,proto3" json:"pem_certificate,omitempty"`

	CertificateDescription *CertificateDescription "" /* 128 byte string literal not displayed */

	PemCertificateChain []string `protobuf:"bytes,11,rep,name=pem_certificate_chain,json=pemCertificateChain,proto3" json:"pem_certificate_chain,omitempty"`

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,12,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	UpdateTime *timestamppb.Timestamp `protobuf:"bytes,13,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`

	Labels map[string]string "" /* 154 byte string literal not displayed */

}

func (*Certificate) Descriptor() ([]byte, []int)

func (m *Certificate) GetCertificateConfig() isCertificate_CertificateConfig

func (x *Certificate) GetCertificateDescription() *CertificateDescription

func (x *Certificate) GetCertificateTemplate() string

func (x *Certificate) GetConfig() *CertificateConfig

func (x *Certificate) GetCreateTime() *timestamppb.Timestamp

func (x *Certificate) GetIssuerCertificateAuthority() string

func (x *Certificate) GetLabels() map[string]string

func (x *Certificate) GetLifetime() *durationpb.Duration

func (x *Certificate) GetName() string

func (x *Certificate) GetPemCertificate() string

func (x *Certificate) GetPemCertificateChain() []string

func (x *Certificate) GetPemCsr() string

func (x *Certificate) GetRevocationDetails() *Certificate_RevocationDetails

func (x *Certificate) GetSubjectMode() SubjectRequestMode

func (x *Certificate) GetUpdateTime() *timestamppb.Timestamp

func (*Certificate) ProtoMessage()

func (x *Certificate) ProtoReflect() protoreflect.Message

func (x *Certificate) Reset()

func (x *Certificate) String() string

type CertificateAuthority struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	Type CertificateAuthority_Type "" /* 128 byte string literal not displayed */

	Config *CertificateConfig `protobuf:"bytes,3,opt,name=config,proto3" json:"config,omitempty"`

	Lifetime *durationpb.Duration `protobuf:"bytes,4,opt,name=lifetime,proto3" json:"lifetime,omitempty"`

	KeySpec *CertificateAuthority_KeyVersionSpec `protobuf:"bytes,5,opt,name=key_spec,json=keySpec,proto3" json:"key_spec,omitempty"`

	SubordinateConfig *SubordinateConfig `protobuf:"bytes,6,opt,name=subordinate_config,json=subordinateConfig,proto3" json:"subordinate_config,omitempty"`

	Tier CaPool_Tier `protobuf:"varint,7,opt,name=tier,proto3,enum=google.cloud.security.privateca.v1.CaPool_Tier" json:"tier,omitempty"`

	State CertificateAuthority_State "" /* 131 byte string literal not displayed */

	PemCaCertificates []string `protobuf:"bytes,9,rep,name=pem_ca_certificates,json=pemCaCertificates,proto3" json:"pem_ca_certificates,omitempty"`

	CaCertificateDescriptions []*CertificateDescription "" /* 139 byte string literal not displayed */

	GcsBucket string `protobuf:"bytes,11,opt,name=gcs_bucket,json=gcsBucket,proto3" json:"gcs_bucket,omitempty"`

	AccessUrls *CertificateAuthority_AccessUrls `protobuf:"bytes,12,opt,name=access_urls,json=accessUrls,proto3" json:"access_urls,omitempty"`

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,13,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	UpdateTime *timestamppb.Timestamp `protobuf:"bytes,14,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`

	DeleteTime *timestamppb.Timestamp `protobuf:"bytes,15,opt,name=delete_time,json=deleteTime,proto3" json:"delete_time,omitempty"`

	ExpireTime *timestamppb.Timestamp `protobuf:"bytes,16,opt,name=expire_time,json=expireTime,proto3" json:"expire_time,omitempty"`

	Labels map[string]string "" /* 154 byte string literal not displayed */

}

func (*CertificateAuthority) Descriptor() ([]byte, []int)

func (x *CertificateAuthority) GetAccessUrls() *CertificateAuthority_AccessUrls

func (x *CertificateAuthority) GetCaCertificateDescriptions() []*CertificateDescription

func (x *CertificateAuthority) GetConfig() *CertificateConfig

func (x *CertificateAuthority) GetCreateTime() *timestamppb.Timestamp

func (x *CertificateAuthority) GetDeleteTime() *timestamppb.Timestamp

func (x *CertificateAuthority) GetExpireTime() *timestamppb.Timestamp

func (x *CertificateAuthority) GetGcsBucket() string

func (x *CertificateAuthority) GetKeySpec() *CertificateAuthority_KeyVersionSpec

func (x *CertificateAuthority) GetLabels() map[string]string

func (x *CertificateAuthority) GetLifetime() *durationpb.Duration

func (x *CertificateAuthority) GetName() string

func (x *CertificateAuthority) GetPemCaCertificates() []string

func (x *CertificateAuthority) GetState() CertificateAuthority_State

func (x *CertificateAuthority) GetSubordinateConfig() *SubordinateConfig

func (x *CertificateAuthority) GetTier() CaPool_Tier

func (x *CertificateAuthority) GetType() CertificateAuthority_Type

func (x *CertificateAuthority) GetUpdateTime() *timestamppb.Timestamp

func (*CertificateAuthority) ProtoMessage()

func (x *CertificateAuthority) ProtoReflect() protoreflect.Message

func (x *CertificateAuthority) Reset()

func (x *CertificateAuthority) String() string

type CertificateAuthorityServiceClient interface {
	// Create a new [Certificate][google.cloud.security.privateca.v1.Certificate]
	// in a given Project, Location from a particular
	// [CaPool][google.cloud.security.privateca.v1.CaPool].
	CreateCertificate(ctx context.Context, in *CreateCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Returns a [Certificate][google.cloud.security.privateca.v1.Certificate].
	GetCertificate(ctx context.Context, in *GetCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Lists [Certificates][google.cloud.security.privateca.v1.Certificate].
	ListCertificates(ctx context.Context, in *ListCertificatesRequest, opts ...grpc.CallOption) (*ListCertificatesResponse, error)
	// Revoke a [Certificate][google.cloud.security.privateca.v1.Certificate].
	RevokeCertificate(ctx context.Context, in *RevokeCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Update a [Certificate][google.cloud.security.privateca.v1.Certificate].
	// Currently, the only field you can update is the
	// [labels][google.cloud.security.privateca.v1.Certificate.labels] field.
	UpdateCertificate(ctx context.Context, in *UpdateCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Activate a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// that is in state
	// [AWAITING_USER_ACTIVATION][google.cloud.security.privateca.v1.CertificateAuthority.State.AWAITING_USER_ACTIVATION]
	// and is of type
	// [SUBORDINATE][google.cloud.security.privateca.v1.CertificateAuthority.Type.SUBORDINATE].
	// After the parent Certificate Authority signs a certificate signing request
	// from
	// [FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCertificateAuthorityCsr],
	// this method can complete the activation process.
	ActivateCertificateAuthority(ctx context.Context, in *ActivateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// Create a new
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// in a given Project and Location.
	CreateCertificateAuthority(ctx context.Context, in *CreateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// Disable a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	DisableCertificateAuthority(ctx context.Context, in *DisableCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// Enable a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	EnableCertificateAuthority(ctx context.Context, in *EnableCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// Fetch a certificate signing request (CSR) from a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// that is in state
	// [AWAITING_USER_ACTIVATION][google.cloud.security.privateca.v1.CertificateAuthority.State.AWAITING_USER_ACTIVATION]
	// and is of type
	// [SUBORDINATE][google.cloud.security.privateca.v1.CertificateAuthority.Type.SUBORDINATE].
	// The CSR must then be signed by the desired parent Certificate Authority,
	// which could be another
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// resource, or could be an on-prem certificate authority. See also
	// [ActivateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.ActivateCertificateAuthority].
	FetchCertificateAuthorityCsr(ctx context.Context, in *FetchCertificateAuthorityCsrRequest, opts ...grpc.CallOption) (*FetchCertificateAuthorityCsrResponse, error)
	// Returns a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	GetCertificateAuthority(ctx context.Context, in *GetCertificateAuthorityRequest, opts ...grpc.CallOption) (*CertificateAuthority, error)
	// Lists
	// [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority].
	ListCertificateAuthorities(ctx context.Context, in *ListCertificateAuthoritiesRequest, opts ...grpc.CallOption) (*ListCertificateAuthoritiesResponse, error)
	// Undelete a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// that has been deleted.
	UndeleteCertificateAuthority(ctx context.Context, in *UndeleteCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// Delete a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	DeleteCertificateAuthority(ctx context.Context, in *DeleteCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// Update a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	UpdateCertificateAuthority(ctx context.Context, in *UpdateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// Create a [CaPool][google.cloud.security.privateca.v1.CaPool].
	CreateCaPool(ctx context.Context, in *CreateCaPoolRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// Update a [CaPool][google.cloud.security.privateca.v1.CaPool].
	UpdateCaPool(ctx context.Context, in *UpdateCaPoolRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// Returns a [CaPool][google.cloud.security.privateca.v1.CaPool].
	GetCaPool(ctx context.Context, in *GetCaPoolRequest, opts ...grpc.CallOption) (*CaPool, error)
	// Lists [CaPools][google.cloud.security.privateca.v1.CaPool].
	ListCaPools(ctx context.Context, in *ListCaPoolsRequest, opts ...grpc.CallOption) (*ListCaPoolsResponse, error)
	// Delete a [CaPool][google.cloud.security.privateca.v1.CaPool].
	DeleteCaPool(ctx context.Context, in *DeleteCaPoolRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// FetchCaCerts returns the current trust anchor for the
	// [CaPool][google.cloud.security.privateca.v1.CaPool]. This will include CA
	// certificate chains for all ACTIVE
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// resources in the [CaPool][google.cloud.security.privateca.v1.CaPool].
	FetchCaCerts(ctx context.Context, in *FetchCaCertsRequest, opts ...grpc.CallOption) (*FetchCaCertsResponse, error)
	// Returns a
	// [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList].
	GetCertificateRevocationList(ctx context.Context, in *GetCertificateRevocationListRequest, opts ...grpc.CallOption) (*CertificateRevocationList, error)
	// Lists
	// [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList].
	ListCertificateRevocationLists(ctx context.Context, in *ListCertificateRevocationListsRequest, opts ...grpc.CallOption) (*ListCertificateRevocationListsResponse, error)
	// Update a
	// [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList].
	UpdateCertificateRevocationList(ctx context.Context, in *UpdateCertificateRevocationListRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// Create a new
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
	// in a given Project and Location.
	CreateCertificateTemplate(ctx context.Context, in *CreateCertificateTemplateRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// DeleteCertificateTemplate deletes a
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
	DeleteCertificateTemplate(ctx context.Context, in *DeleteCertificateTemplateRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
	// Returns a
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
	GetCertificateTemplate(ctx context.Context, in *GetCertificateTemplateRequest, opts ...grpc.CallOption) (*CertificateTemplate, error)
	// Lists
	// [CertificateTemplates][google.cloud.security.privateca.v1.CertificateTemplate].
	ListCertificateTemplates(ctx context.Context, in *ListCertificateTemplatesRequest, opts ...grpc.CallOption) (*ListCertificateTemplatesResponse, error)
	// Update a
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
	UpdateCertificateTemplate(ctx context.Context, in *UpdateCertificateTemplateRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
}

func NewCertificateAuthorityServiceClient(cc grpc.ClientConnInterface) CertificateAuthorityServiceClient

type CertificateAuthorityServiceServer interface {
	// Create a new [Certificate][google.cloud.security.privateca.v1.Certificate]
	// in a given Project, Location from a particular
	// [CaPool][google.cloud.security.privateca.v1.CaPool].
	CreateCertificate(context.Context, *CreateCertificateRequest) (*Certificate, error)
	// Returns a [Certificate][google.cloud.security.privateca.v1.Certificate].
	GetCertificate(context.Context, *GetCertificateRequest) (*Certificate, error)
	// Lists [Certificates][google.cloud.security.privateca.v1.Certificate].
	ListCertificates(context.Context, *ListCertificatesRequest) (*ListCertificatesResponse, error)
	// Revoke a [Certificate][google.cloud.security.privateca.v1.Certificate].
	RevokeCertificate(context.Context, *RevokeCertificateRequest) (*Certificate, error)
	// Update a [Certificate][google.cloud.security.privateca.v1.Certificate].
	// Currently, the only field you can update is the
	// [labels][google.cloud.security.privateca.v1.Certificate.labels] field.
	UpdateCertificate(context.Context, *UpdateCertificateRequest) (*Certificate, error)
	// Activate a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// that is in state
	// [AWAITING_USER_ACTIVATION][google.cloud.security.privateca.v1.CertificateAuthority.State.AWAITING_USER_ACTIVATION]
	// and is of type
	// [SUBORDINATE][google.cloud.security.privateca.v1.CertificateAuthority.Type.SUBORDINATE].
	// After the parent Certificate Authority signs a certificate signing request
	// from
	// [FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCertificateAuthorityCsr],
	// this method can complete the activation process.
	ActivateCertificateAuthority(context.Context, *ActivateCertificateAuthorityRequest) (*longrunningpb.Operation, error)
	// Create a new
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// in a given Project and Location.
	CreateCertificateAuthority(context.Context, *CreateCertificateAuthorityRequest) (*longrunningpb.Operation, error)
	// Disable a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	DisableCertificateAuthority(context.Context, *DisableCertificateAuthorityRequest) (*longrunningpb.Operation, error)
	// Enable a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	EnableCertificateAuthority(context.Context, *EnableCertificateAuthorityRequest) (*longrunningpb.Operation, error)
	// Fetch a certificate signing request (CSR) from a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// that is in state
	// [AWAITING_USER_ACTIVATION][google.cloud.security.privateca.v1.CertificateAuthority.State.AWAITING_USER_ACTIVATION]
	// and is of type
	// [SUBORDINATE][google.cloud.security.privateca.v1.CertificateAuthority.Type.SUBORDINATE].
	// The CSR must then be signed by the desired parent Certificate Authority,
	// which could be another
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// resource, or could be an on-prem certificate authority. See also
	// [ActivateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.ActivateCertificateAuthority].
	FetchCertificateAuthorityCsr(context.Context, *FetchCertificateAuthorityCsrRequest) (*FetchCertificateAuthorityCsrResponse, error)
	// Returns a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	GetCertificateAuthority(context.Context, *GetCertificateAuthorityRequest) (*CertificateAuthority, error)
	// Lists
	// [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority].
	ListCertificateAuthorities(context.Context, *ListCertificateAuthoritiesRequest) (*ListCertificateAuthoritiesResponse, error)
	// Undelete a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// that has been deleted.
	UndeleteCertificateAuthority(context.Context, *UndeleteCertificateAuthorityRequest) (*longrunningpb.Operation, error)
	// Delete a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	DeleteCertificateAuthority(context.Context, *DeleteCertificateAuthorityRequest) (*longrunningpb.Operation, error)
	// Update a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	UpdateCertificateAuthority(context.Context, *UpdateCertificateAuthorityRequest) (*longrunningpb.Operation, error)
	// Create a [CaPool][google.cloud.security.privateca.v1.CaPool].
	CreateCaPool(context.Context, *CreateCaPoolRequest) (*longrunningpb.Operation, error)
	// Update a [CaPool][google.cloud.security.privateca.v1.CaPool].
	UpdateCaPool(context.Context, *UpdateCaPoolRequest) (*longrunningpb.Operation, error)
	// Returns a [CaPool][google.cloud.security.privateca.v1.CaPool].
	GetCaPool(context.Context, *GetCaPoolRequest) (*CaPool, error)
	// Lists [CaPools][google.cloud.security.privateca.v1.CaPool].
	ListCaPools(context.Context, *ListCaPoolsRequest) (*ListCaPoolsResponse, error)
	// Delete a [CaPool][google.cloud.security.privateca.v1.CaPool].
	DeleteCaPool(context.Context, *DeleteCaPoolRequest) (*longrunningpb.Operation, error)
	// FetchCaCerts returns the current trust anchor for the
	// [CaPool][google.cloud.security.privateca.v1.CaPool]. This will include CA
	// certificate chains for all ACTIVE
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// resources in the [CaPool][google.cloud.security.privateca.v1.CaPool].
	FetchCaCerts(context.Context, *FetchCaCertsRequest) (*FetchCaCertsResponse, error)
	// Returns a
	// [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList].
	GetCertificateRevocationList(context.Context, *GetCertificateRevocationListRequest) (*CertificateRevocationList, error)
	// Lists
	// [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList].
	ListCertificateRevocationLists(context.Context, *ListCertificateRevocationListsRequest) (*ListCertificateRevocationListsResponse, error)
	// Update a
	// [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList].
	UpdateCertificateRevocationList(context.Context, *UpdateCertificateRevocationListRequest) (*longrunningpb.Operation, error)
	// Create a new
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
	// in a given Project and Location.
	CreateCertificateTemplate(context.Context, *CreateCertificateTemplateRequest) (*longrunningpb.Operation, error)
	// DeleteCertificateTemplate deletes a
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
	DeleteCertificateTemplate(context.Context, *DeleteCertificateTemplateRequest) (*longrunningpb.Operation, error)
	// Returns a
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
	GetCertificateTemplate(context.Context, *GetCertificateTemplateRequest) (*CertificateTemplate, error)
	// Lists
	// [CertificateTemplates][google.cloud.security.privateca.v1.CertificateTemplate].
	ListCertificateTemplates(context.Context, *ListCertificateTemplatesRequest) (*ListCertificateTemplatesResponse, error)
	// Update a
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
	UpdateCertificateTemplate(context.Context, *UpdateCertificateTemplateRequest) (*longrunningpb.Operation, error)
}

type CertificateAuthority_AccessUrls struct {
	CaCertificateAccessUrl string "" /* 131 byte string literal not displayed */

	CrlAccessUrls []string `protobuf:"bytes,2,rep,name=crl_access_urls,json=crlAccessUrls,proto3" json:"crl_access_urls,omitempty"`

}

func (*CertificateAuthority_AccessUrls) Descriptor() ([]byte, []int)

func (x *CertificateAuthority_AccessUrls) GetCaCertificateAccessUrl() string

func (x *CertificateAuthority_AccessUrls) GetCrlAccessUrls() []string

func (*CertificateAuthority_AccessUrls) ProtoMessage()

func (x *CertificateAuthority_AccessUrls) ProtoReflect() protoreflect.Message

func (x *CertificateAuthority_AccessUrls) Reset()

func (x *CertificateAuthority_AccessUrls) String() string

type CertificateAuthority_KeyVersionSpec struct {

	// Types that are assignable to KeyVersion:
	//	*CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion
	//	*CertificateAuthority_KeyVersionSpec_Algorithm
	KeyVersion isCertificateAuthority_KeyVersionSpec_KeyVersion `protobuf_oneof:"KeyVersion"`
	// contains filtered or unexported fields
}

func (*CertificateAuthority_KeyVersionSpec) Descriptor() ([]byte, []int)

func (x *CertificateAuthority_KeyVersionSpec) GetAlgorithm() CertificateAuthority_SignHashAlgorithm

func (x *CertificateAuthority_KeyVersionSpec) GetCloudKmsKeyVersion() string

func (m *CertificateAuthority_KeyVersionSpec) GetKeyVersion() isCertificateAuthority_KeyVersionSpec_KeyVersion

func (*CertificateAuthority_KeyVersionSpec) ProtoMessage()

func (x *CertificateAuthority_KeyVersionSpec) ProtoReflect() protoreflect.Message

func (x *CertificateAuthority_KeyVersionSpec) Reset()

func (x *CertificateAuthority_KeyVersionSpec) String() string

type CertificateAuthority_KeyVersionSpec_Algorithm struct {
	Algorithm CertificateAuthority_SignHashAlgorithm "" /* 130 byte string literal not displayed */
}

type CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion struct {
	// The resource name for an existing Cloud KMS CryptoKeyVersion in the
	// format
	// `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
	// This option enables full flexibility in the key's capabilities and
	// properties.
	CloudKmsKeyVersion string `protobuf:"bytes,1,opt,name=cloud_kms_key_version,json=cloudKmsKeyVersion,proto3,oneof"`
}

type CertificateAuthority_SignHashAlgorithm int32

const (
	// Not specified.
	CertificateAuthority_SIGN_HASH_ALGORITHM_UNSPECIFIED CertificateAuthority_SignHashAlgorithm = 0
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256
	CertificateAuthority_RSA_PSS_2048_SHA256 CertificateAuthority_SignHashAlgorithm = 1
	// maps to CryptoKeyVersionAlgorithm. RSA_SIGN_PSS_3072_SHA256
	CertificateAuthority_RSA_PSS_3072_SHA256 CertificateAuthority_SignHashAlgorithm = 2
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_4096_SHA256
	CertificateAuthority_RSA_PSS_4096_SHA256 CertificateAuthority_SignHashAlgorithm = 3
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256
	CertificateAuthority_RSA_PKCS1_2048_SHA256 CertificateAuthority_SignHashAlgorithm = 6
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_3072_SHA256
	CertificateAuthority_RSA_PKCS1_3072_SHA256 CertificateAuthority_SignHashAlgorithm = 7
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_4096_SHA256
	CertificateAuthority_RSA_PKCS1_4096_SHA256 CertificateAuthority_SignHashAlgorithm = 8
	// maps to CryptoKeyVersionAlgorithm.EC_SIGN_P256_SHA256
	CertificateAuthority_EC_P256_SHA256 CertificateAuthority_SignHashAlgorithm = 4
	// maps to CryptoKeyVersionAlgorithm.EC_SIGN_P384_SHA384
	CertificateAuthority_EC_P384_SHA384 CertificateAuthority_SignHashAlgorithm = 5
)

func (CertificateAuthority_SignHashAlgorithm) Descriptor() protoreflect.EnumDescriptor

func (x CertificateAuthority_SignHashAlgorithm) Enum() *CertificateAuthority_SignHashAlgorithm

func (CertificateAuthority_SignHashAlgorithm) EnumDescriptor() ([]byte, []int)

func (x CertificateAuthority_SignHashAlgorithm) Number() protoreflect.EnumNumber

func (x CertificateAuthority_SignHashAlgorithm) String() string

func (CertificateAuthority_SignHashAlgorithm) Type() protoreflect.EnumType

type CertificateAuthority_State int32

const (
	// Not specified.
	CertificateAuthority_STATE_UNSPECIFIED CertificateAuthority_State = 0
	// Certificates can be issued from this CA. CRLs will be generated for this
	// CA. The CA will be part of the
	// [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, and
	// will be used to issue certificates from the
	// [CaPool][google.cloud.security.privateca.v1.CaPool].
	CertificateAuthority_ENABLED CertificateAuthority_State = 1
	// Certificates cannot be issued from this CA. CRLs will still be generated.
	// The CA will be part of the
	// [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, but
	// will not be used to issue certificates from the
	// [CaPool][google.cloud.security.privateca.v1.CaPool].
	CertificateAuthority_DISABLED CertificateAuthority_State = 2
	// Certificates can be issued from this CA. CRLs will be generated for this
	// CA. The CA will be part of the
	// [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, but
	// will not be used to issue certificates from the
	// [CaPool][google.cloud.security.privateca.v1.CaPool].
	CertificateAuthority_STAGED CertificateAuthority_State = 3
	// Certificates cannot be issued from this CA. CRLs will not be generated.
	// The CA will not be part of the
	// [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, and
	// will not be used to issue certificates from the
	// [CaPool][google.cloud.security.privateca.v1.CaPool].
	CertificateAuthority_AWAITING_USER_ACTIVATION CertificateAuthority_State = 4
	// Certificates cannot be issued from this CA. CRLs will not be generated.
	// The CA may still be recovered by calling
	// [CertificateAuthorityService.UndeleteCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.UndeleteCertificateAuthority]
	// before
	// [expire_time][google.cloud.security.privateca.v1.CertificateAuthority.expire_time].
	// The CA will not be part of the
	// [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, and
	// will not be used to issue certificates from the
	// [CaPool][google.cloud.security.privateca.v1.CaPool].
	CertificateAuthority_DELETED CertificateAuthority_State = 5
)

func (CertificateAuthority_State) Descriptor() protoreflect.EnumDescriptor

func (x CertificateAuthority_State) Enum() *CertificateAuthority_State

func (CertificateAuthority_State) EnumDescriptor() ([]byte, []int)

func (x CertificateAuthority_State) Number() protoreflect.EnumNumber

func (x CertificateAuthority_State) String() string

func (CertificateAuthority_State) Type() protoreflect.EnumType

type CertificateAuthority_Type int32

const (
	// Not specified.
	CertificateAuthority_TYPE_UNSPECIFIED CertificateAuthority_Type = 0
	// Self-signed CA.
	CertificateAuthority_SELF_SIGNED CertificateAuthority_Type = 1
	// Subordinate CA. Could be issued by a Private CA
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// or an unmanaged CA.
	CertificateAuthority_SUBORDINATE CertificateAuthority_Type = 2
)

func (CertificateAuthority_Type) Descriptor() protoreflect.EnumDescriptor

func (x CertificateAuthority_Type) Enum() *CertificateAuthority_Type

func (CertificateAuthority_Type) EnumDescriptor() ([]byte, []int)

func (x CertificateAuthority_Type) Number() protoreflect.EnumNumber

func (x CertificateAuthority_Type) String() string

func (CertificateAuthority_Type) Type() protoreflect.EnumType

type CertificateConfig struct {

	// Required. Specifies some of the values in a certificate that are related to
	// the subject.
	SubjectConfig *CertificateConfig_SubjectConfig `protobuf:"bytes,1,opt,name=subject_config,json=subjectConfig,proto3" json:"subject_config,omitempty"`
	// Required. Describes how some of the technical X.509 fields in a certificate
	// should be populated.
	X509Config *X509Parameters `protobuf:"bytes,2,opt,name=x509_config,json=x509Config,proto3" json:"x509_config,omitempty"`
	// Optional. The public key that corresponds to this config. This is, for
	// example, used when issuing
	// [Certificates][google.cloud.security.privateca.v1.Certificate], but not
	// when creating a self-signed
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// or
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// CSR.
	PublicKey *PublicKey `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
	// contains filtered or unexported fields
}

func (*CertificateConfig) Descriptor() ([]byte, []int)

func (x *CertificateConfig) GetPublicKey() *PublicKey

func (x *CertificateConfig) GetSubjectConfig() *CertificateConfig_SubjectConfig

func (x *CertificateConfig) GetX509Config() *X509Parameters

func (*CertificateConfig) ProtoMessage()

func (x *CertificateConfig) ProtoReflect() protoreflect.Message

func (x *CertificateConfig) Reset()

func (x *CertificateConfig) String() string

type CertificateConfig_SubjectConfig struct {

	// Required. Contains distinguished name fields such as the common name,
	// location and organization.
	Subject *Subject `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
	// Optional. The subject alternative name fields.
	SubjectAltName *SubjectAltNames `protobuf:"bytes,2,opt,name=subject_alt_name,json=subjectAltName,proto3" json:"subject_alt_name,omitempty"`
	// contains filtered or unexported fields
}

func (*CertificateConfig_SubjectConfig) Descriptor() ([]byte, []int)

func (x *CertificateConfig_SubjectConfig) GetSubject() *Subject

func (x *CertificateConfig_SubjectConfig) GetSubjectAltName() *SubjectAltNames

func (*CertificateConfig_SubjectConfig) ProtoMessage()

func (x *CertificateConfig_SubjectConfig) ProtoReflect() protoreflect.Message

func (x *CertificateConfig_SubjectConfig) Reset()

func (x *CertificateConfig_SubjectConfig) String() string

type CertificateDescription struct {
	SubjectDescription *CertificateDescription_SubjectDescription `protobuf:"bytes,1,opt,name=subject_description,json=subjectDescription,proto3" json:"subject_description,omitempty"`

	X509Description *X509Parameters `protobuf:"bytes,2,opt,name=x509_description,json=x509Description,proto3" json:"x509_description,omitempty"`

	PublicKey *PublicKey `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`

	SubjectKeyId *CertificateDescription_KeyId `protobuf:"bytes,4,opt,name=subject_key_id,json=subjectKeyId,proto3" json:"subject_key_id,omitempty"`

	AuthorityKeyId *CertificateDescription_KeyId `protobuf:"bytes,5,opt,name=authority_key_id,json=authorityKeyId,proto3" json:"authority_key_id,omitempty"`

	CrlDistributionPoints []string `protobuf:"bytes,6,rep,name=crl_distribution_points,json=crlDistributionPoints,proto3" json:"crl_distribution_points,omitempty"`

	AiaIssuingCertificateUrls []string "" /* 140 byte string literal not displayed */

	CertFingerprint *CertificateDescription_CertificateFingerprint `protobuf:"bytes,8,opt,name=cert_fingerprint,json=certFingerprint,proto3" json:"cert_fingerprint,omitempty"`

}

func (*CertificateDescription) Descriptor() ([]byte, []int)

func (x *CertificateDescription) GetAiaIssuingCertificateUrls() []string

func (x *CertificateDescription) GetAuthorityKeyId() *CertificateDescription_KeyId

func (x *CertificateDescription) GetCertFingerprint() *CertificateDescription_CertificateFingerprint

func (x *CertificateDescription) GetCrlDistributionPoints() []string

func (x *CertificateDescription) GetPublicKey() *PublicKey

func (x *CertificateDescription) GetSubjectDescription() *CertificateDescription_SubjectDescription

func (x *CertificateDescription) GetSubjectKeyId() *CertificateDescription_KeyId

func (x *CertificateDescription) GetX509Description() *X509Parameters

func (*CertificateDescription) ProtoMessage()

func (x *CertificateDescription) ProtoReflect() protoreflect.Message

func (x *CertificateDescription) Reset()

func (x *CertificateDescription) String() string

type CertificateDescription_CertificateFingerprint struct {

	// The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
	Sha256Hash string `protobuf:"bytes,1,opt,name=sha256_hash,json=sha256Hash,proto3" json:"sha256_hash,omitempty"`
	// contains filtered or unexported fields
}

func (*CertificateDescription_CertificateFingerprint) Descriptor() ([]byte, []int)

func (x *CertificateDescription_CertificateFingerprint) GetSha256Hash() string

func (*CertificateDescription_CertificateFingerprint) ProtoMessage()

func (x *CertificateDescription_CertificateFingerprint) ProtoReflect() protoreflect.Message

func (x *CertificateDescription_CertificateFingerprint) Reset()

func (x *CertificateDescription_CertificateFingerprint) String() string

type CertificateDescription_KeyId struct {

	// Optional. The value of this KeyId encoded in lowercase hexadecimal. This
	// is most likely the 160 bit SHA-1 hash of the public key.
	KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
	// contains filtered or unexported fields
}

func (*CertificateDescription_KeyId) Descriptor() ([]byte, []int)

func (x *CertificateDescription_KeyId) GetKeyId() string

func (*CertificateDescription_KeyId) ProtoMessage()

func (x *CertificateDescription_KeyId) ProtoReflect() protoreflect.Message

func (x *CertificateDescription_KeyId) Reset()

func (x *CertificateDescription_KeyId) String() string

type CertificateDescription_SubjectDescription struct {

	// Contains distinguished name fields such as the common name, location and
	// / organization.
	Subject *Subject `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
	// The subject alternative name fields.
	SubjectAltName *SubjectAltNames `protobuf:"bytes,2,opt,name=subject_alt_name,json=subjectAltName,proto3" json:"subject_alt_name,omitempty"`
	// The serial number encoded in lowercase hexadecimal.
	HexSerialNumber string `protobuf:"bytes,3,opt,name=hex_serial_number,json=hexSerialNumber,proto3" json:"hex_serial_number,omitempty"`
	// For convenience, the actual lifetime of an issued certificate.
	Lifetime *durationpb.Duration `protobuf:"bytes,4,opt,name=lifetime,proto3" json:"lifetime,omitempty"`
	// The time at which the certificate becomes valid.
	NotBeforeTime *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=not_before_time,json=notBeforeTime,proto3" json:"not_before_time,omitempty"`
	// The time after which the certificate is expired.
	// Per RFC 5280, the validity period for a certificate is the period of time
	// from not_before_time through not_after_time, inclusive.
	// Corresponds to 'not_before_time' + 'lifetime' - 1 second.
	NotAfterTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=not_after_time,json=notAfterTime,proto3" json:"not_after_time,omitempty"`
	// contains filtered or unexported fields
}

func (*CertificateDescription_SubjectDescription) Descriptor() ([]byte, []int)

func (x *CertificateDescription_SubjectDescription) GetHexSerialNumber() string

func (x *CertificateDescription_SubjectDescription) GetLifetime() *durationpb.Duration

func (x *CertificateDescription_SubjectDescription) GetNotAfterTime() *timestamppb.Timestamp

func (x *CertificateDescription_SubjectDescription) GetNotBeforeTime() *timestamppb.Timestamp

func (x *CertificateDescription_SubjectDescription) GetSubject() *Subject

func (x *CertificateDescription_SubjectDescription) GetSubjectAltName() *SubjectAltNames

func (*CertificateDescription_SubjectDescription) ProtoMessage()

func (x *CertificateDescription_SubjectDescription) ProtoReflect() protoreflect.Message

func (x *CertificateDescription_SubjectDescription) Reset()

func (x *CertificateDescription_SubjectDescription) String() string

type CertificateExtensionConstraints struct {
	KnownExtensions []CertificateExtensionConstraints_KnownCertificateExtension "" /* 212 byte string literal not displayed */

	AdditionalExtensions []*ObjectId `protobuf:"bytes,2,rep,name=additional_extensions,json=additionalExtensions,proto3" json:"additional_extensions,omitempty"`

}

func (*CertificateExtensionConstraints) Descriptor() ([]byte, []int)

func (x *CertificateExtensionConstraints) GetAdditionalExtensions() []*ObjectId

func (x *CertificateExtensionConstraints) GetKnownExtensions() []CertificateExtensionConstraints_KnownCertificateExtension

func (*CertificateExtensionConstraints) ProtoMessage()

func (x *CertificateExtensionConstraints) ProtoReflect() protoreflect.Message

func (x *CertificateExtensionConstraints) Reset()

func (x *CertificateExtensionConstraints) String() string

type CertificateExtensionConstraints_KnownCertificateExtension int32

const (
	// Not specified.
	CertificateExtensionConstraints_KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED CertificateExtensionConstraints_KnownCertificateExtension = 0
	// Refers to a certificate's Key Usage extension, as described in [RFC 5280
	// section 4.2.1.3](https://tools.ietf.org/html/rfc5280#section-4.2.1.3).
	// This corresponds to the
	// [KeyUsage.base_key_usage][google.cloud.security.privateca.v1.KeyUsage.base_key_usage]
	// field.
	CertificateExtensionConstraints_BASE_KEY_USAGE CertificateExtensionConstraints_KnownCertificateExtension = 1
	// Refers to a certificate's Extended Key Usage extension, as described in
	// [RFC 5280
	// section 4.2.1.12](https://tools.ietf.org/html/rfc5280#section-4.2.1.12).
	// This corresponds to the
	// [KeyUsage.extended_key_usage][google.cloud.security.privateca.v1.KeyUsage.extended_key_usage]
	// message.
	CertificateExtensionConstraints_EXTENDED_KEY_USAGE CertificateExtensionConstraints_KnownCertificateExtension = 2
	// Refers to a certificate's Basic Constraints extension, as described in
	// [RFC 5280
	// section 4.2.1.9](https://tools.ietf.org/html/rfc5280#section-4.2.1.9).
	// This corresponds to the
	// [X509Parameters.ca_options][google.cloud.security.privateca.v1.X509Parameters.ca_options]
	// field.
	CertificateExtensionConstraints_CA_OPTIONS CertificateExtensionConstraints_KnownCertificateExtension = 3
	// Refers to a certificate's Policy object identifiers, as described in
	// [RFC 5280
	// section 4.2.1.4](https://tools.ietf.org/html/rfc5280#section-4.2.1.4).
	// This corresponds to the
	// [X509Parameters.policy_ids][google.cloud.security.privateca.v1.X509Parameters.policy_ids]
	// field.
	CertificateExtensionConstraints_POLICY_IDS CertificateExtensionConstraints_KnownCertificateExtension = 4
	// Refers to OCSP servers in a certificate's Authority Information Access
	// extension, as described in
	// [RFC 5280
	// section 4.2.2.1](https://tools.ietf.org/html/rfc5280#section-4.2.2.1),
	// This corresponds to the
	// [X509Parameters.aia_ocsp_servers][google.cloud.security.privateca.v1.X509Parameters.aia_ocsp_servers]
	// field.
	CertificateExtensionConstraints_AIA_OCSP_SERVERS CertificateExtensionConstraints_KnownCertificateExtension = 5
	// Refers to Name Constraints extension as described in
	// [RFC 5280
	// section 4.2.1.10](https://tools.ietf.org/html/rfc5280#section-4.2.1.10)
	CertificateExtensionConstraints_NAME_CONSTRAINTS CertificateExtensionConstraints_KnownCertificateExtension = 6
)

func (CertificateExtensionConstraints_KnownCertificateExtension) Descriptor() protoreflect.EnumDescriptor

func (x CertificateExtensionConstraints_KnownCertificateExtension) Enum() *CertificateExtensionConstraints_KnownCertificateExtension

func (CertificateExtensionConstraints_KnownCertificateExtension) EnumDescriptor() ([]byte, []int)

func (x CertificateExtensionConstraints_KnownCertificateExtension) Number() protoreflect.EnumNumber

func (x CertificateExtensionConstraints_KnownCertificateExtension) String() string

func (CertificateExtensionConstraints_KnownCertificateExtension) Type() protoreflect.EnumType

type CertificateIdentityConstraints struct {
	CelExpression *expr.Expr `protobuf:"bytes,1,opt,name=cel_expression,json=celExpression,proto3" json:"cel_expression,omitempty"`

	AllowSubjectPassthrough *bool "" /* 139 byte string literal not displayed */

	AllowSubjectAltNamesPassthrough *bool "" /* 167 byte string literal not displayed */

}

func (*CertificateIdentityConstraints) Descriptor() ([]byte, []int)

func (x *CertificateIdentityConstraints) GetAllowSubjectAltNamesPassthrough() bool

func (x *CertificateIdentityConstraints) GetAllowSubjectPassthrough() bool

func (x *CertificateIdentityConstraints) GetCelExpression() *expr.Expr

func (*CertificateIdentityConstraints) ProtoMessage()

func (x *CertificateIdentityConstraints) ProtoReflect() protoreflect.Message

func (x *CertificateIdentityConstraints) Reset()

func (x *CertificateIdentityConstraints) String() string

type CertificateRevocationList struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	SequenceNumber int64 `protobuf:"varint,2,opt,name=sequence_number,json=sequenceNumber,proto3" json:"sequence_number,omitempty"`

	RevokedCertificates []*CertificateRevocationList_RevokedCertificate `protobuf:"bytes,3,rep,name=revoked_certificates,json=revokedCertificates,proto3" json:"revoked_certificates,omitempty"`

	PemCrl string `protobuf:"bytes,4,opt,name=pem_crl,json=pemCrl,proto3" json:"pem_crl,omitempty"`

	AccessUrl string `protobuf:"bytes,5,opt,name=access_url,json=accessUrl,proto3" json:"access_url,omitempty"`

	State CertificateRevocationList_State "" /* 136 byte string literal not displayed */

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	UpdateTime *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`

	RevisionId string `protobuf:"bytes,9,opt,name=revision_id,json=revisionId,proto3" json:"revision_id,omitempty"`

	Labels map[string]string "" /* 154 byte string literal not displayed */

}

func (*CertificateRevocationList) Descriptor() ([]byte, []int)

func (x *CertificateRevocationList) GetAccessUrl() string

func (x *CertificateRevocationList) GetCreateTime() *timestamppb.Timestamp

func (x *CertificateRevocationList) GetLabels() map[string]string

func (x *CertificateRevocationList) GetName() string

func (x *CertificateRevocationList) GetPemCrl() string

func (x *CertificateRevocationList) GetRevisionId() string

func (x *CertificateRevocationList) GetRevokedCertificates() []*CertificateRevocationList_RevokedCertificate

func (x *CertificateRevocationList) GetSequenceNumber() int64

func (x *CertificateRevocationList) GetState() CertificateRevocationList_State

func (x *CertificateRevocationList) GetUpdateTime() *timestamppb.Timestamp

func (*CertificateRevocationList) ProtoMessage()

func (x *CertificateRevocationList) ProtoReflect() protoreflect.Message

func (x *CertificateRevocationList) Reset()

func (x *CertificateRevocationList) String() string

type CertificateRevocationList_RevokedCertificate struct {
	Certificate string `protobuf:"bytes,1,opt,name=certificate,proto3" json:"certificate,omitempty"`

	HexSerialNumber string `protobuf:"bytes,2,opt,name=hex_serial_number,json=hexSerialNumber,proto3" json:"hex_serial_number,omitempty"`

	RevocationReason RevocationReason "" /* 167 byte string literal not displayed */

}

func (*CertificateRevocationList_RevokedCertificate) Descriptor() ([]byte, []int)

func (x *CertificateRevocationList_RevokedCertificate) GetCertificate() string

func (x *CertificateRevocationList_RevokedCertificate) GetHexSerialNumber() string

func (x *CertificateRevocationList_RevokedCertificate) GetRevocationReason() RevocationReason

func (*CertificateRevocationList_RevokedCertificate) ProtoMessage()

func (x *CertificateRevocationList_RevokedCertificate) ProtoReflect() protoreflect.Message

func (x *CertificateRevocationList_RevokedCertificate) Reset()

func (x *CertificateRevocationList_RevokedCertificate) String() string

type CertificateRevocationList_State int32

const (
	// Not specified.
	CertificateRevocationList_STATE_UNSPECIFIED CertificateRevocationList_State = 0
	// The
	// [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList]
	// is up to date.
	CertificateRevocationList_ACTIVE CertificateRevocationList_State = 1
	// The
	// [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList]
	// is no longer current.
	CertificateRevocationList_SUPERSEDED CertificateRevocationList_State = 2
)

func (CertificateRevocationList_State) Descriptor() protoreflect.EnumDescriptor

func (x CertificateRevocationList_State) Enum() *CertificateRevocationList_State

func (CertificateRevocationList_State) EnumDescriptor() ([]byte, []int)

func (x CertificateRevocationList_State) Number() protoreflect.EnumNumber

func (x CertificateRevocationList_State) String() string

func (CertificateRevocationList_State) Type() protoreflect.EnumType

type CertificateTemplate struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	PredefinedValues *X509Parameters `protobuf:"bytes,2,opt,name=predefined_values,json=predefinedValues,proto3" json:"predefined_values,omitempty"`

	IdentityConstraints *CertificateIdentityConstraints `protobuf:"bytes,3,opt,name=identity_constraints,json=identityConstraints,proto3" json:"identity_constraints,omitempty"`

	PassthroughExtensions *CertificateExtensionConstraints `protobuf:"bytes,4,opt,name=passthrough_extensions,json=passthroughExtensions,proto3" json:"passthrough_extensions,omitempty"`

	Description string `protobuf:"bytes,5,opt,name=description,proto3" json:"description,omitempty"`

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	UpdateTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`

	Labels map[string]string "" /* 153 byte string literal not displayed */

}

func (*CertificateTemplate) Descriptor() ([]byte, []int)

func (x *CertificateTemplate) GetCreateTime() *timestamppb.Timestamp

func (x *CertificateTemplate) GetDescription() string

func (x *CertificateTemplate) GetIdentityConstraints() *CertificateIdentityConstraints

func (x *CertificateTemplate) GetLabels() map[string]string

func (x *CertificateTemplate) GetName() string

func (x *CertificateTemplate) GetPassthroughExtensions() *CertificateExtensionConstraints

func (x *CertificateTemplate) GetPredefinedValues() *X509Parameters

func (x *CertificateTemplate) GetUpdateTime() *timestamppb.Timestamp

func (*CertificateTemplate) ProtoMessage()

func (x *CertificateTemplate) ProtoReflect() protoreflect.Message

func (x *CertificateTemplate) Reset()

func (x *CertificateTemplate) String() string

type Certificate_Config struct {
	// Immutable. A description of the certificate and key that does not require
	// X.509 or ASN.1.
	Config *CertificateConfig `protobuf:"bytes,3,opt,name=config,proto3,oneof"`
}

type Certificate_PemCsr struct {
	// Immutable. A pem-encoded X.509 certificate signing request (CSR).
	PemCsr string `protobuf:"bytes,2,opt,name=pem_csr,json=pemCsr,proto3,oneof"`
}

type Certificate_RevocationDetails struct {
	RevocationState RevocationReason "" /* 164 byte string literal not displayed */

	RevocationTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=revocation_time,json=revocationTime,proto3" json:"revocation_time,omitempty"`

}

func (*Certificate_RevocationDetails) Descriptor() ([]byte, []int)

func (x *Certificate_RevocationDetails) GetRevocationState() RevocationReason

func (x *Certificate_RevocationDetails) GetRevocationTime() *timestamppb.Timestamp

func (*Certificate_RevocationDetails) ProtoMessage()

func (x *Certificate_RevocationDetails) ProtoReflect() protoreflect.Message

func (x *Certificate_RevocationDetails) Reset()

func (x *Certificate_RevocationDetails) String() string

type CreateCaPoolRequest struct {

	// Required. The resource name of the location associated with the
	// [CaPool][google.cloud.security.privateca.v1.CaPool], in the format
	// `projects/*/locations/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. It must be unique within a location and match the regular
	// expression `[a-zA-Z0-9_-]{1,63}`
	CaPoolId string `protobuf:"bytes,2,opt,name=ca_pool_id,json=caPoolId,proto3" json:"ca_pool_id,omitempty"`
	// Required. A [CaPool][google.cloud.security.privateca.v1.CaPool] with
	// initial field values.
	CaPool *CaPool `protobuf:"bytes,3,opt,name=ca_pool,json=caPool,proto3" json:"ca_pool,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that
	// if you must retry your request, the server will know to ignore the request
	// if it has already been completed. The server will guarantee that for at
	// least 60 minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and
	// the request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*CreateCaPoolRequest) Descriptor() ([]byte, []int)

func (x *CreateCaPoolRequest) GetCaPool() *CaPool

func (x *CreateCaPoolRequest) GetCaPoolId() string

func (x *CreateCaPoolRequest) GetParent() string

func (x *CreateCaPoolRequest) GetRequestId() string

func (*CreateCaPoolRequest) ProtoMessage()

func (x *CreateCaPoolRequest) ProtoReflect() protoreflect.Message

func (x *CreateCaPoolRequest) Reset()

func (x *CreateCaPoolRequest) String() string

type CreateCertificateAuthorityRequest struct {
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`

	CertificateAuthorityId string "" /* 129 byte string literal not displayed */

	CertificateAuthority *CertificateAuthority `protobuf:"bytes,3,opt,name=certificate_authority,json=certificateAuthority,proto3" json:"certificate_authority,omitempty"`

	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`

}

func (*CreateCertificateAuthorityRequest) Descriptor() ([]byte, []int)

func (x *CreateCertificateAuthorityRequest) GetCertificateAuthority() *CertificateAuthority

func (x *CreateCertificateAuthorityRequest) GetCertificateAuthorityId() string

func (x *CreateCertificateAuthorityRequest) GetParent() string

func (x *CreateCertificateAuthorityRequest) GetRequestId() string

func (*CreateCertificateAuthorityRequest) ProtoMessage()

func (x *CreateCertificateAuthorityRequest) ProtoReflect() protoreflect.Message

func (x *CreateCertificateAuthorityRequest) Reset()

func (x *CreateCertificateAuthorityRequest) String() string

type CreateCertificateRequest struct {
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`

	CertificateId string `protobuf:"bytes,2,opt,name=certificate_id,json=certificateId,proto3" json:"certificate_id,omitempty"`

	Certificate *Certificate `protobuf:"bytes,3,opt,name=certificate,proto3" json:"certificate,omitempty"`

	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`

	ValidateOnly bool `protobuf:"varint,5,opt,name=validate_only,json=validateOnly,proto3" json:"validate_only,omitempty"`

	IssuingCertificateAuthorityId string "" /* 152 byte string literal not displayed */

}

func (*CreateCertificateRequest) Descriptor() ([]byte, []int)

func (x *CreateCertificateRequest) GetCertificate() *Certificate

func (x *CreateCertificateRequest) GetCertificateId() string

func (x *CreateCertificateRequest) GetIssuingCertificateAuthorityId() string

func (x *CreateCertificateRequest) GetParent() string

func (x *CreateCertificateRequest) GetRequestId() string

func (x *CreateCertificateRequest) GetValidateOnly() bool

func (*CreateCertificateRequest) ProtoMessage()

func (x *CreateCertificateRequest) ProtoReflect() protoreflect.Message

func (x *CreateCertificateRequest) Reset()

func (x *CreateCertificateRequest) String() string

type CreateCertificateTemplateRequest struct {

	// Required. The resource name of the location associated with the
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate],
	// in the format `projects/*/locations/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. It must be unique within a location and match the regular
	// expression `[a-zA-Z0-9_-]{1,63}`
	CertificateTemplateId string `protobuf:"bytes,2,opt,name=certificate_template_id,json=certificateTemplateId,proto3" json:"certificate_template_id,omitempty"`
	// Required. A
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
	// with initial field values.
	CertificateTemplate *CertificateTemplate `protobuf:"bytes,3,opt,name=certificate_template,json=certificateTemplate,proto3" json:"certificate_template,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that
	// if you must retry your request, the server will know to ignore the request
	// if it has already been completed. The server will guarantee that for at
	// least 60 minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and
	// the request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*CreateCertificateTemplateRequest) Descriptor() ([]byte, []int)

func (x *CreateCertificateTemplateRequest) GetCertificateTemplate() *CertificateTemplate

func (x *CreateCertificateTemplateRequest) GetCertificateTemplateId() string

func (x *CreateCertificateTemplateRequest) GetParent() string

func (x *CreateCertificateTemplateRequest) GetRequestId() string

func (*CreateCertificateTemplateRequest) ProtoMessage()

func (x *CreateCertificateTemplateRequest) ProtoReflect() protoreflect.Message

func (x *CreateCertificateTemplateRequest) Reset()

func (x *CreateCertificateTemplateRequest) String() string

type DeleteCaPoolRequest struct {

	// Required. The resource name for this
	// [CaPool][google.cloud.security.privateca.v1.CaPool] in the format
	// `projects/*/locations/*/caPools/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that
	// if you must retry your request, the server will know to ignore the request
	// if it has already been completed. The server will guarantee that for at
	// least 60 minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and
	// the request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*DeleteCaPoolRequest) Descriptor() ([]byte, []int)

func (x *DeleteCaPoolRequest) GetName() string

func (x *DeleteCaPoolRequest) GetRequestId() string

func (*DeleteCaPoolRequest) ProtoMessage()

func (x *DeleteCaPoolRequest) ProtoReflect() protoreflect.Message

func (x *DeleteCaPoolRequest) Reset()

func (x *DeleteCaPoolRequest) String() string

type DeleteCertificateAuthorityRequest struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`

	IgnoreActiveCertificates bool "" /* 136 byte string literal not displayed */

	SkipGracePeriod bool `protobuf:"varint,5,opt,name=skip_grace_period,json=skipGracePeriod,proto3" json:"skip_grace_period,omitempty"`

}

func (*DeleteCertificateAuthorityRequest) Descriptor() ([]byte, []int)

func (x *DeleteCertificateAuthorityRequest) GetIgnoreActiveCertificates() bool

func (x *DeleteCertificateAuthorityRequest) GetName() string

func (x *DeleteCertificateAuthorityRequest) GetRequestId() string

func (x *DeleteCertificateAuthorityRequest) GetSkipGracePeriod() bool

func (*DeleteCertificateAuthorityRequest) ProtoMessage()

func (x *DeleteCertificateAuthorityRequest) ProtoReflect() protoreflect.Message

func (x *DeleteCertificateAuthorityRequest) Reset()

func (x *DeleteCertificateAuthorityRequest) String() string

type DeleteCertificateTemplateRequest struct {

	// Required. The resource name for this
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
	// in the format `projects/*/locations/*/certificateTemplates/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that
	// if you must retry your request, the server will know to ignore the request
	// if it has already been completed. The server will guarantee that for at
	// least 60 minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and
	// the request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*DeleteCertificateTemplateRequest) Descriptor() ([]byte, []int)

func (x *DeleteCertificateTemplateRequest) GetName() string

func (x *DeleteCertificateTemplateRequest) GetRequestId() string

func (*DeleteCertificateTemplateRequest) ProtoMessage()

func (x *DeleteCertificateTemplateRequest) ProtoReflect() protoreflect.Message

func (x *DeleteCertificateTemplateRequest) Reset()

func (x *DeleteCertificateTemplateRequest) String() string

type DisableCertificateAuthorityRequest struct {

	// Required. The resource name for this
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that
	// if you must retry your request, the server will know to ignore the request
	// if it has already been completed. The server will guarantee that for at
	// least 60 minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and
	// the request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*DisableCertificateAuthorityRequest) Descriptor() ([]byte, []int)

func (x *DisableCertificateAuthorityRequest) GetName() string

func (x *DisableCertificateAuthorityRequest) GetRequestId() string

func (*DisableCertificateAuthorityRequest) ProtoMessage()

func (x *DisableCertificateAuthorityRequest) ProtoReflect() protoreflect.Message

func (x *DisableCertificateAuthorityRequest) Reset()

func (x *DisableCertificateAuthorityRequest) String() string

type EnableCertificateAuthorityRequest struct {

	// Required. The resource name for this
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that
	// if you must retry your request, the server will know to ignore the request
	// if it has already been completed. The server will guarantee that for at
	// least 60 minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and
	// the request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*EnableCertificateAuthorityRequest) Descriptor() ([]byte, []int)

func (x *EnableCertificateAuthorityRequest) GetName() string

func (x *EnableCertificateAuthorityRequest) GetRequestId() string

func (*EnableCertificateAuthorityRequest) ProtoMessage()

func (x *EnableCertificateAuthorityRequest) ProtoReflect() protoreflect.Message

func (x *EnableCertificateAuthorityRequest) Reset()

func (x *EnableCertificateAuthorityRequest) String() string

type FetchCaCertsRequest struct {

	// Required. The resource name for the
	// [CaPool][google.cloud.security.privateca.v1.CaPool] in the format
	// `projects/*/locations/*/caPools/*`.
	CaPool string `protobuf:"bytes,1,opt,name=ca_pool,json=caPool,proto3" json:"ca_pool,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that
	// if you must retry your request, the server will know to ignore the request
	// if it has already been completed. The server will guarantee that for at
	// least 60 minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and
	// the request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*FetchCaCertsRequest) Descriptor() ([]byte, []int)

func (x *FetchCaCertsRequest) GetCaPool() string

func (x *FetchCaCertsRequest) GetRequestId() string

func (*FetchCaCertsRequest) ProtoMessage()

func (x *FetchCaCertsRequest) ProtoReflect() protoreflect.Message

func (x *FetchCaCertsRequest) Reset()

func (x *FetchCaCertsRequest) String() string

type FetchCaCertsResponse struct {

	// The PEM encoded CA certificate chains of all
	// [ACTIVE][CertificateAuthority.State.ACTIVE]
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// resources in this [CaPool][google.cloud.security.privateca.v1.CaPool].
	CaCerts []*FetchCaCertsResponse_CertChain `protobuf:"bytes,1,rep,name=ca_certs,json=caCerts,proto3" json:"ca_certs,omitempty"`
	// contains filtered or unexported fields
}

func (*FetchCaCertsResponse) Descriptor() ([]byte, []int)

func (x *FetchCaCertsResponse) GetCaCerts() []*FetchCaCertsResponse_CertChain

func (*FetchCaCertsResponse) ProtoMessage()

func (x *FetchCaCertsResponse) ProtoReflect() protoreflect.Message

func (x *FetchCaCertsResponse) Reset()

func (x *FetchCaCertsResponse) String() string

type FetchCaCertsResponse_CertChain struct {

	// The certificates that form the CA chain, from leaf to root order.
	Certificates []string `protobuf:"bytes,1,rep,name=certificates,proto3" json:"certificates,omitempty"`
	// contains filtered or unexported fields
}

func (*FetchCaCertsResponse_CertChain) Descriptor() ([]byte, []int)

func (x *FetchCaCertsResponse_CertChain) GetCertificates() []string

func (*FetchCaCertsResponse_CertChain) ProtoMessage()

func (x *FetchCaCertsResponse_CertChain) ProtoReflect() protoreflect.Message

func (x *FetchCaCertsResponse_CertChain) Reset()

func (x *FetchCaCertsResponse_CertChain) String() string

type FetchCertificateAuthorityCsrRequest struct {

	// Required. The resource name for this
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*FetchCertificateAuthorityCsrRequest) Descriptor() ([]byte, []int)

func (x *FetchCertificateAuthorityCsrRequest) GetName() string

func (*FetchCertificateAuthorityCsrRequest) ProtoMessage()

func (x *FetchCertificateAuthorityCsrRequest) ProtoReflect() protoreflect.Message

func (x *FetchCertificateAuthorityCsrRequest) Reset()

func (x *FetchCertificateAuthorityCsrRequest) String() string

type FetchCertificateAuthorityCsrResponse struct {

	// Output only. The PEM-encoded signed certificate signing request (CSR).
	PemCsr string `protobuf:"bytes,1,opt,name=pem_csr,json=pemCsr,proto3" json:"pem_csr,omitempty"`
	// contains filtered or unexported fields
}

func (*FetchCertificateAuthorityCsrResponse) Descriptor() ([]byte, []int)

func (x *FetchCertificateAuthorityCsrResponse) GetPemCsr() string

func (*FetchCertificateAuthorityCsrResponse) ProtoMessage()

func (x *FetchCertificateAuthorityCsrResponse) ProtoReflect() protoreflect.Message

func (x *FetchCertificateAuthorityCsrResponse) Reset()

func (x *FetchCertificateAuthorityCsrResponse) String() string

type GetCaPoolRequest struct {

	// Required. The [name][google.cloud.security.privateca.v1.CaPool.name] of the
	// [CaPool][google.cloud.security.privateca.v1.CaPool] to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*GetCaPoolRequest) Descriptor() ([]byte, []int)

func (x *GetCaPoolRequest) GetName() string

func (*GetCaPoolRequest) ProtoMessage()

func (x *GetCaPoolRequest) ProtoReflect() protoreflect.Message

func (x *GetCaPoolRequest) Reset()

func (x *GetCaPoolRequest) String() string

type GetCertificateAuthorityRequest struct {

	// Required. The
	// [name][google.cloud.security.privateca.v1.CertificateAuthority.name] of the
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*GetCertificateAuthorityRequest) Descriptor() ([]byte, []int)

func (x *GetCertificateAuthorityRequest) GetName() string

func (*GetCertificateAuthorityRequest) ProtoMessage()

func (x *GetCertificateAuthorityRequest) ProtoReflect() protoreflect.Message

func (x *GetCertificateAuthorityRequest) Reset()

func (x *GetCertificateAuthorityRequest) String() string

type GetCertificateRequest struct {

	// Required. The [name][google.cloud.security.privateca.v1.Certificate.name]
	// of the [Certificate][google.cloud.security.privateca.v1.Certificate] to
	// get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*GetCertificateRequest) Descriptor() ([]byte, []int)

func (x *GetCertificateRequest) GetName() string

func (*GetCertificateRequest) ProtoMessage()

func (x *GetCertificateRequest) ProtoReflect() protoreflect.Message

func (x *GetCertificateRequest) Reset()

func (x *GetCertificateRequest) String() string

type GetCertificateRevocationListRequest struct {

	// Required. The
	// [name][google.cloud.security.privateca.v1.CertificateRevocationList.name]
	// of the
	// [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList]
	// to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*GetCertificateRevocationListRequest) Descriptor() ([]byte, []int)

func (x *GetCertificateRevocationListRequest) GetName() string

func (*GetCertificateRevocationListRequest) ProtoMessage()

func (x *GetCertificateRevocationListRequest) ProtoReflect() protoreflect.Message

func (x *GetCertificateRevocationListRequest) Reset()

func (x *GetCertificateRevocationListRequest) String() string

type GetCertificateTemplateRequest struct {

	// Required. The
	// [name][google.cloud.security.privateca.v1.CertificateTemplate.name] of the
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
	// to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*GetCertificateTemplateRequest) Descriptor() ([]byte, []int)

func (x *GetCertificateTemplateRequest) GetName() string

func (*GetCertificateTemplateRequest) ProtoMessage()

func (x *GetCertificateTemplateRequest) ProtoReflect() protoreflect.Message

func (x *GetCertificateTemplateRequest) Reset()

func (x *GetCertificateTemplateRequest) String() string

type KeyUsage struct {
	BaseKeyUsage *KeyUsage_KeyUsageOptions `protobuf:"bytes,1,opt,name=base_key_usage,json=baseKeyUsage,proto3" json:"base_key_usage,omitempty"`

	ExtendedKeyUsage *KeyUsage_ExtendedKeyUsageOptions `protobuf:"bytes,2,opt,name=extended_key_usage,json=extendedKeyUsage,proto3" json:"extended_key_usage,omitempty"`

	UnknownExtendedKeyUsages []*ObjectId "" /* 137 byte string literal not displayed */

}

func (*KeyUsage) Descriptor() ([]byte, []int)

func (x *KeyUsage) GetBaseKeyUsage() *KeyUsage_KeyUsageOptions

func (x *KeyUsage) GetExtendedKeyUsage() *KeyUsage_ExtendedKeyUsageOptions

func (x *KeyUsage) GetUnknownExtendedKeyUsages() []*ObjectId

func (*KeyUsage) ProtoMessage()

func (x *KeyUsage) ProtoReflect() protoreflect.Message

func (x *KeyUsage) Reset()

func (x *KeyUsage) String() string

type KeyUsage_ExtendedKeyUsageOptions struct {

	// Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW
	// server authentication", though regularly used for non-WWW TLS.
	ServerAuth bool `protobuf:"varint,1,opt,name=server_auth,json=serverAuth,proto3" json:"server_auth,omitempty"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW
	// client authentication", though regularly used for non-WWW TLS.
	ClientAuth bool `protobuf:"varint,2,opt,name=client_auth,json=clientAuth,proto3" json:"client_auth,omitempty"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of
	// downloadable executable code client authentication".
	CodeSigning bool `protobuf:"varint,3,opt,name=code_signing,json=codeSigning,proto3" json:"code_signing,omitempty"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email
	// protection".
	EmailProtection bool `protobuf:"varint,4,opt,name=email_protection,json=emailProtection,proto3" json:"email_protection,omitempty"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding
	// the hash of an object to a time".
	TimeStamping bool `protobuf:"varint,5,opt,name=time_stamping,json=timeStamping,proto3" json:"time_stamping,omitempty"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing
	// OCSP responses".
	OcspSigning bool `protobuf:"varint,6,opt,name=ocsp_signing,json=ocspSigning,proto3" json:"ocsp_signing,omitempty"`
	// contains filtered or unexported fields
}

func (*KeyUsage_ExtendedKeyUsageOptions) Descriptor() ([]byte, []int)

func (x *KeyUsage_ExtendedKeyUsageOptions) GetClientAuth() bool

func (x *KeyUsage_ExtendedKeyUsageOptions) GetCodeSigning() bool

func (x *KeyUsage_ExtendedKeyUsageOptions) GetEmailProtection() bool

func (x *KeyUsage_ExtendedKeyUsageOptions) GetOcspSigning() bool

func (x *KeyUsage_ExtendedKeyUsageOptions) GetServerAuth() bool

func (x *KeyUsage_ExtendedKeyUsageOptions) GetTimeStamping() bool

func (*KeyUsage_ExtendedKeyUsageOptions) ProtoMessage()

func (x *KeyUsage_ExtendedKeyUsageOptions) ProtoReflect() protoreflect.Message

func (x *KeyUsage_ExtendedKeyUsageOptions) Reset()

func (x *KeyUsage_ExtendedKeyUsageOptions) String() string

type KeyUsage_KeyUsageOptions struct {

	// The key may be used for digital signatures.
	DigitalSignature bool `protobuf:"varint,1,opt,name=digital_signature,json=digitalSignature,proto3" json:"digital_signature,omitempty"`
	// The key may be used for cryptographic commitments. Note that this may
	// also be referred to as "non-repudiation".
	ContentCommitment bool `protobuf:"varint,2,opt,name=content_commitment,json=contentCommitment,proto3" json:"content_commitment,omitempty"`
	// The key may be used to encipher other keys.
	KeyEncipherment bool `protobuf:"varint,3,opt,name=key_encipherment,json=keyEncipherment,proto3" json:"key_encipherment,omitempty"`
	// The key may be used to encipher data.
	DataEncipherment bool `protobuf:"varint,4,opt,name=data_encipherment,json=dataEncipherment,proto3" json:"data_encipherment,omitempty"`
	// The key may be used in a key agreement protocol.
	KeyAgreement bool `protobuf:"varint,5,opt,name=key_agreement,json=keyAgreement,proto3" json:"key_agreement,omitempty"`
	// The key may be used to sign certificates.
	CertSign bool `protobuf:"varint,6,opt,name=cert_sign,json=certSign,proto3" json:"cert_sign,omitempty"`
	// The key may be used sign certificate revocation lists.
	CrlSign bool `protobuf:"varint,7,opt,name=crl_sign,json=crlSign,proto3" json:"crl_sign,omitempty"`
	// The key may be used to encipher only.
	EncipherOnly bool `protobuf:"varint,8,opt,name=encipher_only,json=encipherOnly,proto3" json:"encipher_only,omitempty"`
	// The key may be used to decipher only.
	DecipherOnly bool `protobuf:"varint,9,opt,name=decipher_only,json=decipherOnly,proto3" json:"decipher_only,omitempty"`
	// contains filtered or unexported fields
}

func (*KeyUsage_KeyUsageOptions) Descriptor() ([]byte, []int)

func (x *KeyUsage_KeyUsageOptions) GetCertSign() bool

func (x *KeyUsage_KeyUsageOptions) GetContentCommitment() bool

func (x *KeyUsage_KeyUsageOptions) GetCrlSign() bool

func (x *KeyUsage_KeyUsageOptions) GetDataEncipherment() bool

func (x *KeyUsage_KeyUsageOptions) GetDecipherOnly() bool

func (x *KeyUsage_KeyUsageOptions) GetDigitalSignature() bool

func (x *KeyUsage_KeyUsageOptions) GetEncipherOnly() bool

func (x *KeyUsage_KeyUsageOptions) GetKeyAgreement() bool

func (x *KeyUsage_KeyUsageOptions) GetKeyEncipherment() bool

func (*KeyUsage_KeyUsageOptions) ProtoMessage()

func (x *KeyUsage_KeyUsageOptions) ProtoReflect() protoreflect.Message

func (x *KeyUsage_KeyUsageOptions) Reset()

func (x *KeyUsage_KeyUsageOptions) String() string

type ListCaPoolsRequest struct {

	// Required. The resource name of the location associated with the
	// [CaPools][google.cloud.security.privateca.v1.CaPool], in the format
	// `projects/*/locations/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. Limit on the number of
	// [CaPools][google.cloud.security.privateca.v1.CaPool] to include in the
	// response. Further [CaPools][google.cloud.security.privateca.v1.CaPool] can
	// subsequently be obtained by including the
	// [ListCaPoolsResponse.next_page_token][google.cloud.security.privateca.v1.ListCaPoolsResponse.next_page_token]
	// in a subsequent request. If unspecified, the server will pick an
	// appropriate default.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. Pagination token, returned earlier via
	// [ListCaPoolsResponse.next_page_token][google.cloud.security.privateca.v1.ListCaPoolsResponse.next_page_token].
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// Optional. Only include resources that match the filter in the response.
	Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
	// Optional. Specify how the results should be sorted.
	OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
	// contains filtered or unexported fields
}

func (*ListCaPoolsRequest) Descriptor() ([]byte, []int)

func (x *ListCaPoolsRequest) GetFilter() string

func (x *ListCaPoolsRequest) GetOrderBy() string

func (x *ListCaPoolsRequest) GetPageSize() int32

func (x *ListCaPoolsRequest) GetPageToken() string

func (x *ListCaPoolsRequest) GetParent() string

func (*ListCaPoolsRequest) ProtoMessage()

func (x *ListCaPoolsRequest) ProtoReflect() protoreflect.Message

func (x *ListCaPoolsRequest) Reset()

func (x *ListCaPoolsRequest) String() string

type ListCaPoolsResponse struct {

	// The list of [CaPools][google.cloud.security.privateca.v1.CaPool].
	CaPools []*CaPool `protobuf:"bytes,1,rep,name=ca_pools,json=caPools,proto3" json:"ca_pools,omitempty"`
	// A token to retrieve next page of results. Pass this value in
	// [ListCertificateAuthoritiesRequest.next_page_token][] to retrieve the next
	// page of results.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// A list of locations (e.g. "us-west1") that could not be reached.
	Unreachable []string `protobuf:"bytes,3,rep,name=unreachable,proto3" json:"unreachable,omitempty"`
	// contains filtered or unexported fields
}

func (*ListCaPoolsResponse) Descriptor() ([]byte, []int)

func (x *ListCaPoolsResponse) GetCaPools() []*CaPool

func (x *ListCaPoolsResponse) GetNextPageToken() string

func (x *ListCaPoolsResponse) GetUnreachable() []string

func (*ListCaPoolsResponse) ProtoMessage()

func (x *ListCaPoolsResponse) ProtoReflect() protoreflect.Message

func (x *ListCaPoolsResponse) Reset()

func (x *ListCaPoolsResponse) String() string

type ListCertificateAuthoritiesRequest struct {

	// Required. The resource name of the
	// [CaPool][google.cloud.security.privateca.v1.CaPool] associated with the
	// [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority],
	// in the format `projects/*/locations/*/caPools/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. Limit on the number of
	// [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority]
	// to include in the response. Further
	// [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority]
	// can subsequently be obtained by including the
	// [ListCertificateAuthoritiesResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateAuthoritiesResponse.next_page_token]
	// in a subsequent request. If unspecified, the server will pick an
	// appropriate default.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. Pagination token, returned earlier via
	// [ListCertificateAuthoritiesResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateAuthoritiesResponse.next_page_token].
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// Optional. Only include resources that match the filter in the response.
	Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
	// Optional. Specify how the results should be sorted.
	OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
	// contains filtered or unexported fields
}

func (*ListCertificateAuthoritiesRequest) Descriptor() ([]byte, []int)

func (x *ListCertificateAuthoritiesRequest) GetFilter() string

func (x *ListCertificateAuthoritiesRequest) GetOrderBy() string

func (x *ListCertificateAuthoritiesRequest) GetPageSize() int32

func (x *ListCertificateAuthoritiesRequest) GetPageToken() string

func (x *ListCertificateAuthoritiesRequest) GetParent() string

func (*ListCertificateAuthoritiesRequest) ProtoMessage()

func (x *ListCertificateAuthoritiesRequest) ProtoReflect() protoreflect.Message

func (x *ListCertificateAuthoritiesRequest) Reset()

func (x *ListCertificateAuthoritiesRequest) String() string

type ListCertificateAuthoritiesResponse struct {
	CertificateAuthorities []*CertificateAuthority "" /* 127 byte string literal not displayed */

	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`

	Unreachable []string `protobuf:"bytes,3,rep,name=unreachable,proto3" json:"unreachable,omitempty"`

}

func (*ListCertificateAuthoritiesResponse) Descriptor() ([]byte, []int)

func (x *ListCertificateAuthoritiesResponse) GetCertificateAuthorities() []*CertificateAuthority

func (x *ListCertificateAuthoritiesResponse) GetNextPageToken() string

func (x *ListCertificateAuthoritiesResponse) GetUnreachable() []string

func (*ListCertificateAuthoritiesResponse) ProtoMessage()

func (x *ListCertificateAuthoritiesResponse) ProtoReflect() protoreflect.Message

func (x *ListCertificateAuthoritiesResponse) Reset()

func (x *ListCertificateAuthoritiesResponse) String() string

type ListCertificateRevocationListsRequest struct {

	// Required. The resource name of the location associated with the
	// [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList],
	// in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. Limit on the number of
	// [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList]
	// to include in the response. Further
	// [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList]
	// can subsequently be obtained by including the
	// [ListCertificateRevocationListsResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateRevocationListsResponse.next_page_token]
	// in a subsequent request. If unspecified, the server will pick an
	// appropriate default.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. Pagination token, returned earlier via
	// [ListCertificateRevocationListsResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateRevocationListsResponse.next_page_token].
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// Optional. Only include resources that match the filter in the response.
	Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
	// Optional. Specify how the results should be sorted.
	OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
	// contains filtered or unexported fields
}

func (*ListCertificateRevocationListsRequest) Descriptor() ([]byte, []int)

func (x *ListCertificateRevocationListsRequest) GetFilter() string

func (x *ListCertificateRevocationListsRequest) GetOrderBy() string

func (x *ListCertificateRevocationListsRequest) GetPageSize() int32

func (x *ListCertificateRevocationListsRequest) GetPageToken() string

func (x *ListCertificateRevocationListsRequest) GetParent() string

func (*ListCertificateRevocationListsRequest) ProtoMessage()

func (x *ListCertificateRevocationListsRequest) ProtoReflect() protoreflect.Message

func (x *ListCertificateRevocationListsRequest) Reset()

func (x *ListCertificateRevocationListsRequest) String() string

type ListCertificateRevocationListsResponse struct {
	CertificateRevocationLists []*CertificateRevocationList "" /* 141 byte string literal not displayed */

	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`

	Unreachable []string `protobuf:"bytes,3,rep,name=unreachable,proto3" json:"unreachable,omitempty"`

}

func (*ListCertificateRevocationListsResponse) Descriptor() ([]byte, []int)

func (x *ListCertificateRevocationListsResponse) GetCertificateRevocationLists() []*CertificateRevocationList

func (x *ListCertificateRevocationListsResponse) GetNextPageToken() string

func (x *ListCertificateRevocationListsResponse) GetUnreachable() []string

func (*ListCertificateRevocationListsResponse) ProtoMessage()

func (x *ListCertificateRevocationListsResponse) ProtoReflect() protoreflect.Message

func (x *ListCertificateRevocationListsResponse) Reset()

func (x *ListCertificateRevocationListsResponse) String() string

type ListCertificateTemplatesRequest struct {

	// Required. The resource name of the location associated with the
	// [CertificateTemplates][google.cloud.security.privateca.v1.CertificateTemplate],
	// in the format `projects/*/locations/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. Limit on the number of
	// [CertificateTemplates][google.cloud.security.privateca.v1.CertificateTemplate]
	// to include in the response. Further
	// [CertificateTemplates][google.cloud.security.privateca.v1.CertificateTemplate]
	// can subsequently be obtained by including the
	// [ListCertificateTemplatesResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateTemplatesResponse.next_page_token]
	// in a subsequent request. If unspecified, the server will pick an
	// appropriate default.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. Pagination token, returned earlier via
	// [ListCertificateTemplatesResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateTemplatesResponse.next_page_token].
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// Optional. Only include resources that match the filter in the response.
	Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
	// Optional. Specify how the results should be sorted.
	OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
	// contains filtered or unexported fields
}

func (*ListCertificateTemplatesRequest) Descriptor() ([]byte, []int)

func (x *ListCertificateTemplatesRequest) GetFilter() string

func (x *ListCertificateTemplatesRequest) GetOrderBy() string

func (x *ListCertificateTemplatesRequest) GetPageSize() int32

func (x *ListCertificateTemplatesRequest) GetPageToken() string

func (x *ListCertificateTemplatesRequest) GetParent() string

func (*ListCertificateTemplatesRequest) ProtoMessage()

func (x *ListCertificateTemplatesRequest) ProtoReflect() protoreflect.Message

func (x *ListCertificateTemplatesRequest) Reset()

func (x *ListCertificateTemplatesRequest) String() string

type ListCertificateTemplatesResponse struct {

	// The list of
	// [CertificateTemplates][google.cloud.security.privateca.v1.CertificateTemplate].
	CertificateTemplates []*CertificateTemplate `protobuf:"bytes,1,rep,name=certificate_templates,json=certificateTemplates,proto3" json:"certificate_templates,omitempty"`
	// A token to retrieve next page of results. Pass this value in
	// [ListCertificateTemplatesRequest.next_page_token][] to retrieve
	// the next page of results.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// A list of locations (e.g. "us-west1") that could not be reached.
	Unreachable []string `protobuf:"bytes,3,rep,name=unreachable,proto3" json:"unreachable,omitempty"`
	// contains filtered or unexported fields
}

func (*ListCertificateTemplatesResponse) Descriptor() ([]byte, []int)

func (x *ListCertificateTemplatesResponse) GetCertificateTemplates() []*CertificateTemplate

func (x *ListCertificateTemplatesResponse) GetNextPageToken() string

func (x *ListCertificateTemplatesResponse) GetUnreachable() []string

func (*ListCertificateTemplatesResponse) ProtoMessage()

func (x *ListCertificateTemplatesResponse) ProtoReflect() protoreflect.Message

func (x *ListCertificateTemplatesResponse) Reset()

func (x *ListCertificateTemplatesResponse) String() string

type ListCertificatesRequest struct {

	// Required. The resource name of the location associated with the
	// [Certificates][google.cloud.security.privateca.v1.Certificate], in the
	// format `projects/*/locations/*/caPools/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. Limit on the number of
	// [Certificates][google.cloud.security.privateca.v1.Certificate] to include
	// in the response. Further
	// [Certificates][google.cloud.security.privateca.v1.Certificate] can
	// subsequently be obtained by including the
	// [ListCertificatesResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificatesResponse.next_page_token]
	// in a subsequent request. If unspecified, the server will pick an
	// appropriate default.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. Pagination token, returned earlier via
	// [ListCertificatesResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificatesResponse.next_page_token].
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// Optional. Only include resources that match the filter in the response. For
	// details on supported filters and syntax, see [Certificates Filtering
	// documentation](https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#filtering_support).
	Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
	// Optional. Specify how the results should be sorted. For details on
	// supported fields and syntax, see [Certificates Sorting
	// documentation](https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#sorting_support).
	OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
	// contains filtered or unexported fields
}

func (*ListCertificatesRequest) Descriptor() ([]byte, []int)

func (x *ListCertificatesRequest) GetFilter() string

func (x *ListCertificatesRequest) GetOrderBy() string

func (x *ListCertificatesRequest) GetPageSize() int32

func (x *ListCertificatesRequest) GetPageToken() string

func (x *ListCertificatesRequest) GetParent() string

func (*ListCertificatesRequest) ProtoMessage()

func (x *ListCertificatesRequest) ProtoReflect() protoreflect.Message

func (x *ListCertificatesRequest) Reset()

func (x *ListCertificatesRequest) String() string

type ListCertificatesResponse struct {

	// The list of [Certificates][google.cloud.security.privateca.v1.Certificate].
	Certificates []*Certificate `protobuf:"bytes,1,rep,name=certificates,proto3" json:"certificates,omitempty"`
	// A token to retrieve next page of results. Pass this value in
	// [ListCertificatesRequest.next_page_token][] to retrieve the
	// next page of results.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// A list of locations (e.g. "us-west1") that could not be reached.
	Unreachable []string `protobuf:"bytes,3,rep,name=unreachable,proto3" json:"unreachable,omitempty"`
	// contains filtered or unexported fields
}

func (*ListCertificatesResponse) Descriptor() ([]byte, []int)

func (x *ListCertificatesResponse) GetCertificates() []*Certificate

func (x *ListCertificatesResponse) GetNextPageToken() string

func (x *ListCertificatesResponse) GetUnreachable() []string

func (*ListCertificatesResponse) ProtoMessage()

func (x *ListCertificatesResponse) ProtoReflect() protoreflect.Message

func (x *ListCertificatesResponse) Reset()

func (x *ListCertificatesResponse) String() string

type ObjectId struct {

	// Required. The parts of an OID path. The most significant parts of the path
	// come first.
	ObjectIdPath []int32 `protobuf:"varint,1,rep,packed,name=object_id_path,json=objectIdPath,proto3" json:"object_id_path,omitempty"`
	// contains filtered or unexported fields
}

func (*ObjectId) Descriptor() ([]byte, []int)

func (x *ObjectId) GetObjectIdPath() []int32

func (*ObjectId) ProtoMessage()

func (x *ObjectId) ProtoReflect() protoreflect.Message

func (x *ObjectId) Reset()

func (x *ObjectId) String() string

type OperationMetadata struct {

	// Output only. The time the operation was created.
	CreateTime *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
	// Output only. The time the operation finished running.
	EndTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=end_time,json=endTime,proto3" json:"end_time,omitempty"`
	// Output only. Server-defined resource path for the target of the operation.
	Target string `protobuf:"bytes,3,opt,name=target,proto3" json:"target,omitempty"`
	// Output only. Name of the verb executed by the operation.
	Verb string `protobuf:"bytes,4,opt,name=verb,proto3" json:"verb,omitempty"`
	// Output only. Human-readable status of the operation, if any.
	StatusMessage string `protobuf:"bytes,5,opt,name=status_message,json=statusMessage,proto3" json:"status_message,omitempty"`
	// Output only. Identifies whether the user has requested cancellation
	// of the operation. Operations that have successfully been cancelled
	// have [Operation.error][] value with a
	// [google.rpc.Status.code][google.rpc.Status.code] of 1, corresponding to
	// `Code.CANCELLED`.
	RequestedCancellation bool `protobuf:"varint,6,opt,name=requested_cancellation,json=requestedCancellation,proto3" json:"requested_cancellation,omitempty"`
	// Output only. API version used to start the operation.
	ApiVersion string `protobuf:"bytes,7,opt,name=api_version,json=apiVersion,proto3" json:"api_version,omitempty"`
	// contains filtered or unexported fields
}

func (*OperationMetadata) Descriptor() ([]byte, []int)

func (x *OperationMetadata) GetApiVersion() string

func (x *OperationMetadata) GetCreateTime() *timestamppb.Timestamp

func (x *OperationMetadata) GetEndTime() *timestamppb.Timestamp

func (x *OperationMetadata) GetRequestedCancellation() bool

func (x *OperationMetadata) GetStatusMessage() string

func (x *OperationMetadata) GetTarget() string

func (x *OperationMetadata) GetVerb() string

func (*OperationMetadata) ProtoMessage()

func (x *OperationMetadata) ProtoReflect() protoreflect.Message

func (x *OperationMetadata) Reset()

func (x *OperationMetadata) String() string

type PublicKey struct {

	// Required. A public key. The padding and encoding
	// must match with the `KeyFormat` value specified for the `format` field.
	Key []byte `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
	// Required. The format of the public key.
	Format PublicKey_KeyFormat `protobuf:"varint,2,opt,name=format,proto3,enum=google.cloud.security.privateca.v1.PublicKey_KeyFormat" json:"format,omitempty"`
	// contains filtered or unexported fields
}

func (*PublicKey) Descriptor() ([]byte, []int)

func (x *PublicKey) GetFormat() PublicKey_KeyFormat

func (x *PublicKey) GetKey() []byte

func (*PublicKey) ProtoMessage()

func (x *PublicKey) ProtoReflect() protoreflect.Message

func (x *PublicKey) Reset()

func (x *PublicKey) String() string

type PublicKey_KeyFormat int32

const (
	// Default unspecified value.
	PublicKey_KEY_FORMAT_UNSPECIFIED PublicKey_KeyFormat = 0
	// The key is PEM-encoded as defined in [RFC
	// 7468](https://tools.ietf.org/html/rfc7468). It can be any of the
	// following: a PEM-encoded PKCS#1/RFC 3447 RSAPublicKey
	// structure, an RFC 5280
	// [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1)
	// or a PEM-encoded X.509 certificate signing request (CSR). If a
	// [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1)
	// is specified, it can contain a A PEM-encoded PKCS#1/RFC 3447 RSAPublicKey
	// or a NIST P-256/secp256r1/prime256v1 or P-384 key. If a CSR is specified,
	// it will used solely for the purpose of extracting the public key. When
	// generated by the service, it will always be an RFC 5280
	// [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1)
	// structure containing an algorithm identifier and a key.
	PublicKey_PEM PublicKey_KeyFormat = 1
)

func (PublicKey_KeyFormat) Descriptor() protoreflect.EnumDescriptor

func (x PublicKey_KeyFormat) Enum() *PublicKey_KeyFormat

func (PublicKey_KeyFormat) EnumDescriptor() ([]byte, []int)

func (x PublicKey_KeyFormat) Number() protoreflect.EnumNumber

func (x PublicKey_KeyFormat) String() string

func (PublicKey_KeyFormat) Type() protoreflect.EnumType

type RevocationReason int32

const (
	// Default unspecified value. This value does indicate that a
	// [Certificate][google.cloud.security.privateca.v1.Certificate] has been
	// revoked, but that a reason has not been recorded.
	RevocationReason_REVOCATION_REASON_UNSPECIFIED RevocationReason = 0
	// Key material for this
	// [Certificate][google.cloud.security.privateca.v1.Certificate] may have
	// leaked.
	RevocationReason_KEY_COMPROMISE RevocationReason = 1
	// The key material for a certificate authority in the issuing path may have
	// leaked.
	RevocationReason_CERTIFICATE_AUTHORITY_COMPROMISE RevocationReason = 2
	// The subject or other attributes in this
	// [Certificate][google.cloud.security.privateca.v1.Certificate] have changed.
	RevocationReason_AFFILIATION_CHANGED RevocationReason = 3
	// This [Certificate][google.cloud.security.privateca.v1.Certificate] has been
	// superseded.
	RevocationReason_SUPERSEDED RevocationReason = 4
	// This [Certificate][google.cloud.security.privateca.v1.Certificate] or
	// entities in the issuing path have ceased to operate.
	RevocationReason_CESSATION_OF_OPERATION RevocationReason = 5
	// This [Certificate][google.cloud.security.privateca.v1.Certificate] should
	// not be considered valid, it is expected that it may become valid in the
	// future.
	RevocationReason_CERTIFICATE_HOLD RevocationReason = 6
	// This [Certificate][google.cloud.security.privateca.v1.Certificate] no
	// longer has permission to assert the listed attributes.
	RevocationReason_PRIVILEGE_WITHDRAWN RevocationReason = 7
	// The authority which determines appropriate attributes for a
	// [Certificate][google.cloud.security.privateca.v1.Certificate] may have been
	// compromised.
	RevocationReason_ATTRIBUTE_AUTHORITY_COMPROMISE RevocationReason = 8
)

func (RevocationReason) Descriptor() protoreflect.EnumDescriptor

func (x RevocationReason) Enum() *RevocationReason

func (RevocationReason) EnumDescriptor() ([]byte, []int)

func (x RevocationReason) Number() protoreflect.EnumNumber

func (x RevocationReason) String() string

func (RevocationReason) Type() protoreflect.EnumType

type RevokeCertificateRequest struct {

	// Required. The resource name for this
	// [Certificate][google.cloud.security.privateca.v1.Certificate] in the format
	// `projects/*/locations/*/caPools/*/certificates/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Required. The
	// [RevocationReason][google.cloud.security.privateca.v1.RevocationReason] for
	// revoking this certificate.
	Reason RevocationReason `protobuf:"varint,2,opt,name=reason,proto3,enum=google.cloud.security.privateca.v1.RevocationReason" json:"reason,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that
	// if you must retry your request, the server will know to ignore the request
	// if it has already been completed. The server will guarantee that for at
	// least 60 minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and
	// the request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,3,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*RevokeCertificateRequest) Descriptor() ([]byte, []int)

func (x *RevokeCertificateRequest) GetName() string

func (x *RevokeCertificateRequest) GetReason() RevocationReason

func (x *RevokeCertificateRequest) GetRequestId() string

func (*RevokeCertificateRequest) ProtoMessage()

func (x *RevokeCertificateRequest) ProtoReflect() protoreflect.Message

func (x *RevokeCertificateRequest) Reset()

func (x *RevokeCertificateRequest) String() string

type Subject struct {

	// The "common name" of the subject.
	CommonName string `protobuf:"bytes,1,opt,name=common_name,json=commonName,proto3" json:"common_name,omitempty"`
	// The country code of the subject.
	CountryCode string `protobuf:"bytes,2,opt,name=country_code,json=countryCode,proto3" json:"country_code,omitempty"`
	// The organization of the subject.
	Organization string `protobuf:"bytes,3,opt,name=organization,proto3" json:"organization,omitempty"`
	// The organizational_unit of the subject.
	OrganizationalUnit string `protobuf:"bytes,4,opt,name=organizational_unit,json=organizationalUnit,proto3" json:"organizational_unit,omitempty"`
	// The locality or city of the subject.
	Locality string `protobuf:"bytes,5,opt,name=locality,proto3" json:"locality,omitempty"`
	// The province, territory, or regional state of the subject.
	Province string `protobuf:"bytes,6,opt,name=province,proto3" json:"province,omitempty"`
	// The street address of the subject.
	StreetAddress string `protobuf:"bytes,7,opt,name=street_address,json=streetAddress,proto3" json:"street_address,omitempty"`
	// The postal code of the subject.
	PostalCode string `protobuf:"bytes,8,opt,name=postal_code,json=postalCode,proto3" json:"postal_code,omitempty"`
	// contains filtered or unexported fields
}

func (*Subject) Descriptor() ([]byte, []int)

func (x *Subject) GetCommonName() string

func (x *Subject) GetCountryCode() string

func (x *Subject) GetLocality() string

func (x *Subject) GetOrganization() string

func (x *Subject) GetOrganizationalUnit() string

func (x *Subject) GetPostalCode() string

func (x *Subject) GetProvince() string

func (x *Subject) GetStreetAddress() string

func (*Subject) ProtoMessage()

func (x *Subject) ProtoReflect() protoreflect.Message

func (x *Subject) Reset()

func (x *Subject) String() string

type SubjectAltNames struct {

	// Contains only valid, fully-qualified host names.
	DnsNames []string `protobuf:"bytes,1,rep,name=dns_names,json=dnsNames,proto3" json:"dns_names,omitempty"`
	// Contains only valid RFC 3986 URIs.
	Uris []string `protobuf:"bytes,2,rep,name=uris,proto3" json:"uris,omitempty"`
	// Contains only valid RFC 2822 E-mail addresses.
	EmailAddresses []string `protobuf:"bytes,3,rep,name=email_addresses,json=emailAddresses,proto3" json:"email_addresses,omitempty"`
	// Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
	IpAddresses []string `protobuf:"bytes,4,rep,name=ip_addresses,json=ipAddresses,proto3" json:"ip_addresses,omitempty"`
	// Contains additional subject alternative name values.
	// For each custom_san, the `value` field must contain an ASN.1 encoded
	// UTF8String.
	CustomSans []*X509Extension `protobuf:"bytes,5,rep,name=custom_sans,json=customSans,proto3" json:"custom_sans,omitempty"`
	// contains filtered or unexported fields
}

func (*SubjectAltNames) Descriptor() ([]byte, []int)

func (x *SubjectAltNames) GetCustomSans() []*X509Extension

func (x *SubjectAltNames) GetDnsNames() []string

func (x *SubjectAltNames) GetEmailAddresses() []string

func (x *SubjectAltNames) GetIpAddresses() []string

func (x *SubjectAltNames) GetUris() []string

func (*SubjectAltNames) ProtoMessage()

func (x *SubjectAltNames) ProtoReflect() protoreflect.Message

func (x *SubjectAltNames) Reset()

func (x *SubjectAltNames) String() string

type SubjectRequestMode int32

const (
	// Not specified.
	SubjectRequestMode_SUBJECT_REQUEST_MODE_UNSPECIFIED SubjectRequestMode = 0
	// The default mode used in most cases. Indicates that the certificate's
	// [Subject][google.cloud.security.privateca.v1.Subject] and/or
	// [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] are
	// specified in the certificate request. This mode requires the caller to have
	// the `privateca.certificates.create` permission.
	SubjectRequestMode_DEFAULT SubjectRequestMode = 1
	// A mode reserved for special cases. Indicates that the certificate should
	// have one or more SPIFFE
	// [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] set
	// by the service based on the caller's identity. This mode will ignore any
	// explicitly specified [Subject][google.cloud.security.privateca.v1.Subject]
	// and/or
	// [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] in
	// the certificate request. This mode requires the caller to have the
	// `privateca.certificates.createForSelf` permission.
	SubjectRequestMode_REFLECTED_SPIFFE SubjectRequestMode = 2
)

func (SubjectRequestMode) Descriptor() protoreflect.EnumDescriptor

func (x SubjectRequestMode) Enum() *SubjectRequestMode

func (SubjectRequestMode) EnumDescriptor() ([]byte, []int)

func (x SubjectRequestMode) Number() protoreflect.EnumNumber

func (x SubjectRequestMode) String() string

func (SubjectRequestMode) Type() protoreflect.EnumType

type SubordinateConfig struct {

	// Types that are assignable to SubordinateConfig:
	//	*SubordinateConfig_CertificateAuthority
	//	*SubordinateConfig_PemIssuerChain
	SubordinateConfig isSubordinateConfig_SubordinateConfig `protobuf_oneof:"subordinate_config"`
	// contains filtered or unexported fields
}

func (*SubordinateConfig) Descriptor() ([]byte, []int)

func (x *SubordinateConfig) GetCertificateAuthority() string

func (x *SubordinateConfig) GetPemIssuerChain() *SubordinateConfig_SubordinateConfigChain

func (m *SubordinateConfig) GetSubordinateConfig() isSubordinateConfig_SubordinateConfig

func (*SubordinateConfig) ProtoMessage()

func (x *SubordinateConfig) ProtoReflect() protoreflect.Message

func (x *SubordinateConfig) Reset()

func (x *SubordinateConfig) String() string

type SubordinateConfig_CertificateAuthority struct {
	// Required. This can refer to a
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// that was used to create a subordinate
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
	// This field is used for information and usability purposes only. The
	// resource name is in the format
	// `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	CertificateAuthority string `protobuf:"bytes,1,opt,name=certificate_authority,json=certificateAuthority,proto3,oneof"`
}

type SubordinateConfig_PemIssuerChain struct {
	// Required. Contains the PEM certificate chain for the issuers of this
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority],
	// but not pem certificate for this CA itself.
	PemIssuerChain *SubordinateConfig_SubordinateConfigChain `protobuf:"bytes,2,opt,name=pem_issuer_chain,json=pemIssuerChain,proto3,oneof"`
}

type SubordinateConfig_SubordinateConfigChain struct {

	// Required. Expected to be in leaf-to-root order according to RFC 5246.
	PemCertificates []string `protobuf:"bytes,1,rep,name=pem_certificates,json=pemCertificates,proto3" json:"pem_certificates,omitempty"`
	// contains filtered or unexported fields
}

func (*SubordinateConfig_SubordinateConfigChain) Descriptor() ([]byte, []int)

func (x *SubordinateConfig_SubordinateConfigChain) GetPemCertificates() []string

func (*SubordinateConfig_SubordinateConfigChain) ProtoMessage()

func (x *SubordinateConfig_SubordinateConfigChain) ProtoReflect() protoreflect.Message

func (x *SubordinateConfig_SubordinateConfigChain) Reset()

func (x *SubordinateConfig_SubordinateConfigChain) String() string

type UndeleteCertificateAuthorityRequest struct {

	// Required. The resource name for this
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that
	// if you must retry your request, the server will know to ignore the request
	// if it has already been completed. The server will guarantee that for at
	// least 60 minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and
	// the request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*UndeleteCertificateAuthorityRequest) Descriptor() ([]byte, []int)

func (x *UndeleteCertificateAuthorityRequest) GetName() string

func (x *UndeleteCertificateAuthorityRequest) GetRequestId() string

func (*UndeleteCertificateAuthorityRequest) ProtoMessage()

func (x *UndeleteCertificateAuthorityRequest) ProtoReflect() protoreflect.Message

func (x *UndeleteCertificateAuthorityRequest) Reset()

func (x *UndeleteCertificateAuthorityRequest) String() string

type UnimplementedCertificateAuthorityServiceServer struct {
}

func (*UnimplementedCertificateAuthorityServiceServer) ActivateCertificateAuthority(context.Context, *ActivateCertificateAuthorityRequest) (*longrunningpb.Operation, error)

func (*UnimplementedCertificateAuthorityServiceServer) CreateCaPool(context.Context, *CreateCaPoolRequest) (*longrunningpb.Operation, error)

func (*UnimplementedCertificateAuthorityServiceServer) CreateCertificate(context.Context, *CreateCertificateRequest) (*Certificate, error)

func (*UnimplementedCertificateAuthorityServiceServer) CreateCertificateAuthority(context.Context, *CreateCertificateAuthorityRequest) (*longrunningpb.Operation, error)

func (*UnimplementedCertificateAuthorityServiceServer) CreateCertificateTemplate(context.Context, *CreateCertificateTemplateRequest) (*longrunningpb.Operation, error)

func (*UnimplementedCertificateAuthorityServiceServer) DeleteCaPool(context.Context, *DeleteCaPoolRequest) (*longrunningpb.Operation, error)

func (*UnimplementedCertificateAuthorityServiceServer) DeleteCertificateAuthority(context.Context, *DeleteCertificateAuthorityRequest) (*longrunningpb.Operation, error)

func (*UnimplementedCertificateAuthorityServiceServer) DeleteCertificateTemplate(context.Context, *DeleteCertificateTemplateRequest) (*longrunningpb.Operation, error)

func (*UnimplementedCertificateAuthorityServiceServer) DisableCertificateAuthority(context.Context, *DisableCertificateAuthorityRequest) (*longrunningpb.Operation, error)

func (*UnimplementedCertificateAuthorityServiceServer) EnableCertificateAuthority(context.Context, *EnableCertificateAuthorityRequest) (*longrunningpb.Operation, error)

func (*UnimplementedCertificateAuthorityServiceServer) FetchCaCerts(context.Context, *FetchCaCertsRequest) (*FetchCaCertsResponse, error)

func (*UnimplementedCertificateAuthorityServiceServer) FetchCertificateAuthorityCsr(context.Context, *FetchCertificateAuthorityCsrRequest) (*FetchCertificateAuthorityCsrResponse, error)

func (*UnimplementedCertificateAuthorityServiceServer) GetCaPool(context.Context, *GetCaPoolRequest) (*CaPool, error)

func (*UnimplementedCertificateAuthorityServiceServer) GetCertificate(context.Context, *GetCertificateRequest) (*Certificate, error)

func (*UnimplementedCertificateAuthorityServiceServer) GetCertificateAuthority(context.Context, *GetCertificateAuthorityRequest) (*CertificateAuthority, error)

func (*UnimplementedCertificateAuthorityServiceServer) GetCertificateRevocationList(context.Context, *GetCertificateRevocationListRequest) (*CertificateRevocationList, error)

func (*UnimplementedCertificateAuthorityServiceServer) GetCertificateTemplate(context.Context, *GetCertificateTemplateRequest) (*CertificateTemplate, error)

func (*UnimplementedCertificateAuthorityServiceServer) ListCaPools(context.Context, *ListCaPoolsRequest) (*ListCaPoolsResponse, error)

func (*UnimplementedCertificateAuthorityServiceServer) ListCertificateAuthorities(context.Context, *ListCertificateAuthoritiesRequest) (*ListCertificateAuthoritiesResponse, error)

func (*UnimplementedCertificateAuthorityServiceServer) ListCertificateRevocationLists(context.Context, *ListCertificateRevocationListsRequest) (*ListCertificateRevocationListsResponse, error)

func (*UnimplementedCertificateAuthorityServiceServer) ListCertificateTemplates(context.Context, *ListCertificateTemplatesRequest) (*ListCertificateTemplatesResponse, error)

func (*UnimplementedCertificateAuthorityServiceServer) ListCertificates(context.Context, *ListCertificatesRequest) (*ListCertificatesResponse, error)

func (*UnimplementedCertificateAuthorityServiceServer) RevokeCertificate(context.Context, *RevokeCertificateRequest) (*Certificate, error)

func (*UnimplementedCertificateAuthorityServiceServer) UndeleteCertificateAuthority(context.Context, *UndeleteCertificateAuthorityRequest) (*longrunningpb.Operation, error)

func (*UnimplementedCertificateAuthorityServiceServer) UpdateCaPool(context.Context, *UpdateCaPoolRequest) (*longrunningpb.Operation, error)

func (*UnimplementedCertificateAuthorityServiceServer) UpdateCertificate(context.Context, *UpdateCertificateRequest) (*Certificate, error)

func (*UnimplementedCertificateAuthorityServiceServer) UpdateCertificateAuthority(context.Context, *UpdateCertificateAuthorityRequest) (*longrunningpb.Operation, error)

func (*UnimplementedCertificateAuthorityServiceServer) UpdateCertificateRevocationList(context.Context, *UpdateCertificateRevocationListRequest) (*longrunningpb.Operation, error)

func (*UnimplementedCertificateAuthorityServiceServer) UpdateCertificateTemplate(context.Context, *UpdateCertificateTemplateRequest) (*longrunningpb.Operation, error)

type UpdateCaPoolRequest struct {

	// Required. [CaPool][google.cloud.security.privateca.v1.CaPool] with updated
	// values.
	CaPool *CaPool `protobuf:"bytes,1,opt,name=ca_pool,json=caPool,proto3" json:"ca_pool,omitempty"`
	// Required. A list of fields to be updated in this request.
	UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that
	// if you must retry your request, the server will know to ignore the request
	// if it has already been completed. The server will guarantee that for at
	// least 60 minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and
	// the request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,3,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*UpdateCaPoolRequest) Descriptor() ([]byte, []int)

func (x *UpdateCaPoolRequest) GetCaPool() *CaPool

func (x *UpdateCaPoolRequest) GetRequestId() string

func (x *UpdateCaPoolRequest) GetUpdateMask() *fieldmaskpb.FieldMask

func (*UpdateCaPoolRequest) ProtoMessage()

func (x *UpdateCaPoolRequest) ProtoReflect() protoreflect.Message

func (x *UpdateCaPoolRequest) Reset()

func (x *UpdateCaPoolRequest) String() string

type UpdateCertificateAuthorityRequest struct {

	// Required.
	// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
	// with updated values.
	CertificateAuthority *CertificateAuthority `protobuf:"bytes,1,opt,name=certificate_authority,json=certificateAuthority,proto3" json:"certificate_authority,omitempty"`
	// Required. A list of fields to be updated in this request.
	UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that
	// if you must retry your request, the server will know to ignore the request
	// if it has already been completed. The server will guarantee that for at
	// least 60 minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and
	// the request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,3,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*UpdateCertificateAuthorityRequest) Descriptor() ([]byte, []int)

func (x *UpdateCertificateAuthorityRequest) GetCertificateAuthority() *CertificateAuthority

func (x *UpdateCertificateAuthorityRequest) GetRequestId() string

func (x *UpdateCertificateAuthorityRequest) GetUpdateMask() *fieldmaskpb.FieldMask

func (*UpdateCertificateAuthorityRequest) ProtoMessage()

func (x *UpdateCertificateAuthorityRequest) ProtoReflect() protoreflect.Message

func (x *UpdateCertificateAuthorityRequest) Reset()

func (x *UpdateCertificateAuthorityRequest) String() string

type UpdateCertificateRequest struct {

	// Required. [Certificate][google.cloud.security.privateca.v1.Certificate]
	// with updated values.
	Certificate *Certificate `protobuf:"bytes,1,opt,name=certificate,proto3" json:"certificate,omitempty"`
	// Required. A list of fields to be updated in this request.
	UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that
	// if you must retry your request, the server will know to ignore the request
	// if it has already been completed. The server will guarantee that for at
	// least 60 minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and
	// the request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,3,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*UpdateCertificateRequest) Descriptor() ([]byte, []int)

func (x *UpdateCertificateRequest) GetCertificate() *Certificate

func (x *UpdateCertificateRequest) GetRequestId() string

func (x *UpdateCertificateRequest) GetUpdateMask() *fieldmaskpb.FieldMask

func (*UpdateCertificateRequest) ProtoMessage()

func (x *UpdateCertificateRequest) ProtoReflect() protoreflect.Message

func (x *UpdateCertificateRequest) Reset()

func (x *UpdateCertificateRequest) String() string

type UpdateCertificateRevocationListRequest struct {
	CertificateRevocationList *CertificateRevocationList "" /* 138 byte string literal not displayed */

	UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`

	RequestId string `protobuf:"bytes,3,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`

}

func (*UpdateCertificateRevocationListRequest) Descriptor() ([]byte, []int)

func (x *UpdateCertificateRevocationListRequest) GetCertificateRevocationList() *CertificateRevocationList

func (x *UpdateCertificateRevocationListRequest) GetRequestId() string

func (x *UpdateCertificateRevocationListRequest) GetUpdateMask() *fieldmaskpb.FieldMask

func (*UpdateCertificateRevocationListRequest) ProtoMessage()

func (x *UpdateCertificateRevocationListRequest) ProtoReflect() protoreflect.Message

func (x *UpdateCertificateRevocationListRequest) Reset()

func (x *UpdateCertificateRevocationListRequest) String() string

type UpdateCertificateTemplateRequest struct {

	// Required.
	// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
	// with updated values.
	CertificateTemplate *CertificateTemplate `protobuf:"bytes,1,opt,name=certificate_template,json=certificateTemplate,proto3" json:"certificate_template,omitempty"`
	// Required. A list of fields to be updated in this request.
	UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that
	// if you must retry your request, the server will know to ignore the request
	// if it has already been completed. The server will guarantee that for at
	// least 60 minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and
	// the request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,3,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*UpdateCertificateTemplateRequest) Descriptor() ([]byte, []int)

func (x *UpdateCertificateTemplateRequest) GetCertificateTemplate() *CertificateTemplate

func (x *UpdateCertificateTemplateRequest) GetRequestId() string

func (x *UpdateCertificateTemplateRequest) GetUpdateMask() *fieldmaskpb.FieldMask

func (*UpdateCertificateTemplateRequest) ProtoMessage()

func (x *UpdateCertificateTemplateRequest) ProtoReflect() protoreflect.Message

func (x *UpdateCertificateTemplateRequest) Reset()

func (x *UpdateCertificateTemplateRequest) String() string

type X509Extension struct {

	// Required. The OID for this X.509 extension.
	ObjectId *ObjectId `protobuf:"bytes,1,opt,name=object_id,json=objectId,proto3" json:"object_id,omitempty"`
	// Optional. Indicates whether or not this extension is critical (i.e., if the
	// client does not know how to handle this extension, the client should
	// consider this to be an error).
	Critical bool `protobuf:"varint,2,opt,name=critical,proto3" json:"critical,omitempty"`
	// Required. The value of this X.509 extension.
	Value []byte `protobuf:"bytes,3,opt,name=value,proto3" json:"value,omitempty"`
	// contains filtered or unexported fields
}

func (*X509Extension) Descriptor() ([]byte, []int)

func (x *X509Extension) GetCritical() bool

func (x *X509Extension) GetObjectId() *ObjectId

func (x *X509Extension) GetValue() []byte

func (*X509Extension) ProtoMessage()

func (x *X509Extension) ProtoReflect() protoreflect.Message

func (x *X509Extension) Reset()

func (x *X509Extension) String() string

type X509Parameters struct {

	// Optional. Indicates the intended use for keys that correspond to a
	// certificate.
	KeyUsage *KeyUsage `protobuf:"bytes,1,opt,name=key_usage,json=keyUsage,proto3" json:"key_usage,omitempty"`
	// Optional. Describes options in this
	// [X509Parameters][google.cloud.security.privateca.v1.X509Parameters] that
	// are relevant in a CA certificate.
	CaOptions *X509Parameters_CaOptions `protobuf:"bytes,2,opt,name=ca_options,json=caOptions,proto3" json:"ca_options,omitempty"`
	// Optional. Describes the X.509 certificate policy object identifiers, per
	// https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
	PolicyIds []*ObjectId `protobuf:"bytes,3,rep,name=policy_ids,json=policyIds,proto3" json:"policy_ids,omitempty"`
	// Optional. Describes Online Certificate Status Protocol (OCSP) endpoint
	// addresses that appear in the "Authority Information Access" extension in
	// the certificate.
	AiaOcspServers []string `protobuf:"bytes,4,rep,name=aia_ocsp_servers,json=aiaOcspServers,proto3" json:"aia_ocsp_servers,omitempty"`
	// Optional. Describes the X.509 name constraints extension.
	NameConstraints *X509Parameters_NameConstraints `protobuf:"bytes,6,opt,name=name_constraints,json=nameConstraints,proto3" json:"name_constraints,omitempty"`
	// Optional. Describes custom X.509 extensions.
	AdditionalExtensions []*X509Extension `protobuf:"bytes,5,rep,name=additional_extensions,json=additionalExtensions,proto3" json:"additional_extensions,omitempty"`
	// contains filtered or unexported fields
}

func (*X509Parameters) Descriptor() ([]byte, []int)

func (x *X509Parameters) GetAdditionalExtensions() []*X509Extension

func (x *X509Parameters) GetAiaOcspServers() []string

func (x *X509Parameters) GetCaOptions() *X509Parameters_CaOptions

func (x *X509Parameters) GetKeyUsage() *KeyUsage

func (x *X509Parameters) GetNameConstraints() *X509Parameters_NameConstraints

func (x *X509Parameters) GetPolicyIds() []*ObjectId

func (*X509Parameters) ProtoMessage()

func (x *X509Parameters) ProtoReflect() protoreflect.Message

func (x *X509Parameters) Reset()

func (x *X509Parameters) String() string

type X509Parameters_CaOptions struct {
	IsCa *bool `protobuf:"varint,1,opt,name=is_ca,json=isCa,proto3,oneof" json:"is_ca,omitempty"`

	MaxIssuerPathLength *int32 "" /* 129 byte string literal not displayed */

}

func (*X509Parameters_CaOptions) Descriptor() ([]byte, []int)

func (x *X509Parameters_CaOptions) GetIsCa() bool

func (x *X509Parameters_CaOptions) GetMaxIssuerPathLength() int32

func (*X509Parameters_CaOptions) ProtoMessage()

func (x *X509Parameters_CaOptions) ProtoReflect() protoreflect.Message

func (x *X509Parameters_CaOptions) Reset()

func (x *X509Parameters_CaOptions) String() string

type X509Parameters_NameConstraints struct {
	Critical bool `protobuf:"varint,1,opt,name=critical,proto3" json:"critical,omitempty"`

	PermittedDnsNames []string `protobuf:"bytes,2,rep,name=permitted_dns_names,json=permittedDnsNames,proto3" json:"permitted_dns_names,omitempty"`

	ExcludedDnsNames []string `protobuf:"bytes,3,rep,name=excluded_dns_names,json=excludedDnsNames,proto3" json:"excluded_dns_names,omitempty"`

	PermittedIpRanges []string `protobuf:"bytes,4,rep,name=permitted_ip_ranges,json=permittedIpRanges,proto3" json:"permitted_ip_ranges,omitempty"`

	ExcludedIpRanges []string `protobuf:"bytes,5,rep,name=excluded_ip_ranges,json=excludedIpRanges,proto3" json:"excluded_ip_ranges,omitempty"`

	PermittedEmailAddresses []string "" /* 132 byte string literal not displayed */

	ExcludedEmailAddresses []string "" /* 129 byte string literal not displayed */

	PermittedUris []string `protobuf:"bytes,8,rep,name=permitted_uris,json=permittedUris,proto3" json:"permitted_uris,omitempty"`

	ExcludedUris []string `protobuf:"bytes,9,rep,name=excluded_uris,json=excludedUris,proto3" json:"excluded_uris,omitempty"`

}

func (*X509Parameters_NameConstraints) Descriptor() ([]byte, []int)

func (x *X509Parameters_NameConstraints) GetCritical() bool

func (x *X509Parameters_NameConstraints) GetExcludedDnsNames() []string

func (x *X509Parameters_NameConstraints) GetExcludedEmailAddresses() []string

func (x *X509Parameters_NameConstraints) GetExcludedIpRanges() []string

func (x *X509Parameters_NameConstraints) GetExcludedUris() []string

func (x *X509Parameters_NameConstraints) GetPermittedDnsNames() []string

func (x *X509Parameters_NameConstraints) GetPermittedEmailAddresses() []string

func (x *X509Parameters_NameConstraints) GetPermittedIpRanges() []string

func (x *X509Parameters_NameConstraints) GetPermittedUris() []string

func (*X509Parameters_NameConstraints) ProtoMessage()

func (x *X509Parameters_NameConstraints) ProtoReflect() protoreflect.Message

func (x *X509Parameters_NameConstraints) Reset()

func (x *X509Parameters_NameConstraints) String() string