Variables
RevocationReason_name, RevocationReason_value
var (
RevocationReason_name = map[int32]string{
0: "REVOCATION_REASON_UNSPECIFIED",
1: "KEY_COMPROMISE",
2: "CERTIFICATE_AUTHORITY_COMPROMISE",
3: "AFFILIATION_CHANGED",
4: "SUPERSEDED",
5: "CESSATION_OF_OPERATION",
6: "CERTIFICATE_HOLD",
7: "PRIVILEGE_WITHDRAWN",
8: "ATTRIBUTE_AUTHORITY_COMPROMISE",
}
RevocationReason_value = map[string]int32{
"REVOCATION_REASON_UNSPECIFIED": 0,
"KEY_COMPROMISE": 1,
"CERTIFICATE_AUTHORITY_COMPROMISE": 2,
"AFFILIATION_CHANGED": 3,
"SUPERSEDED": 4,
"CESSATION_OF_OPERATION": 5,
"CERTIFICATE_HOLD": 6,
"PRIVILEGE_WITHDRAWN": 7,
"ATTRIBUTE_AUTHORITY_COMPROMISE": 8,
}
)
Enum value maps for RevocationReason.
SubjectRequestMode_name, SubjectRequestMode_value
var (
SubjectRequestMode_name = map[int32]string{
0: "SUBJECT_REQUEST_MODE_UNSPECIFIED",
1: "DEFAULT",
2: "REFLECTED_SPIFFE",
}
SubjectRequestMode_value = map[string]int32{
"SUBJECT_REQUEST_MODE_UNSPECIFIED": 0,
"DEFAULT": 1,
"REFLECTED_SPIFFE": 2,
}
)
Enum value maps for SubjectRequestMode.
CertificateAuthority_Type_name, CertificateAuthority_Type_value
var (
CertificateAuthority_Type_name = map[int32]string{
0: "TYPE_UNSPECIFIED",
1: "SELF_SIGNED",
2: "SUBORDINATE",
}
CertificateAuthority_Type_value = map[string]int32{
"TYPE_UNSPECIFIED": 0,
"SELF_SIGNED": 1,
"SUBORDINATE": 2,
}
)
Enum value maps for CertificateAuthority_Type.
CertificateAuthority_State_name, CertificateAuthority_State_value
var (
CertificateAuthority_State_name = map[int32]string{
0: "STATE_UNSPECIFIED",
1: "ENABLED",
2: "DISABLED",
3: "STAGED",
4: "AWAITING_USER_ACTIVATION",
5: "DELETED",
}
CertificateAuthority_State_value = map[string]int32{
"STATE_UNSPECIFIED": 0,
"ENABLED": 1,
"DISABLED": 2,
"STAGED": 3,
"AWAITING_USER_ACTIVATION": 4,
"DELETED": 5,
}
)
Enum value maps for CertificateAuthority_State.
CertificateAuthority_SignHashAlgorithm_name, CertificateAuthority_SignHashAlgorithm_value
var (
CertificateAuthority_SignHashAlgorithm_name = map[int32]string{
0: "SIGN_HASH_ALGORITHM_UNSPECIFIED",
1: "RSA_PSS_2048_SHA256",
2: "RSA_PSS_3072_SHA256",
3: "RSA_PSS_4096_SHA256",
6: "RSA_PKCS1_2048_SHA256",
7: "RSA_PKCS1_3072_SHA256",
8: "RSA_PKCS1_4096_SHA256",
4: "EC_P256_SHA256",
5: "EC_P384_SHA384",
}
CertificateAuthority_SignHashAlgorithm_value = map[string]int32{
"SIGN_HASH_ALGORITHM_UNSPECIFIED": 0,
"RSA_PSS_2048_SHA256": 1,
"RSA_PSS_3072_SHA256": 2,
"RSA_PSS_4096_SHA256": 3,
"RSA_PKCS1_2048_SHA256": 6,
"RSA_PKCS1_3072_SHA256": 7,
"RSA_PKCS1_4096_SHA256": 8,
"EC_P256_SHA256": 4,
"EC_P384_SHA384": 5,
}
)
Enum value maps for CertificateAuthority_SignHashAlgorithm.
CaPool_Tier_name, CaPool_Tier_value
var (
CaPool_Tier_name = map[int32]string{
0: "TIER_UNSPECIFIED",
1: "ENTERPRISE",
2: "DEVOPS",
}
CaPool_Tier_value = map[string]int32{
"TIER_UNSPECIFIED": 0,
"ENTERPRISE": 1,
"DEVOPS": 2,
}
)
Enum value maps for CaPool_Tier.
CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm_name, CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm_value
var (
CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm_name = map[int32]string{
0: "EC_SIGNATURE_ALGORITHM_UNSPECIFIED",
1: "ECDSA_P256",
2: "ECDSA_P384",
3: "EDDSA_25519",
}
CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm_value = map[string]int32{
"EC_SIGNATURE_ALGORITHM_UNSPECIFIED": 0,
"ECDSA_P256": 1,
"ECDSA_P384": 2,
"EDDSA_25519": 3,
}
)
Enum value maps for CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm.
CertificateRevocationList_State_name, CertificateRevocationList_State_value
var (
CertificateRevocationList_State_name = map[int32]string{
0: "STATE_UNSPECIFIED",
1: "ACTIVE",
2: "SUPERSEDED",
}
CertificateRevocationList_State_value = map[string]int32{
"STATE_UNSPECIFIED": 0,
"ACTIVE": 1,
"SUPERSEDED": 2,
}
)
Enum value maps for CertificateRevocationList_State.
PublicKey_KeyFormat_name, PublicKey_KeyFormat_value
var (
PublicKey_KeyFormat_name = map[int32]string{
0: "KEY_FORMAT_UNSPECIFIED",
1: "PEM",
}
PublicKey_KeyFormat_value = map[string]int32{
"KEY_FORMAT_UNSPECIFIED": 0,
"PEM": 1,
}
)
Enum value maps for PublicKey_KeyFormat.
CertificateExtensionConstraints_KnownCertificateExtension_name, CertificateExtensionConstraints_KnownCertificateExtension_value
var (
CertificateExtensionConstraints_KnownCertificateExtension_name = map[int32]string{
0: "KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED",
1: "BASE_KEY_USAGE",
2: "EXTENDED_KEY_USAGE",
3: "CA_OPTIONS",
4: "POLICY_IDS",
5: "AIA_OCSP_SERVERS",
6: "NAME_CONSTRAINTS",
}
CertificateExtensionConstraints_KnownCertificateExtension_value = map[string]int32{
"KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED": 0,
"BASE_KEY_USAGE": 1,
"EXTENDED_KEY_USAGE": 2,
"CA_OPTIONS": 3,
"POLICY_IDS": 4,
"AIA_OCSP_SERVERS": 5,
"NAME_CONSTRAINTS": 6,
}
)
Enum value maps for CertificateExtensionConstraints_KnownCertificateExtension.
File_google_cloud_security_privateca_v1_resources_proto
var File_google_cloud_security_privateca_v1_resources_proto protoreflect.FileDescriptor
File_google_cloud_security_privateca_v1_service_proto
var File_google_cloud_security_privateca_v1_service_proto protoreflect.FileDescriptor
Functions
func RegisterCertificateAuthorityServiceServer
func RegisterCertificateAuthorityServiceServer(s *grpc.Server, srv CertificateAuthorityServiceServer)
ActivateCertificateAuthorityRequest
type ActivateCertificateAuthorityRequest struct {
// Required. The resource name for this
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Required. The signed CA certificate issued from
// [FetchCertificateAuthorityCsrResponse.pem_csr][google.cloud.security.privateca.v1.FetchCertificateAuthorityCsrResponse.pem_csr].
PemCaCertificate string `protobuf:"bytes,2,opt,name=pem_ca_certificate,json=pemCaCertificate,proto3" json:"pem_ca_certificate,omitempty"`
// Required. Must include information about the issuer of
// 'pem_ca_certificate', and any further issuers until the self-signed CA.
SubordinateConfig *SubordinateConfig `protobuf:"bytes,3,opt,name=subordinate_config,json=subordinateConfig,proto3" json:"subordinate_config,omitempty"`
// Optional. An ID to identify requests. Specify a unique request ID so that
// if you must retry your request, the server will know to ignore the request
// if it has already been completed. The server will guarantee that for at
// least 60 minutes since the first request.
//
// For example, consider a situation where you make an initial request and
// the request times out. If you make the request again with the same request
// ID, the server can check if original operation with the same request ID
// was received, and if so, will ignore the second request. This prevents
// clients from accidentally creating duplicate commitments.
//
// The request ID must be a valid UUID with the exception that zero UUID is
// not supported (00000000-0000-0000-0000-000000000000).
RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.ActivateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.ActivateCertificateAuthority].
func (*ActivateCertificateAuthorityRequest) Descriptor
func (*ActivateCertificateAuthorityRequest) Descriptor() ([]byte, []int)
Deprecated: Use ActivateCertificateAuthorityRequest.ProtoReflect.Descriptor instead.
func (*ActivateCertificateAuthorityRequest) GetName
func (x *ActivateCertificateAuthorityRequest) GetName() string
func (*ActivateCertificateAuthorityRequest) GetPemCaCertificate
func (x *ActivateCertificateAuthorityRequest) GetPemCaCertificate() string
func (*ActivateCertificateAuthorityRequest) GetRequestId
func (x *ActivateCertificateAuthorityRequest) GetRequestId() string
func (*ActivateCertificateAuthorityRequest) GetSubordinateConfig
func (x *ActivateCertificateAuthorityRequest) GetSubordinateConfig() *SubordinateConfig
func (*ActivateCertificateAuthorityRequest) ProtoMessage
func (*ActivateCertificateAuthorityRequest) ProtoMessage()
func (*ActivateCertificateAuthorityRequest) ProtoReflect
func (x *ActivateCertificateAuthorityRequest) ProtoReflect() protoreflect.Message
func (*ActivateCertificateAuthorityRequest) Reset
func (x *ActivateCertificateAuthorityRequest) Reset()
func (*ActivateCertificateAuthorityRequest) String
func (x *ActivateCertificateAuthorityRequest) String() string
CaPool
type CaPool struct {
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
Tier CaPool_Tier `protobuf:"varint,2,opt,name=tier,proto3,enum=google.cloud.security.privateca.v1.CaPool_Tier" json:"tier,omitempty"`
IssuancePolicy *CaPool_IssuancePolicy `protobuf:"bytes,3,opt,name=issuance_policy,json=issuancePolicy,proto3" json:"issuance_policy,omitempty"`
PublishingOptions *CaPool_PublishingOptions `protobuf:"bytes,4,opt,name=publishing_options,json=publishingOptions,proto3" json:"publishing_options,omitempty"`
Labels map[string]string "" /* 153 byte string literal not displayed */
}
A [CaPool][google.cloud.security.privateca.v1.CaPool] represents a group of [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority] that form a trust anchor. A [CaPool][google.cloud.security.privateca.v1.CaPool] can be used to manage issuance policies for one or more [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] resources and to rotate CA certificates in and out of the trust anchor.
func (*CaPool) Descriptor
Deprecated: Use CaPool.ProtoReflect.Descriptor instead.
func (*CaPool) GetIssuancePolicy
func (x *CaPool) GetIssuancePolicy() *CaPool_IssuancePolicy
func (*CaPool) GetLabels
func (*CaPool) GetName
func (*CaPool) GetPublishingOptions
func (x *CaPool) GetPublishingOptions() *CaPool_PublishingOptions
func (*CaPool) GetTier
func (x *CaPool) GetTier() CaPool_Tier
func (*CaPool) ProtoMessage
func (*CaPool) ProtoMessage()
func (*CaPool) ProtoReflect
func (x *CaPool) ProtoReflect() protoreflect.Message
func (*CaPool) Reset
func (x *CaPool) Reset()
func (*CaPool) String
CaPool_IssuancePolicy
type CaPool_IssuancePolicy struct {
// Optional. If any
// [AllowedKeyType][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType]
// is specified, then the certificate request's public key must match one of
// the key types listed here. Otherwise, any key may be used.
AllowedKeyTypes []*CaPool_IssuancePolicy_AllowedKeyType `protobuf:"bytes,1,rep,name=allowed_key_types,json=allowedKeyTypes,proto3" json:"allowed_key_types,omitempty"`
// Optional. The maximum lifetime allowed for issued
// [Certificates][google.cloud.security.privateca.v1.Certificate]. Note that
// if the issuing
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// expires before a
// [Certificate][google.cloud.security.privateca.v1.Certificate]'s requested
// maximum_lifetime, the effective lifetime will be explicitly truncated to
// match it.
MaximumLifetime *durationpb.Duration `protobuf:"bytes,2,opt,name=maximum_lifetime,json=maximumLifetime,proto3" json:"maximum_lifetime,omitempty"`
// Optional. If specified, then only methods allowed in the
// [IssuanceModes][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes]
// may be used to issue
// [Certificates][google.cloud.security.privateca.v1.Certificate].
AllowedIssuanceModes *CaPool_IssuancePolicy_IssuanceModes `protobuf:"bytes,3,opt,name=allowed_issuance_modes,json=allowedIssuanceModes,proto3" json:"allowed_issuance_modes,omitempty"`
// Optional. A set of X.509 values that will be applied to all certificates
// issued through this [CaPool][google.cloud.security.privateca.v1.CaPool].
// If a certificate request includes conflicting values for the same
// properties, they will be overwritten by the values defined here. If a
// certificate request uses a
// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
// that defines conflicting
// [predefined_values][google.cloud.security.privateca.v1.CertificateTemplate.predefined_values]
// for the same properties, the certificate issuance request will fail.
BaselineValues *X509Parameters `protobuf:"bytes,4,opt,name=baseline_values,json=baselineValues,proto3" json:"baseline_values,omitempty"`
// Optional. Describes constraints on identities that may appear in
// [Certificates][google.cloud.security.privateca.v1.Certificate] issued
// through this [CaPool][google.cloud.security.privateca.v1.CaPool]. If this
// is omitted, then this [CaPool][google.cloud.security.privateca.v1.CaPool]
// will not add restrictions on a certificate's identity.
IdentityConstraints *CertificateIdentityConstraints `protobuf:"bytes,5,opt,name=identity_constraints,json=identityConstraints,proto3" json:"identity_constraints,omitempty"`
// Optional. Describes the set of X.509 extensions that may appear in a
// [Certificate][google.cloud.security.privateca.v1.Certificate] issued
// through this [CaPool][google.cloud.security.privateca.v1.CaPool]. If a
// certificate request sets extensions that don't appear in the
// [passthrough_extensions][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.passthrough_extensions],
// those extensions will be dropped. If a certificate request uses a
// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
// with
// [predefined_values][google.cloud.security.privateca.v1.CertificateTemplate.predefined_values]
// that don't appear here, the certificate issuance request will fail. If
// this is omitted, then this
// [CaPool][google.cloud.security.privateca.v1.CaPool] will not add
// restrictions on a certificate's X.509 extensions. These constraints do
// not apply to X.509 extensions set in this
// [CaPool][google.cloud.security.privateca.v1.CaPool]'s
// [baseline_values][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.baseline_values].
PassthroughExtensions *CertificateExtensionConstraints `protobuf:"bytes,6,opt,name=passthrough_extensions,json=passthroughExtensions,proto3" json:"passthrough_extensions,omitempty"`
// contains filtered or unexported fields
}
Defines controls over all certificate issuance within a [CaPool][google.cloud.security.privateca.v1.CaPool].
func (*CaPool_IssuancePolicy) Descriptor
func (*CaPool_IssuancePolicy) Descriptor() ([]byte, []int)
Deprecated: Use CaPool_IssuancePolicy.ProtoReflect.Descriptor instead.
func (*CaPool_IssuancePolicy) GetAllowedIssuanceModes
func (x *CaPool_IssuancePolicy) GetAllowedIssuanceModes() *CaPool_IssuancePolicy_IssuanceModes
func (*CaPool_IssuancePolicy) GetAllowedKeyTypes
func (x *CaPool_IssuancePolicy) GetAllowedKeyTypes() []*CaPool_IssuancePolicy_AllowedKeyType
func (*CaPool_IssuancePolicy) GetBaselineValues
func (x *CaPool_IssuancePolicy) GetBaselineValues() *X509Parameters
func (*CaPool_IssuancePolicy) GetIdentityConstraints
func (x *CaPool_IssuancePolicy) GetIdentityConstraints() *CertificateIdentityConstraints
func (*CaPool_IssuancePolicy) GetMaximumLifetime
func (x *CaPool_IssuancePolicy) GetMaximumLifetime() *durationpb.Duration
func (*CaPool_IssuancePolicy) GetPassthroughExtensions
func (x *CaPool_IssuancePolicy) GetPassthroughExtensions() *CertificateExtensionConstraints
func (*CaPool_IssuancePolicy) ProtoMessage
func (*CaPool_IssuancePolicy) ProtoMessage()
func (*CaPool_IssuancePolicy) ProtoReflect
func (x *CaPool_IssuancePolicy) ProtoReflect() protoreflect.Message
func (*CaPool_IssuancePolicy) Reset
func (x *CaPool_IssuancePolicy) Reset()
func (*CaPool_IssuancePolicy) String
func (x *CaPool_IssuancePolicy) String() string
CaPool_IssuancePolicy_AllowedKeyType
type CaPool_IssuancePolicy_AllowedKeyType struct {
// Types that are assignable to KeyType:
// *CaPool_IssuancePolicy_AllowedKeyType_Rsa
// *CaPool_IssuancePolicy_AllowedKeyType_EllipticCurve
KeyType isCaPool_IssuancePolicy_AllowedKeyType_KeyType `protobuf_oneof:"key_type"`
// contains filtered or unexported fields
}
Describes a "type" of key that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool]. Note that a single [AllowedKeyType][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType] may refer to either a fully-qualified key algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA key.
func (*CaPool_IssuancePolicy_AllowedKeyType) Descriptor
func (*CaPool_IssuancePolicy_AllowedKeyType) Descriptor() ([]byte, []int)
Deprecated: Use CaPool_IssuancePolicy_AllowedKeyType.ProtoReflect.Descriptor instead.
func (*CaPool_IssuancePolicy_AllowedKeyType) GetEllipticCurve
func (x *CaPool_IssuancePolicy_AllowedKeyType) GetEllipticCurve() *CaPool_IssuancePolicy_AllowedKeyType_EcKeyType
func (*CaPool_IssuancePolicy_AllowedKeyType) GetKeyType
func (m *CaPool_IssuancePolicy_AllowedKeyType) GetKeyType() isCaPool_IssuancePolicy_AllowedKeyType_KeyType
func (*CaPool_IssuancePolicy_AllowedKeyType) GetRsa
func (x *CaPool_IssuancePolicy_AllowedKeyType) GetRsa() *CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType
func (*CaPool_IssuancePolicy_AllowedKeyType) ProtoMessage
func (*CaPool_IssuancePolicy_AllowedKeyType) ProtoMessage()
func (*CaPool_IssuancePolicy_AllowedKeyType) ProtoReflect
func (x *CaPool_IssuancePolicy_AllowedKeyType) ProtoReflect() protoreflect.Message
func (*CaPool_IssuancePolicy_AllowedKeyType) Reset
func (x *CaPool_IssuancePolicy_AllowedKeyType) Reset()
func (*CaPool_IssuancePolicy_AllowedKeyType) String
func (x *CaPool_IssuancePolicy_AllowedKeyType) String() string
CaPool_IssuancePolicy_AllowedKeyType_EcKeyType
type CaPool_IssuancePolicy_AllowedKeyType_EcKeyType struct {
SignatureAlgorithm CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm "" /* 224 byte string literal not displayed */
}
Describes an Elliptic Curve key that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool].
func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) Descriptor
func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) Descriptor() ([]byte, []int)
Deprecated: Use CaPool_IssuancePolicy_AllowedKeyType_EcKeyType.ProtoReflect.Descriptor instead.
func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) GetSignatureAlgorithm
func (x *CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) GetSignatureAlgorithm() CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm
func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) ProtoMessage
func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) ProtoMessage()
func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) ProtoReflect
func (x *CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) ProtoReflect() protoreflect.Message
func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) Reset
func (x *CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) Reset()
func (*CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) String
func (x *CaPool_IssuancePolicy_AllowedKeyType_EcKeyType) String() string
CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm
type CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm int32
Describes an elliptic curve-based signature algorithm that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool].
CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EC_SIGNATURE_ALGORITHM_UNSPECIFIED, CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_ECDSA_P256, CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_ECDSA_P384, CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EDDSA_25519
const (
// Not specified. Signifies that any signature algorithm may be used.
CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EC_SIGNATURE_ALGORITHM_UNSPECIFIED CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm = 0
// Refers to the Elliptic Curve Digital Signature Algorithm over the
// NIST P-256 curve.
CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_ECDSA_P256 CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm = 1
// Refers to the Elliptic Curve Digital Signature Algorithm over the
// NIST P-384 curve.
CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_ECDSA_P384 CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm = 2
// Refers to the Edwards-curve Digital Signature Algorithm over curve
// 25519, as described in RFC 8410.
CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EDDSA_25519 CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm = 3
)
func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Descriptor
func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Descriptor() protoreflect.EnumDescriptor
func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Enum
func (x CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Enum() *CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm
func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) EnumDescriptor
func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) EnumDescriptor() ([]byte, []int)
Deprecated: Use CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm.Descriptor instead.
func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Number
func (x CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Number() protoreflect.EnumNumber
func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) String
func (x CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) String() string
func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Type
func (CaPool_IssuancePolicy_AllowedKeyType_EcKeyType_EcSignatureAlgorithm) Type() protoreflect.EnumType
CaPool_IssuancePolicy_AllowedKeyType_EllipticCurve
type CaPool_IssuancePolicy_AllowedKeyType_EllipticCurve struct {
// Represents an allowed Elliptic Curve key type.
EllipticCurve *CaPool_IssuancePolicy_AllowedKeyType_EcKeyType `protobuf:"bytes,2,opt,name=elliptic_curve,json=ellipticCurve,proto3,oneof"`
}
CaPool_IssuancePolicy_AllowedKeyType_Rsa
type CaPool_IssuancePolicy_AllowedKeyType_Rsa struct {
// Represents an allowed RSA key type.
Rsa *CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType `protobuf:"bytes,1,opt,name=rsa,proto3,oneof"`
}
CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType
type CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType struct {
// Optional. The minimum allowed RSA modulus size (inclusive), in bits.
// If this is not set, or if set to zero, the service-level min RSA
// modulus size will continue to apply.
MinModulusSize int64 `protobuf:"varint,1,opt,name=min_modulus_size,json=minModulusSize,proto3" json:"min_modulus_size,omitempty"`
// Optional. The maximum allowed RSA modulus size (inclusive), in bits.
// If this is not set, or if set to zero, the service will not enforce
// an explicit upper bound on RSA modulus sizes.
MaxModulusSize int64 `protobuf:"varint,2,opt,name=max_modulus_size,json=maxModulusSize,proto3" json:"max_modulus_size,omitempty"`
// contains filtered or unexported fields
}
Describes an RSA key that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool].
func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) Descriptor
func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) Descriptor() ([]byte, []int)
Deprecated: Use CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType.ProtoReflect.Descriptor instead.
func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) GetMaxModulusSize
func (x *CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) GetMaxModulusSize() int64
func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) GetMinModulusSize
func (x *CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) GetMinModulusSize() int64
func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) ProtoMessage
func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) ProtoMessage()
func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) ProtoReflect
func (x *CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) ProtoReflect() protoreflect.Message
func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) Reset
func (x *CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) Reset()
func (*CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) String
func (x *CaPool_IssuancePolicy_AllowedKeyType_RsaKeyType) String() string
CaPool_IssuancePolicy_IssuanceModes
type CaPool_IssuancePolicy_IssuanceModes struct {
AllowCsrBasedIssuance bool "" /* 129 byte string literal not displayed */
AllowConfigBasedIssuance bool "" /* 138 byte string literal not displayed */
}
[IssuanceModes][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes] specifies the allowed ways in which [Certificates][google.cloud.security.privateca.v1.Certificate] may be requested from this [CaPool][google.cloud.security.privateca.v1.CaPool].
func (*CaPool_IssuancePolicy_IssuanceModes) Descriptor
func (*CaPool_IssuancePolicy_IssuanceModes) Descriptor() ([]byte, []int)
Deprecated: Use CaPool_IssuancePolicy_IssuanceModes.ProtoReflect.Descriptor instead.
func (*CaPool_IssuancePolicy_IssuanceModes) GetAllowConfigBasedIssuance
func (x *CaPool_IssuancePolicy_IssuanceModes) GetAllowConfigBasedIssuance() bool
func (*CaPool_IssuancePolicy_IssuanceModes) GetAllowCsrBasedIssuance
func (x *CaPool_IssuancePolicy_IssuanceModes) GetAllowCsrBasedIssuance() bool
func (*CaPool_IssuancePolicy_IssuanceModes) ProtoMessage
func (*CaPool_IssuancePolicy_IssuanceModes) ProtoMessage()
func (*CaPool_IssuancePolicy_IssuanceModes) ProtoReflect
func (x *CaPool_IssuancePolicy_IssuanceModes) ProtoReflect() protoreflect.Message
func (*CaPool_IssuancePolicy_IssuanceModes) Reset
func (x *CaPool_IssuancePolicy_IssuanceModes) Reset()
func (*CaPool_IssuancePolicy_IssuanceModes) String
func (x *CaPool_IssuancePolicy_IssuanceModes) String() string
CaPool_PublishingOptions
type CaPool_PublishingOptions struct {
// Optional. When true, publishes each
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s
// CA certificate and includes its URL in the "Authority Information Access"
// X.509 extension in all issued
// [Certificates][google.cloud.security.privateca.v1.Certificate]. If this
// is false, the CA certificate will not be published and the corresponding
// X.509 extension will not be written in issued certificates.
PublishCaCert bool `protobuf:"varint,1,opt,name=publish_ca_cert,json=publishCaCert,proto3" json:"publish_ca_cert,omitempty"`
// Optional. When true, publishes each
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s
// CRL and includes its URL in the "CRL Distribution Points" X.509 extension
// in all issued
// [Certificates][google.cloud.security.privateca.v1.Certificate]. If this
// is false, CRLs will not be published and the corresponding X.509
// extension will not be written in issued certificates. CRLs will expire 7
// days from their creation. However, we will rebuild daily. CRLs are also
// rebuilt shortly after a certificate is revoked.
PublishCrl bool `protobuf:"varint,2,opt,name=publish_crl,json=publishCrl,proto3" json:"publish_crl,omitempty"`
// contains filtered or unexported fields
}
Options relating to the publication of each [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s CA certificate and CRLs and their inclusion as extensions in issued [Certificates][google.cloud.security.privateca.v1.Certificate]. The options set here apply to certificates issued by any [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in the [CaPool][google.cloud.security.privateca.v1.CaPool].
func (*CaPool_PublishingOptions) Descriptor
func (*CaPool_PublishingOptions) Descriptor() ([]byte, []int)
Deprecated: Use CaPool_PublishingOptions.ProtoReflect.Descriptor instead.
func (*CaPool_PublishingOptions) GetPublishCaCert
func (x *CaPool_PublishingOptions) GetPublishCaCert() bool
func (*CaPool_PublishingOptions) GetPublishCrl
func (x *CaPool_PublishingOptions) GetPublishCrl() bool
func (*CaPool_PublishingOptions) ProtoMessage
func (*CaPool_PublishingOptions) ProtoMessage()
func (*CaPool_PublishingOptions) ProtoReflect
func (x *CaPool_PublishingOptions) ProtoReflect() protoreflect.Message
func (*CaPool_PublishingOptions) Reset
func (x *CaPool_PublishingOptions) Reset()
func (*CaPool_PublishingOptions) String
func (x *CaPool_PublishingOptions) String() string
CaPool_Tier
type CaPool_Tier int32
The tier of a [CaPool][google.cloud.security.privateca.v1.CaPool], indicating its supported functionality and/or billing SKU.
CaPool_TIER_UNSPECIFIED, CaPool_ENTERPRISE, CaPool_DEVOPS
const (
// Not specified.
CaPool_TIER_UNSPECIFIED CaPool_Tier = 0
// Enterprise tier.
CaPool_ENTERPRISE CaPool_Tier = 1
// DevOps tier.
CaPool_DEVOPS CaPool_Tier = 2
)
func (CaPool_Tier) Descriptor
func (CaPool_Tier) Descriptor() protoreflect.EnumDescriptor
func (CaPool_Tier) Enum
func (x CaPool_Tier) Enum() *CaPool_Tier
func (CaPool_Tier) EnumDescriptor
func (CaPool_Tier) EnumDescriptor() ([]byte, []int)
Deprecated: Use CaPool_Tier.Descriptor instead.
func (CaPool_Tier) Number
func (x CaPool_Tier) Number() protoreflect.EnumNumber
func (CaPool_Tier) String
func (x CaPool_Tier) String() string
func (CaPool_Tier) Type
func (CaPool_Tier) Type() protoreflect.EnumType
Certificate
type Certificate struct {
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
CertificateConfig isCertificate_CertificateConfig `protobuf_oneof:"certificate_config"`
IssuerCertificateAuthority string "" /* 141 byte string literal not displayed */
Lifetime *durationpb.Duration `protobuf:"bytes,5,opt,name=lifetime,proto3" json:"lifetime,omitempty"`
CertificateTemplate string `protobuf:"bytes,6,opt,name=certificate_template,json=certificateTemplate,proto3" json:"certificate_template,omitempty"`
SubjectMode SubjectRequestMode "" /* 154 byte string literal not displayed */
RevocationDetails *Certificate_RevocationDetails `protobuf:"bytes,8,opt,name=revocation_details,json=revocationDetails,proto3" json:"revocation_details,omitempty"`
PemCertificate string `protobuf:"bytes,9,opt,name=pem_certificate,json=pemCertificate,proto3" json:"pem_certificate,omitempty"`
CertificateDescription *CertificateDescription "" /* 128 byte string literal not displayed */
PemCertificateChain []string `protobuf:"bytes,11,rep,name=pem_certificate_chain,json=pemCertificateChain,proto3" json:"pem_certificate_chain,omitempty"`
CreateTime *timestamppb.Timestamp `protobuf:"bytes,12,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
UpdateTime *timestamppb.Timestamp `protobuf:"bytes,13,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`
Labels map[string]string "" /* 154 byte string literal not displayed */
}
A [Certificate][google.cloud.security.privateca.v1.Certificate] corresponds to a signed X.509 certificate issued by a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
func (*Certificate) Descriptor
func (*Certificate) Descriptor() ([]byte, []int)
Deprecated: Use Certificate.ProtoReflect.Descriptor instead.
func (*Certificate) GetCertificateConfig
func (m *Certificate) GetCertificateConfig() isCertificate_CertificateConfig
func (*Certificate) GetCertificateDescription
func (x *Certificate) GetCertificateDescription() *CertificateDescription
func (*Certificate) GetCertificateTemplate
func (x *Certificate) GetCertificateTemplate() string
func (*Certificate) GetConfig
func (x *Certificate) GetConfig() *CertificateConfig
func (*Certificate) GetCreateTime
func (x *Certificate) GetCreateTime() *timestamppb.Timestamp
func (*Certificate) GetIssuerCertificateAuthority
func (x *Certificate) GetIssuerCertificateAuthority() string
func (*Certificate) GetLabels
func (x *Certificate) GetLabels() map[string]string
func (*Certificate) GetLifetime
func (x *Certificate) GetLifetime() *durationpb.Duration
func (*Certificate) GetName
func (x *Certificate) GetName() string
func (*Certificate) GetPemCertificate
func (x *Certificate) GetPemCertificate() string
func (*Certificate) GetPemCertificateChain
func (x *Certificate) GetPemCertificateChain() []string
func (*Certificate) GetPemCsr
func (x *Certificate) GetPemCsr() string
func (*Certificate) GetRevocationDetails
func (x *Certificate) GetRevocationDetails() *Certificate_RevocationDetails
func (*Certificate) GetSubjectMode
func (x *Certificate) GetSubjectMode() SubjectRequestMode
func (*Certificate) GetUpdateTime
func (x *Certificate) GetUpdateTime() *timestamppb.Timestamp
func (*Certificate) ProtoMessage
func (*Certificate) ProtoMessage()
func (*Certificate) ProtoReflect
func (x *Certificate) ProtoReflect() protoreflect.Message
func (*Certificate) Reset
func (x *Certificate) Reset()
func (*Certificate) String
func (x *Certificate) String() string
CertificateAuthority
type CertificateAuthority struct {
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
Type CertificateAuthority_Type "" /* 128 byte string literal not displayed */
Config *CertificateConfig `protobuf:"bytes,3,opt,name=config,proto3" json:"config,omitempty"`
Lifetime *durationpb.Duration `protobuf:"bytes,4,opt,name=lifetime,proto3" json:"lifetime,omitempty"`
KeySpec *CertificateAuthority_KeyVersionSpec `protobuf:"bytes,5,opt,name=key_spec,json=keySpec,proto3" json:"key_spec,omitempty"`
SubordinateConfig *SubordinateConfig `protobuf:"bytes,6,opt,name=subordinate_config,json=subordinateConfig,proto3" json:"subordinate_config,omitempty"`
Tier CaPool_Tier `protobuf:"varint,7,opt,name=tier,proto3,enum=google.cloud.security.privateca.v1.CaPool_Tier" json:"tier,omitempty"`
State CertificateAuthority_State "" /* 131 byte string literal not displayed */
PemCaCertificates []string `protobuf:"bytes,9,rep,name=pem_ca_certificates,json=pemCaCertificates,proto3" json:"pem_ca_certificates,omitempty"`
CaCertificateDescriptions []*CertificateDescription "" /* 139 byte string literal not displayed */
GcsBucket string `protobuf:"bytes,11,opt,name=gcs_bucket,json=gcsBucket,proto3" json:"gcs_bucket,omitempty"`
AccessUrls *CertificateAuthority_AccessUrls `protobuf:"bytes,12,opt,name=access_urls,json=accessUrls,proto3" json:"access_urls,omitempty"`
CreateTime *timestamppb.Timestamp `protobuf:"bytes,13,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
UpdateTime *timestamppb.Timestamp `protobuf:"bytes,14,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`
DeleteTime *timestamppb.Timestamp `protobuf:"bytes,15,opt,name=delete_time,json=deleteTime,proto3" json:"delete_time,omitempty"`
ExpireTime *timestamppb.Timestamp `protobuf:"bytes,16,opt,name=expire_time,json=expireTime,proto3" json:"expire_time,omitempty"`
Labels map[string]string "" /* 154 byte string literal not displayed */
}
A [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] represents an individual Certificate Authority. A [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] can be used to create [Certificates][google.cloud.security.privateca.v1.Certificate].
func (*CertificateAuthority) Descriptor
func (*CertificateAuthority) Descriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority.ProtoReflect.Descriptor instead.
func (*CertificateAuthority) GetAccessUrls
func (x *CertificateAuthority) GetAccessUrls() *CertificateAuthority_AccessUrls
func (*CertificateAuthority) GetCaCertificateDescriptions
func (x *CertificateAuthority) GetCaCertificateDescriptions() []*CertificateDescription
func (*CertificateAuthority) GetConfig
func (x *CertificateAuthority) GetConfig() *CertificateConfig
func (*CertificateAuthority) GetCreateTime
func (x *CertificateAuthority) GetCreateTime() *timestamppb.Timestamp
func (*CertificateAuthority) GetDeleteTime
func (x *CertificateAuthority) GetDeleteTime() *timestamppb.Timestamp
func (*CertificateAuthority) GetExpireTime
func (x *CertificateAuthority) GetExpireTime() *timestamppb.Timestamp
func (*CertificateAuthority) GetGcsBucket
func (x *CertificateAuthority) GetGcsBucket() string
func (*CertificateAuthority) GetKeySpec
func (x *CertificateAuthority) GetKeySpec() *CertificateAuthority_KeyVersionSpec
func (*CertificateAuthority) GetLabels
func (x *CertificateAuthority) GetLabels() map[string]string
func (*CertificateAuthority) GetLifetime
func (x *CertificateAuthority) GetLifetime() *durationpb.Duration
func (*CertificateAuthority) GetName
func (x *CertificateAuthority) GetName() string
func (*CertificateAuthority) GetPemCaCertificates
func (x *CertificateAuthority) GetPemCaCertificates() []string
func (*CertificateAuthority) GetState
func (x *CertificateAuthority) GetState() CertificateAuthority_State
func (*CertificateAuthority) GetSubordinateConfig
func (x *CertificateAuthority) GetSubordinateConfig() *SubordinateConfig
func (*CertificateAuthority) GetTier
func (x *CertificateAuthority) GetTier() CaPool_Tier
func (*CertificateAuthority) GetType
func (x *CertificateAuthority) GetType() CertificateAuthority_Type
func (*CertificateAuthority) GetUpdateTime
func (x *CertificateAuthority) GetUpdateTime() *timestamppb.Timestamp
func (*CertificateAuthority) ProtoMessage
func (*CertificateAuthority) ProtoMessage()
func (*CertificateAuthority) ProtoReflect
func (x *CertificateAuthority) ProtoReflect() protoreflect.Message
func (*CertificateAuthority) Reset
func (x *CertificateAuthority) Reset()
func (*CertificateAuthority) String
func (x *CertificateAuthority) String() string
CertificateAuthorityServiceClient
type CertificateAuthorityServiceClient interface {
// Create a new [Certificate][google.cloud.security.privateca.v1.Certificate]
// in a given Project, Location from a particular
// [CaPool][google.cloud.security.privateca.v1.CaPool].
CreateCertificate(ctx context.Context, in *CreateCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
// Returns a [Certificate][google.cloud.security.privateca.v1.Certificate].
GetCertificate(ctx context.Context, in *GetCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
// Lists [Certificates][google.cloud.security.privateca.v1.Certificate].
ListCertificates(ctx context.Context, in *ListCertificatesRequest, opts ...grpc.CallOption) (*ListCertificatesResponse, error)
// Revoke a [Certificate][google.cloud.security.privateca.v1.Certificate].
RevokeCertificate(ctx context.Context, in *RevokeCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
// Update a [Certificate][google.cloud.security.privateca.v1.Certificate].
// Currently, the only field you can update is the
// [labels][google.cloud.security.privateca.v1.Certificate.labels] field.
UpdateCertificate(ctx context.Context, in *UpdateCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
// Activate a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// that is in state
// [AWAITING_USER_ACTIVATION][google.cloud.security.privateca.v1.CertificateAuthority.State.AWAITING_USER_ACTIVATION]
// and is of type
// [SUBORDINATE][google.cloud.security.privateca.v1.CertificateAuthority.Type.SUBORDINATE].
// After the parent Certificate Authority signs a certificate signing request
// from
// [FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCertificateAuthorityCsr],
// this method can complete the activation process.
ActivateCertificateAuthority(ctx context.Context, in *ActivateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
// Create a new
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// in a given Project and Location.
CreateCertificateAuthority(ctx context.Context, in *CreateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
// Disable a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
DisableCertificateAuthority(ctx context.Context, in *DisableCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
// Enable a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
EnableCertificateAuthority(ctx context.Context, in *EnableCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
// Fetch a certificate signing request (CSR) from a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// that is in state
// [AWAITING_USER_ACTIVATION][google.cloud.security.privateca.v1.CertificateAuthority.State.AWAITING_USER_ACTIVATION]
// and is of type
// [SUBORDINATE][google.cloud.security.privateca.v1.CertificateAuthority.Type.SUBORDINATE].
// The CSR must then be signed by the desired parent Certificate Authority,
// which could be another
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// resource, or could be an on-prem certificate authority. See also
// [ActivateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.ActivateCertificateAuthority].
FetchCertificateAuthorityCsr(ctx context.Context, in *FetchCertificateAuthorityCsrRequest, opts ...grpc.CallOption) (*FetchCertificateAuthorityCsrResponse, error)
// Returns a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
GetCertificateAuthority(ctx context.Context, in *GetCertificateAuthorityRequest, opts ...grpc.CallOption) (*CertificateAuthority, error)
// Lists
// [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority].
ListCertificateAuthorities(ctx context.Context, in *ListCertificateAuthoritiesRequest, opts ...grpc.CallOption) (*ListCertificateAuthoritiesResponse, error)
// Undelete a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// that has been deleted.
UndeleteCertificateAuthority(ctx context.Context, in *UndeleteCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
// Delete a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
DeleteCertificateAuthority(ctx context.Context, in *DeleteCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
// Update a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
UpdateCertificateAuthority(ctx context.Context, in *UpdateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
// Create a [CaPool][google.cloud.security.privateca.v1.CaPool].
CreateCaPool(ctx context.Context, in *CreateCaPoolRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
// Update a [CaPool][google.cloud.security.privateca.v1.CaPool].
UpdateCaPool(ctx context.Context, in *UpdateCaPoolRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
// Returns a [CaPool][google.cloud.security.privateca.v1.CaPool].
GetCaPool(ctx context.Context, in *GetCaPoolRequest, opts ...grpc.CallOption) (*CaPool, error)
// Lists [CaPools][google.cloud.security.privateca.v1.CaPool].
ListCaPools(ctx context.Context, in *ListCaPoolsRequest, opts ...grpc.CallOption) (*ListCaPoolsResponse, error)
// Delete a [CaPool][google.cloud.security.privateca.v1.CaPool].
DeleteCaPool(ctx context.Context, in *DeleteCaPoolRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
// FetchCaCerts returns the current trust anchor for the
// [CaPool][google.cloud.security.privateca.v1.CaPool]. This will include CA
// certificate chains for all ACTIVE
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// resources in the [CaPool][google.cloud.security.privateca.v1.CaPool].
FetchCaCerts(ctx context.Context, in *FetchCaCertsRequest, opts ...grpc.CallOption) (*FetchCaCertsResponse, error)
// Returns a
// [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList].
GetCertificateRevocationList(ctx context.Context, in *GetCertificateRevocationListRequest, opts ...grpc.CallOption) (*CertificateRevocationList, error)
// Lists
// [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList].
ListCertificateRevocationLists(ctx context.Context, in *ListCertificateRevocationListsRequest, opts ...grpc.CallOption) (*ListCertificateRevocationListsResponse, error)
// Update a
// [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList].
UpdateCertificateRevocationList(ctx context.Context, in *UpdateCertificateRevocationListRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
// Create a new
// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
// in a given Project and Location.
CreateCertificateTemplate(ctx context.Context, in *CreateCertificateTemplateRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
// DeleteCertificateTemplate deletes a
// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
DeleteCertificateTemplate(ctx context.Context, in *DeleteCertificateTemplateRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
// Returns a
// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
GetCertificateTemplate(ctx context.Context, in *GetCertificateTemplateRequest, opts ...grpc.CallOption) (*CertificateTemplate, error)
// Lists
// [CertificateTemplates][google.cloud.security.privateca.v1.CertificateTemplate].
ListCertificateTemplates(ctx context.Context, in *ListCertificateTemplatesRequest, opts ...grpc.CallOption) (*ListCertificateTemplatesResponse, error)
// Update a
// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
UpdateCertificateTemplate(ctx context.Context, in *UpdateCertificateTemplateRequest, opts ...grpc.CallOption) (*longrunningpb.Operation, error)
}
CertificateAuthorityServiceClient is the client API for CertificateAuthorityService service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
func NewCertificateAuthorityServiceClient
func NewCertificateAuthorityServiceClient(cc grpc.ClientConnInterface) CertificateAuthorityServiceClient
CertificateAuthorityServiceServer
type CertificateAuthorityServiceServer interface {
// Create a new [Certificate][google.cloud.security.privateca.v1.Certificate]
// in a given Project, Location from a particular
// [CaPool][google.cloud.security.privateca.v1.CaPool].
CreateCertificate(context.Context, *CreateCertificateRequest) (*Certificate, error)
// Returns a [Certificate][google.cloud.security.privateca.v1.Certificate].
GetCertificate(context.Context, *GetCertificateRequest) (*Certificate, error)
// Lists [Certificates][google.cloud.security.privateca.v1.Certificate].
ListCertificates(context.Context, *ListCertificatesRequest) (*ListCertificatesResponse, error)
// Revoke a [Certificate][google.cloud.security.privateca.v1.Certificate].
RevokeCertificate(context.Context, *RevokeCertificateRequest) (*Certificate, error)
// Update a [Certificate][google.cloud.security.privateca.v1.Certificate].
// Currently, the only field you can update is the
// [labels][google.cloud.security.privateca.v1.Certificate.labels] field.
UpdateCertificate(context.Context, *UpdateCertificateRequest) (*Certificate, error)
// Activate a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// that is in state
// [AWAITING_USER_ACTIVATION][google.cloud.security.privateca.v1.CertificateAuthority.State.AWAITING_USER_ACTIVATION]
// and is of type
// [SUBORDINATE][google.cloud.security.privateca.v1.CertificateAuthority.Type.SUBORDINATE].
// After the parent Certificate Authority signs a certificate signing request
// from
// [FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCertificateAuthorityCsr],
// this method can complete the activation process.
ActivateCertificateAuthority(context.Context, *ActivateCertificateAuthorityRequest) (*longrunningpb.Operation, error)
// Create a new
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// in a given Project and Location.
CreateCertificateAuthority(context.Context, *CreateCertificateAuthorityRequest) (*longrunningpb.Operation, error)
// Disable a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
DisableCertificateAuthority(context.Context, *DisableCertificateAuthorityRequest) (*longrunningpb.Operation, error)
// Enable a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
EnableCertificateAuthority(context.Context, *EnableCertificateAuthorityRequest) (*longrunningpb.Operation, error)
// Fetch a certificate signing request (CSR) from a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// that is in state
// [AWAITING_USER_ACTIVATION][google.cloud.security.privateca.v1.CertificateAuthority.State.AWAITING_USER_ACTIVATION]
// and is of type
// [SUBORDINATE][google.cloud.security.privateca.v1.CertificateAuthority.Type.SUBORDINATE].
// The CSR must then be signed by the desired parent Certificate Authority,
// which could be another
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// resource, or could be an on-prem certificate authority. See also
// [ActivateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.ActivateCertificateAuthority].
FetchCertificateAuthorityCsr(context.Context, *FetchCertificateAuthorityCsrRequest) (*FetchCertificateAuthorityCsrResponse, error)
// Returns a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
GetCertificateAuthority(context.Context, *GetCertificateAuthorityRequest) (*CertificateAuthority, error)
// Lists
// [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority].
ListCertificateAuthorities(context.Context, *ListCertificateAuthoritiesRequest) (*ListCertificateAuthoritiesResponse, error)
// Undelete a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// that has been deleted.
UndeleteCertificateAuthority(context.Context, *UndeleteCertificateAuthorityRequest) (*longrunningpb.Operation, error)
// Delete a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
DeleteCertificateAuthority(context.Context, *DeleteCertificateAuthorityRequest) (*longrunningpb.Operation, error)
// Update a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
UpdateCertificateAuthority(context.Context, *UpdateCertificateAuthorityRequest) (*longrunningpb.Operation, error)
// Create a [CaPool][google.cloud.security.privateca.v1.CaPool].
CreateCaPool(context.Context, *CreateCaPoolRequest) (*longrunningpb.Operation, error)
// Update a [CaPool][google.cloud.security.privateca.v1.CaPool].
UpdateCaPool(context.Context, *UpdateCaPoolRequest) (*longrunningpb.Operation, error)
// Returns a [CaPool][google.cloud.security.privateca.v1.CaPool].
GetCaPool(context.Context, *GetCaPoolRequest) (*CaPool, error)
// Lists [CaPools][google.cloud.security.privateca.v1.CaPool].
ListCaPools(context.Context, *ListCaPoolsRequest) (*ListCaPoolsResponse, error)
// Delete a [CaPool][google.cloud.security.privateca.v1.CaPool].
DeleteCaPool(context.Context, *DeleteCaPoolRequest) (*longrunningpb.Operation, error)
// FetchCaCerts returns the current trust anchor for the
// [CaPool][google.cloud.security.privateca.v1.CaPool]. This will include CA
// certificate chains for all ACTIVE
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// resources in the [CaPool][google.cloud.security.privateca.v1.CaPool].
FetchCaCerts(context.Context, *FetchCaCertsRequest) (*FetchCaCertsResponse, error)
// Returns a
// [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList].
GetCertificateRevocationList(context.Context, *GetCertificateRevocationListRequest) (*CertificateRevocationList, error)
// Lists
// [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList].
ListCertificateRevocationLists(context.Context, *ListCertificateRevocationListsRequest) (*ListCertificateRevocationListsResponse, error)
// Update a
// [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList].
UpdateCertificateRevocationList(context.Context, *UpdateCertificateRevocationListRequest) (*longrunningpb.Operation, error)
// Create a new
// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
// in a given Project and Location.
CreateCertificateTemplate(context.Context, *CreateCertificateTemplateRequest) (*longrunningpb.Operation, error)
// DeleteCertificateTemplate deletes a
// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
DeleteCertificateTemplate(context.Context, *DeleteCertificateTemplateRequest) (*longrunningpb.Operation, error)
// Returns a
// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
GetCertificateTemplate(context.Context, *GetCertificateTemplateRequest) (*CertificateTemplate, error)
// Lists
// [CertificateTemplates][google.cloud.security.privateca.v1.CertificateTemplate].
ListCertificateTemplates(context.Context, *ListCertificateTemplatesRequest) (*ListCertificateTemplatesResponse, error)
// Update a
// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
UpdateCertificateTemplate(context.Context, *UpdateCertificateTemplateRequest) (*longrunningpb.Operation, error)
}
CertificateAuthorityServiceServer is the server API for CertificateAuthorityService service.
CertificateAuthority_AccessUrls
type CertificateAuthority_AccessUrls struct {
CaCertificateAccessUrl string "" /* 131 byte string literal not displayed */
CrlAccessUrls []string `protobuf:"bytes,2,rep,name=crl_access_urls,json=crlAccessUrls,proto3" json:"crl_access_urls,omitempty"`
}
URLs where a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] will publish content.
func (*CertificateAuthority_AccessUrls) Descriptor
func (*CertificateAuthority_AccessUrls) Descriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_AccessUrls.ProtoReflect.Descriptor instead.
func (*CertificateAuthority_AccessUrls) GetCaCertificateAccessUrl
func (x *CertificateAuthority_AccessUrls) GetCaCertificateAccessUrl() string
func (*CertificateAuthority_AccessUrls) GetCrlAccessUrls
func (x *CertificateAuthority_AccessUrls) GetCrlAccessUrls() []string
func (*CertificateAuthority_AccessUrls) ProtoMessage
func (*CertificateAuthority_AccessUrls) ProtoMessage()
func (*CertificateAuthority_AccessUrls) ProtoReflect
func (x *CertificateAuthority_AccessUrls) ProtoReflect() protoreflect.Message
func (*CertificateAuthority_AccessUrls) Reset
func (x *CertificateAuthority_AccessUrls) Reset()
func (*CertificateAuthority_AccessUrls) String
func (x *CertificateAuthority_AccessUrls) String() string
CertificateAuthority_KeyVersionSpec
type CertificateAuthority_KeyVersionSpec struct {
// Types that are assignable to KeyVersion:
// *CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion
// *CertificateAuthority_KeyVersionSpec_Algorithm
KeyVersion isCertificateAuthority_KeyVersionSpec_KeyVersion `protobuf_oneof:"KeyVersion"`
// contains filtered or unexported fields
}
A Cloud KMS key configuration that a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] will use.
func (*CertificateAuthority_KeyVersionSpec) Descriptor
func (*CertificateAuthority_KeyVersionSpec) Descriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_KeyVersionSpec.ProtoReflect.Descriptor instead.
func (*CertificateAuthority_KeyVersionSpec) GetAlgorithm
func (x *CertificateAuthority_KeyVersionSpec) GetAlgorithm() CertificateAuthority_SignHashAlgorithm
func (*CertificateAuthority_KeyVersionSpec) GetCloudKmsKeyVersion
func (x *CertificateAuthority_KeyVersionSpec) GetCloudKmsKeyVersion() string
func (*CertificateAuthority_KeyVersionSpec) GetKeyVersion
func (m *CertificateAuthority_KeyVersionSpec) GetKeyVersion() isCertificateAuthority_KeyVersionSpec_KeyVersion
func (*CertificateAuthority_KeyVersionSpec) ProtoMessage
func (*CertificateAuthority_KeyVersionSpec) ProtoMessage()
func (*CertificateAuthority_KeyVersionSpec) ProtoReflect
func (x *CertificateAuthority_KeyVersionSpec) ProtoReflect() protoreflect.Message
func (*CertificateAuthority_KeyVersionSpec) Reset
func (x *CertificateAuthority_KeyVersionSpec) Reset()
func (*CertificateAuthority_KeyVersionSpec) String
func (x *CertificateAuthority_KeyVersionSpec) String() string
CertificateAuthority_KeyVersionSpec_Algorithm
type CertificateAuthority_KeyVersionSpec_Algorithm struct {
Algorithm CertificateAuthority_SignHashAlgorithm "" /* 130 byte string literal not displayed */
}
CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion
type CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion struct {
// The resource name for an existing Cloud KMS CryptoKeyVersion in the
// format
// `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
// This option enables full flexibility in the key's capabilities and
// properties.
CloudKmsKeyVersion string `protobuf:"bytes,1,opt,name=cloud_kms_key_version,json=cloudKmsKeyVersion,proto3,oneof"`
}
CertificateAuthority_SignHashAlgorithm
type CertificateAuthority_SignHashAlgorithm int32
The algorithm of a Cloud KMS CryptoKeyVersion of a
[CryptoKey][google.cloud.kms.v1.CryptoKey] with the
[CryptoKeyPurpose][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose] value
ASYMMETRIC_SIGN
. These values correspond to the
[CryptoKeyVersionAlgorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm]
values. For RSA signing algorithms, the PSS algorithms should be preferred,
use PKCS1 algorithms if required for compatibility. For further
recommendations, see
https://cloud.google.com/kms/docs/algorithms#algorithm_recommendations.
CertificateAuthority_SIGN_HASH_ALGORITHM_UNSPECIFIED, CertificateAuthority_RSA_PSS_2048_SHA256, CertificateAuthority_RSA_PSS_3072_SHA256, CertificateAuthority_RSA_PSS_4096_SHA256, CertificateAuthority_RSA_PKCS1_2048_SHA256, CertificateAuthority_RSA_PKCS1_3072_SHA256, CertificateAuthority_RSA_PKCS1_4096_SHA256, CertificateAuthority_EC_P256_SHA256, CertificateAuthority_EC_P384_SHA384
const (
// Not specified.
CertificateAuthority_SIGN_HASH_ALGORITHM_UNSPECIFIED CertificateAuthority_SignHashAlgorithm = 0
// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256
CertificateAuthority_RSA_PSS_2048_SHA256 CertificateAuthority_SignHashAlgorithm = 1
// maps to CryptoKeyVersionAlgorithm. RSA_SIGN_PSS_3072_SHA256
CertificateAuthority_RSA_PSS_3072_SHA256 CertificateAuthority_SignHashAlgorithm = 2
// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_4096_SHA256
CertificateAuthority_RSA_PSS_4096_SHA256 CertificateAuthority_SignHashAlgorithm = 3
// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256
CertificateAuthority_RSA_PKCS1_2048_SHA256 CertificateAuthority_SignHashAlgorithm = 6
// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_3072_SHA256
CertificateAuthority_RSA_PKCS1_3072_SHA256 CertificateAuthority_SignHashAlgorithm = 7
// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_4096_SHA256
CertificateAuthority_RSA_PKCS1_4096_SHA256 CertificateAuthority_SignHashAlgorithm = 8
// maps to CryptoKeyVersionAlgorithm.EC_SIGN_P256_SHA256
CertificateAuthority_EC_P256_SHA256 CertificateAuthority_SignHashAlgorithm = 4
// maps to CryptoKeyVersionAlgorithm.EC_SIGN_P384_SHA384
CertificateAuthority_EC_P384_SHA384 CertificateAuthority_SignHashAlgorithm = 5
)
func (CertificateAuthority_SignHashAlgorithm) Descriptor
func (CertificateAuthority_SignHashAlgorithm) Descriptor() protoreflect.EnumDescriptor
func (CertificateAuthority_SignHashAlgorithm) Enum
func (CertificateAuthority_SignHashAlgorithm) EnumDescriptor
func (CertificateAuthority_SignHashAlgorithm) EnumDescriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_SignHashAlgorithm.Descriptor instead.
func (CertificateAuthority_SignHashAlgorithm) Number
func (x CertificateAuthority_SignHashAlgorithm) Number() protoreflect.EnumNumber
func (CertificateAuthority_SignHashAlgorithm) String
func (x CertificateAuthority_SignHashAlgorithm) String() string
func (CertificateAuthority_SignHashAlgorithm) Type
func (CertificateAuthority_SignHashAlgorithm) Type() protoreflect.EnumType
CertificateAuthority_State
type CertificateAuthority_State int32
The state of a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority], indicating if it can be used.
CertificateAuthority_STATE_UNSPECIFIED, CertificateAuthority_ENABLED, CertificateAuthority_DISABLED, CertificateAuthority_STAGED, CertificateAuthority_AWAITING_USER_ACTIVATION, CertificateAuthority_DELETED
const (
// Not specified.
CertificateAuthority_STATE_UNSPECIFIED CertificateAuthority_State = 0
// Certificates can be issued from this CA. CRLs will be generated for this
// CA. The CA will be part of the
// [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, and
// will be used to issue certificates from the
// [CaPool][google.cloud.security.privateca.v1.CaPool].
CertificateAuthority_ENABLED CertificateAuthority_State = 1
// Certificates cannot be issued from this CA. CRLs will still be generated.
// The CA will be part of the
// [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, but
// will not be used to issue certificates from the
// [CaPool][google.cloud.security.privateca.v1.CaPool].
CertificateAuthority_DISABLED CertificateAuthority_State = 2
// Certificates can be issued from this CA. CRLs will be generated for this
// CA. The CA will be part of the
// [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, but
// will not be used to issue certificates from the
// [CaPool][google.cloud.security.privateca.v1.CaPool].
CertificateAuthority_STAGED CertificateAuthority_State = 3
// Certificates cannot be issued from this CA. CRLs will not be generated.
// The CA will not be part of the
// [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, and
// will not be used to issue certificates from the
// [CaPool][google.cloud.security.privateca.v1.CaPool].
CertificateAuthority_AWAITING_USER_ACTIVATION CertificateAuthority_State = 4
// Certificates cannot be issued from this CA. CRLs will not be generated.
// The CA may still be recovered by calling
// [CertificateAuthorityService.UndeleteCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.UndeleteCertificateAuthority]
// before
// [expire_time][google.cloud.security.privateca.v1.CertificateAuthority.expire_time].
// The CA will not be part of the
// [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, and
// will not be used to issue certificates from the
// [CaPool][google.cloud.security.privateca.v1.CaPool].
CertificateAuthority_DELETED CertificateAuthority_State = 5
)
func (CertificateAuthority_State) Descriptor
func (CertificateAuthority_State) Descriptor() protoreflect.EnumDescriptor
func (CertificateAuthority_State) Enum
func (x CertificateAuthority_State) Enum() *CertificateAuthority_State
func (CertificateAuthority_State) EnumDescriptor
func (CertificateAuthority_State) EnumDescriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_State.Descriptor instead.
func (CertificateAuthority_State) Number
func (x CertificateAuthority_State) Number() protoreflect.EnumNumber
func (CertificateAuthority_State) String
func (x CertificateAuthority_State) String() string
func (CertificateAuthority_State) Type
func (CertificateAuthority_State) Type() protoreflect.EnumType
CertificateAuthority_Type
type CertificateAuthority_Type int32
The type of a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority], indicating its issuing chain.
CertificateAuthority_TYPE_UNSPECIFIED, CertificateAuthority_SELF_SIGNED, CertificateAuthority_SUBORDINATE
const (
// Not specified.
CertificateAuthority_TYPE_UNSPECIFIED CertificateAuthority_Type = 0
// Self-signed CA.
CertificateAuthority_SELF_SIGNED CertificateAuthority_Type = 1
// Subordinate CA. Could be issued by a Private CA
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// or an unmanaged CA.
CertificateAuthority_SUBORDINATE CertificateAuthority_Type = 2
)
func (CertificateAuthority_Type) Descriptor
func (CertificateAuthority_Type) Descriptor() protoreflect.EnumDescriptor
func (CertificateAuthority_Type) Enum
func (x CertificateAuthority_Type) Enum() *CertificateAuthority_Type
func (CertificateAuthority_Type) EnumDescriptor
func (CertificateAuthority_Type) EnumDescriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_Type.Descriptor instead.
func (CertificateAuthority_Type) Number
func (x CertificateAuthority_Type) Number() protoreflect.EnumNumber
func (CertificateAuthority_Type) String
func (x CertificateAuthority_Type) String() string
func (CertificateAuthority_Type) Type
func (CertificateAuthority_Type) Type() protoreflect.EnumType
CertificateConfig
type CertificateConfig struct {
// Required. Specifies some of the values in a certificate that are related to
// the subject.
SubjectConfig *CertificateConfig_SubjectConfig `protobuf:"bytes,1,opt,name=subject_config,json=subjectConfig,proto3" json:"subject_config,omitempty"`
// Required. Describes how some of the technical X.509 fields in a certificate
// should be populated.
X509Config *X509Parameters `protobuf:"bytes,2,opt,name=x509_config,json=x509Config,proto3" json:"x509_config,omitempty"`
// Optional. The public key that corresponds to this config. This is, for
// example, used when issuing
// [Certificates][google.cloud.security.privateca.v1.Certificate], but not
// when creating a self-signed
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// or
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// CSR.
PublicKey *PublicKey `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
// contains filtered or unexported fields
}
A [CertificateConfig][google.cloud.security.privateca.v1.CertificateConfig] describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.
func (*CertificateConfig) Descriptor
func (*CertificateConfig) Descriptor() ([]byte, []int)
Deprecated: Use CertificateConfig.ProtoReflect.Descriptor instead.
func (*CertificateConfig) GetPublicKey
func (x *CertificateConfig) GetPublicKey() *PublicKey
func (*CertificateConfig) GetSubjectConfig
func (x *CertificateConfig) GetSubjectConfig() *CertificateConfig_SubjectConfig
func (*CertificateConfig) GetX509Config
func (x *CertificateConfig) GetX509Config() *X509Parameters
func (*CertificateConfig) ProtoMessage
func (*CertificateConfig) ProtoMessage()
func (*CertificateConfig) ProtoReflect
func (x *CertificateConfig) ProtoReflect() protoreflect.Message
func (*CertificateConfig) Reset
func (x *CertificateConfig) Reset()
func (*CertificateConfig) String
func (x *CertificateConfig) String() string
CertificateConfig_SubjectConfig
type CertificateConfig_SubjectConfig struct {
// Required. Contains distinguished name fields such as the common name,
// location and organization.
Subject *Subject `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
// Optional. The subject alternative name fields.
SubjectAltName *SubjectAltNames `protobuf:"bytes,2,opt,name=subject_alt_name,json=subjectAltName,proto3" json:"subject_alt_name,omitempty"`
// contains filtered or unexported fields
}
These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.
func (*CertificateConfig_SubjectConfig) Descriptor
func (*CertificateConfig_SubjectConfig) Descriptor() ([]byte, []int)
Deprecated: Use CertificateConfig_SubjectConfig.ProtoReflect.Descriptor instead.
func (*CertificateConfig_SubjectConfig) GetSubject
func (x *CertificateConfig_SubjectConfig) GetSubject() *Subject
func (*CertificateConfig_SubjectConfig) GetSubjectAltName
func (x *CertificateConfig_SubjectConfig) GetSubjectAltName() *SubjectAltNames
func (*CertificateConfig_SubjectConfig) ProtoMessage
func (*CertificateConfig_SubjectConfig) ProtoMessage()
func (*CertificateConfig_SubjectConfig) ProtoReflect
func (x *CertificateConfig_SubjectConfig) ProtoReflect() protoreflect.Message
func (*CertificateConfig_SubjectConfig) Reset
func (x *CertificateConfig_SubjectConfig) Reset()
func (*CertificateConfig_SubjectConfig) String
func (x *CertificateConfig_SubjectConfig) String() string
CertificateDescription
type CertificateDescription struct {
SubjectDescription *CertificateDescription_SubjectDescription `protobuf:"bytes,1,opt,name=subject_description,json=subjectDescription,proto3" json:"subject_description,omitempty"`
X509Description *X509Parameters `protobuf:"bytes,2,opt,name=x509_description,json=x509Description,proto3" json:"x509_description,omitempty"`
PublicKey *PublicKey `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
SubjectKeyId *CertificateDescription_KeyId `protobuf:"bytes,4,opt,name=subject_key_id,json=subjectKeyId,proto3" json:"subject_key_id,omitempty"`
AuthorityKeyId *CertificateDescription_KeyId `protobuf:"bytes,5,opt,name=authority_key_id,json=authorityKeyId,proto3" json:"authority_key_id,omitempty"`
CrlDistributionPoints []string `protobuf:"bytes,6,rep,name=crl_distribution_points,json=crlDistributionPoints,proto3" json:"crl_distribution_points,omitempty"`
AiaIssuingCertificateUrls []string "" /* 140 byte string literal not displayed */
CertFingerprint *CertificateDescription_CertificateFingerprint `protobuf:"bytes,8,opt,name=cert_fingerprint,json=certFingerprint,proto3" json:"cert_fingerprint,omitempty"`
}
A [CertificateDescription][google.cloud.security.privateca.v1.CertificateDescription] describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.
func (*CertificateDescription) Descriptor
func (*CertificateDescription) Descriptor() ([]byte, []int)
Deprecated: Use CertificateDescription.ProtoReflect.Descriptor instead.
func (*CertificateDescription) GetAiaIssuingCertificateUrls
func (x *CertificateDescription) GetAiaIssuingCertificateUrls() []string
func (*CertificateDescription) GetAuthorityKeyId
func (x *CertificateDescription) GetAuthorityKeyId() *CertificateDescription_KeyId
func (*CertificateDescription) GetCertFingerprint
func (x *CertificateDescription) GetCertFingerprint() *CertificateDescription_CertificateFingerprint
func (*CertificateDescription) GetCrlDistributionPoints
func (x *CertificateDescription) GetCrlDistributionPoints() []string
func (*CertificateDescription) GetPublicKey
func (x *CertificateDescription) GetPublicKey() *PublicKey
func (*CertificateDescription) GetSubjectDescription
func (x *CertificateDescription) GetSubjectDescription() *CertificateDescription_SubjectDescription
func (*CertificateDescription) GetSubjectKeyId
func (x *CertificateDescription) GetSubjectKeyId() *CertificateDescription_KeyId
func (*CertificateDescription) GetX509Description
func (x *CertificateDescription) GetX509Description() *X509Parameters
func (*CertificateDescription) ProtoMessage
func (*CertificateDescription) ProtoMessage()
func (*CertificateDescription) ProtoReflect
func (x *CertificateDescription) ProtoReflect() protoreflect.Message
func (*CertificateDescription) Reset
func (x *CertificateDescription) Reset()
func (*CertificateDescription) String
func (x *CertificateDescription) String() string
CertificateDescription_CertificateFingerprint
type CertificateDescription_CertificateFingerprint struct {
// The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
Sha256Hash string `protobuf:"bytes,1,opt,name=sha256_hash,json=sha256Hash,proto3" json:"sha256_hash,omitempty"`
// contains filtered or unexported fields
}
A group of fingerprints for the x509 certificate.
func (*CertificateDescription_CertificateFingerprint) Descriptor
func (*CertificateDescription_CertificateFingerprint) Descriptor() ([]byte, []int)
Deprecated: Use CertificateDescription_CertificateFingerprint.ProtoReflect.Descriptor instead.
func (*CertificateDescription_CertificateFingerprint) GetSha256Hash
func (x *CertificateDescription_CertificateFingerprint) GetSha256Hash() string
func (*CertificateDescription_CertificateFingerprint) ProtoMessage
func (*CertificateDescription_CertificateFingerprint) ProtoMessage()
func (*CertificateDescription_CertificateFingerprint) ProtoReflect
func (x *CertificateDescription_CertificateFingerprint) ProtoReflect() protoreflect.Message
func (*CertificateDescription_CertificateFingerprint) Reset
func (x *CertificateDescription_CertificateFingerprint) Reset()
func (*CertificateDescription_CertificateFingerprint) String
func (x *CertificateDescription_CertificateFingerprint) String() string
CertificateDescription_KeyId
type CertificateDescription_KeyId struct {
// Optional. The value of this KeyId encoded in lowercase hexadecimal. This
// is most likely the 160 bit SHA-1 hash of the public key.
KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
// contains filtered or unexported fields
}
A KeyId identifies a specific public key, usually by hashing the public key.
func (*CertificateDescription_KeyId) Descriptor
func (*CertificateDescription_KeyId) Descriptor() ([]byte, []int)
Deprecated: Use CertificateDescription_KeyId.ProtoReflect.Descriptor instead.
func (*CertificateDescription_KeyId) GetKeyId
func (x *CertificateDescription_KeyId) GetKeyId() string
func (*CertificateDescription_KeyId) ProtoMessage
func (*CertificateDescription_KeyId) ProtoMessage()
func (*CertificateDescription_KeyId) ProtoReflect
func (x *CertificateDescription_KeyId) ProtoReflect() protoreflect.Message
func (*CertificateDescription_KeyId) Reset
func (x *CertificateDescription_KeyId) Reset()
func (*CertificateDescription_KeyId) String
func (x *CertificateDescription_KeyId) String() string
CertificateDescription_SubjectDescription
type CertificateDescription_SubjectDescription struct {
// Contains distinguished name fields such as the common name, location and
// / organization.
Subject *Subject `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
// The subject alternative name fields.
SubjectAltName *SubjectAltNames `protobuf:"bytes,2,opt,name=subject_alt_name,json=subjectAltName,proto3" json:"subject_alt_name,omitempty"`
// The serial number encoded in lowercase hexadecimal.
HexSerialNumber string `protobuf:"bytes,3,opt,name=hex_serial_number,json=hexSerialNumber,proto3" json:"hex_serial_number,omitempty"`
// For convenience, the actual lifetime of an issued certificate.
Lifetime *durationpb.Duration `protobuf:"bytes,4,opt,name=lifetime,proto3" json:"lifetime,omitempty"`
// The time at which the certificate becomes valid.
NotBeforeTime *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=not_before_time,json=notBeforeTime,proto3" json:"not_before_time,omitempty"`
// The time after which the certificate is expired.
// Per RFC 5280, the validity period for a certificate is the period of time
// from not_before_time through not_after_time, inclusive.
// Corresponds to 'not_before_time' + 'lifetime' - 1 second.
NotAfterTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=not_after_time,json=notAfterTime,proto3" json:"not_after_time,omitempty"`
// contains filtered or unexported fields
}
These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime.
func (*CertificateDescription_SubjectDescription) Descriptor
func (*CertificateDescription_SubjectDescription) Descriptor() ([]byte, []int)
Deprecated: Use CertificateDescription_SubjectDescription.ProtoReflect.Descriptor instead.
func (*CertificateDescription_SubjectDescription) GetHexSerialNumber
func (x *CertificateDescription_SubjectDescription) GetHexSerialNumber() string
func (*CertificateDescription_SubjectDescription) GetLifetime
func (x *CertificateDescription_SubjectDescription) GetLifetime() *durationpb.Duration
func (*CertificateDescription_SubjectDescription) GetNotAfterTime
func (x *CertificateDescription_SubjectDescription) GetNotAfterTime() *timestamppb.Timestamp
func (*CertificateDescription_SubjectDescription) GetNotBeforeTime
func (x *CertificateDescription_SubjectDescription) GetNotBeforeTime() *timestamppb.Timestamp
func (*CertificateDescription_SubjectDescription) GetSubject
func (x *CertificateDescription_SubjectDescription) GetSubject() *Subject
func (*CertificateDescription_SubjectDescription) GetSubjectAltName
func (x *CertificateDescription_SubjectDescription) GetSubjectAltName() *SubjectAltNames
func (*CertificateDescription_SubjectDescription) ProtoMessage
func (*CertificateDescription_SubjectDescription) ProtoMessage()
func (*CertificateDescription_SubjectDescription) ProtoReflect
func (x *CertificateDescription_SubjectDescription) ProtoReflect() protoreflect.Message
func (*CertificateDescription_SubjectDescription) Reset
func (x *CertificateDescription_SubjectDescription) Reset()
func (*CertificateDescription_SubjectDescription) String
func (x *CertificateDescription_SubjectDescription) String() string
CertificateExtensionConstraints
type CertificateExtensionConstraints struct {
KnownExtensions []CertificateExtensionConstraints_KnownCertificateExtension "" /* 212 byte string literal not displayed */
AdditionalExtensions []*ObjectId `protobuf:"bytes,2,rep,name=additional_extensions,json=additionalExtensions,proto3" json:"additional_extensions,omitempty"`
}
Describes a set of X.509 extensions that may be part of some certificate issuance controls.
func (*CertificateExtensionConstraints) Descriptor
func (*CertificateExtensionConstraints) Descriptor() ([]byte, []int)
Deprecated: Use CertificateExtensionConstraints.ProtoReflect.Descriptor instead.
func (*CertificateExtensionConstraints) GetAdditionalExtensions
func (x *CertificateExtensionConstraints) GetAdditionalExtensions() []*ObjectId
func (*CertificateExtensionConstraints) GetKnownExtensions
func (x *CertificateExtensionConstraints) GetKnownExtensions() []CertificateExtensionConstraints_KnownCertificateExtension
func (*CertificateExtensionConstraints) ProtoMessage
func (*CertificateExtensionConstraints) ProtoMessage()
func (*CertificateExtensionConstraints) ProtoReflect
func (x *CertificateExtensionConstraints) ProtoReflect() protoreflect.Message
func (*CertificateExtensionConstraints) Reset
func (x *CertificateExtensionConstraints) Reset()
func (*CertificateExtensionConstraints) String
func (x *CertificateExtensionConstraints) String() string
CertificateExtensionConstraints_KnownCertificateExtension
type CertificateExtensionConstraints_KnownCertificateExtension int32
Describes well-known X.509 extensions that can appear in a [Certificate][google.cloud.security.privateca.v1.Certificate], not including the [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] extension.
CertificateExtensionConstraints_KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED, CertificateExtensionConstraints_BASE_KEY_USAGE, CertificateExtensionConstraints_EXTENDED_KEY_USAGE, CertificateExtensionConstraints_CA_OPTIONS, CertificateExtensionConstraints_POLICY_IDS, CertificateExtensionConstraints_AIA_OCSP_SERVERS, CertificateExtensionConstraints_NAME_CONSTRAINTS
const (
// Not specified.
CertificateExtensionConstraints_KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED CertificateExtensionConstraints_KnownCertificateExtension = 0
// Refers to a certificate's Key Usage extension, as described in [RFC 5280
// section 4.2.1.3](https://tools.ietf.org/html/rfc5280#section-4.2.1.3).
// This corresponds to the
// [KeyUsage.base_key_usage][google.cloud.security.privateca.v1.KeyUsage.base_key_usage]
// field.
CertificateExtensionConstraints_BASE_KEY_USAGE CertificateExtensionConstraints_KnownCertificateExtension = 1
// Refers to a certificate's Extended Key Usage extension, as described in
// [RFC 5280
// section 4.2.1.12](https://tools.ietf.org/html/rfc5280#section-4.2.1.12).
// This corresponds to the
// [KeyUsage.extended_key_usage][google.cloud.security.privateca.v1.KeyUsage.extended_key_usage]
// message.
CertificateExtensionConstraints_EXTENDED_KEY_USAGE CertificateExtensionConstraints_KnownCertificateExtension = 2
// Refers to a certificate's Basic Constraints extension, as described in
// [RFC 5280
// section 4.2.1.9](https://tools.ietf.org/html/rfc5280#section-4.2.1.9).
// This corresponds to the
// [X509Parameters.ca_options][google.cloud.security.privateca.v1.X509Parameters.ca_options]
// field.
CertificateExtensionConstraints_CA_OPTIONS CertificateExtensionConstraints_KnownCertificateExtension = 3
// Refers to a certificate's Policy object identifiers, as described in
// [RFC 5280
// section 4.2.1.4](https://tools.ietf.org/html/rfc5280#section-4.2.1.4).
// This corresponds to the
// [X509Parameters.policy_ids][google.cloud.security.privateca.v1.X509Parameters.policy_ids]
// field.
CertificateExtensionConstraints_POLICY_IDS CertificateExtensionConstraints_KnownCertificateExtension = 4
// Refers to OCSP servers in a certificate's Authority Information Access
// extension, as described in
// [RFC 5280
// section 4.2.2.1](https://tools.ietf.org/html/rfc5280#section-4.2.2.1),
// This corresponds to the
// [X509Parameters.aia_ocsp_servers][google.cloud.security.privateca.v1.X509Parameters.aia_ocsp_servers]
// field.
CertificateExtensionConstraints_AIA_OCSP_SERVERS CertificateExtensionConstraints_KnownCertificateExtension = 5
// Refers to Name Constraints extension as described in
// [RFC 5280
// section 4.2.1.10](https://tools.ietf.org/html/rfc5280#section-4.2.1.10)
CertificateExtensionConstraints_NAME_CONSTRAINTS CertificateExtensionConstraints_KnownCertificateExtension = 6
)
func (CertificateExtensionConstraints_KnownCertificateExtension) Descriptor
func (CertificateExtensionConstraints_KnownCertificateExtension) Descriptor() protoreflect.EnumDescriptor
func (CertificateExtensionConstraints_KnownCertificateExtension) Enum
func (x CertificateExtensionConstraints_KnownCertificateExtension) Enum() *CertificateExtensionConstraints_KnownCertificateExtension
func (CertificateExtensionConstraints_KnownCertificateExtension) EnumDescriptor
func (CertificateExtensionConstraints_KnownCertificateExtension) EnumDescriptor() ([]byte, []int)
Deprecated: Use CertificateExtensionConstraints_KnownCertificateExtension.Descriptor instead.
func (CertificateExtensionConstraints_KnownCertificateExtension) Number
func (x CertificateExtensionConstraints_KnownCertificateExtension) Number() protoreflect.EnumNumber
func (CertificateExtensionConstraints_KnownCertificateExtension) String
func (x CertificateExtensionConstraints_KnownCertificateExtension) String() string
func (CertificateExtensionConstraints_KnownCertificateExtension) Type
CertificateIdentityConstraints
type CertificateIdentityConstraints struct {
CelExpression *expr.Expr `protobuf:"bytes,1,opt,name=cel_expression,json=celExpression,proto3" json:"cel_expression,omitempty"`
AllowSubjectPassthrough *bool "" /* 139 byte string literal not displayed */
AllowSubjectAltNamesPassthrough *bool "" /* 167 byte string literal not displayed */
}
Describes constraints on a [Certificate][google.cloud.security.privateca.v1.Certificate]'s [Subject][google.cloud.security.privateca.v1.Subject] and [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames].
func (*CertificateIdentityConstraints) Descriptor
func (*CertificateIdentityConstraints) Descriptor() ([]byte, []int)
Deprecated: Use CertificateIdentityConstraints.ProtoReflect.Descriptor instead.
func (*CertificateIdentityConstraints) GetAllowSubjectAltNamesPassthrough
func (x *CertificateIdentityConstraints) GetAllowSubjectAltNamesPassthrough() bool
func (*CertificateIdentityConstraints) GetAllowSubjectPassthrough
func (x *CertificateIdentityConstraints) GetAllowSubjectPassthrough() bool
func (*CertificateIdentityConstraints) GetCelExpression
func (x *CertificateIdentityConstraints) GetCelExpression() *expr.Expr
func (*CertificateIdentityConstraints) ProtoMessage
func (*CertificateIdentityConstraints) ProtoMessage()
func (*CertificateIdentityConstraints) ProtoReflect
func (x *CertificateIdentityConstraints) ProtoReflect() protoreflect.Message
func (*CertificateIdentityConstraints) Reset
func (x *CertificateIdentityConstraints) Reset()
func (*CertificateIdentityConstraints) String
func (x *CertificateIdentityConstraints) String() string
CertificateRevocationList
type CertificateRevocationList struct {
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
SequenceNumber int64 `protobuf:"varint,2,opt,name=sequence_number,json=sequenceNumber,proto3" json:"sequence_number,omitempty"`
RevokedCertificates []*CertificateRevocationList_RevokedCertificate `protobuf:"bytes,3,rep,name=revoked_certificates,json=revokedCertificates,proto3" json:"revoked_certificates,omitempty"`
PemCrl string `protobuf:"bytes,4,opt,name=pem_crl,json=pemCrl,proto3" json:"pem_crl,omitempty"`
AccessUrl string `protobuf:"bytes,5,opt,name=access_url,json=accessUrl,proto3" json:"access_url,omitempty"`
State CertificateRevocationList_State "" /* 136 byte string literal not displayed */
CreateTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
UpdateTime *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`
RevisionId string `protobuf:"bytes,9,opt,name=revision_id,json=revisionId,proto3" json:"revision_id,omitempty"`
Labels map[string]string "" /* 154 byte string literal not displayed */
}
A [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList] corresponds to a signed X.509 certificate Revocation List (CRL). A CRL contains the serial numbers of certificates that should no longer be trusted.
func (*CertificateRevocationList) Descriptor
func (*CertificateRevocationList) Descriptor() ([]byte, []int)
Deprecated: Use CertificateRevocationList.ProtoReflect.Descriptor instead.
func (*CertificateRevocationList) GetAccessUrl
func (x *CertificateRevocationList) GetAccessUrl() string
func (*CertificateRevocationList) GetCreateTime
func (x *CertificateRevocationList) GetCreateTime() *timestamppb.Timestamp
func (*CertificateRevocationList) GetLabels
func (x *CertificateRevocationList) GetLabels() map[string]string
func (*CertificateRevocationList) GetName
func (x *CertificateRevocationList) GetName() string
func (*CertificateRevocationList) GetPemCrl
func (x *CertificateRevocationList) GetPemCrl() string
func (*CertificateRevocationList) GetRevisionId
func (x *CertificateRevocationList) GetRevisionId() string
func (*CertificateRevocationList) GetRevokedCertificates
func (x *CertificateRevocationList) GetRevokedCertificates() []*CertificateRevocationList_RevokedCertificate
func (*CertificateRevocationList) GetSequenceNumber
func (x *CertificateRevocationList) GetSequenceNumber() int64
func (*CertificateRevocationList) GetState
func (x *CertificateRevocationList) GetState() CertificateRevocationList_State
func (*CertificateRevocationList) GetUpdateTime
func (x *CertificateRevocationList) GetUpdateTime() *timestamppb.Timestamp
func (*CertificateRevocationList) ProtoMessage
func (*CertificateRevocationList) ProtoMessage()
func (*CertificateRevocationList) ProtoReflect
func (x *CertificateRevocationList) ProtoReflect() protoreflect.Message
func (*CertificateRevocationList) Reset
func (x *CertificateRevocationList) Reset()
func (*CertificateRevocationList) String
func (x *CertificateRevocationList) String() string
CertificateRevocationList_RevokedCertificate
type CertificateRevocationList_RevokedCertificate struct {
Certificate string `protobuf:"bytes,1,opt,name=certificate,proto3" json:"certificate,omitempty"`
HexSerialNumber string `protobuf:"bytes,2,opt,name=hex_serial_number,json=hexSerialNumber,proto3" json:"hex_serial_number,omitempty"`
RevocationReason RevocationReason "" /* 167 byte string literal not displayed */
}
Describes a revoked [Certificate][google.cloud.security.privateca.v1.Certificate].
func (*CertificateRevocationList_RevokedCertificate) Descriptor
func (*CertificateRevocationList_RevokedCertificate) Descriptor() ([]byte, []int)
Deprecated: Use CertificateRevocationList_RevokedCertificate.ProtoReflect.Descriptor instead.
func (*CertificateRevocationList_RevokedCertificate) GetCertificate
func (x *CertificateRevocationList_RevokedCertificate) GetCertificate() string
func (*CertificateRevocationList_RevokedCertificate) GetHexSerialNumber
func (x *CertificateRevocationList_RevokedCertificate) GetHexSerialNumber() string
func (*CertificateRevocationList_RevokedCertificate) GetRevocationReason
func (x *CertificateRevocationList_RevokedCertificate) GetRevocationReason() RevocationReason
func (*CertificateRevocationList_RevokedCertificate) ProtoMessage
func (*CertificateRevocationList_RevokedCertificate) ProtoMessage()
func (*CertificateRevocationList_RevokedCertificate) ProtoReflect
func (x *CertificateRevocationList_RevokedCertificate) ProtoReflect() protoreflect.Message
func (*CertificateRevocationList_RevokedCertificate) Reset
func (x *CertificateRevocationList_RevokedCertificate) Reset()
func (*CertificateRevocationList_RevokedCertificate) String
func (x *CertificateRevocationList_RevokedCertificate) String() string
CertificateRevocationList_State
type CertificateRevocationList_State int32
The state of a [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList], indicating if it is current.
CertificateRevocationList_STATE_UNSPECIFIED, CertificateRevocationList_ACTIVE, CertificateRevocationList_SUPERSEDED
const (
// Not specified.
CertificateRevocationList_STATE_UNSPECIFIED CertificateRevocationList_State = 0
// The
// [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList]
// is up to date.
CertificateRevocationList_ACTIVE CertificateRevocationList_State = 1
// The
// [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList]
// is no longer current.
CertificateRevocationList_SUPERSEDED CertificateRevocationList_State = 2
)
func (CertificateRevocationList_State) Descriptor
func (CertificateRevocationList_State) Descriptor() protoreflect.EnumDescriptor
func (CertificateRevocationList_State) Enum
func (x CertificateRevocationList_State) Enum() *CertificateRevocationList_State
func (CertificateRevocationList_State) EnumDescriptor
func (CertificateRevocationList_State) EnumDescriptor() ([]byte, []int)
Deprecated: Use CertificateRevocationList_State.Descriptor instead.
func (CertificateRevocationList_State) Number
func (x CertificateRevocationList_State) Number() protoreflect.EnumNumber
func (CertificateRevocationList_State) String
func (x CertificateRevocationList_State) String() string
func (CertificateRevocationList_State) Type
func (CertificateRevocationList_State) Type() protoreflect.EnumType
CertificateTemplate
type CertificateTemplate struct {
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
PredefinedValues *X509Parameters `protobuf:"bytes,2,opt,name=predefined_values,json=predefinedValues,proto3" json:"predefined_values,omitempty"`
IdentityConstraints *CertificateIdentityConstraints `protobuf:"bytes,3,opt,name=identity_constraints,json=identityConstraints,proto3" json:"identity_constraints,omitempty"`
PassthroughExtensions *CertificateExtensionConstraints `protobuf:"bytes,4,opt,name=passthrough_extensions,json=passthroughExtensions,proto3" json:"passthrough_extensions,omitempty"`
Description string `protobuf:"bytes,5,opt,name=description,proto3" json:"description,omitempty"`
CreateTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
UpdateTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`
Labels map[string]string "" /* 153 byte string literal not displayed */
}
A [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] refers to a managed template for certificate issuance.
func (*CertificateTemplate) Descriptor
func (*CertificateTemplate) Descriptor() ([]byte, []int)
Deprecated: Use CertificateTemplate.ProtoReflect.Descriptor instead.
func (*CertificateTemplate) GetCreateTime
func (x *CertificateTemplate) GetCreateTime() *timestamppb.Timestamp
func (*CertificateTemplate) GetDescription
func (x *CertificateTemplate) GetDescription() string
func (*CertificateTemplate) GetIdentityConstraints
func (x *CertificateTemplate) GetIdentityConstraints() *CertificateIdentityConstraints
func (*CertificateTemplate) GetLabels
func (x *CertificateTemplate) GetLabels() map[string]string
func (*CertificateTemplate) GetName
func (x *CertificateTemplate) GetName() string
func (*CertificateTemplate) GetPassthroughExtensions
func (x *CertificateTemplate) GetPassthroughExtensions() *CertificateExtensionConstraints
func (*CertificateTemplate) GetPredefinedValues
func (x *CertificateTemplate) GetPredefinedValues() *X509Parameters
func (*CertificateTemplate) GetUpdateTime
func (x *CertificateTemplate) GetUpdateTime() *timestamppb.Timestamp
func (*CertificateTemplate) ProtoMessage
func (*CertificateTemplate) ProtoMessage()
func (*CertificateTemplate) ProtoReflect
func (x *CertificateTemplate) ProtoReflect() protoreflect.Message
func (*CertificateTemplate) Reset
func (x *CertificateTemplate) Reset()
func (*CertificateTemplate) String
func (x *CertificateTemplate) String() string
Certificate_Config
type Certificate_Config struct {
// Immutable. A description of the certificate and key that does not require
// X.509 or ASN.1.
Config *CertificateConfig `protobuf:"bytes,3,opt,name=config,proto3,oneof"`
}
Certificate_PemCsr
type Certificate_PemCsr struct {
// Immutable. A pem-encoded X.509 certificate signing request (CSR).
PemCsr string `protobuf:"bytes,2,opt,name=pem_csr,json=pemCsr,proto3,oneof"`
}
Certificate_RevocationDetails
type Certificate_RevocationDetails struct {
RevocationState RevocationReason "" /* 164 byte string literal not displayed */
RevocationTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=revocation_time,json=revocationTime,proto3" json:"revocation_time,omitempty"`
}
Describes fields that are relavent to the revocation of a [Certificate][google.cloud.security.privateca.v1.Certificate].
func (*Certificate_RevocationDetails) Descriptor
func (*Certificate_RevocationDetails) Descriptor() ([]byte, []int)
Deprecated: Use Certificate_RevocationDetails.ProtoReflect.Descriptor instead.
func (*Certificate_RevocationDetails) GetRevocationState
func (x *Certificate_RevocationDetails) GetRevocationState() RevocationReason
func (*Certificate_RevocationDetails) GetRevocationTime
func (x *Certificate_RevocationDetails) GetRevocationTime() *timestamppb.Timestamp
func (*Certificate_RevocationDetails) ProtoMessage
func (*Certificate_RevocationDetails) ProtoMessage()
func (*Certificate_RevocationDetails) ProtoReflect
func (x *Certificate_RevocationDetails) ProtoReflect() protoreflect.Message
func (*Certificate_RevocationDetails) Reset
func (x *Certificate_RevocationDetails) Reset()
func (*Certificate_RevocationDetails) String
func (x *Certificate_RevocationDetails) String() string
CreateCaPoolRequest
type CreateCaPoolRequest struct {
// Required. The resource name of the location associated with the
// [CaPool][google.cloud.security.privateca.v1.CaPool], in the format
// `projects/*/locations/*`.
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Required. It must be unique within a location and match the regular
// expression `[a-zA-Z0-9_-]{1,63}`
CaPoolId string `protobuf:"bytes,2,opt,name=ca_pool_id,json=caPoolId,proto3" json:"ca_pool_id,omitempty"`
// Required. A [CaPool][google.cloud.security.privateca.v1.CaPool] with
// initial field values.
CaPool *CaPool `protobuf:"bytes,3,opt,name=ca_pool,json=caPool,proto3" json:"ca_pool,omitempty"`
// Optional. An ID to identify requests. Specify a unique request ID so that
// if you must retry your request, the server will know to ignore the request
// if it has already been completed. The server will guarantee that for at
// least 60 minutes since the first request.
//
// For example, consider a situation where you make an initial request and
// the request times out. If you make the request again with the same request
// ID, the server can check if original operation with the same request ID
// was received, and if so, will ignore the second request. This prevents
// clients from accidentally creating duplicate commitments.
//
// The request ID must be a valid UUID with the exception that zero UUID is
// not supported (00000000-0000-0000-0000-000000000000).
RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.CreateCaPool][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCaPool].
func (*CreateCaPoolRequest) Descriptor
func (*CreateCaPoolRequest) Descriptor() ([]byte, []int)
Deprecated: Use CreateCaPoolRequest.ProtoReflect.Descriptor instead.
func (*CreateCaPoolRequest) GetCaPool
func (x *CreateCaPoolRequest) GetCaPool() *CaPool
func (*CreateCaPoolRequest) GetCaPoolId
func (x *CreateCaPoolRequest) GetCaPoolId() string
func (*CreateCaPoolRequest) GetParent
func (x *CreateCaPoolRequest) GetParent() string
func (*CreateCaPoolRequest) GetRequestId
func (x *CreateCaPoolRequest) GetRequestId() string
func (*CreateCaPoolRequest) ProtoMessage
func (*CreateCaPoolRequest) ProtoMessage()
func (*CreateCaPoolRequest) ProtoReflect
func (x *CreateCaPoolRequest) ProtoReflect() protoreflect.Message
func (*CreateCaPoolRequest) Reset
func (x *CreateCaPoolRequest) Reset()
func (*CreateCaPoolRequest) String
func (x *CreateCaPoolRequest) String() string
CreateCertificateAuthorityRequest
type CreateCertificateAuthorityRequest struct {
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
CertificateAuthorityId string "" /* 129 byte string literal not displayed */
CertificateAuthority *CertificateAuthority `protobuf:"bytes,3,opt,name=certificate_authority,json=certificateAuthority,proto3" json:"certificate_authority,omitempty"`
RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
}
Request message for [CertificateAuthorityService.CreateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCertificateAuthority].
func (*CreateCertificateAuthorityRequest) Descriptor
func (*CreateCertificateAuthorityRequest) Descriptor() ([]byte, []int)
Deprecated: Use CreateCertificateAuthorityRequest.ProtoReflect.Descriptor instead.
func (*CreateCertificateAuthorityRequest) GetCertificateAuthority
func (x *CreateCertificateAuthorityRequest) GetCertificateAuthority() *CertificateAuthority
func (*CreateCertificateAuthorityRequest) GetCertificateAuthorityId
func (x *CreateCertificateAuthorityRequest) GetCertificateAuthorityId() string
func (*CreateCertificateAuthorityRequest) GetParent
func (x *CreateCertificateAuthorityRequest) GetParent() string
func (*CreateCertificateAuthorityRequest) GetRequestId
func (x *CreateCertificateAuthorityRequest) GetRequestId() string
func (*CreateCertificateAuthorityRequest) ProtoMessage
func (*CreateCertificateAuthorityRequest) ProtoMessage()
func (*CreateCertificateAuthorityRequest) ProtoReflect
func (x *CreateCertificateAuthorityRequest) ProtoReflect() protoreflect.Message
func (*CreateCertificateAuthorityRequest) Reset
func (x *CreateCertificateAuthorityRequest) Reset()
func (*CreateCertificateAuthorityRequest) String
func (x *CreateCertificateAuthorityRequest) String() string
CreateCertificateRequest
type CreateCertificateRequest struct {
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
CertificateId string `protobuf:"bytes,2,opt,name=certificate_id,json=certificateId,proto3" json:"certificate_id,omitempty"`
Certificate *Certificate `protobuf:"bytes,3,opt,name=certificate,proto3" json:"certificate,omitempty"`
RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
ValidateOnly bool `protobuf:"varint,5,opt,name=validate_only,json=validateOnly,proto3" json:"validate_only,omitempty"`
IssuingCertificateAuthorityId string "" /* 152 byte string literal not displayed */
}
Request message for [CertificateAuthorityService.CreateCertificate][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCertificate].
func (*CreateCertificateRequest) Descriptor
func (*CreateCertificateRequest) Descriptor() ([]byte, []int)
Deprecated: Use CreateCertificateRequest.ProtoReflect.Descriptor instead.
func (*CreateCertificateRequest) GetCertificate
func (x *CreateCertificateRequest) GetCertificate() *Certificate
func (*CreateCertificateRequest) GetCertificateId
func (x *CreateCertificateRequest) GetCertificateId() string
func (*CreateCertificateRequest) GetIssuingCertificateAuthorityId
func (x *CreateCertificateRequest) GetIssuingCertificateAuthorityId() string
func (*CreateCertificateRequest) GetParent
func (x *CreateCertificateRequest) GetParent() string
func (*CreateCertificateRequest) GetRequestId
func (x *CreateCertificateRequest) GetRequestId() string
func (*CreateCertificateRequest) GetValidateOnly
func (x *CreateCertificateRequest) GetValidateOnly() bool
func (*CreateCertificateRequest) ProtoMessage
func (*CreateCertificateRequest) ProtoMessage()
func (*CreateCertificateRequest) ProtoReflect
func (x *CreateCertificateRequest) ProtoReflect() protoreflect.Message
func (*CreateCertificateRequest) Reset
func (x *CreateCertificateRequest) Reset()
func (*CreateCertificateRequest) String
func (x *CreateCertificateRequest) String() string
CreateCertificateTemplateRequest
type CreateCertificateTemplateRequest struct {
// Required. The resource name of the location associated with the
// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate],
// in the format `projects/*/locations/*`.
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Required. It must be unique within a location and match the regular
// expression `[a-zA-Z0-9_-]{1,63}`
CertificateTemplateId string `protobuf:"bytes,2,opt,name=certificate_template_id,json=certificateTemplateId,proto3" json:"certificate_template_id,omitempty"`
// Required. A
// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
// with initial field values.
CertificateTemplate *CertificateTemplate `protobuf:"bytes,3,opt,name=certificate_template,json=certificateTemplate,proto3" json:"certificate_template,omitempty"`
// Optional. An ID to identify requests. Specify a unique request ID so that
// if you must retry your request, the server will know to ignore the request
// if it has already been completed. The server will guarantee that for at
// least 60 minutes since the first request.
//
// For example, consider a situation where you make an initial request and
// the request times out. If you make the request again with the same request
// ID, the server can check if original operation with the same request ID
// was received, and if so, will ignore the second request. This prevents
// clients from accidentally creating duplicate commitments.
//
// The request ID must be a valid UUID with the exception that zero UUID is
// not supported (00000000-0000-0000-0000-000000000000).
RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.CreateCertificateTemplate][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCertificateTemplate].
func (*CreateCertificateTemplateRequest) Descriptor
func (*CreateCertificateTemplateRequest) Descriptor() ([]byte, []int)
Deprecated: Use CreateCertificateTemplateRequest.ProtoReflect.Descriptor instead.
func (*CreateCertificateTemplateRequest) GetCertificateTemplate
func (x *CreateCertificateTemplateRequest) GetCertificateTemplate() *CertificateTemplate
func (*CreateCertificateTemplateRequest) GetCertificateTemplateId
func (x *CreateCertificateTemplateRequest) GetCertificateTemplateId() string
func (*CreateCertificateTemplateRequest) GetParent
func (x *CreateCertificateTemplateRequest) GetParent() string
func (*CreateCertificateTemplateRequest) GetRequestId
func (x *CreateCertificateTemplateRequest) GetRequestId() string
func (*CreateCertificateTemplateRequest) ProtoMessage
func (*CreateCertificateTemplateRequest) ProtoMessage()
func (*CreateCertificateTemplateRequest) ProtoReflect
func (x *CreateCertificateTemplateRequest) ProtoReflect() protoreflect.Message
func (*CreateCertificateTemplateRequest) Reset
func (x *CreateCertificateTemplateRequest) Reset()
func (*CreateCertificateTemplateRequest) String
func (x *CreateCertificateTemplateRequest) String() string
DeleteCaPoolRequest
type DeleteCaPoolRequest struct {
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
IgnoreDependentResources bool "" /* 136 byte string literal not displayed */
}
Request message for [CertificateAuthorityService.DeleteCaPool][google.cloud.security.privateca.v1.CertificateAuthorityService.DeleteCaPool].
func (*DeleteCaPoolRequest) Descriptor
func (*DeleteCaPoolRequest) Descriptor() ([]byte, []int)
Deprecated: Use DeleteCaPoolRequest.ProtoReflect.Descriptor instead.
func (*DeleteCaPoolRequest) GetIgnoreDependentResources
func (x *DeleteCaPoolRequest) GetIgnoreDependentResources() bool
func (*DeleteCaPoolRequest) GetName
func (x *DeleteCaPoolRequest) GetName() string
func (*DeleteCaPoolRequest) GetRequestId
func (x *DeleteCaPoolRequest) GetRequestId() string
func (*DeleteCaPoolRequest) ProtoMessage
func (*DeleteCaPoolRequest) ProtoMessage()
func (*DeleteCaPoolRequest) ProtoReflect
func (x *DeleteCaPoolRequest) ProtoReflect() protoreflect.Message
func (*DeleteCaPoolRequest) Reset
func (x *DeleteCaPoolRequest) Reset()
func (*DeleteCaPoolRequest) String
func (x *DeleteCaPoolRequest) String() string
DeleteCertificateAuthorityRequest
type DeleteCertificateAuthorityRequest struct {
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
IgnoreActiveCertificates bool "" /* 136 byte string literal not displayed */
SkipGracePeriod bool `protobuf:"varint,5,opt,name=skip_grace_period,json=skipGracePeriod,proto3" json:"skip_grace_period,omitempty"`
IgnoreDependentResources bool "" /* 136 byte string literal not displayed */
}
Request message for [CertificateAuthorityService.DeleteCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.DeleteCertificateAuthority].
func (*DeleteCertificateAuthorityRequest) Descriptor
func (*DeleteCertificateAuthorityRequest) Descriptor() ([]byte, []int)
Deprecated: Use DeleteCertificateAuthorityRequest.ProtoReflect.Descriptor instead.
func (*DeleteCertificateAuthorityRequest) GetIgnoreActiveCertificates
func (x *DeleteCertificateAuthorityRequest) GetIgnoreActiveCertificates() bool
func (*DeleteCertificateAuthorityRequest) GetIgnoreDependentResources
func (x *DeleteCertificateAuthorityRequest) GetIgnoreDependentResources() bool
func (*DeleteCertificateAuthorityRequest) GetName
func (x *DeleteCertificateAuthorityRequest) GetName() string
func (*DeleteCertificateAuthorityRequest) GetRequestId
func (x *DeleteCertificateAuthorityRequest) GetRequestId() string
func (*DeleteCertificateAuthorityRequest) GetSkipGracePeriod
func (x *DeleteCertificateAuthorityRequest) GetSkipGracePeriod() bool
func (*DeleteCertificateAuthorityRequest) ProtoMessage
func (*DeleteCertificateAuthorityRequest) ProtoMessage()
func (*DeleteCertificateAuthorityRequest) ProtoReflect
func (x *DeleteCertificateAuthorityRequest) ProtoReflect() protoreflect.Message
func (*DeleteCertificateAuthorityRequest) Reset
func (x *DeleteCertificateAuthorityRequest) Reset()
func (*DeleteCertificateAuthorityRequest) String
func (x *DeleteCertificateAuthorityRequest) String() string
DeleteCertificateTemplateRequest
type DeleteCertificateTemplateRequest struct {
// Required. The resource name for this
// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
// in the format `projects/*/locations/*/certificateTemplates/*`.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Optional. An ID to identify requests. Specify a unique request ID so that
// if you must retry your request, the server will know to ignore the request
// if it has already been completed. The server will guarantee that for at
// least 60 minutes since the first request.
//
// For example, consider a situation where you make an initial request and
// the request times out. If you make the request again with the same request
// ID, the server can check if original operation with the same request ID
// was received, and if so, will ignore the second request. This prevents
// clients from accidentally creating duplicate commitments.
//
// The request ID must be a valid UUID with the exception that zero UUID is
// not supported (00000000-0000-0000-0000-000000000000).
RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.DeleteCertificateTemplate][google.cloud.security.privateca.v1.CertificateAuthorityService.DeleteCertificateTemplate].
func (*DeleteCertificateTemplateRequest) Descriptor
func (*DeleteCertificateTemplateRequest) Descriptor() ([]byte, []int)
Deprecated: Use DeleteCertificateTemplateRequest.ProtoReflect.Descriptor instead.
func (*DeleteCertificateTemplateRequest) GetName
func (x *DeleteCertificateTemplateRequest) GetName() string
func (*DeleteCertificateTemplateRequest) GetRequestId
func (x *DeleteCertificateTemplateRequest) GetRequestId() string
func (*DeleteCertificateTemplateRequest) ProtoMessage
func (*DeleteCertificateTemplateRequest) ProtoMessage()
func (*DeleteCertificateTemplateRequest) ProtoReflect
func (x *DeleteCertificateTemplateRequest) ProtoReflect() protoreflect.Message
func (*DeleteCertificateTemplateRequest) Reset
func (x *DeleteCertificateTemplateRequest) Reset()
func (*DeleteCertificateTemplateRequest) String
func (x *DeleteCertificateTemplateRequest) String() string
DisableCertificateAuthorityRequest
type DisableCertificateAuthorityRequest struct {
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
IgnoreDependentResources bool "" /* 136 byte string literal not displayed */
}
Request message for [CertificateAuthorityService.DisableCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.DisableCertificateAuthority].
func (*DisableCertificateAuthorityRequest) Descriptor
func (*DisableCertificateAuthorityRequest) Descriptor() ([]byte, []int)
Deprecated: Use DisableCertificateAuthorityRequest.ProtoReflect.Descriptor instead.
func (*DisableCertificateAuthorityRequest) GetIgnoreDependentResources
func (x *DisableCertificateAuthorityRequest) GetIgnoreDependentResources() bool
func (*DisableCertificateAuthorityRequest) GetName
func (x *DisableCertificateAuthorityRequest) GetName() string
func (*DisableCertificateAuthorityRequest) GetRequestId
func (x *DisableCertificateAuthorityRequest) GetRequestId() string
func (*DisableCertificateAuthorityRequest) ProtoMessage
func (*DisableCertificateAuthorityRequest) ProtoMessage()
func (*DisableCertificateAuthorityRequest) ProtoReflect
func (x *DisableCertificateAuthorityRequest) ProtoReflect() protoreflect.Message
func (*DisableCertificateAuthorityRequest) Reset
func (x *DisableCertificateAuthorityRequest) Reset()
func (*DisableCertificateAuthorityRequest) String
func (x *DisableCertificateAuthorityRequest) String() string
EnableCertificateAuthorityRequest
type EnableCertificateAuthorityRequest struct {
// Required. The resource name for this
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Optional. An ID to identify requests. Specify a unique request ID so that
// if you must retry your request, the server will know to ignore the request
// if it has already been completed. The server will guarantee that for at
// least 60 minutes since the first request.
//
// For example, consider a situation where you make an initial request and
// the request times out. If you make the request again with the same request
// ID, the server can check if original operation with the same request ID
// was received, and if so, will ignore the second request. This prevents
// clients from accidentally creating duplicate commitments.
//
// The request ID must be a valid UUID with the exception that zero UUID is
// not supported (00000000-0000-0000-0000-000000000000).
RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.EnableCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.EnableCertificateAuthority].
func (*EnableCertificateAuthorityRequest) Descriptor
func (*EnableCertificateAuthorityRequest) Descriptor() ([]byte, []int)
Deprecated: Use EnableCertificateAuthorityRequest.ProtoReflect.Descriptor instead.
func (*EnableCertificateAuthorityRequest) GetName
func (x *EnableCertificateAuthorityRequest) GetName() string
func (*EnableCertificateAuthorityRequest) GetRequestId
func (x *EnableCertificateAuthorityRequest) GetRequestId() string
func (*EnableCertificateAuthorityRequest) ProtoMessage
func (*EnableCertificateAuthorityRequest) ProtoMessage()
func (*EnableCertificateAuthorityRequest) ProtoReflect
func (x *EnableCertificateAuthorityRequest) ProtoReflect() protoreflect.Message
func (*EnableCertificateAuthorityRequest) Reset
func (x *EnableCertificateAuthorityRequest) Reset()
func (*EnableCertificateAuthorityRequest) String
func (x *EnableCertificateAuthorityRequest) String() string
FetchCaCertsRequest
type FetchCaCertsRequest struct {
// Required. The resource name for the
// [CaPool][google.cloud.security.privateca.v1.CaPool] in the format
// `projects/*/locations/*/caPools/*`.
CaPool string `protobuf:"bytes,1,opt,name=ca_pool,json=caPool,proto3" json:"ca_pool,omitempty"`
// Optional. An ID to identify requests. Specify a unique request ID so that
// if you must retry your request, the server will know to ignore the request
// if it has already been completed. The server will guarantee that for at
// least 60 minutes since the first request.
//
// For example, consider a situation where you make an initial request and
// the request times out. If you make the request again with the same request
// ID, the server can check if original operation with the same request ID
// was received, and if so, will ignore the second request. This prevents
// clients from accidentally creating duplicate commitments.
//
// The request ID must be a valid UUID with the exception that zero UUID is
// not supported (00000000-0000-0000-0000-000000000000).
RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.FetchCaCerts][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCaCerts].
func (*FetchCaCertsRequest) Descriptor
func (*FetchCaCertsRequest) Descriptor() ([]byte, []int)
Deprecated: Use FetchCaCertsRequest.ProtoReflect.Descriptor instead.
func (*FetchCaCertsRequest) GetCaPool
func (x *FetchCaCertsRequest) GetCaPool() string
func (*FetchCaCertsRequest) GetRequestId
func (x *FetchCaCertsRequest) GetRequestId() string
func (*FetchCaCertsRequest) ProtoMessage
func (*FetchCaCertsRequest) ProtoMessage()
func (*FetchCaCertsRequest) ProtoReflect
func (x *FetchCaCertsRequest) ProtoReflect() protoreflect.Message
func (*FetchCaCertsRequest) Reset
func (x *FetchCaCertsRequest) Reset()
func (*FetchCaCertsRequest) String
func (x *FetchCaCertsRequest) String() string
FetchCaCertsResponse
type FetchCaCertsResponse struct {
// The PEM encoded CA certificate chains of all
// [ACTIVE][CertificateAuthority.State.ACTIVE]
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// resources in this [CaPool][google.cloud.security.privateca.v1.CaPool].
CaCerts []*FetchCaCertsResponse_CertChain `protobuf:"bytes,1,rep,name=ca_certs,json=caCerts,proto3" json:"ca_certs,omitempty"`
// contains filtered or unexported fields
}
Response message for [CertificateAuthorityService.FetchCaCerts][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCaCerts].
func (*FetchCaCertsResponse) Descriptor
func (*FetchCaCertsResponse) Descriptor() ([]byte, []int)
Deprecated: Use FetchCaCertsResponse.ProtoReflect.Descriptor instead.
func (*FetchCaCertsResponse) GetCaCerts
func (x *FetchCaCertsResponse) GetCaCerts() []*FetchCaCertsResponse_CertChain
func (*FetchCaCertsResponse) ProtoMessage
func (*FetchCaCertsResponse) ProtoMessage()
func (*FetchCaCertsResponse) ProtoReflect
func (x *FetchCaCertsResponse) ProtoReflect() protoreflect.Message
func (*FetchCaCertsResponse) Reset
func (x *FetchCaCertsResponse) Reset()
func (*FetchCaCertsResponse) String
func (x *FetchCaCertsResponse) String() string
FetchCaCertsResponse_CertChain
type FetchCaCertsResponse_CertChain struct {
// The certificates that form the CA chain, from leaf to root order.
Certificates []string `protobuf:"bytes,1,rep,name=certificates,proto3" json:"certificates,omitempty"`
// contains filtered or unexported fields
}
func (*FetchCaCertsResponse_CertChain) Descriptor
func (*FetchCaCertsResponse_CertChain) Descriptor() ([]byte, []int)
Deprecated: Use FetchCaCertsResponse_CertChain.ProtoReflect.Descriptor instead.
func (*FetchCaCertsResponse_CertChain) GetCertificates
func (x *FetchCaCertsResponse_CertChain) GetCertificates() []string
func (*FetchCaCertsResponse_CertChain) ProtoMessage
func (*FetchCaCertsResponse_CertChain) ProtoMessage()
func (*FetchCaCertsResponse_CertChain) ProtoReflect
func (x *FetchCaCertsResponse_CertChain) ProtoReflect() protoreflect.Message
func (*FetchCaCertsResponse_CertChain) Reset
func (x *FetchCaCertsResponse_CertChain) Reset()
func (*FetchCaCertsResponse_CertChain) String
func (x *FetchCaCertsResponse_CertChain) String() string
FetchCertificateAuthorityCsrRequest
type FetchCertificateAuthorityCsrRequest struct {
// Required. The resource name for this
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCertificateAuthorityCsr].
func (*FetchCertificateAuthorityCsrRequest) Descriptor
func (*FetchCertificateAuthorityCsrRequest) Descriptor() ([]byte, []int)
Deprecated: Use FetchCertificateAuthorityCsrRequest.ProtoReflect.Descriptor instead.
func (*FetchCertificateAuthorityCsrRequest) GetName
func (x *FetchCertificateAuthorityCsrRequest) GetName() string
func (*FetchCertificateAuthorityCsrRequest) ProtoMessage
func (*FetchCertificateAuthorityCsrRequest) ProtoMessage()
func (*FetchCertificateAuthorityCsrRequest) ProtoReflect
func (x *FetchCertificateAuthorityCsrRequest) ProtoReflect() protoreflect.Message
func (*FetchCertificateAuthorityCsrRequest) Reset
func (x *FetchCertificateAuthorityCsrRequest) Reset()
func (*FetchCertificateAuthorityCsrRequest) String
func (x *FetchCertificateAuthorityCsrRequest) String() string
FetchCertificateAuthorityCsrResponse
type FetchCertificateAuthorityCsrResponse struct {
// Output only. The PEM-encoded signed certificate signing request (CSR).
PemCsr string `protobuf:"bytes,1,opt,name=pem_csr,json=pemCsr,proto3" json:"pem_csr,omitempty"`
// contains filtered or unexported fields
}
Response message for [CertificateAuthorityService.FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCertificateAuthorityCsr].
func (*FetchCertificateAuthorityCsrResponse) Descriptor
func (*FetchCertificateAuthorityCsrResponse) Descriptor() ([]byte, []int)
Deprecated: Use FetchCertificateAuthorityCsrResponse.ProtoReflect.Descriptor instead.
func (*FetchCertificateAuthorityCsrResponse) GetPemCsr
func (x *FetchCertificateAuthorityCsrResponse) GetPemCsr() string
func (*FetchCertificateAuthorityCsrResponse) ProtoMessage
func (*FetchCertificateAuthorityCsrResponse) ProtoMessage()
func (*FetchCertificateAuthorityCsrResponse) ProtoReflect
func (x *FetchCertificateAuthorityCsrResponse) ProtoReflect() protoreflect.Message
func (*FetchCertificateAuthorityCsrResponse) Reset
func (x *FetchCertificateAuthorityCsrResponse) Reset()
func (*FetchCertificateAuthorityCsrResponse) String
func (x *FetchCertificateAuthorityCsrResponse) String() string
GetCaPoolRequest
type GetCaPoolRequest struct {
// Required. The [name][google.cloud.security.privateca.v1.CaPool.name] of the
// [CaPool][google.cloud.security.privateca.v1.CaPool] to get.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.GetCaPool][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCaPool].
func (*GetCaPoolRequest) Descriptor
func (*GetCaPoolRequest) Descriptor() ([]byte, []int)
Deprecated: Use GetCaPoolRequest.ProtoReflect.Descriptor instead.
func (*GetCaPoolRequest) GetName
func (x *GetCaPoolRequest) GetName() string
func (*GetCaPoolRequest) ProtoMessage
func (*GetCaPoolRequest) ProtoMessage()
func (*GetCaPoolRequest) ProtoReflect
func (x *GetCaPoolRequest) ProtoReflect() protoreflect.Message
func (*GetCaPoolRequest) Reset
func (x *GetCaPoolRequest) Reset()
func (*GetCaPoolRequest) String
func (x *GetCaPoolRequest) String() string
GetCertificateAuthorityRequest
type GetCertificateAuthorityRequest struct {
// Required. The
// [name][google.cloud.security.privateca.v1.CertificateAuthority.name] of the
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// to get.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.GetCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificateAuthority].
func (*GetCertificateAuthorityRequest) Descriptor
func (*GetCertificateAuthorityRequest) Descriptor() ([]byte, []int)
Deprecated: Use GetCertificateAuthorityRequest.ProtoReflect.Descriptor instead.
func (*GetCertificateAuthorityRequest) GetName
func (x *GetCertificateAuthorityRequest) GetName() string
func (*GetCertificateAuthorityRequest) ProtoMessage
func (*GetCertificateAuthorityRequest) ProtoMessage()
func (*GetCertificateAuthorityRequest) ProtoReflect
func (x *GetCertificateAuthorityRequest) ProtoReflect() protoreflect.Message
func (*GetCertificateAuthorityRequest) Reset
func (x *GetCertificateAuthorityRequest) Reset()
func (*GetCertificateAuthorityRequest) String
func (x *GetCertificateAuthorityRequest) String() string
GetCertificateRequest
type GetCertificateRequest struct {
// Required. The [name][google.cloud.security.privateca.v1.Certificate.name]
// of the [Certificate][google.cloud.security.privateca.v1.Certificate] to
// get.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.GetCertificate][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificate].
func (*GetCertificateRequest) Descriptor
func (*GetCertificateRequest) Descriptor() ([]byte, []int)
Deprecated: Use GetCertificateRequest.ProtoReflect.Descriptor instead.
func (*GetCertificateRequest) GetName
func (x *GetCertificateRequest) GetName() string
func (*GetCertificateRequest) ProtoMessage
func (*GetCertificateRequest) ProtoMessage()
func (*GetCertificateRequest) ProtoReflect
func (x *GetCertificateRequest) ProtoReflect() protoreflect.Message
func (*GetCertificateRequest) Reset
func (x *GetCertificateRequest) Reset()
func (*GetCertificateRequest) String
func (x *GetCertificateRequest) String() string
GetCertificateRevocationListRequest
type GetCertificateRevocationListRequest struct {
// Required. The
// [name][google.cloud.security.privateca.v1.CertificateRevocationList.name]
// of the
// [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList]
// to get.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.GetCertificateRevocationList][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificateRevocationList].
func (*GetCertificateRevocationListRequest) Descriptor
func (*GetCertificateRevocationListRequest) Descriptor() ([]byte, []int)
Deprecated: Use GetCertificateRevocationListRequest.ProtoReflect.Descriptor instead.
func (*GetCertificateRevocationListRequest) GetName
func (x *GetCertificateRevocationListRequest) GetName() string
func (*GetCertificateRevocationListRequest) ProtoMessage
func (*GetCertificateRevocationListRequest) ProtoMessage()
func (*GetCertificateRevocationListRequest) ProtoReflect
func (x *GetCertificateRevocationListRequest) ProtoReflect() protoreflect.Message
func (*GetCertificateRevocationListRequest) Reset
func (x *GetCertificateRevocationListRequest) Reset()
func (*GetCertificateRevocationListRequest) String
func (x *GetCertificateRevocationListRequest) String() string
GetCertificateTemplateRequest
type GetCertificateTemplateRequest struct {
// Required. The
// [name][google.cloud.security.privateca.v1.CertificateTemplate.name] of the
// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
// to get.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.GetCertificateTemplate][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificateTemplate].
func (*GetCertificateTemplateRequest) Descriptor
func (*GetCertificateTemplateRequest) Descriptor() ([]byte, []int)
Deprecated: Use GetCertificateTemplateRequest.ProtoReflect.Descriptor instead.
func (*GetCertificateTemplateRequest) GetName
func (x *GetCertificateTemplateRequest) GetName() string
func (*GetCertificateTemplateRequest) ProtoMessage
func (*GetCertificateTemplateRequest) ProtoMessage()
func (*GetCertificateTemplateRequest) ProtoReflect
func (x *GetCertificateTemplateRequest) ProtoReflect() protoreflect.Message
func (*GetCertificateTemplateRequest) Reset
func (x *GetCertificateTemplateRequest) Reset()
func (*GetCertificateTemplateRequest) String
func (x *GetCertificateTemplateRequest) String() string
KeyUsage
type KeyUsage struct {
BaseKeyUsage *KeyUsage_KeyUsageOptions `protobuf:"bytes,1,opt,name=base_key_usage,json=baseKeyUsage,proto3" json:"base_key_usage,omitempty"`
ExtendedKeyUsage *KeyUsage_ExtendedKeyUsageOptions `protobuf:"bytes,2,opt,name=extended_key_usage,json=extendedKeyUsage,proto3" json:"extended_key_usage,omitempty"`
UnknownExtendedKeyUsages []*ObjectId "" /* 137 byte string literal not displayed */
}
A [KeyUsage][google.cloud.security.privateca.v1.KeyUsage] describes key usage values that may appear in an X.509 certificate.
func (*KeyUsage) Descriptor
Deprecated: Use KeyUsage.ProtoReflect.Descriptor instead.
func (*KeyUsage) GetBaseKeyUsage
func (x *KeyUsage) GetBaseKeyUsage() *KeyUsage_KeyUsageOptions
func (*KeyUsage) GetExtendedKeyUsage
func (x *KeyUsage) GetExtendedKeyUsage() *KeyUsage_ExtendedKeyUsageOptions
func (*KeyUsage) GetUnknownExtendedKeyUsages
func (*KeyUsage) ProtoMessage
func (*KeyUsage) ProtoMessage()
func (*KeyUsage) ProtoReflect
func (x *KeyUsage) ProtoReflect() protoreflect.Message
func (*KeyUsage) Reset
func (x *KeyUsage) Reset()
func (*KeyUsage) String
KeyUsage_ExtendedKeyUsageOptions
type KeyUsage_ExtendedKeyUsageOptions struct {
// Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW
// server authentication", though regularly used for non-WWW TLS.
ServerAuth bool `protobuf:"varint,1,opt,name=server_auth,json=serverAuth,proto3" json:"server_auth,omitempty"`
// Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW
// client authentication", though regularly used for non-WWW TLS.
ClientAuth bool `protobuf:"varint,2,opt,name=client_auth,json=clientAuth,proto3" json:"client_auth,omitempty"`
// Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of
// downloadable executable code client authentication".
CodeSigning bool `protobuf:"varint,3,opt,name=code_signing,json=codeSigning,proto3" json:"code_signing,omitempty"`
// Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email
// protection".
EmailProtection bool `protobuf:"varint,4,opt,name=email_protection,json=emailProtection,proto3" json:"email_protection,omitempty"`
// Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding
// the hash of an object to a time".
TimeStamping bool `protobuf:"varint,5,opt,name=time_stamping,json=timeStamping,proto3" json:"time_stamping,omitempty"`
// Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing
// OCSP responses".
OcspSigning bool `protobuf:"varint,6,opt,name=ocsp_signing,json=ocspSigning,proto3" json:"ocsp_signing,omitempty"`
// contains filtered or unexported fields
}
[KeyUsage.ExtendedKeyUsageOptions][google.cloud.security.privateca.v1.KeyUsage.ExtendedKeyUsageOptions] has fields that correspond to certain common OIDs that could be specified as an extended key usage value.
func (*KeyUsage_ExtendedKeyUsageOptions) Descriptor
func (*KeyUsage_ExtendedKeyUsageOptions) Descriptor() ([]byte, []int)
Deprecated: Use KeyUsage_ExtendedKeyUsageOptions.ProtoReflect.Descriptor instead.
func (*KeyUsage_ExtendedKeyUsageOptions) GetClientAuth
func (x *KeyUsage_ExtendedKeyUsageOptions) GetClientAuth() bool
func (*KeyUsage_ExtendedKeyUsageOptions) GetCodeSigning
func (x *KeyUsage_ExtendedKeyUsageOptions) GetCodeSigning() bool
func (*KeyUsage_ExtendedKeyUsageOptions) GetEmailProtection
func (x *KeyUsage_ExtendedKeyUsageOptions) GetEmailProtection() bool
func (*KeyUsage_ExtendedKeyUsageOptions) GetOcspSigning
func (x *KeyUsage_ExtendedKeyUsageOptions) GetOcspSigning() bool
func (*KeyUsage_ExtendedKeyUsageOptions) GetServerAuth
func (x *KeyUsage_ExtendedKeyUsageOptions) GetServerAuth() bool
func (*KeyUsage_ExtendedKeyUsageOptions) GetTimeStamping
func (x *KeyUsage_ExtendedKeyUsageOptions) GetTimeStamping() bool
func (*KeyUsage_ExtendedKeyUsageOptions) ProtoMessage
func (*KeyUsage_ExtendedKeyUsageOptions) ProtoMessage()
func (*KeyUsage_ExtendedKeyUsageOptions) ProtoReflect
func (x *KeyUsage_ExtendedKeyUsageOptions) ProtoReflect() protoreflect.Message
func (*KeyUsage_ExtendedKeyUsageOptions) Reset
func (x *KeyUsage_ExtendedKeyUsageOptions) Reset()
func (*KeyUsage_ExtendedKeyUsageOptions) String
func (x *KeyUsage_ExtendedKeyUsageOptions) String() string
KeyUsage_KeyUsageOptions
type KeyUsage_KeyUsageOptions struct {
// The key may be used for digital signatures.
DigitalSignature bool `protobuf:"varint,1,opt,name=digital_signature,json=digitalSignature,proto3" json:"digital_signature,omitempty"`
// The key may be used for cryptographic commitments. Note that this may
// also be referred to as "non-repudiation".
ContentCommitment bool `protobuf:"varint,2,opt,name=content_commitment,json=contentCommitment,proto3" json:"content_commitment,omitempty"`
// The key may be used to encipher other keys.
KeyEncipherment bool `protobuf:"varint,3,opt,name=key_encipherment,json=keyEncipherment,proto3" json:"key_encipherment,omitempty"`
// The key may be used to encipher data.
DataEncipherment bool `protobuf:"varint,4,opt,name=data_encipherment,json=dataEncipherment,proto3" json:"data_encipherment,omitempty"`
// The key may be used in a key agreement protocol.
KeyAgreement bool `protobuf:"varint,5,opt,name=key_agreement,json=keyAgreement,proto3" json:"key_agreement,omitempty"`
// The key may be used to sign certificates.
CertSign bool `protobuf:"varint,6,opt,name=cert_sign,json=certSign,proto3" json:"cert_sign,omitempty"`
// The key may be used sign certificate revocation lists.
CrlSign bool `protobuf:"varint,7,opt,name=crl_sign,json=crlSign,proto3" json:"crl_sign,omitempty"`
// The key may be used to encipher only.
EncipherOnly bool `protobuf:"varint,8,opt,name=encipher_only,json=encipherOnly,proto3" json:"encipher_only,omitempty"`
// The key may be used to decipher only.
DecipherOnly bool `protobuf:"varint,9,opt,name=decipher_only,json=decipherOnly,proto3" json:"decipher_only,omitempty"`
// contains filtered or unexported fields
}
[KeyUsage.KeyUsageOptions][google.cloud.security.privateca.v1.KeyUsage.KeyUsageOptions] corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3.
func (*KeyUsage_KeyUsageOptions) Descriptor
func (*KeyUsage_KeyUsageOptions) Descriptor() ([]byte, []int)
Deprecated: Use KeyUsage_KeyUsageOptions.ProtoReflect.Descriptor instead.
func (*KeyUsage_KeyUsageOptions) GetCertSign
func (x *KeyUsage_KeyUsageOptions) GetCertSign() bool
func (*KeyUsage_KeyUsageOptions) GetContentCommitment
func (x *KeyUsage_KeyUsageOptions) GetContentCommitment() bool
func (*KeyUsage_KeyUsageOptions) GetCrlSign
func (x *KeyUsage_KeyUsageOptions) GetCrlSign() bool
func (*KeyUsage_KeyUsageOptions) GetDataEncipherment
func (x *KeyUsage_KeyUsageOptions) GetDataEncipherment() bool
func (*KeyUsage_KeyUsageOptions) GetDecipherOnly
func (x *KeyUsage_KeyUsageOptions) GetDecipherOnly() bool
func (*KeyUsage_KeyUsageOptions) GetDigitalSignature
func (x *KeyUsage_KeyUsageOptions) GetDigitalSignature() bool
func (*KeyUsage_KeyUsageOptions) GetEncipherOnly
func (x *KeyUsage_KeyUsageOptions) GetEncipherOnly() bool
func (*KeyUsage_KeyUsageOptions) GetKeyAgreement
func (x *KeyUsage_KeyUsageOptions) GetKeyAgreement() bool
func (*KeyUsage_KeyUsageOptions) GetKeyEncipherment
func (x *KeyUsage_KeyUsageOptions) GetKeyEncipherment() bool
func (*KeyUsage_KeyUsageOptions) ProtoMessage
func (*KeyUsage_KeyUsageOptions) ProtoMessage()
func (*KeyUsage_KeyUsageOptions) ProtoReflect
func (x *KeyUsage_KeyUsageOptions) ProtoReflect() protoreflect.Message
func (*KeyUsage_KeyUsageOptions) Reset
func (x *KeyUsage_KeyUsageOptions) Reset()
func (*KeyUsage_KeyUsageOptions) String
func (x *KeyUsage_KeyUsageOptions) String() string
ListCaPoolsRequest
type ListCaPoolsRequest struct {
// Required. The resource name of the location associated with the
// [CaPools][google.cloud.security.privateca.v1.CaPool], in the format
// `projects/*/locations/*`.
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Optional. Limit on the number of
// [CaPools][google.cloud.security.privateca.v1.CaPool] to include in the
// response. Further [CaPools][google.cloud.security.privateca.v1.CaPool] can
// subsequently be obtained by including the
// [ListCaPoolsResponse.next_page_token][google.cloud.security.privateca.v1.ListCaPoolsResponse.next_page_token]
// in a subsequent request. If unspecified, the server will pick an
// appropriate default.
PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
// Optional. Pagination token, returned earlier via
// [ListCaPoolsResponse.next_page_token][google.cloud.security.privateca.v1.ListCaPoolsResponse.next_page_token].
PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
// Optional. Only include resources that match the filter in the response.
Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
// Optional. Specify how the results should be sorted.
OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.ListCaPools][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCaPools].
func (*ListCaPoolsRequest) Descriptor
func (*ListCaPoolsRequest) Descriptor() ([]byte, []int)
Deprecated: Use ListCaPoolsRequest.ProtoReflect.Descriptor instead.
func (*ListCaPoolsRequest) GetFilter
func (x *ListCaPoolsRequest) GetFilter() string
func (*ListCaPoolsRequest) GetOrderBy
func (x *ListCaPoolsRequest) GetOrderBy() string
func (*ListCaPoolsRequest) GetPageSize
func (x *ListCaPoolsRequest) GetPageSize() int32
func (*ListCaPoolsRequest) GetPageToken
func (x *ListCaPoolsRequest) GetPageToken() string
func (*ListCaPoolsRequest) GetParent
func (x *ListCaPoolsRequest) GetParent() string
func (*ListCaPoolsRequest) ProtoMessage
func (*ListCaPoolsRequest) ProtoMessage()
func (*ListCaPoolsRequest) ProtoReflect
func (x *ListCaPoolsRequest) ProtoReflect() protoreflect.Message
func (*ListCaPoolsRequest) Reset
func (x *ListCaPoolsRequest) Reset()
func (*ListCaPoolsRequest) String
func (x *ListCaPoolsRequest) String() string
ListCaPoolsResponse
type ListCaPoolsResponse struct {
// The list of [CaPools][google.cloud.security.privateca.v1.CaPool].
CaPools []*CaPool `protobuf:"bytes,1,rep,name=ca_pools,json=caPools,proto3" json:"ca_pools,omitempty"`
// A token to retrieve next page of results. Pass this value in
// [ListCertificateAuthoritiesRequest.next_page_token][] to retrieve the next
// page of results.
NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
// A list of locations (e.g. "us-west1") that could not be reached.
Unreachable []string `protobuf:"bytes,3,rep,name=unreachable,proto3" json:"unreachable,omitempty"`
// contains filtered or unexported fields
}
Response message for [CertificateAuthorityService.ListCaPools][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCaPools].
func (*ListCaPoolsResponse) Descriptor
func (*ListCaPoolsResponse) Descriptor() ([]byte, []int)
Deprecated: Use ListCaPoolsResponse.ProtoReflect.Descriptor instead.
func (*ListCaPoolsResponse) GetCaPools
func (x *ListCaPoolsResponse) GetCaPools() []*CaPool
func (*ListCaPoolsResponse) GetNextPageToken
func (x *ListCaPoolsResponse) GetNextPageToken() string
func (*ListCaPoolsResponse) GetUnreachable
func (x *ListCaPoolsResponse) GetUnreachable() []string
func (*ListCaPoolsResponse) ProtoMessage
func (*ListCaPoolsResponse) ProtoMessage()
func (*ListCaPoolsResponse) ProtoReflect
func (x *ListCaPoolsResponse) ProtoReflect() protoreflect.Message
func (*ListCaPoolsResponse) Reset
func (x *ListCaPoolsResponse) Reset()
func (*ListCaPoolsResponse) String
func (x *ListCaPoolsResponse) String() string
ListCertificateAuthoritiesRequest
type ListCertificateAuthoritiesRequest struct {
// Required. The resource name of the
// [CaPool][google.cloud.security.privateca.v1.CaPool] associated with the
// [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority],
// in the format `projects/*/locations/*/caPools/*`.
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Optional. Limit on the number of
// [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority]
// to include in the response. Further
// [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority]
// can subsequently be obtained by including the
// [ListCertificateAuthoritiesResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateAuthoritiesResponse.next_page_token]
// in a subsequent request. If unspecified, the server will pick an
// appropriate default.
PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
// Optional. Pagination token, returned earlier via
// [ListCertificateAuthoritiesResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateAuthoritiesResponse.next_page_token].
PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
// Optional. Only include resources that match the filter in the response.
Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
// Optional. Specify how the results should be sorted.
OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.ListCertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateAuthorities].
func (*ListCertificateAuthoritiesRequest) Descriptor
func (*ListCertificateAuthoritiesRequest) Descriptor() ([]byte, []int)
Deprecated: Use ListCertificateAuthoritiesRequest.ProtoReflect.Descriptor instead.
func (*ListCertificateAuthoritiesRequest) GetFilter
func (x *ListCertificateAuthoritiesRequest) GetFilter() string
func (*ListCertificateAuthoritiesRequest) GetOrderBy
func (x *ListCertificateAuthoritiesRequest) GetOrderBy() string
func (*ListCertificateAuthoritiesRequest) GetPageSize
func (x *ListCertificateAuthoritiesRequest) GetPageSize() int32
func (*ListCertificateAuthoritiesRequest) GetPageToken
func (x *ListCertificateAuthoritiesRequest) GetPageToken() string
func (*ListCertificateAuthoritiesRequest) GetParent
func (x *ListCertificateAuthoritiesRequest) GetParent() string
func (*ListCertificateAuthoritiesRequest) ProtoMessage
func (*ListCertificateAuthoritiesRequest) ProtoMessage()
func (*ListCertificateAuthoritiesRequest) ProtoReflect
func (x *ListCertificateAuthoritiesRequest) ProtoReflect() protoreflect.Message
func (*ListCertificateAuthoritiesRequest) Reset
func (x *ListCertificateAuthoritiesRequest) Reset()
func (*ListCertificateAuthoritiesRequest) String
func (x *ListCertificateAuthoritiesRequest) String() string
ListCertificateAuthoritiesResponse
type ListCertificateAuthoritiesResponse struct {
CertificateAuthorities []*CertificateAuthority "" /* 127 byte string literal not displayed */
NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
Unreachable []string `protobuf:"bytes,3,rep,name=unreachable,proto3" json:"unreachable,omitempty"`
}
Response message for [CertificateAuthorityService.ListCertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateAuthorities].
func (*ListCertificateAuthoritiesResponse) Descriptor
func (*ListCertificateAuthoritiesResponse) Descriptor() ([]byte, []int)
Deprecated: Use ListCertificateAuthoritiesResponse.ProtoReflect.Descriptor instead.
func (*ListCertificateAuthoritiesResponse) GetCertificateAuthorities
func (x *ListCertificateAuthoritiesResponse) GetCertificateAuthorities() []*CertificateAuthority
func (*ListCertificateAuthoritiesResponse) GetNextPageToken
func (x *ListCertificateAuthoritiesResponse) GetNextPageToken() string
func (*ListCertificateAuthoritiesResponse) GetUnreachable
func (x *ListCertificateAuthoritiesResponse) GetUnreachable() []string
func (*ListCertificateAuthoritiesResponse) ProtoMessage
func (*ListCertificateAuthoritiesResponse) ProtoMessage()
func (*ListCertificateAuthoritiesResponse) ProtoReflect
func (x *ListCertificateAuthoritiesResponse) ProtoReflect() protoreflect.Message
func (*ListCertificateAuthoritiesResponse) Reset
func (x *ListCertificateAuthoritiesResponse) Reset()
func (*ListCertificateAuthoritiesResponse) String
func (x *ListCertificateAuthoritiesResponse) String() string
ListCertificateRevocationListsRequest
type ListCertificateRevocationListsRequest struct {
// Required. The resource name of the location associated with the
// [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList],
// in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Optional. Limit on the number of
// [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList]
// to include in the response. Further
// [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList]
// can subsequently be obtained by including the
// [ListCertificateRevocationListsResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateRevocationListsResponse.next_page_token]
// in a subsequent request. If unspecified, the server will pick an
// appropriate default.
PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
// Optional. Pagination token, returned earlier via
// [ListCertificateRevocationListsResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateRevocationListsResponse.next_page_token].
PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
// Optional. Only include resources that match the filter in the response.
Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
// Optional. Specify how the results should be sorted.
OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.ListCertificateRevocationLists][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateRevocationLists].
func (*ListCertificateRevocationListsRequest) Descriptor
func (*ListCertificateRevocationListsRequest) Descriptor() ([]byte, []int)
Deprecated: Use ListCertificateRevocationListsRequest.ProtoReflect.Descriptor instead.
func (*ListCertificateRevocationListsRequest) GetFilter
func (x *ListCertificateRevocationListsRequest) GetFilter() string
func (*ListCertificateRevocationListsRequest) GetOrderBy
func (x *ListCertificateRevocationListsRequest) GetOrderBy() string
func (*ListCertificateRevocationListsRequest) GetPageSize
func (x *ListCertificateRevocationListsRequest) GetPageSize() int32
func (*ListCertificateRevocationListsRequest) GetPageToken
func (x *ListCertificateRevocationListsRequest) GetPageToken() string
func (*ListCertificateRevocationListsRequest) GetParent
func (x *ListCertificateRevocationListsRequest) GetParent() string
func (*ListCertificateRevocationListsRequest) ProtoMessage
func (*ListCertificateRevocationListsRequest) ProtoMessage()
func (*ListCertificateRevocationListsRequest) ProtoReflect
func (x *ListCertificateRevocationListsRequest) ProtoReflect() protoreflect.Message
func (*ListCertificateRevocationListsRequest) Reset
func (x *ListCertificateRevocationListsRequest) Reset()
func (*ListCertificateRevocationListsRequest) String
func (x *ListCertificateRevocationListsRequest) String() string
ListCertificateRevocationListsResponse
type ListCertificateRevocationListsResponse struct {
CertificateRevocationLists []*CertificateRevocationList "" /* 141 byte string literal not displayed */
NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
Unreachable []string `protobuf:"bytes,3,rep,name=unreachable,proto3" json:"unreachable,omitempty"`
}
Response message for [CertificateAuthorityService.ListCertificateRevocationLists][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateRevocationLists].
func (*ListCertificateRevocationListsResponse) Descriptor
func (*ListCertificateRevocationListsResponse) Descriptor() ([]byte, []int)
Deprecated: Use ListCertificateRevocationListsResponse.ProtoReflect.Descriptor instead.
func (*ListCertificateRevocationListsResponse) GetCertificateRevocationLists
func (x *ListCertificateRevocationListsResponse) GetCertificateRevocationLists() []*CertificateRevocationList
func (*ListCertificateRevocationListsResponse) GetNextPageToken
func (x *ListCertificateRevocationListsResponse) GetNextPageToken() string
func (*ListCertificateRevocationListsResponse) GetUnreachable
func (x *ListCertificateRevocationListsResponse) GetUnreachable() []string
func (*ListCertificateRevocationListsResponse) ProtoMessage
func (*ListCertificateRevocationListsResponse) ProtoMessage()
func (*ListCertificateRevocationListsResponse) ProtoReflect
func (x *ListCertificateRevocationListsResponse) ProtoReflect() protoreflect.Message
func (*ListCertificateRevocationListsResponse) Reset
func (x *ListCertificateRevocationListsResponse) Reset()
func (*ListCertificateRevocationListsResponse) String
func (x *ListCertificateRevocationListsResponse) String() string
ListCertificateTemplatesRequest
type ListCertificateTemplatesRequest struct {
// Required. The resource name of the location associated with the
// [CertificateTemplates][google.cloud.security.privateca.v1.CertificateTemplate],
// in the format `projects/*/locations/*`.
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Optional. Limit on the number of
// [CertificateTemplates][google.cloud.security.privateca.v1.CertificateTemplate]
// to include in the response. Further
// [CertificateTemplates][google.cloud.security.privateca.v1.CertificateTemplate]
// can subsequently be obtained by including the
// [ListCertificateTemplatesResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateTemplatesResponse.next_page_token]
// in a subsequent request. If unspecified, the server will pick an
// appropriate default.
PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
// Optional. Pagination token, returned earlier via
// [ListCertificateTemplatesResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificateTemplatesResponse.next_page_token].
PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
// Optional. Only include resources that match the filter in the response.
Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
// Optional. Specify how the results should be sorted.
OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.ListCertificateTemplates][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateTemplates].
func (*ListCertificateTemplatesRequest) Descriptor
func (*ListCertificateTemplatesRequest) Descriptor() ([]byte, []int)
Deprecated: Use ListCertificateTemplatesRequest.ProtoReflect.Descriptor instead.
func (*ListCertificateTemplatesRequest) GetFilter
func (x *ListCertificateTemplatesRequest) GetFilter() string
func (*ListCertificateTemplatesRequest) GetOrderBy
func (x *ListCertificateTemplatesRequest) GetOrderBy() string
func (*ListCertificateTemplatesRequest) GetPageSize
func (x *ListCertificateTemplatesRequest) GetPageSize() int32
func (*ListCertificateTemplatesRequest) GetPageToken
func (x *ListCertificateTemplatesRequest) GetPageToken() string
func (*ListCertificateTemplatesRequest) GetParent
func (x *ListCertificateTemplatesRequest) GetParent() string
func (*ListCertificateTemplatesRequest) ProtoMessage
func (*ListCertificateTemplatesRequest) ProtoMessage()
func (*ListCertificateTemplatesRequest) ProtoReflect
func (x *ListCertificateTemplatesRequest) ProtoReflect() protoreflect.Message
func (*ListCertificateTemplatesRequest) Reset
func (x *ListCertificateTemplatesRequest) Reset()
func (*ListCertificateTemplatesRequest) String
func (x *ListCertificateTemplatesRequest) String() string
ListCertificateTemplatesResponse
type ListCertificateTemplatesResponse struct {
// The list of
// [CertificateTemplates][google.cloud.security.privateca.v1.CertificateTemplate].
CertificateTemplates []*CertificateTemplate `protobuf:"bytes,1,rep,name=certificate_templates,json=certificateTemplates,proto3" json:"certificate_templates,omitempty"`
// A token to retrieve next page of results. Pass this value in
// [ListCertificateTemplatesRequest.next_page_token][] to retrieve
// the next page of results.
NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
// A list of locations (e.g. "us-west1") that could not be reached.
Unreachable []string `protobuf:"bytes,3,rep,name=unreachable,proto3" json:"unreachable,omitempty"`
// contains filtered or unexported fields
}
Response message for [CertificateAuthorityService.ListCertificateTemplates][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateTemplates].
func (*ListCertificateTemplatesResponse) Descriptor
func (*ListCertificateTemplatesResponse) Descriptor() ([]byte, []int)
Deprecated: Use ListCertificateTemplatesResponse.ProtoReflect.Descriptor instead.
func (*ListCertificateTemplatesResponse) GetCertificateTemplates
func (x *ListCertificateTemplatesResponse) GetCertificateTemplates() []*CertificateTemplate
func (*ListCertificateTemplatesResponse) GetNextPageToken
func (x *ListCertificateTemplatesResponse) GetNextPageToken() string
func (*ListCertificateTemplatesResponse) GetUnreachable
func (x *ListCertificateTemplatesResponse) GetUnreachable() []string
func (*ListCertificateTemplatesResponse) ProtoMessage
func (*ListCertificateTemplatesResponse) ProtoMessage()
func (*ListCertificateTemplatesResponse) ProtoReflect
func (x *ListCertificateTemplatesResponse) ProtoReflect() protoreflect.Message
func (*ListCertificateTemplatesResponse) Reset
func (x *ListCertificateTemplatesResponse) Reset()
func (*ListCertificateTemplatesResponse) String
func (x *ListCertificateTemplatesResponse) String() string
ListCertificatesRequest
type ListCertificatesRequest struct {
// Required. The resource name of the location associated with the
// [Certificates][google.cloud.security.privateca.v1.Certificate], in the
// format `projects/*/locations/*/caPools/*`.
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Optional. Limit on the number of
// [Certificates][google.cloud.security.privateca.v1.Certificate] to include
// in the response. Further
// [Certificates][google.cloud.security.privateca.v1.Certificate] can
// subsequently be obtained by including the
// [ListCertificatesResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificatesResponse.next_page_token]
// in a subsequent request. If unspecified, the server will pick an
// appropriate default.
PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
// Optional. Pagination token, returned earlier via
// [ListCertificatesResponse.next_page_token][google.cloud.security.privateca.v1.ListCertificatesResponse.next_page_token].
PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
// Optional. Only include resources that match the filter in the response. For
// details on supported filters and syntax, see [Certificates Filtering
// documentation](https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#filtering_support).
Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
// Optional. Specify how the results should be sorted. For details on
// supported fields and syntax, see [Certificates Sorting
// documentation](https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#sorting_support).
OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.ListCertificates][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificates].
func (*ListCertificatesRequest) Descriptor
func (*ListCertificatesRequest) Descriptor() ([]byte, []int)
Deprecated: Use ListCertificatesRequest.ProtoReflect.Descriptor instead.
func (*ListCertificatesRequest) GetFilter
func (x *ListCertificatesRequest) GetFilter() string
func (*ListCertificatesRequest) GetOrderBy
func (x *ListCertificatesRequest) GetOrderBy() string
func (*ListCertificatesRequest) GetPageSize
func (x *ListCertificatesRequest) GetPageSize() int32
func (*ListCertificatesRequest) GetPageToken
func (x *ListCertificatesRequest) GetPageToken() string
func (*ListCertificatesRequest) GetParent
func (x *ListCertificatesRequest) GetParent() string
func (*ListCertificatesRequest) ProtoMessage
func (*ListCertificatesRequest) ProtoMessage()
func (*ListCertificatesRequest) ProtoReflect
func (x *ListCertificatesRequest) ProtoReflect() protoreflect.Message
func (*ListCertificatesRequest) Reset
func (x *ListCertificatesRequest) Reset()
func (*ListCertificatesRequest) String
func (x *ListCertificatesRequest) String() string
ListCertificatesResponse
type ListCertificatesResponse struct {
// The list of [Certificates][google.cloud.security.privateca.v1.Certificate].
Certificates []*Certificate `protobuf:"bytes,1,rep,name=certificates,proto3" json:"certificates,omitempty"`
// A token to retrieve next page of results. Pass this value in
// [ListCertificatesRequest.next_page_token][] to retrieve the
// next page of results.
NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
// A list of locations (e.g. "us-west1") that could not be reached.
Unreachable []string `protobuf:"bytes,3,rep,name=unreachable,proto3" json:"unreachable,omitempty"`
// contains filtered or unexported fields
}
Response message for [CertificateAuthorityService.ListCertificates][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificates].
func (*ListCertificatesResponse) Descriptor
func (*ListCertificatesResponse) Descriptor() ([]byte, []int)
Deprecated: Use ListCertificatesResponse.ProtoReflect.Descriptor instead.
func (*ListCertificatesResponse) GetCertificates
func (x *ListCertificatesResponse) GetCertificates() []*Certificate
func (*ListCertificatesResponse) GetNextPageToken
func (x *ListCertificatesResponse) GetNextPageToken() string
func (*ListCertificatesResponse) GetUnreachable
func (x *ListCertificatesResponse) GetUnreachable() []string
func (*ListCertificatesResponse) ProtoMessage
func (*ListCertificatesResponse) ProtoMessage()
func (*ListCertificatesResponse) ProtoReflect
func (x *ListCertificatesResponse) ProtoReflect() protoreflect.Message
func (*ListCertificatesResponse) Reset
func (x *ListCertificatesResponse) Reset()
func (*ListCertificatesResponse) String
func (x *ListCertificatesResponse) String() string
ObjectId
type ObjectId struct {
// Required. The parts of an OID path. The most significant parts of the path
// come first.
ObjectIdPath []int32 `protobuf:"varint,1,rep,packed,name=object_id_path,json=objectIdPath,proto3" json:"object_id_path,omitempty"`
// contains filtered or unexported fields
}
An [ObjectId][google.cloud.security.privateca.v1.ObjectId] specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
func (*ObjectId) Descriptor
Deprecated: Use ObjectId.ProtoReflect.Descriptor instead.
func (*ObjectId) GetObjectIdPath
func (*ObjectId) ProtoMessage
func (*ObjectId) ProtoMessage()
func (*ObjectId) ProtoReflect
func (x *ObjectId) ProtoReflect() protoreflect.Message
func (*ObjectId) Reset
func (x *ObjectId) Reset()
func (*ObjectId) String
OperationMetadata
type OperationMetadata struct {
// Output only. The time the operation was created.
CreateTime *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
// Output only. The time the operation finished running.
EndTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=end_time,json=endTime,proto3" json:"end_time,omitempty"`
// Output only. Server-defined resource path for the target of the operation.
Target string `protobuf:"bytes,3,opt,name=target,proto3" json:"target,omitempty"`
// Output only. Name of the verb executed by the operation.
Verb string `protobuf:"bytes,4,opt,name=verb,proto3" json:"verb,omitempty"`
// Output only. Human-readable status of the operation, if any.
StatusMessage string `protobuf:"bytes,5,opt,name=status_message,json=statusMessage,proto3" json:"status_message,omitempty"`
// Output only. Identifies whether the user has requested cancellation
// of the operation. Operations that have successfully been cancelled
// have [Operation.error][] value with a
// [google.rpc.Status.code][google.rpc.Status.code] of 1, corresponding to
// `Code.CANCELLED`.
RequestedCancellation bool `protobuf:"varint,6,opt,name=requested_cancellation,json=requestedCancellation,proto3" json:"requested_cancellation,omitempty"`
// Output only. API version used to start the operation.
ApiVersion string `protobuf:"bytes,7,opt,name=api_version,json=apiVersion,proto3" json:"api_version,omitempty"`
// contains filtered or unexported fields
}
Represents the metadata of the long-running operation.
func (*OperationMetadata) Descriptor
func (*OperationMetadata) Descriptor() ([]byte, []int)
Deprecated: Use OperationMetadata.ProtoReflect.Descriptor instead.
func (*OperationMetadata) GetApiVersion
func (x *OperationMetadata) GetApiVersion() string
func (*OperationMetadata) GetCreateTime
func (x *OperationMetadata) GetCreateTime() *timestamppb.Timestamp
func (*OperationMetadata) GetEndTime
func (x *OperationMetadata) GetEndTime() *timestamppb.Timestamp
func (*OperationMetadata) GetRequestedCancellation
func (x *OperationMetadata) GetRequestedCancellation() bool
func (*OperationMetadata) GetStatusMessage
func (x *OperationMetadata) GetStatusMessage() string
func (*OperationMetadata) GetTarget
func (x *OperationMetadata) GetTarget() string
func (*OperationMetadata) GetVerb
func (x *OperationMetadata) GetVerb() string
func (*OperationMetadata) ProtoMessage
func (*OperationMetadata) ProtoMessage()
func (*OperationMetadata) ProtoReflect
func (x *OperationMetadata) ProtoReflect() protoreflect.Message
func (*OperationMetadata) Reset
func (x *OperationMetadata) Reset()
func (*OperationMetadata) String
func (x *OperationMetadata) String() string
PublicKey
type PublicKey struct {
// Required. A public key. The padding and encoding
// must match with the `KeyFormat` value specified for the `format` field.
Key []byte `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
// Required. The format of the public key.
Format PublicKey_KeyFormat `protobuf:"varint,2,opt,name=format,proto3,enum=google.cloud.security.privateca.v1.PublicKey_KeyFormat" json:"format,omitempty"`
// contains filtered or unexported fields
}
A [PublicKey][google.cloud.security.privateca.v1.PublicKey] describes a public key.
func (*PublicKey) Descriptor
Deprecated: Use PublicKey.ProtoReflect.Descriptor instead.
func (*PublicKey) GetFormat
func (x *PublicKey) GetFormat() PublicKey_KeyFormat
func (*PublicKey) GetKey
func (*PublicKey) ProtoMessage
func (*PublicKey) ProtoMessage()
func (*PublicKey) ProtoReflect
func (x *PublicKey) ProtoReflect() protoreflect.Message
func (*PublicKey) Reset
func (x *PublicKey) Reset()
func (*PublicKey) String
PublicKey_KeyFormat
type PublicKey_KeyFormat int32
Types of public keys formats that are supported. Currently, only PEM
format is supported.
PublicKey_KEY_FORMAT_UNSPECIFIED, PublicKey_PEM
const (
// Default unspecified value.
PublicKey_KEY_FORMAT_UNSPECIFIED PublicKey_KeyFormat = 0
// The key is PEM-encoded as defined in [RFC
// 7468](https://tools.ietf.org/html/rfc7468). It can be any of the
// following: a PEM-encoded PKCS#1/RFC 3447 RSAPublicKey
// structure, an RFC 5280
// [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1)
// or a PEM-encoded X.509 certificate signing request (CSR). If a
// [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1)
// is specified, it can contain a A PEM-encoded PKCS#1/RFC 3447 RSAPublicKey
// or a NIST P-256/secp256r1/prime256v1 or P-384 key. If a CSR is specified,
// it will used solely for the purpose of extracting the public key. When
// generated by the service, it will always be an RFC 5280
// [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1)
// structure containing an algorithm identifier and a key.
PublicKey_PEM PublicKey_KeyFormat = 1
)
func (PublicKey_KeyFormat) Descriptor
func (PublicKey_KeyFormat) Descriptor() protoreflect.EnumDescriptor
func (PublicKey_KeyFormat) Enum
func (x PublicKey_KeyFormat) Enum() *PublicKey_KeyFormat
func (PublicKey_KeyFormat) EnumDescriptor
func (PublicKey_KeyFormat) EnumDescriptor() ([]byte, []int)
Deprecated: Use PublicKey_KeyFormat.Descriptor instead.
func (PublicKey_KeyFormat) Number
func (x PublicKey_KeyFormat) Number() protoreflect.EnumNumber
func (PublicKey_KeyFormat) String
func (x PublicKey_KeyFormat) String() string
func (PublicKey_KeyFormat) Type
func (PublicKey_KeyFormat) Type() protoreflect.EnumType
RevocationReason
type RevocationReason int32
A [RevocationReason][google.cloud.security.privateca.v1.RevocationReason] indicates whether a [Certificate][google.cloud.security.privateca.v1.Certificate] has been revoked, and the reason for revocation. These correspond to standard revocation reasons from RFC 5280. Note that the enum labels and values in this definition are not the same ASN.1 values defined in RFC 5280. These values will be translated to the correct ASN.1 values when a CRL is created.
RevocationReason_REVOCATION_REASON_UNSPECIFIED, RevocationReason_KEY_COMPROMISE, RevocationReason_CERTIFICATE_AUTHORITY_COMPROMISE, RevocationReason_AFFILIATION_CHANGED, RevocationReason_SUPERSEDED, RevocationReason_CESSATION_OF_OPERATION, RevocationReason_CERTIFICATE_HOLD, RevocationReason_PRIVILEGE_WITHDRAWN, RevocationReason_ATTRIBUTE_AUTHORITY_COMPROMISE
const (
// Default unspecified value. This value does indicate that a
// [Certificate][google.cloud.security.privateca.v1.Certificate] has been
// revoked, but that a reason has not been recorded.
RevocationReason_REVOCATION_REASON_UNSPECIFIED RevocationReason = 0
// Key material for this
// [Certificate][google.cloud.security.privateca.v1.Certificate] may have
// leaked.
RevocationReason_KEY_COMPROMISE RevocationReason = 1
// The key material for a certificate authority in the issuing path may have
// leaked.
RevocationReason_CERTIFICATE_AUTHORITY_COMPROMISE RevocationReason = 2
// The subject or other attributes in this
// [Certificate][google.cloud.security.privateca.v1.Certificate] have changed.
RevocationReason_AFFILIATION_CHANGED RevocationReason = 3
// This [Certificate][google.cloud.security.privateca.v1.Certificate] has been
// superseded.
RevocationReason_SUPERSEDED RevocationReason = 4
// This [Certificate][google.cloud.security.privateca.v1.Certificate] or
// entities in the issuing path have ceased to operate.
RevocationReason_CESSATION_OF_OPERATION RevocationReason = 5
// This [Certificate][google.cloud.security.privateca.v1.Certificate] should
// not be considered valid, it is expected that it may become valid in the
// future.
RevocationReason_CERTIFICATE_HOLD RevocationReason = 6
// This [Certificate][google.cloud.security.privateca.v1.Certificate] no
// longer has permission to assert the listed attributes.
RevocationReason_PRIVILEGE_WITHDRAWN RevocationReason = 7
// The authority which determines appropriate attributes for a
// [Certificate][google.cloud.security.privateca.v1.Certificate] may have been
// compromised.
RevocationReason_ATTRIBUTE_AUTHORITY_COMPROMISE RevocationReason = 8
)
func (RevocationReason) Descriptor
func (RevocationReason) Descriptor() protoreflect.EnumDescriptor
func (RevocationReason) Enum
func (x RevocationReason) Enum() *RevocationReason
func (RevocationReason) EnumDescriptor
func (RevocationReason) EnumDescriptor() ([]byte, []int)
Deprecated: Use RevocationReason.Descriptor instead.
func (RevocationReason) Number
func (x RevocationReason) Number() protoreflect.EnumNumber
func (RevocationReason) String
func (x RevocationReason) String() string
func (RevocationReason) Type
func (RevocationReason) Type() protoreflect.EnumType
RevokeCertificateRequest
type RevokeCertificateRequest struct {
// Required. The resource name for this
// [Certificate][google.cloud.security.privateca.v1.Certificate] in the format
// `projects/*/locations/*/caPools/*/certificates/*`.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Required. The
// [RevocationReason][google.cloud.security.privateca.v1.RevocationReason] for
// revoking this certificate.
Reason RevocationReason `protobuf:"varint,2,opt,name=reason,proto3,enum=google.cloud.security.privateca.v1.RevocationReason" json:"reason,omitempty"`
// Optional. An ID to identify requests. Specify a unique request ID so that
// if you must retry your request, the server will know to ignore the request
// if it has already been completed. The server will guarantee that for at
// least 60 minutes since the first request.
//
// For example, consider a situation where you make an initial request and
// the request times out. If you make the request again with the same request
// ID, the server can check if original operation with the same request ID
// was received, and if so, will ignore the second request. This prevents
// clients from accidentally creating duplicate commitments.
//
// The request ID must be a valid UUID with the exception that zero UUID is
// not supported (00000000-0000-0000-0000-000000000000).
RequestId string `protobuf:"bytes,3,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.RevokeCertificate][google.cloud.security.privateca.v1.CertificateAuthorityService.RevokeCertificate].
func (*RevokeCertificateRequest) Descriptor
func (*RevokeCertificateRequest) Descriptor() ([]byte, []int)
Deprecated: Use RevokeCertificateRequest.ProtoReflect.Descriptor instead.
func (*RevokeCertificateRequest) GetName
func (x *RevokeCertificateRequest) GetName() string
func (*RevokeCertificateRequest) GetReason
func (x *RevokeCertificateRequest) GetReason() RevocationReason
func (*RevokeCertificateRequest) GetRequestId
func (x *RevokeCertificateRequest) GetRequestId() string
func (*RevokeCertificateRequest) ProtoMessage
func (*RevokeCertificateRequest) ProtoMessage()
func (*RevokeCertificateRequest) ProtoReflect
func (x *RevokeCertificateRequest) ProtoReflect() protoreflect.Message
func (*RevokeCertificateRequest) Reset
func (x *RevokeCertificateRequest) Reset()
func (*RevokeCertificateRequest) String
func (x *RevokeCertificateRequest) String() string
Subject
type Subject struct {
// The "common name" of the subject.
CommonName string `protobuf:"bytes,1,opt,name=common_name,json=commonName,proto3" json:"common_name,omitempty"`
// The country code of the subject.
CountryCode string `protobuf:"bytes,2,opt,name=country_code,json=countryCode,proto3" json:"country_code,omitempty"`
// The organization of the subject.
Organization string `protobuf:"bytes,3,opt,name=organization,proto3" json:"organization,omitempty"`
// The organizational_unit of the subject.
OrganizationalUnit string `protobuf:"bytes,4,opt,name=organizational_unit,json=organizationalUnit,proto3" json:"organizational_unit,omitempty"`
// The locality or city of the subject.
Locality string `protobuf:"bytes,5,opt,name=locality,proto3" json:"locality,omitempty"`
// The province, territory, or regional state of the subject.
Province string `protobuf:"bytes,6,opt,name=province,proto3" json:"province,omitempty"`
// The street address of the subject.
StreetAddress string `protobuf:"bytes,7,opt,name=street_address,json=streetAddress,proto3" json:"street_address,omitempty"`
// The postal code of the subject.
PostalCode string `protobuf:"bytes,8,opt,name=postal_code,json=postalCode,proto3" json:"postal_code,omitempty"`
// contains filtered or unexported fields
}
[Subject][google.cloud.security.privateca.v1.Subject] describes parts of a distinguished name that, in turn, describes the subject of the certificate.
func (*Subject) Descriptor
Deprecated: Use Subject.ProtoReflect.Descriptor instead.
func (*Subject) GetCommonName
func (*Subject) GetCountryCode
func (*Subject) GetLocality
func (*Subject) GetOrganization
func (*Subject) GetOrganizationalUnit
func (*Subject) GetPostalCode
func (*Subject) GetProvince
func (*Subject) GetStreetAddress
func (*Subject) ProtoMessage
func (*Subject) ProtoMessage()
func (*Subject) ProtoReflect
func (x *Subject) ProtoReflect() protoreflect.Message
func (*Subject) Reset
func (x *Subject) Reset()
func (*Subject) String
SubjectAltNames
type SubjectAltNames struct {
// Contains only valid, fully-qualified host names.
DnsNames []string `protobuf:"bytes,1,rep,name=dns_names,json=dnsNames,proto3" json:"dns_names,omitempty"`
// Contains only valid RFC 3986 URIs.
Uris []string `protobuf:"bytes,2,rep,name=uris,proto3" json:"uris,omitempty"`
// Contains only valid RFC 2822 E-mail addresses.
EmailAddresses []string `protobuf:"bytes,3,rep,name=email_addresses,json=emailAddresses,proto3" json:"email_addresses,omitempty"`
// Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
IpAddresses []string `protobuf:"bytes,4,rep,name=ip_addresses,json=ipAddresses,proto3" json:"ip_addresses,omitempty"`
// Contains additional subject alternative name values.
// For each custom_san, the `value` field must contain an ASN.1 encoded
// UTF8String.
CustomSans []*X509Extension `protobuf:"bytes,5,rep,name=custom_sans,json=customSans,proto3" json:"custom_sans,omitempty"`
// contains filtered or unexported fields
}
[SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name).
func (*SubjectAltNames) Descriptor
func (*SubjectAltNames) Descriptor() ([]byte, []int)
Deprecated: Use SubjectAltNames.ProtoReflect.Descriptor instead.
func (*SubjectAltNames) GetCustomSans
func (x *SubjectAltNames) GetCustomSans() []*X509Extension
func (*SubjectAltNames) GetDnsNames
func (x *SubjectAltNames) GetDnsNames() []string
func (*SubjectAltNames) GetEmailAddresses
func (x *SubjectAltNames) GetEmailAddresses() []string
func (*SubjectAltNames) GetIpAddresses
func (x *SubjectAltNames) GetIpAddresses() []string
func (*SubjectAltNames) GetUris
func (x *SubjectAltNames) GetUris() []string
func (*SubjectAltNames) ProtoMessage
func (*SubjectAltNames) ProtoMessage()
func (*SubjectAltNames) ProtoReflect
func (x *SubjectAltNames) ProtoReflect() protoreflect.Message
func (*SubjectAltNames) Reset
func (x *SubjectAltNames) Reset()
func (*SubjectAltNames) String
func (x *SubjectAltNames) String() string
SubjectRequestMode
type SubjectRequestMode int32
Describes the way in which a [Certificate][google.cloud.security.privateca.v1.Certificate]'s [Subject][google.cloud.security.privateca.v1.Subject] and/or [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] will be resolved.
SubjectRequestMode_SUBJECT_REQUEST_MODE_UNSPECIFIED, SubjectRequestMode_DEFAULT, SubjectRequestMode_REFLECTED_SPIFFE
const (
// Not specified.
SubjectRequestMode_SUBJECT_REQUEST_MODE_UNSPECIFIED SubjectRequestMode = 0
// The default mode used in most cases. Indicates that the certificate's
// [Subject][google.cloud.security.privateca.v1.Subject] and/or
// [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] are
// specified in the certificate request. This mode requires the caller to have
// the `privateca.certificates.create` permission.
SubjectRequestMode_DEFAULT SubjectRequestMode = 1
// A mode reserved for special cases. Indicates that the certificate should
// have one SPIFFE
// [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] set
// by the service based on the caller's identity. This mode will ignore any
// explicitly specified [Subject][google.cloud.security.privateca.v1.Subject]
// and/or
// [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] in
// the certificate request. This mode requires the caller to have the
// `privateca.certificates.createForSelf` permission.
SubjectRequestMode_REFLECTED_SPIFFE SubjectRequestMode = 2
)
func (SubjectRequestMode) Descriptor
func (SubjectRequestMode) Descriptor() protoreflect.EnumDescriptor
func (SubjectRequestMode) Enum
func (x SubjectRequestMode) Enum() *SubjectRequestMode
func (SubjectRequestMode) EnumDescriptor
func (SubjectRequestMode) EnumDescriptor() ([]byte, []int)
Deprecated: Use SubjectRequestMode.Descriptor instead.
func (SubjectRequestMode) Number
func (x SubjectRequestMode) Number() protoreflect.EnumNumber
func (SubjectRequestMode) String
func (x SubjectRequestMode) String() string
func (SubjectRequestMode) Type
func (SubjectRequestMode) Type() protoreflect.EnumType
SubordinateConfig
type SubordinateConfig struct {
// Types that are assignable to SubordinateConfig:
// *SubordinateConfig_CertificateAuthority
// *SubordinateConfig_PemIssuerChain
SubordinateConfig isSubordinateConfig_SubordinateConfig `protobuf_oneof:"subordinate_config"`
// contains filtered or unexported fields
}
Describes a subordinate CA's issuers. This is either a resource name to a known issuing [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority], or a PEM issuer certificate chain.
func (*SubordinateConfig) Descriptor
func (*SubordinateConfig) Descriptor() ([]byte, []int)
Deprecated: Use SubordinateConfig.ProtoReflect.Descriptor instead.
func (*SubordinateConfig) GetCertificateAuthority
func (x *SubordinateConfig) GetCertificateAuthority() string
func (*SubordinateConfig) GetPemIssuerChain
func (x *SubordinateConfig) GetPemIssuerChain() *SubordinateConfig_SubordinateConfigChain
func (*SubordinateConfig) GetSubordinateConfig
func (m *SubordinateConfig) GetSubordinateConfig() isSubordinateConfig_SubordinateConfig
func (*SubordinateConfig) ProtoMessage
func (*SubordinateConfig) ProtoMessage()
func (*SubordinateConfig) ProtoReflect
func (x *SubordinateConfig) ProtoReflect() protoreflect.Message
func (*SubordinateConfig) Reset
func (x *SubordinateConfig) Reset()
func (*SubordinateConfig) String
func (x *SubordinateConfig) String() string
SubordinateConfig_CertificateAuthority
type SubordinateConfig_CertificateAuthority struct {
// Required. This can refer to a
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// that was used to create a subordinate
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
// This field is used for information and usability purposes only. The
// resource name is in the format
// `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
CertificateAuthority string `protobuf:"bytes,1,opt,name=certificate_authority,json=certificateAuthority,proto3,oneof"`
}
SubordinateConfig_PemIssuerChain
type SubordinateConfig_PemIssuerChain struct {
// Required. Contains the PEM certificate chain for the issuers of this
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority],
// but not pem certificate for this CA itself.
PemIssuerChain *SubordinateConfig_SubordinateConfigChain `protobuf:"bytes,2,opt,name=pem_issuer_chain,json=pemIssuerChain,proto3,oneof"`
}
SubordinateConfig_SubordinateConfigChain
type SubordinateConfig_SubordinateConfigChain struct {
// Required. Expected to be in leaf-to-root order according to RFC 5246.
PemCertificates []string `protobuf:"bytes,1,rep,name=pem_certificates,json=pemCertificates,proto3" json:"pem_certificates,omitempty"`
// contains filtered or unexported fields
}
This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons.
func (*SubordinateConfig_SubordinateConfigChain) Descriptor
func (*SubordinateConfig_SubordinateConfigChain) Descriptor() ([]byte, []int)
Deprecated: Use SubordinateConfig_SubordinateConfigChain.ProtoReflect.Descriptor instead.
func (*SubordinateConfig_SubordinateConfigChain) GetPemCertificates
func (x *SubordinateConfig_SubordinateConfigChain) GetPemCertificates() []string
func (*SubordinateConfig_SubordinateConfigChain) ProtoMessage
func (*SubordinateConfig_SubordinateConfigChain) ProtoMessage()
func (*SubordinateConfig_SubordinateConfigChain) ProtoReflect
func (x *SubordinateConfig_SubordinateConfigChain) ProtoReflect() protoreflect.Message
func (*SubordinateConfig_SubordinateConfigChain) Reset
func (x *SubordinateConfig_SubordinateConfigChain) Reset()
func (*SubordinateConfig_SubordinateConfigChain) String
func (x *SubordinateConfig_SubordinateConfigChain) String() string
UndeleteCertificateAuthorityRequest
type UndeleteCertificateAuthorityRequest struct {
// Required. The resource name for this
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Optional. An ID to identify requests. Specify a unique request ID so that
// if you must retry your request, the server will know to ignore the request
// if it has already been completed. The server will guarantee that for at
// least 60 minutes since the first request.
//
// For example, consider a situation where you make an initial request and
// the request times out. If you make the request again with the same request
// ID, the server can check if original operation with the same request ID
// was received, and if so, will ignore the second request. This prevents
// clients from accidentally creating duplicate commitments.
//
// The request ID must be a valid UUID with the exception that zero UUID is
// not supported (00000000-0000-0000-0000-000000000000).
RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.UndeleteCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.UndeleteCertificateAuthority].
func (*UndeleteCertificateAuthorityRequest) Descriptor
func (*UndeleteCertificateAuthorityRequest) Descriptor() ([]byte, []int)
Deprecated: Use UndeleteCertificateAuthorityRequest.ProtoReflect.Descriptor instead.
func (*UndeleteCertificateAuthorityRequest) GetName
func (x *UndeleteCertificateAuthorityRequest) GetName() string
func (*UndeleteCertificateAuthorityRequest) GetRequestId
func (x *UndeleteCertificateAuthorityRequest) GetRequestId() string
func (*UndeleteCertificateAuthorityRequest) ProtoMessage
func (*UndeleteCertificateAuthorityRequest) ProtoMessage()
func (*UndeleteCertificateAuthorityRequest) ProtoReflect
func (x *UndeleteCertificateAuthorityRequest) ProtoReflect() protoreflect.Message
func (*UndeleteCertificateAuthorityRequest) Reset
func (x *UndeleteCertificateAuthorityRequest) Reset()
func (*UndeleteCertificateAuthorityRequest) String
func (x *UndeleteCertificateAuthorityRequest) String() string
UnimplementedCertificateAuthorityServiceServer
type UnimplementedCertificateAuthorityServiceServer struct {
}
UnimplementedCertificateAuthorityServiceServer can be embedded to have forward compatible implementations.
func (*UnimplementedCertificateAuthorityServiceServer) ActivateCertificateAuthority
func (*UnimplementedCertificateAuthorityServiceServer) ActivateCertificateAuthority(context.Context, *ActivateCertificateAuthorityRequest) (*longrunningpb.Operation, error)
func (*UnimplementedCertificateAuthorityServiceServer) CreateCaPool
func (*UnimplementedCertificateAuthorityServiceServer) CreateCaPool(context.Context, *CreateCaPoolRequest) (*longrunningpb.Operation, error)
func (*UnimplementedCertificateAuthorityServiceServer) CreateCertificate
func (*UnimplementedCertificateAuthorityServiceServer) CreateCertificate(context.Context, *CreateCertificateRequest) (*Certificate, error)
func (*UnimplementedCertificateAuthorityServiceServer) CreateCertificateAuthority
func (*UnimplementedCertificateAuthorityServiceServer) CreateCertificateAuthority(context.Context, *CreateCertificateAuthorityRequest) (*longrunningpb.Operation, error)
func (*UnimplementedCertificateAuthorityServiceServer) CreateCertificateTemplate
func (*UnimplementedCertificateAuthorityServiceServer) CreateCertificateTemplate(context.Context, *CreateCertificateTemplateRequest) (*longrunningpb.Operation, error)
func (*UnimplementedCertificateAuthorityServiceServer) DeleteCaPool
func (*UnimplementedCertificateAuthorityServiceServer) DeleteCaPool(context.Context, *DeleteCaPoolRequest) (*longrunningpb.Operation, error)
func (*UnimplementedCertificateAuthorityServiceServer) DeleteCertificateAuthority
func (*UnimplementedCertificateAuthorityServiceServer) DeleteCertificateAuthority(context.Context, *DeleteCertificateAuthorityRequest) (*longrunningpb.Operation, error)
func (*UnimplementedCertificateAuthorityServiceServer) DeleteCertificateTemplate
func (*UnimplementedCertificateAuthorityServiceServer) DeleteCertificateTemplate(context.Context, *DeleteCertificateTemplateRequest) (*longrunningpb.Operation, error)
func (*UnimplementedCertificateAuthorityServiceServer) DisableCertificateAuthority
func (*UnimplementedCertificateAuthorityServiceServer) DisableCertificateAuthority(context.Context, *DisableCertificateAuthorityRequest) (*longrunningpb.Operation, error)
func (*UnimplementedCertificateAuthorityServiceServer) EnableCertificateAuthority
func (*UnimplementedCertificateAuthorityServiceServer) EnableCertificateAuthority(context.Context, *EnableCertificateAuthorityRequest) (*longrunningpb.Operation, error)
func (*UnimplementedCertificateAuthorityServiceServer) FetchCaCerts
func (*UnimplementedCertificateAuthorityServiceServer) FetchCaCerts(context.Context, *FetchCaCertsRequest) (*FetchCaCertsResponse, error)
func (*UnimplementedCertificateAuthorityServiceServer) FetchCertificateAuthorityCsr
func (*UnimplementedCertificateAuthorityServiceServer) FetchCertificateAuthorityCsr(context.Context, *FetchCertificateAuthorityCsrRequest) (*FetchCertificateAuthorityCsrResponse, error)
func (*UnimplementedCertificateAuthorityServiceServer) GetCaPool
func (*UnimplementedCertificateAuthorityServiceServer) GetCaPool(context.Context, *GetCaPoolRequest) (*CaPool, error)
func (*UnimplementedCertificateAuthorityServiceServer) GetCertificate
func (*UnimplementedCertificateAuthorityServiceServer) GetCertificate(context.Context, *GetCertificateRequest) (*Certificate, error)
func (*UnimplementedCertificateAuthorityServiceServer) GetCertificateAuthority
func (*UnimplementedCertificateAuthorityServiceServer) GetCertificateAuthority(context.Context, *GetCertificateAuthorityRequest) (*CertificateAuthority, error)
func (*UnimplementedCertificateAuthorityServiceServer) GetCertificateRevocationList
func (*UnimplementedCertificateAuthorityServiceServer) GetCertificateRevocationList(context.Context, *GetCertificateRevocationListRequest) (*CertificateRevocationList, error)
func (*UnimplementedCertificateAuthorityServiceServer) GetCertificateTemplate
func (*UnimplementedCertificateAuthorityServiceServer) GetCertificateTemplate(context.Context, *GetCertificateTemplateRequest) (*CertificateTemplate, error)
func (*UnimplementedCertificateAuthorityServiceServer) ListCaPools
func (*UnimplementedCertificateAuthorityServiceServer) ListCaPools(context.Context, *ListCaPoolsRequest) (*ListCaPoolsResponse, error)
func (*UnimplementedCertificateAuthorityServiceServer) ListCertificateAuthorities
func (*UnimplementedCertificateAuthorityServiceServer) ListCertificateAuthorities(context.Context, *ListCertificateAuthoritiesRequest) (*ListCertificateAuthoritiesResponse, error)
func (*UnimplementedCertificateAuthorityServiceServer) ListCertificateRevocationLists
func (*UnimplementedCertificateAuthorityServiceServer) ListCertificateRevocationLists(context.Context, *ListCertificateRevocationListsRequest) (*ListCertificateRevocationListsResponse, error)
func (*UnimplementedCertificateAuthorityServiceServer) ListCertificateTemplates
func (*UnimplementedCertificateAuthorityServiceServer) ListCertificateTemplates(context.Context, *ListCertificateTemplatesRequest) (*ListCertificateTemplatesResponse, error)
func (*UnimplementedCertificateAuthorityServiceServer) ListCertificates
func (*UnimplementedCertificateAuthorityServiceServer) ListCertificates(context.Context, *ListCertificatesRequest) (*ListCertificatesResponse, error)
func (*UnimplementedCertificateAuthorityServiceServer) RevokeCertificate
func (*UnimplementedCertificateAuthorityServiceServer) RevokeCertificate(context.Context, *RevokeCertificateRequest) (*Certificate, error)
func (*UnimplementedCertificateAuthorityServiceServer) UndeleteCertificateAuthority
func (*UnimplementedCertificateAuthorityServiceServer) UndeleteCertificateAuthority(context.Context, *UndeleteCertificateAuthorityRequest) (*longrunningpb.Operation, error)
func (*UnimplementedCertificateAuthorityServiceServer) UpdateCaPool
func (*UnimplementedCertificateAuthorityServiceServer) UpdateCaPool(context.Context, *UpdateCaPoolRequest) (*longrunningpb.Operation, error)
func (*UnimplementedCertificateAuthorityServiceServer) UpdateCertificate
func (*UnimplementedCertificateAuthorityServiceServer) UpdateCertificate(context.Context, *UpdateCertificateRequest) (*Certificate, error)
func (*UnimplementedCertificateAuthorityServiceServer) UpdateCertificateAuthority
func (*UnimplementedCertificateAuthorityServiceServer) UpdateCertificateAuthority(context.Context, *UpdateCertificateAuthorityRequest) (*longrunningpb.Operation, error)
func (*UnimplementedCertificateAuthorityServiceServer) UpdateCertificateRevocationList
func (*UnimplementedCertificateAuthorityServiceServer) UpdateCertificateRevocationList(context.Context, *UpdateCertificateRevocationListRequest) (*longrunningpb.Operation, error)
func (*UnimplementedCertificateAuthorityServiceServer) UpdateCertificateTemplate
func (*UnimplementedCertificateAuthorityServiceServer) UpdateCertificateTemplate(context.Context, *UpdateCertificateTemplateRequest) (*longrunningpb.Operation, error)
UpdateCaPoolRequest
type UpdateCaPoolRequest struct {
// Required. [CaPool][google.cloud.security.privateca.v1.CaPool] with updated
// values.
CaPool *CaPool `protobuf:"bytes,1,opt,name=ca_pool,json=caPool,proto3" json:"ca_pool,omitempty"`
// Required. A list of fields to be updated in this request.
UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
// Optional. An ID to identify requests. Specify a unique request ID so that
// if you must retry your request, the server will know to ignore the request
// if it has already been completed. The server will guarantee that for at
// least 60 minutes since the first request.
//
// For example, consider a situation where you make an initial request and
// the request times out. If you make the request again with the same request
// ID, the server can check if original operation with the same request ID
// was received, and if so, will ignore the second request. This prevents
// clients from accidentally creating duplicate commitments.
//
// The request ID must be a valid UUID with the exception that zero UUID is
// not supported (00000000-0000-0000-0000-000000000000).
RequestId string `protobuf:"bytes,3,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.UpdateCaPool][google.cloud.security.privateca.v1.CertificateAuthorityService.UpdateCaPool].
func (*UpdateCaPoolRequest) Descriptor
func (*UpdateCaPoolRequest) Descriptor() ([]byte, []int)
Deprecated: Use UpdateCaPoolRequest.ProtoReflect.Descriptor instead.
func (*UpdateCaPoolRequest) GetCaPool
func (x *UpdateCaPoolRequest) GetCaPool() *CaPool
func (*UpdateCaPoolRequest) GetRequestId
func (x *UpdateCaPoolRequest) GetRequestId() string
func (*UpdateCaPoolRequest) GetUpdateMask
func (x *UpdateCaPoolRequest) GetUpdateMask() *fieldmaskpb.FieldMask
func (*UpdateCaPoolRequest) ProtoMessage
func (*UpdateCaPoolRequest) ProtoMessage()
func (*UpdateCaPoolRequest) ProtoReflect
func (x *UpdateCaPoolRequest) ProtoReflect() protoreflect.Message
func (*UpdateCaPoolRequest) Reset
func (x *UpdateCaPoolRequest) Reset()
func (*UpdateCaPoolRequest) String
func (x *UpdateCaPoolRequest) String() string
UpdateCertificateAuthorityRequest
type UpdateCertificateAuthorityRequest struct {
// Required.
// [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
// with updated values.
CertificateAuthority *CertificateAuthority `protobuf:"bytes,1,opt,name=certificate_authority,json=certificateAuthority,proto3" json:"certificate_authority,omitempty"`
// Required. A list of fields to be updated in this request.
UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
// Optional. An ID to identify requests. Specify a unique request ID so that
// if you must retry your request, the server will know to ignore the request
// if it has already been completed. The server will guarantee that for at
// least 60 minutes since the first request.
//
// For example, consider a situation where you make an initial request and
// the request times out. If you make the request again with the same request
// ID, the server can check if original operation with the same request ID
// was received, and if so, will ignore the second request. This prevents
// clients from accidentally creating duplicate commitments.
//
// The request ID must be a valid UUID with the exception that zero UUID is
// not supported (00000000-0000-0000-0000-000000000000).
RequestId string `protobuf:"bytes,3,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.UpdateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.UpdateCertificateAuthority].
func (*UpdateCertificateAuthorityRequest) Descriptor
func (*UpdateCertificateAuthorityRequest) Descriptor() ([]byte, []int)
Deprecated: Use UpdateCertificateAuthorityRequest.ProtoReflect.Descriptor instead.
func (*UpdateCertificateAuthorityRequest) GetCertificateAuthority
func (x *UpdateCertificateAuthorityRequest) GetCertificateAuthority() *CertificateAuthority
func (*UpdateCertificateAuthorityRequest) GetRequestId
func (x *UpdateCertificateAuthorityRequest) GetRequestId() string
func (*UpdateCertificateAuthorityRequest) GetUpdateMask
func (x *UpdateCertificateAuthorityRequest) GetUpdateMask() *fieldmaskpb.FieldMask
func (*UpdateCertificateAuthorityRequest) ProtoMessage
func (*UpdateCertificateAuthorityRequest) ProtoMessage()
func (*UpdateCertificateAuthorityRequest) ProtoReflect
func (x *UpdateCertificateAuthorityRequest) ProtoReflect() protoreflect.Message
func (*UpdateCertificateAuthorityRequest) Reset
func (x *UpdateCertificateAuthorityRequest) Reset()
func (*UpdateCertificateAuthorityRequest) String
func (x *UpdateCertificateAuthorityRequest) String() string
UpdateCertificateRequest
type UpdateCertificateRequest struct {
// Required. [Certificate][google.cloud.security.privateca.v1.Certificate]
// with updated values.
Certificate *Certificate `protobuf:"bytes,1,opt,name=certificate,proto3" json:"certificate,omitempty"`
// Required. A list of fields to be updated in this request.
UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
// Optional. An ID to identify requests. Specify a unique request ID so that
// if you must retry your request, the server will know to ignore the request
// if it has already been completed. The server will guarantee that for at
// least 60 minutes since the first request.
//
// For example, consider a situation where you make an initial request and
// the request times out. If you make the request again with the same request
// ID, the server can check if original operation with the same request ID
// was received, and if so, will ignore the second request. This prevents
// clients from accidentally creating duplicate commitments.
//
// The request ID must be a valid UUID with the exception that zero UUID is
// not supported (00000000-0000-0000-0000-000000000000).
RequestId string `protobuf:"bytes,3,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.UpdateCertificate][google.cloud.security.privateca.v1.CertificateAuthorityService.UpdateCertificate].
func (*UpdateCertificateRequest) Descriptor
func (*UpdateCertificateRequest) Descriptor() ([]byte, []int)
Deprecated: Use UpdateCertificateRequest.ProtoReflect.Descriptor instead.
func (*UpdateCertificateRequest) GetCertificate
func (x *UpdateCertificateRequest) GetCertificate() *Certificate
func (*UpdateCertificateRequest) GetRequestId
func (x *UpdateCertificateRequest) GetRequestId() string
func (*UpdateCertificateRequest) GetUpdateMask
func (x *UpdateCertificateRequest) GetUpdateMask() *fieldmaskpb.FieldMask
func (*UpdateCertificateRequest) ProtoMessage
func (*UpdateCertificateRequest) ProtoMessage()
func (*UpdateCertificateRequest) ProtoReflect
func (x *UpdateCertificateRequest) ProtoReflect() protoreflect.Message
func (*UpdateCertificateRequest) Reset
func (x *UpdateCertificateRequest) Reset()
func (*UpdateCertificateRequest) String
func (x *UpdateCertificateRequest) String() string
UpdateCertificateRevocationListRequest
type UpdateCertificateRevocationListRequest struct {
CertificateRevocationList *CertificateRevocationList "" /* 138 byte string literal not displayed */
UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
RequestId string `protobuf:"bytes,3,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
}
Request message for [CertificateAuthorityService.UpdateCertificateRevocationList][google.cloud.security.privateca.v1.CertificateAuthorityService.UpdateCertificateRevocationList].
func (*UpdateCertificateRevocationListRequest) Descriptor
func (*UpdateCertificateRevocationListRequest) Descriptor() ([]byte, []int)
Deprecated: Use UpdateCertificateRevocationListRequest.ProtoReflect.Descriptor instead.
func (*UpdateCertificateRevocationListRequest) GetCertificateRevocationList
func (x *UpdateCertificateRevocationListRequest) GetCertificateRevocationList() *CertificateRevocationList
func (*UpdateCertificateRevocationListRequest) GetRequestId
func (x *UpdateCertificateRevocationListRequest) GetRequestId() string
func (*UpdateCertificateRevocationListRequest) GetUpdateMask
func (x *UpdateCertificateRevocationListRequest) GetUpdateMask() *fieldmaskpb.FieldMask
func (*UpdateCertificateRevocationListRequest) ProtoMessage
func (*UpdateCertificateRevocationListRequest) ProtoMessage()
func (*UpdateCertificateRevocationListRequest) ProtoReflect
func (x *UpdateCertificateRevocationListRequest) ProtoReflect() protoreflect.Message
func (*UpdateCertificateRevocationListRequest) Reset
func (x *UpdateCertificateRevocationListRequest) Reset()
func (*UpdateCertificateRevocationListRequest) String
func (x *UpdateCertificateRevocationListRequest) String() string
UpdateCertificateTemplateRequest
type UpdateCertificateTemplateRequest struct {
// Required.
// [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate]
// with updated values.
CertificateTemplate *CertificateTemplate `protobuf:"bytes,1,opt,name=certificate_template,json=certificateTemplate,proto3" json:"certificate_template,omitempty"`
// Required. A list of fields to be updated in this request.
UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
// Optional. An ID to identify requests. Specify a unique request ID so that
// if you must retry your request, the server will know to ignore the request
// if it has already been completed. The server will guarantee that for at
// least 60 minutes since the first request.
//
// For example, consider a situation where you make an initial request and
// the request times out. If you make the request again with the same request
// ID, the server can check if original operation with the same request ID
// was received, and if so, will ignore the second request. This prevents
// clients from accidentally creating duplicate commitments.
//
// The request ID must be a valid UUID with the exception that zero UUID is
// not supported (00000000-0000-0000-0000-000000000000).
RequestId string `protobuf:"bytes,3,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.UpdateCertificateTemplate][google.cloud.security.privateca.v1.CertificateAuthorityService.UpdateCertificateTemplate].
func (*UpdateCertificateTemplateRequest) Descriptor
func (*UpdateCertificateTemplateRequest) Descriptor() ([]byte, []int)
Deprecated: Use UpdateCertificateTemplateRequest.ProtoReflect.Descriptor instead.
func (*UpdateCertificateTemplateRequest) GetCertificateTemplate
func (x *UpdateCertificateTemplateRequest) GetCertificateTemplate() *CertificateTemplate
func (*UpdateCertificateTemplateRequest) GetRequestId
func (x *UpdateCertificateTemplateRequest) GetRequestId() string
func (*UpdateCertificateTemplateRequest) GetUpdateMask
func (x *UpdateCertificateTemplateRequest) GetUpdateMask() *fieldmaskpb.FieldMask
func (*UpdateCertificateTemplateRequest) ProtoMessage
func (*UpdateCertificateTemplateRequest) ProtoMessage()
func (*UpdateCertificateTemplateRequest) ProtoReflect
func (x *UpdateCertificateTemplateRequest) ProtoReflect() protoreflect.Message
func (*UpdateCertificateTemplateRequest) Reset
func (x *UpdateCertificateTemplateRequest) Reset()
func (*UpdateCertificateTemplateRequest) String
func (x *UpdateCertificateTemplateRequest) String() string
X509Extension
type X509Extension struct {
// Required. The OID for this X.509 extension.
ObjectId *ObjectId `protobuf:"bytes,1,opt,name=object_id,json=objectId,proto3" json:"object_id,omitempty"`
// Optional. Indicates whether or not this extension is critical (i.e., if the
// client does not know how to handle this extension, the client should
// consider this to be an error).
Critical bool `protobuf:"varint,2,opt,name=critical,proto3" json:"critical,omitempty"`
// Required. The value of this X.509 extension.
Value []byte `protobuf:"bytes,3,opt,name=value,proto3" json:"value,omitempty"`
// contains filtered or unexported fields
}
An [X509Extension][google.cloud.security.privateca.v1.X509Extension] specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
func (*X509Extension) Descriptor
func (*X509Extension) Descriptor() ([]byte, []int)
Deprecated: Use X509Extension.ProtoReflect.Descriptor instead.
func (*X509Extension) GetCritical
func (x *X509Extension) GetCritical() bool
func (*X509Extension) GetObjectId
func (x *X509Extension) GetObjectId() *ObjectId
func (*X509Extension) GetValue
func (x *X509Extension) GetValue() []byte
func (*X509Extension) ProtoMessage
func (*X509Extension) ProtoMessage()
func (*X509Extension) ProtoReflect
func (x *X509Extension) ProtoReflect() protoreflect.Message
func (*X509Extension) Reset
func (x *X509Extension) Reset()
func (*X509Extension) String
func (x *X509Extension) String() string
X509Parameters
type X509Parameters struct {
// Optional. Indicates the intended use for keys that correspond to a
// certificate.
KeyUsage *KeyUsage `protobuf:"bytes,1,opt,name=key_usage,json=keyUsage,proto3" json:"key_usage,omitempty"`
// Optional. Describes options in this
// [X509Parameters][google.cloud.security.privateca.v1.X509Parameters] that
// are relevant in a CA certificate.
CaOptions *X509Parameters_CaOptions `protobuf:"bytes,2,opt,name=ca_options,json=caOptions,proto3" json:"ca_options,omitempty"`
// Optional. Describes the X.509 certificate policy object identifiers, per
// https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
PolicyIds []*ObjectId `protobuf:"bytes,3,rep,name=policy_ids,json=policyIds,proto3" json:"policy_ids,omitempty"`
// Optional. Describes Online Certificate Status Protocol (OCSP) endpoint
// addresses that appear in the "Authority Information Access" extension in
// the certificate.
AiaOcspServers []string `protobuf:"bytes,4,rep,name=aia_ocsp_servers,json=aiaOcspServers,proto3" json:"aia_ocsp_servers,omitempty"`
// Optional. Describes the X.509 name constraints extension.
NameConstraints *X509Parameters_NameConstraints `protobuf:"bytes,6,opt,name=name_constraints,json=nameConstraints,proto3" json:"name_constraints,omitempty"`
// Optional. Describes custom X.509 extensions.
AdditionalExtensions []*X509Extension `protobuf:"bytes,5,rep,name=additional_extensions,json=additionalExtensions,proto3" json:"additional_extensions,omitempty"`
// contains filtered or unexported fields
}
An [X509Parameters][google.cloud.security.privateca.v1.X509Parameters] is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions.
func (*X509Parameters) Descriptor
func (*X509Parameters) Descriptor() ([]byte, []int)
Deprecated: Use X509Parameters.ProtoReflect.Descriptor instead.
func (*X509Parameters) GetAdditionalExtensions
func (x *X509Parameters) GetAdditionalExtensions() []*X509Extension
func (*X509Parameters) GetAiaOcspServers
func (x *X509Parameters) GetAiaOcspServers() []string
func (*X509Parameters) GetCaOptions
func (x *X509Parameters) GetCaOptions() *X509Parameters_CaOptions
func (*X509Parameters) GetKeyUsage
func (x *X509Parameters) GetKeyUsage() *KeyUsage
func (*X509Parameters) GetNameConstraints
func (x *X509Parameters) GetNameConstraints() *X509Parameters_NameConstraints
func (*X509Parameters) GetPolicyIds
func (x *X509Parameters) GetPolicyIds() []*ObjectId
func (*X509Parameters) ProtoMessage
func (*X509Parameters) ProtoMessage()
func (*X509Parameters) ProtoReflect
func (x *X509Parameters) ProtoReflect() protoreflect.Message
func (*X509Parameters) Reset
func (x *X509Parameters) Reset()
func (*X509Parameters) String
func (x *X509Parameters) String() string
X509Parameters_CaOptions
type X509Parameters_CaOptions struct {
IsCa *bool `protobuf:"varint,1,opt,name=is_ca,json=isCa,proto3,oneof" json:"is_ca,omitempty"`
MaxIssuerPathLength *int32 "" /* 129 byte string literal not displayed */
}
Describes values that are relevant in a CA certificate.
func (*X509Parameters_CaOptions) Descriptor
func (*X509Parameters_CaOptions) Descriptor() ([]byte, []int)
Deprecated: Use X509Parameters_CaOptions.ProtoReflect.Descriptor instead.
func (*X509Parameters_CaOptions) GetIsCa
func (x *X509Parameters_CaOptions) GetIsCa() bool
func (*X509Parameters_CaOptions) GetMaxIssuerPathLength
func (x *X509Parameters_CaOptions) GetMaxIssuerPathLength() int32
func (*X509Parameters_CaOptions) ProtoMessage
func (*X509Parameters_CaOptions) ProtoMessage()
func (*X509Parameters_CaOptions) ProtoReflect
func (x *X509Parameters_CaOptions) ProtoReflect() protoreflect.Message
func (*X509Parameters_CaOptions) Reset
func (x *X509Parameters_CaOptions) Reset()
func (*X509Parameters_CaOptions) String
func (x *X509Parameters_CaOptions) String() string
X509Parameters_NameConstraints
type X509Parameters_NameConstraints struct {
Critical bool `protobuf:"varint,1,opt,name=critical,proto3" json:"critical,omitempty"`
PermittedDnsNames []string `protobuf:"bytes,2,rep,name=permitted_dns_names,json=permittedDnsNames,proto3" json:"permitted_dns_names,omitempty"`
ExcludedDnsNames []string `protobuf:"bytes,3,rep,name=excluded_dns_names,json=excludedDnsNames,proto3" json:"excluded_dns_names,omitempty"`
PermittedIpRanges []string `protobuf:"bytes,4,rep,name=permitted_ip_ranges,json=permittedIpRanges,proto3" json:"permitted_ip_ranges,omitempty"`
ExcludedIpRanges []string `protobuf:"bytes,5,rep,name=excluded_ip_ranges,json=excludedIpRanges,proto3" json:"excluded_ip_ranges,omitempty"`
PermittedEmailAddresses []string "" /* 132 byte string literal not displayed */
ExcludedEmailAddresses []string "" /* 129 byte string literal not displayed */
PermittedUris []string `protobuf:"bytes,8,rep,name=permitted_uris,json=permittedUris,proto3" json:"permitted_uris,omitempty"`
ExcludedUris []string `protobuf:"bytes,9,rep,name=excluded_uris,json=excludedUris,proto3" json:"excluded_uris,omitempty"`
}
Describes the X.509 name constraints extension, per https://tools.ietf.org/html/rfc5280#section-4.2.1.10
func (*X509Parameters_NameConstraints) Descriptor
func (*X509Parameters_NameConstraints) Descriptor() ([]byte, []int)
Deprecated: Use X509Parameters_NameConstraints.ProtoReflect.Descriptor instead.
func (*X509Parameters_NameConstraints) GetCritical
func (x *X509Parameters_NameConstraints) GetCritical() bool
func (*X509Parameters_NameConstraints) GetExcludedDnsNames
func (x *X509Parameters_NameConstraints) GetExcludedDnsNames() []string
func (*X509Parameters_NameConstraints) GetExcludedEmailAddresses
func (x *X509Parameters_NameConstraints) GetExcludedEmailAddresses() []string
func (*X509Parameters_NameConstraints) GetExcludedIpRanges
func (x *X509Parameters_NameConstraints) GetExcludedIpRanges() []string
func (*X509Parameters_NameConstraints) GetExcludedUris
func (x *X509Parameters_NameConstraints) GetExcludedUris() []string
func (*X509Parameters_NameConstraints) GetPermittedDnsNames
func (x *X509Parameters_NameConstraints) GetPermittedDnsNames() []string
func (*X509Parameters_NameConstraints) GetPermittedEmailAddresses
func (x *X509Parameters_NameConstraints) GetPermittedEmailAddresses() []string
func (*X509Parameters_NameConstraints) GetPermittedIpRanges
func (x *X509Parameters_NameConstraints) GetPermittedIpRanges() []string
func (*X509Parameters_NameConstraints) GetPermittedUris
func (x *X509Parameters_NameConstraints) GetPermittedUris() []string
func (*X509Parameters_NameConstraints) ProtoMessage
func (*X509Parameters_NameConstraints) ProtoMessage()
func (*X509Parameters_NameConstraints) ProtoReflect
func (x *X509Parameters_NameConstraints) ProtoReflect() protoreflect.Message
func (*X509Parameters_NameConstraints) Reset
func (x *X509Parameters_NameConstraints) Reset()
func (*X509Parameters_NameConstraints) String
func (x *X509Parameters_NameConstraints) String() string