Package cloud.google.com/go/security/privateca/apiv1beta1/privatecapb (v1.7.0)

Stay organized with collections Save and categorize content based on your preferences.

Variables

RevocationReason_name, RevocationReason_value

var (
	RevocationReason_name = map[int32]string{
		0: "REVOCATION_REASON_UNSPECIFIED",
		1: "KEY_COMPROMISE",
		2: "CERTIFICATE_AUTHORITY_COMPROMISE",
		3: "AFFILIATION_CHANGED",
		4: "SUPERSEDED",
		5: "CESSATION_OF_OPERATION",
		6: "CERTIFICATE_HOLD",
		7: "PRIVILEGE_WITHDRAWN",
		8: "ATTRIBUTE_AUTHORITY_COMPROMISE",
	}
	RevocationReason_value = map[string]int32{
		"REVOCATION_REASON_UNSPECIFIED":    0,
		"KEY_COMPROMISE":                   1,
		"CERTIFICATE_AUTHORITY_COMPROMISE": 2,
		"AFFILIATION_CHANGED":              3,
		"SUPERSEDED":                       4,
		"CESSATION_OF_OPERATION":           5,
		"CERTIFICATE_HOLD":                 6,
		"PRIVILEGE_WITHDRAWN":              7,
		"ATTRIBUTE_AUTHORITY_COMPROMISE":   8,
	}
)

Enum value maps for RevocationReason.

CertificateAuthority_Type_name, CertificateAuthority_Type_value

var (
	CertificateAuthority_Type_name = map[int32]string{
		0: "TYPE_UNSPECIFIED",
		1: "SELF_SIGNED",
		2: "SUBORDINATE",
	}
	CertificateAuthority_Type_value = map[string]int32{
		"TYPE_UNSPECIFIED": 0,
		"SELF_SIGNED":      1,
		"SUBORDINATE":      2,
	}
)

Enum value maps for CertificateAuthority_Type.

CertificateAuthority_Tier_name, CertificateAuthority_Tier_value

var (
	CertificateAuthority_Tier_name = map[int32]string{
		0: "TIER_UNSPECIFIED",
		1: "ENTERPRISE",
		2: "DEVOPS",
	}
	CertificateAuthority_Tier_value = map[string]int32{
		"TIER_UNSPECIFIED": 0,
		"ENTERPRISE":       1,
		"DEVOPS":           2,
	}
)

Enum value maps for CertificateAuthority_Tier.

CertificateAuthority_State_name, CertificateAuthority_State_value

var (
	CertificateAuthority_State_name = map[int32]string{
		0: "STATE_UNSPECIFIED",
		1: "ENABLED",
		2: "DISABLED",
		3: "PENDING_ACTIVATION",
		4: "PENDING_DELETION",
	}
	CertificateAuthority_State_value = map[string]int32{
		"STATE_UNSPECIFIED":  0,
		"ENABLED":            1,
		"DISABLED":           2,
		"PENDING_ACTIVATION": 3,
		"PENDING_DELETION":   4,
	}
)

Enum value maps for CertificateAuthority_State.

CertificateAuthority_SignHashAlgorithm_name, CertificateAuthority_SignHashAlgorithm_value

var (
	CertificateAuthority_SignHashAlgorithm_name = map[int32]string{
		0: "SIGN_HASH_ALGORITHM_UNSPECIFIED",
		1: "RSA_PSS_2048_SHA256",
		2: "RSA_PSS_3072_SHA256",
		3: "RSA_PSS_4096_SHA256",
		6: "RSA_PKCS1_2048_SHA256",
		7: "RSA_PKCS1_3072_SHA256",
		8: "RSA_PKCS1_4096_SHA256",
		4: "EC_P256_SHA256",
		5: "EC_P384_SHA384",
	}
	CertificateAuthority_SignHashAlgorithm_value = map[string]int32{
		"SIGN_HASH_ALGORITHM_UNSPECIFIED": 0,
		"RSA_PSS_2048_SHA256":             1,
		"RSA_PSS_3072_SHA256":             2,
		"RSA_PSS_4096_SHA256":             3,
		"RSA_PKCS1_2048_SHA256":           6,
		"RSA_PKCS1_3072_SHA256":           7,
		"RSA_PKCS1_4096_SHA256":           8,
		"EC_P256_SHA256":                  4,
		"EC_P384_SHA384":                  5,
	}
)

Enum value maps for CertificateAuthority_SignHashAlgorithm.

CertificateRevocationList_State_name, CertificateRevocationList_State_value

var (
	CertificateRevocationList_State_name = map[int32]string{
		0: "STATE_UNSPECIFIED",
		1: "ACTIVE",
		2: "SUPERSEDED",
	}
	CertificateRevocationList_State_value = map[string]int32{
		"STATE_UNSPECIFIED": 0,
		"ACTIVE":            1,
		"SUPERSEDED":        2,
	}
)

Enum value maps for CertificateRevocationList_State.

PublicKey_KeyType_name, PublicKey_KeyType_value

var (
	PublicKey_KeyType_name = map[int32]string{
		0: "KEY_TYPE_UNSPECIFIED",
		1: "PEM_RSA_KEY",
		2: "PEM_EC_KEY",
	}
	PublicKey_KeyType_value = map[string]int32{
		"KEY_TYPE_UNSPECIFIED": 0,
		"PEM_RSA_KEY":          1,
		"PEM_EC_KEY":           2,
	}
)

Enum value maps for PublicKey_KeyType.

File_google_cloud_security_privateca_v1beta1_resources_proto

var File_google_cloud_security_privateca_v1beta1_resources_proto protoreflect.FileDescriptor

File_google_cloud_security_privateca_v1beta1_service_proto

var File_google_cloud_security_privateca_v1beta1_service_proto protoreflect.FileDescriptor

Functions

func RegisterCertificateAuthorityServiceServer

func RegisterCertificateAuthorityServiceServer(s *grpc.Server, srv CertificateAuthorityServiceServer)

ActivateCertificateAuthorityRequest

type ActivateCertificateAuthorityRequest struct {

	// Required. The resource name for this [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] in the
	// format `projects/*/locations/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Required. The signed CA certificate issued from
	// [FetchCertificateAuthorityCsrResponse.pem_csr][google.cloud.security.privateca.v1beta1.FetchCertificateAuthorityCsrResponse.pem_csr].
	PemCaCertificate string `protobuf:"bytes,2,opt,name=pem_ca_certificate,json=pemCaCertificate,proto3" json:"pem_ca_certificate,omitempty"`
	// Required. Must include information about the issuer of 'pem_ca_certificate', and any
	// further issuers until the self-signed CA.
	SubordinateConfig *SubordinateConfig `protobuf:"bytes,3,opt,name=subordinate_config,json=subordinateConfig,proto3" json:"subordinate_config,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.ActivateCertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.ActivateCertificateAuthority].

func (*ActivateCertificateAuthorityRequest) Descriptor

func (*ActivateCertificateAuthorityRequest) Descriptor() ([]byte, []int)

Deprecated: Use ActivateCertificateAuthorityRequest.ProtoReflect.Descriptor instead.

func (*ActivateCertificateAuthorityRequest) GetName

func (*ActivateCertificateAuthorityRequest) GetPemCaCertificate

func (x *ActivateCertificateAuthorityRequest) GetPemCaCertificate() string

func (*ActivateCertificateAuthorityRequest) GetRequestId

func (x *ActivateCertificateAuthorityRequest) GetRequestId() string

func (*ActivateCertificateAuthorityRequest) GetSubordinateConfig

func (x *ActivateCertificateAuthorityRequest) GetSubordinateConfig() *SubordinateConfig

func (*ActivateCertificateAuthorityRequest) ProtoMessage

func (*ActivateCertificateAuthorityRequest) ProtoMessage()

func (*ActivateCertificateAuthorityRequest) ProtoReflect

func (*ActivateCertificateAuthorityRequest) Reset

func (*ActivateCertificateAuthorityRequest) String

Certificate

type Certificate struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	CertificateConfig isCertificate_CertificateConfig `protobuf_oneof:"certificate_config"`

	Lifetime *durationpb.Duration `protobuf:"bytes,4,opt,name=lifetime,proto3" json:"lifetime,omitempty"`

	RevocationDetails *Certificate_RevocationDetails `protobuf:"bytes,5,opt,name=revocation_details,json=revocationDetails,proto3" json:"revocation_details,omitempty"`

	PemCertificate string `protobuf:"bytes,6,opt,name=pem_certificate,json=pemCertificate,proto3" json:"pem_certificate,omitempty"`

	CertificateDescription *CertificateDescription "" /* 127 byte string literal not displayed */

	PemCertificateChain []string `protobuf:"bytes,8,rep,name=pem_certificate_chain,json=pemCertificateChain,proto3" json:"pem_certificate_chain,omitempty"`

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,9,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	UpdateTime *timestamppb.Timestamp `protobuf:"bytes,10,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`

	Labels map[string]string "" /* 154 byte string literal not displayed */

}

A [Certificate][google.cloud.security.privateca.v1beta1.Certificate] corresponds to a signed X.509 certificate issued by a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].

func (*Certificate) Descriptor

func (*Certificate) Descriptor() ([]byte, []int)

Deprecated: Use Certificate.ProtoReflect.Descriptor instead.

func (*Certificate) GetCertificateConfig

func (m *Certificate) GetCertificateConfig() isCertificate_CertificateConfig

func (*Certificate) GetCertificateDescription

func (x *Certificate) GetCertificateDescription() *CertificateDescription

func (*Certificate) GetConfig

func (x *Certificate) GetConfig() *CertificateConfig

func (*Certificate) GetCreateTime

func (x *Certificate) GetCreateTime() *timestamppb.Timestamp

func (*Certificate) GetLabels

func (x *Certificate) GetLabels() map[string]string

func (*Certificate) GetLifetime

func (x *Certificate) GetLifetime() *durationpb.Duration

func (*Certificate) GetName

func (x *Certificate) GetName() string

func (*Certificate) GetPemCertificate

func (x *Certificate) GetPemCertificate() string

func (*Certificate) GetPemCertificateChain

func (x *Certificate) GetPemCertificateChain() []string

func (*Certificate) GetPemCsr

func (x *Certificate) GetPemCsr() string

func (*Certificate) GetRevocationDetails

func (x *Certificate) GetRevocationDetails() *Certificate_RevocationDetails

func (*Certificate) GetUpdateTime

func (x *Certificate) GetUpdateTime() *timestamppb.Timestamp

func (*Certificate) ProtoMessage

func (*Certificate) ProtoMessage()

func (*Certificate) ProtoReflect

func (x *Certificate) ProtoReflect() protoreflect.Message

func (*Certificate) Reset

func (x *Certificate) Reset()

func (*Certificate) String

func (x *Certificate) String() string

CertificateAuthority

type CertificateAuthority struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	Type CertificateAuthority_Type "" /* 133 byte string literal not displayed */

	Tier CertificateAuthority_Tier "" /* 133 byte string literal not displayed */

	Config *CertificateConfig `protobuf:"bytes,4,opt,name=config,proto3" json:"config,omitempty"`

	Lifetime *durationpb.Duration `protobuf:"bytes,5,opt,name=lifetime,proto3" json:"lifetime,omitempty"`

	KeySpec *CertificateAuthority_KeyVersionSpec `protobuf:"bytes,6,opt,name=key_spec,json=keySpec,proto3" json:"key_spec,omitempty"`

	CertificatePolicy *CertificateAuthority_CertificateAuthorityPolicy `protobuf:"bytes,7,opt,name=certificate_policy,json=certificatePolicy,proto3" json:"certificate_policy,omitempty"`

	IssuingOptions *CertificateAuthority_IssuingOptions `protobuf:"bytes,8,opt,name=issuing_options,json=issuingOptions,proto3" json:"issuing_options,omitempty"`

	SubordinateConfig *SubordinateConfig `protobuf:"bytes,19,opt,name=subordinate_config,json=subordinateConfig,proto3" json:"subordinate_config,omitempty"`

	State CertificateAuthority_State "" /* 137 byte string literal not displayed */

	PemCaCertificates []string `protobuf:"bytes,9,rep,name=pem_ca_certificates,json=pemCaCertificates,proto3" json:"pem_ca_certificates,omitempty"`

	CaCertificateDescriptions []*CertificateDescription "" /* 139 byte string literal not displayed */

	GcsBucket string `protobuf:"bytes,13,opt,name=gcs_bucket,json=gcsBucket,proto3" json:"gcs_bucket,omitempty"`

	AccessUrls *CertificateAuthority_AccessUrls `protobuf:"bytes,14,opt,name=access_urls,json=accessUrls,proto3" json:"access_urls,omitempty"`

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,15,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	UpdateTime *timestamppb.Timestamp `protobuf:"bytes,16,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`

	DeleteTime *timestamppb.Timestamp `protobuf:"bytes,17,opt,name=delete_time,json=deleteTime,proto3" json:"delete_time,omitempty"`

	Labels map[string]string "" /* 154 byte string literal not displayed */

}

A [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] represents an individual Certificate Authority. A [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] can be used to create [Certificates][google.cloud.security.privateca.v1beta1.Certificate].

func (*CertificateAuthority) Descriptor

func (*CertificateAuthority) Descriptor() ([]byte, []int)

Deprecated: Use CertificateAuthority.ProtoReflect.Descriptor instead.

func (*CertificateAuthority) GetAccessUrls

func (*CertificateAuthority) GetCaCertificateDescriptions

func (x *CertificateAuthority) GetCaCertificateDescriptions() []*CertificateDescription

func (*CertificateAuthority) GetCertificatePolicy

func (*CertificateAuthority) GetConfig

func (x *CertificateAuthority) GetConfig() *CertificateConfig

func (*CertificateAuthority) GetCreateTime

func (x *CertificateAuthority) GetCreateTime() *timestamppb.Timestamp

func (*CertificateAuthority) GetDeleteTime

func (x *CertificateAuthority) GetDeleteTime() *timestamppb.Timestamp

func (*CertificateAuthority) GetGcsBucket

func (x *CertificateAuthority) GetGcsBucket() string

func (*CertificateAuthority) GetIssuingOptions

func (*CertificateAuthority) GetKeySpec

func (*CertificateAuthority) GetLabels

func (x *CertificateAuthority) GetLabels() map[string]string

func (*CertificateAuthority) GetLifetime

func (x *CertificateAuthority) GetLifetime() *durationpb.Duration

func (*CertificateAuthority) GetName

func (x *CertificateAuthority) GetName() string

func (*CertificateAuthority) GetPemCaCertificates

func (x *CertificateAuthority) GetPemCaCertificates() []string

func (*CertificateAuthority) GetState

func (*CertificateAuthority) GetSubordinateConfig

func (x *CertificateAuthority) GetSubordinateConfig() *SubordinateConfig

func (*CertificateAuthority) GetTier

func (*CertificateAuthority) GetType

func (*CertificateAuthority) GetUpdateTime

func (x *CertificateAuthority) GetUpdateTime() *timestamppb.Timestamp

func (*CertificateAuthority) ProtoMessage

func (*CertificateAuthority) ProtoMessage()

func (*CertificateAuthority) ProtoReflect

func (x *CertificateAuthority) ProtoReflect() protoreflect.Message

func (*CertificateAuthority) Reset

func (x *CertificateAuthority) Reset()

func (*CertificateAuthority) String

func (x *CertificateAuthority) String() string

CertificateAuthorityServiceClient

type CertificateAuthorityServiceClient interface {
	// Create a new [Certificate][google.cloud.security.privateca.v1beta1.Certificate] in a given Project, Location from a particular
	// [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	CreateCertificate(ctx context.Context, in *CreateCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Returns a [Certificate][google.cloud.security.privateca.v1beta1.Certificate].
	GetCertificate(ctx context.Context, in *GetCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Lists [Certificates][google.cloud.security.privateca.v1beta1.Certificate].
	ListCertificates(ctx context.Context, in *ListCertificatesRequest, opts ...grpc.CallOption) (*ListCertificatesResponse, error)
	// Revoke a [Certificate][google.cloud.security.privateca.v1beta1.Certificate].
	RevokeCertificate(ctx context.Context, in *RevokeCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Update a [Certificate][google.cloud.security.privateca.v1beta1.Certificate]. Currently, the only field you can update is the
	// [labels][google.cloud.security.privateca.v1beta1.Certificate.labels] field.
	UpdateCertificate(ctx context.Context, in *UpdateCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Activate a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] that is in state
	// [PENDING_ACTIVATION][google.cloud.security.privateca.v1beta1.CertificateAuthority.State.PENDING_ACTIVATION] and is
	// of type [SUBORDINATE][google.cloud.security.privateca.v1beta1.CertificateAuthority.Type.SUBORDINATE]. After the
	// parent Certificate Authority signs a certificate signing request from
	// [FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.FetchCertificateAuthorityCsr], this method can complete the activation
	// process.
	ActivateCertificateAuthority(ctx context.Context, in *ActivateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Create a new [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] in a given Project and Location.
	CreateCertificateAuthority(ctx context.Context, in *CreateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Disable a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	DisableCertificateAuthority(ctx context.Context, in *DisableCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Enable a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	EnableCertificateAuthority(ctx context.Context, in *EnableCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Fetch a certificate signing request (CSR) from a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
	// that is in state
	// [PENDING_ACTIVATION][google.cloud.security.privateca.v1beta1.CertificateAuthority.State.PENDING_ACTIVATION] and is
	// of type [SUBORDINATE][google.cloud.security.privateca.v1beta1.CertificateAuthority.Type.SUBORDINATE]. The CSR must
	// then be signed by the desired parent Certificate Authority, which could be
	// another [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] resource, or could be an on-prem
	// certificate authority. See also [ActivateCertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.ActivateCertificateAuthority].
	FetchCertificateAuthorityCsr(ctx context.Context, in *FetchCertificateAuthorityCsrRequest, opts ...grpc.CallOption) (*FetchCertificateAuthorityCsrResponse, error)
	// Returns a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	GetCertificateAuthority(ctx context.Context, in *GetCertificateAuthorityRequest, opts ...grpc.CallOption) (*CertificateAuthority, error)
	// Lists [CertificateAuthorities][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	ListCertificateAuthorities(ctx context.Context, in *ListCertificateAuthoritiesRequest, opts ...grpc.CallOption) (*ListCertificateAuthoritiesResponse, error)
	// Restore a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] that is scheduled for deletion.
	RestoreCertificateAuthority(ctx context.Context, in *RestoreCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Schedule a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] for deletion.
	ScheduleDeleteCertificateAuthority(ctx context.Context, in *ScheduleDeleteCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Update a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	UpdateCertificateAuthority(ctx context.Context, in *UpdateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Returns a [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
	GetCertificateRevocationList(ctx context.Context, in *GetCertificateRevocationListRequest, opts ...grpc.CallOption) (*CertificateRevocationList, error)
	// Lists [CertificateRevocationLists][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
	ListCertificateRevocationLists(ctx context.Context, in *ListCertificateRevocationListsRequest, opts ...grpc.CallOption) (*ListCertificateRevocationListsResponse, error)
	// Update a [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
	UpdateCertificateRevocationList(ctx context.Context, in *UpdateCertificateRevocationListRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Returns a [ReusableConfig][google.cloud.security.privateca.v1beta1.ReusableConfig].
	GetReusableConfig(ctx context.Context, in *GetReusableConfigRequest, opts ...grpc.CallOption) (*ReusableConfig, error)
	// Lists [ReusableConfigs][google.cloud.security.privateca.v1beta1.ReusableConfig].
	ListReusableConfigs(ctx context.Context, in *ListReusableConfigsRequest, opts ...grpc.CallOption) (*ListReusableConfigsResponse, error)
}

CertificateAuthorityServiceClient is the client API for CertificateAuthorityService service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

func NewCertificateAuthorityServiceClient

func NewCertificateAuthorityServiceClient(cc grpc.ClientConnInterface) CertificateAuthorityServiceClient

CertificateAuthorityServiceServer

type CertificateAuthorityServiceServer interface {
	// Create a new [Certificate][google.cloud.security.privateca.v1beta1.Certificate] in a given Project, Location from a particular
	// [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	CreateCertificate(context.Context, *CreateCertificateRequest) (*Certificate, error)
	// Returns a [Certificate][google.cloud.security.privateca.v1beta1.Certificate].
	GetCertificate(context.Context, *GetCertificateRequest) (*Certificate, error)
	// Lists [Certificates][google.cloud.security.privateca.v1beta1.Certificate].
	ListCertificates(context.Context, *ListCertificatesRequest) (*ListCertificatesResponse, error)
	// Revoke a [Certificate][google.cloud.security.privateca.v1beta1.Certificate].
	RevokeCertificate(context.Context, *RevokeCertificateRequest) (*Certificate, error)
	// Update a [Certificate][google.cloud.security.privateca.v1beta1.Certificate]. Currently, the only field you can update is the
	// [labels][google.cloud.security.privateca.v1beta1.Certificate.labels] field.
	UpdateCertificate(context.Context, *UpdateCertificateRequest) (*Certificate, error)
	// Activate a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] that is in state
	// [PENDING_ACTIVATION][google.cloud.security.privateca.v1beta1.CertificateAuthority.State.PENDING_ACTIVATION] and is
	// of type [SUBORDINATE][google.cloud.security.privateca.v1beta1.CertificateAuthority.Type.SUBORDINATE]. After the
	// parent Certificate Authority signs a certificate signing request from
	// [FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.FetchCertificateAuthorityCsr], this method can complete the activation
	// process.
	ActivateCertificateAuthority(context.Context, *ActivateCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Create a new [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] in a given Project and Location.
	CreateCertificateAuthority(context.Context, *CreateCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Disable a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	DisableCertificateAuthority(context.Context, *DisableCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Enable a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	EnableCertificateAuthority(context.Context, *EnableCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Fetch a certificate signing request (CSR) from a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
	// that is in state
	// [PENDING_ACTIVATION][google.cloud.security.privateca.v1beta1.CertificateAuthority.State.PENDING_ACTIVATION] and is
	// of type [SUBORDINATE][google.cloud.security.privateca.v1beta1.CertificateAuthority.Type.SUBORDINATE]. The CSR must
	// then be signed by the desired parent Certificate Authority, which could be
	// another [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] resource, or could be an on-prem
	// certificate authority. See also [ActivateCertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.ActivateCertificateAuthority].
	FetchCertificateAuthorityCsr(context.Context, *FetchCertificateAuthorityCsrRequest) (*FetchCertificateAuthorityCsrResponse, error)
	// Returns a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	GetCertificateAuthority(context.Context, *GetCertificateAuthorityRequest) (*CertificateAuthority, error)
	// Lists [CertificateAuthorities][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	ListCertificateAuthorities(context.Context, *ListCertificateAuthoritiesRequest) (*ListCertificateAuthoritiesResponse, error)
	// Restore a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] that is scheduled for deletion.
	RestoreCertificateAuthority(context.Context, *RestoreCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Schedule a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] for deletion.
	ScheduleDeleteCertificateAuthority(context.Context, *ScheduleDeleteCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Update a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	UpdateCertificateAuthority(context.Context, *UpdateCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Returns a [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
	GetCertificateRevocationList(context.Context, *GetCertificateRevocationListRequest) (*CertificateRevocationList, error)
	// Lists [CertificateRevocationLists][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
	ListCertificateRevocationLists(context.Context, *ListCertificateRevocationListsRequest) (*ListCertificateRevocationListsResponse, error)
	// Update a [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
	UpdateCertificateRevocationList(context.Context, *UpdateCertificateRevocationListRequest) (*longrunning.Operation, error)
	// Returns a [ReusableConfig][google.cloud.security.privateca.v1beta1.ReusableConfig].
	GetReusableConfig(context.Context, *GetReusableConfigRequest) (*ReusableConfig, error)
	// Lists [ReusableConfigs][google.cloud.security.privateca.v1beta1.ReusableConfig].
	ListReusableConfigs(context.Context, *ListReusableConfigsRequest) (*ListReusableConfigsResponse, error)
}

CertificateAuthorityServiceServer is the server API for CertificateAuthorityService service.

CertificateAuthority_AccessUrls

type CertificateAuthority_AccessUrls struct {
	CaCertificateAccessUrl string "" /* 131 byte string literal not displayed */

	CrlAccessUrl string `protobuf:"bytes,2,opt,name=crl_access_url,json=crlAccessUrl,proto3" json:"crl_access_url,omitempty"`

}

URLs where a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] will publish content.

func (*CertificateAuthority_AccessUrls) Descriptor

func (*CertificateAuthority_AccessUrls) Descriptor() ([]byte, []int)

Deprecated: Use CertificateAuthority_AccessUrls.ProtoReflect.Descriptor instead.

func (*CertificateAuthority_AccessUrls) GetCaCertificateAccessUrl

func (x *CertificateAuthority_AccessUrls) GetCaCertificateAccessUrl() string

func (*CertificateAuthority_AccessUrls) GetCrlAccessUrl

func (x *CertificateAuthority_AccessUrls) GetCrlAccessUrl() string

func (*CertificateAuthority_AccessUrls) ProtoMessage

func (*CertificateAuthority_AccessUrls) ProtoMessage()

func (*CertificateAuthority_AccessUrls) ProtoReflect

func (*CertificateAuthority_AccessUrls) Reset

func (*CertificateAuthority_AccessUrls) String

CertificateAuthority_CertificateAuthorityPolicy

type CertificateAuthority_CertificateAuthorityPolicy struct {
	ConfigPolicy isCertificateAuthority_CertificateAuthorityPolicy_ConfigPolicy `protobuf_oneof:"config_policy"`

	AllowedLocationsAndOrganizations []*Subject "" /* 161 byte string literal not displayed */

	AllowedCommonNames []string `protobuf:"bytes,4,rep,name=allowed_common_names,json=allowedCommonNames,proto3" json:"allowed_common_names,omitempty"`

	AllowedSans *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames `protobuf:"bytes,5,opt,name=allowed_sans,json=allowedSans,proto3" json:"allowed_sans,omitempty"`

	MaximumLifetime *durationpb.Duration `protobuf:"bytes,6,opt,name=maximum_lifetime,json=maximumLifetime,proto3" json:"maximum_lifetime,omitempty"`

	AllowedIssuanceModes *CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes `protobuf:"bytes,8,opt,name=allowed_issuance_modes,json=allowedIssuanceModes,proto3" json:"allowed_issuance_modes,omitempty"`

}

The issuing policy for a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]. [Certificates][google.cloud.security.privateca.v1beta1.Certificate] will not be successfully issued from this [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] if they violate the policy.

func (*CertificateAuthority_CertificateAuthorityPolicy) Descriptor

Deprecated: Use CertificateAuthority_CertificateAuthorityPolicy.ProtoReflect.Descriptor instead.

func (*CertificateAuthority_CertificateAuthorityPolicy) GetAllowedCommonNames

func (x *CertificateAuthority_CertificateAuthorityPolicy) GetAllowedCommonNames() []string

func (*CertificateAuthority_CertificateAuthorityPolicy) GetAllowedConfigList

func (*CertificateAuthority_CertificateAuthorityPolicy) GetAllowedIssuanceModes

func (*CertificateAuthority_CertificateAuthorityPolicy) GetAllowedLocationsAndOrganizations

func (x *CertificateAuthority_CertificateAuthorityPolicy) GetAllowedLocationsAndOrganizations() []*Subject

func (*CertificateAuthority_CertificateAuthorityPolicy) GetAllowedSans

func (*CertificateAuthority_CertificateAuthorityPolicy) GetConfigPolicy

func (m *CertificateAuthority_CertificateAuthorityPolicy) GetConfigPolicy() isCertificateAuthority_CertificateAuthorityPolicy_ConfigPolicy

func (*CertificateAuthority_CertificateAuthorityPolicy) GetMaximumLifetime

func (*CertificateAuthority_CertificateAuthorityPolicy) GetOverwriteConfigValues

func (*CertificateAuthority_CertificateAuthorityPolicy) ProtoMessage

func (*CertificateAuthority_CertificateAuthorityPolicy) ProtoReflect

func (*CertificateAuthority_CertificateAuthorityPolicy) Reset

func (*CertificateAuthority_CertificateAuthorityPolicy) String

CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList

type CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList struct {

	// Required. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
	// must match at least one listed [ReusableConfigWrapper][google.cloud.security.privateca.v1beta1.ReusableConfigWrapper]. If a
	// [ReusableConfigWrapper][google.cloud.security.privateca.v1beta1.ReusableConfigWrapper] has an empty field, any value will be
	// allowed for that field.
	AllowedConfigValues []*ReusableConfigWrapper `protobuf:"bytes,1,rep,name=allowed_config_values,json=allowedConfigValues,proto3" json:"allowed_config_values,omitempty"`
	// contains filtered or unexported fields
}

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) Descriptor

Deprecated: Use CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList.ProtoReflect.Descriptor instead.

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) GetAllowedConfigValues

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) ProtoMessage

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) ProtoReflect

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) Reset

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) String

CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList_

type CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList_ struct {
	// Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
	// must match at least one listed [ReusableConfigWrapper][google.cloud.security.privateca.v1beta1.ReusableConfigWrapper] in the list.
	AllowedConfigList *CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList `protobuf:"bytes,1,opt,name=allowed_config_list,json=allowedConfigList,proto3,oneof"`
}

CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames

type CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames struct {
	AllowedDnsNames []string `protobuf:"bytes,1,rep,name=allowed_dns_names,json=allowedDnsNames,proto3" json:"allowed_dns_names,omitempty"`

	AllowedUris []string `protobuf:"bytes,2,rep,name=allowed_uris,json=allowedUris,proto3" json:"allowed_uris,omitempty"`

	AllowedEmailAddresses []string `protobuf:"bytes,3,rep,name=allowed_email_addresses,json=allowedEmailAddresses,proto3" json:"allowed_email_addresses,omitempty"`

	AllowedIps []string `protobuf:"bytes,4,rep,name=allowed_ips,json=allowedIps,proto3" json:"allowed_ips,omitempty"`

	AllowGlobbingDnsWildcards bool "" /* 141 byte string literal not displayed */

	AllowCustomSans bool `protobuf:"varint,6,opt,name=allow_custom_sans,json=allowCustomSans,proto3" json:"allow_custom_sans,omitempty"`

}

[AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames] specifies the allowed values for [SubjectAltNames][google.cloud.security.privateca.v1beta1.SubjectAltNames] by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] when issuing [Certificates][google.cloud.security.privateca.v1beta1.Certificate].

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) Descriptor

Deprecated: Use CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames.ProtoReflect.Descriptor instead.

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowCustomSans

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowGlobbingDnsWildcards

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedDnsNames

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedEmailAddresses

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedIps

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedUris

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) ProtoMessage

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) ProtoReflect

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) Reset

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) String

CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes

type CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes struct {
	AllowCsrBasedIssuance bool "" /* 129 byte string literal not displayed */

	AllowConfigBasedIssuance bool "" /* 138 byte string literal not displayed */

}

[IssuanceModes][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.IssuanceModes] specifies the allowed ways in which [Certificates][google.cloud.security.privateca.v1beta1.Certificate] may be requested from this [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].

func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) Descriptor

Deprecated: Use CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes.ProtoReflect.Descriptor instead.

func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) GetAllowConfigBasedIssuance

func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) GetAllowCsrBasedIssuance

func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) ProtoMessage

func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) ProtoReflect

func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) Reset

func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) String

CertificateAuthority_CertificateAuthorityPolicy_OverwriteConfigValues

type CertificateAuthority_CertificateAuthorityPolicy_OverwriteConfigValues struct {
	// Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
	// will use the provided configuration values, overwriting any requested
	// configuration values.
	OverwriteConfigValues *ReusableConfigWrapper `protobuf:"bytes,2,opt,name=overwrite_config_values,json=overwriteConfigValues,proto3,oneof"`
}

CertificateAuthority_IssuingOptions

type CertificateAuthority_IssuingOptions struct {

	// Required. When true, includes a URL to the issuing CA certificate in the
	// "authority information access" X.509 extension.
	IncludeCaCertUrl bool `protobuf:"varint,1,opt,name=include_ca_cert_url,json=includeCaCertUrl,proto3" json:"include_ca_cert_url,omitempty"`
	// Required. When true, includes a URL to the CRL corresponding to certificates
	// issued from a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	// CRLs will expire 7 days from their creation. However, we will rebuild
	// daily. CRLs are also rebuilt shortly after a certificate is revoked.
	IncludeCrlAccessUrl bool `protobuf:"varint,2,opt,name=include_crl_access_url,json=includeCrlAccessUrl,proto3" json:"include_crl_access_url,omitempty"`
	// contains filtered or unexported fields
}

Options that affect all certificates issued by a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].

func (*CertificateAuthority_IssuingOptions) Descriptor

func (*CertificateAuthority_IssuingOptions) Descriptor() ([]byte, []int)

Deprecated: Use CertificateAuthority_IssuingOptions.ProtoReflect.Descriptor instead.

func (*CertificateAuthority_IssuingOptions) GetIncludeCaCertUrl

func (x *CertificateAuthority_IssuingOptions) GetIncludeCaCertUrl() bool

func (*CertificateAuthority_IssuingOptions) GetIncludeCrlAccessUrl

func (x *CertificateAuthority_IssuingOptions) GetIncludeCrlAccessUrl() bool

func (*CertificateAuthority_IssuingOptions) ProtoMessage

func (*CertificateAuthority_IssuingOptions) ProtoMessage()

func (*CertificateAuthority_IssuingOptions) ProtoReflect

func (*CertificateAuthority_IssuingOptions) Reset

func (*CertificateAuthority_IssuingOptions) String

CertificateAuthority_KeyVersionSpec

type CertificateAuthority_KeyVersionSpec struct {

	// Types that are assignable to KeyVersion:
	//
	//	*CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion
	//	*CertificateAuthority_KeyVersionSpec_Algorithm
	KeyVersion isCertificateAuthority_KeyVersionSpec_KeyVersion `protobuf_oneof:"KeyVersion"`
	// contains filtered or unexported fields
}

A Cloud KMS key configuration that a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] will use.

func (*CertificateAuthority_KeyVersionSpec) Descriptor

func (*CertificateAuthority_KeyVersionSpec) Descriptor() ([]byte, []int)

Deprecated: Use CertificateAuthority_KeyVersionSpec.ProtoReflect.Descriptor instead.

func (*CertificateAuthority_KeyVersionSpec) GetAlgorithm

func (*CertificateAuthority_KeyVersionSpec) GetCloudKmsKeyVersion

func (x *CertificateAuthority_KeyVersionSpec) GetCloudKmsKeyVersion() string

func (*CertificateAuthority_KeyVersionSpec) GetKeyVersion

func (m *CertificateAuthority_KeyVersionSpec) GetKeyVersion() isCertificateAuthority_KeyVersionSpec_KeyVersion

func (*CertificateAuthority_KeyVersionSpec) ProtoMessage

func (*CertificateAuthority_KeyVersionSpec) ProtoMessage()

func (*CertificateAuthority_KeyVersionSpec) ProtoReflect

func (*CertificateAuthority_KeyVersionSpec) Reset

func (*CertificateAuthority_KeyVersionSpec) String

CertificateAuthority_KeyVersionSpec_Algorithm

type CertificateAuthority_KeyVersionSpec_Algorithm struct {
	Algorithm CertificateAuthority_SignHashAlgorithm "" /* 135 byte string literal not displayed */
}

CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion

type CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion struct {
	// Required. The resource name for an existing Cloud KMS CryptoKeyVersion in the
	// format
	// `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
	// This option enables full flexibility in the key's capabilities and
	// properties.
	CloudKmsKeyVersion string `protobuf:"bytes,1,opt,name=cloud_kms_key_version,json=cloudKmsKeyVersion,proto3,oneof"`
}

CertificateAuthority_SignHashAlgorithm

type CertificateAuthority_SignHashAlgorithm int32

The algorithm of a Cloud KMS CryptoKeyVersion of a [CryptoKey][google.cloud.kms.v1.CryptoKey] with the [CryptoKeyPurpose][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose] value ASYMMETRIC_SIGN. These values correspond to the [CryptoKeyVersionAlgorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] values. For RSA signing algorithms, the PSS algorithms should be preferred, use PKCS1 algorithms if required for compatibility. For further recommandations, see https://cloud.google.com/kms/docs/algorithms#algorithm_recommendations.

CertificateAuthority_SIGN_HASH_ALGORITHM_UNSPECIFIED, CertificateAuthority_RSA_PSS_2048_SHA256, CertificateAuthority_RSA_PSS_3072_SHA256, CertificateAuthority_RSA_PSS_4096_SHA256, CertificateAuthority_RSA_PKCS1_2048_SHA256, CertificateAuthority_RSA_PKCS1_3072_SHA256, CertificateAuthority_RSA_PKCS1_4096_SHA256, CertificateAuthority_EC_P256_SHA256, CertificateAuthority_EC_P384_SHA384

const (
	// Not specified.
	CertificateAuthority_SIGN_HASH_ALGORITHM_UNSPECIFIED CertificateAuthority_SignHashAlgorithm = 0
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256
	CertificateAuthority_RSA_PSS_2048_SHA256 CertificateAuthority_SignHashAlgorithm = 1
	// maps to CryptoKeyVersionAlgorithm. RSA_SIGN_PSS_3072_SHA256
	CertificateAuthority_RSA_PSS_3072_SHA256 CertificateAuthority_SignHashAlgorithm = 2
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_4096_SHA256
	CertificateAuthority_RSA_PSS_4096_SHA256 CertificateAuthority_SignHashAlgorithm = 3
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256
	CertificateAuthority_RSA_PKCS1_2048_SHA256 CertificateAuthority_SignHashAlgorithm = 6
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_3072_SHA256
	CertificateAuthority_RSA_PKCS1_3072_SHA256 CertificateAuthority_SignHashAlgorithm = 7
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_4096_SHA256
	CertificateAuthority_RSA_PKCS1_4096_SHA256 CertificateAuthority_SignHashAlgorithm = 8
	// maps to CryptoKeyVersionAlgorithm.EC_SIGN_P256_SHA256
	CertificateAuthority_EC_P256_SHA256 CertificateAuthority_SignHashAlgorithm = 4
	// maps to CryptoKeyVersionAlgorithm.EC_SIGN_P384_SHA384
	CertificateAuthority_EC_P384_SHA384 CertificateAuthority_SignHashAlgorithm = 5
)

func (CertificateAuthority_SignHashAlgorithm) Descriptor

func (CertificateAuthority_SignHashAlgorithm) Enum

func (CertificateAuthority_SignHashAlgorithm) EnumDescriptor

func (CertificateAuthority_SignHashAlgorithm) EnumDescriptor() ([]byte, []int)

Deprecated: Use CertificateAuthority_SignHashAlgorithm.Descriptor instead.

func (CertificateAuthority_SignHashAlgorithm) Number

func (CertificateAuthority_SignHashAlgorithm) String

func (CertificateAuthority_SignHashAlgorithm) Type

CertificateAuthority_State

type CertificateAuthority_State int32

The state of a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority], indicating if it can be used.

CertificateAuthority_STATE_UNSPECIFIED, CertificateAuthority_ENABLED, CertificateAuthority_DISABLED, CertificateAuthority_PENDING_ACTIVATION, CertificateAuthority_PENDING_DELETION

const (
	// Not specified.
	CertificateAuthority_STATE_UNSPECIFIED CertificateAuthority_State = 0
	// Certificates can be issued from this CA. CRLs will be generated for this
	// CA.
	CertificateAuthority_ENABLED CertificateAuthority_State = 1
	// Certificates cannot be issued from this CA. CRLs will still be generated.
	CertificateAuthority_DISABLED CertificateAuthority_State = 2
	// Certificates cannot be issued from this CA. CRLs will not be generated.
	CertificateAuthority_PENDING_ACTIVATION CertificateAuthority_State = 3
	// Certificates cannot be issued from this CA. CRLs will not be generated.
	CertificateAuthority_PENDING_DELETION CertificateAuthority_State = 4
)

func (CertificateAuthority_State) Descriptor

func (CertificateAuthority_State) Enum

func (CertificateAuthority_State) EnumDescriptor

func (CertificateAuthority_State) EnumDescriptor() ([]byte, []int)

Deprecated: Use CertificateAuthority_State.Descriptor instead.

func (CertificateAuthority_State) Number

func (CertificateAuthority_State) String

func (CertificateAuthority_State) Type

CertificateAuthority_Tier

type CertificateAuthority_Tier int32

The tier of a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority], indicating its supported functionality and/or billing SKU.

CertificateAuthority_TIER_UNSPECIFIED, CertificateAuthority_ENTERPRISE, CertificateAuthority_DEVOPS

const (
	// Not specified.
	CertificateAuthority_TIER_UNSPECIFIED CertificateAuthority_Tier = 0
	// Enterprise tier.
	CertificateAuthority_ENTERPRISE CertificateAuthority_Tier = 1
	// DevOps tier.
	CertificateAuthority_DEVOPS CertificateAuthority_Tier = 2
)

func (CertificateAuthority_Tier) Descriptor

func (CertificateAuthority_Tier) Enum

func (CertificateAuthority_Tier) EnumDescriptor

func (CertificateAuthority_Tier) EnumDescriptor() ([]byte, []int)

Deprecated: Use CertificateAuthority_Tier.Descriptor instead.

func (CertificateAuthority_Tier) Number

func (CertificateAuthority_Tier) String

func (x CertificateAuthority_Tier) String() string

func (CertificateAuthority_Tier) Type

CertificateAuthority_Type

type CertificateAuthority_Type int32

The type of a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority], indicating its issuing chain.

CertificateAuthority_TYPE_UNSPECIFIED, CertificateAuthority_SELF_SIGNED, CertificateAuthority_SUBORDINATE

const (
	// Not specified.
	CertificateAuthority_TYPE_UNSPECIFIED CertificateAuthority_Type = 0
	// Self-signed CA.
	CertificateAuthority_SELF_SIGNED CertificateAuthority_Type = 1
	// Subordinate CA. Could be issued by a Private CA [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
	// or an unmanaged CA.
	CertificateAuthority_SUBORDINATE CertificateAuthority_Type = 2
)

func (CertificateAuthority_Type) Descriptor

func (CertificateAuthority_Type) Enum

func (CertificateAuthority_Type) EnumDescriptor

func (CertificateAuthority_Type) EnumDescriptor() ([]byte, []int)

Deprecated: Use CertificateAuthority_Type.Descriptor instead.

func (CertificateAuthority_Type) Number

func (CertificateAuthority_Type) String

func (x CertificateAuthority_Type) String() string

func (CertificateAuthority_Type) Type

CertificateConfig

type CertificateConfig struct {

	// Required. Specifies some of the values in a certificate that are related to the
	// subject.
	SubjectConfig *CertificateConfig_SubjectConfig `protobuf:"bytes,1,opt,name=subject_config,json=subjectConfig,proto3" json:"subject_config,omitempty"`
	// Required. Describes how some of the technical fields in a certificate should be
	// populated.
	ReusableConfig *ReusableConfigWrapper `protobuf:"bytes,2,opt,name=reusable_config,json=reusableConfig,proto3" json:"reusable_config,omitempty"`
	// Optional. The public key that corresponds to this config. This is, for example, used
	// when issuing [Certificates][google.cloud.security.privateca.v1beta1.Certificate], but not when creating a
	// self-signed [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] or [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] CSR.
	PublicKey *PublicKey `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
	// contains filtered or unexported fields
}

A [CertificateConfig][google.cloud.security.privateca.v1beta1.CertificateConfig] describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.

func (*CertificateConfig) Descriptor

func (*CertificateConfig) Descriptor() ([]byte, []int)

Deprecated: Use CertificateConfig.ProtoReflect.Descriptor instead.

func (*CertificateConfig) GetPublicKey

func (x *CertificateConfig) GetPublicKey() *PublicKey

func (*CertificateConfig) GetReusableConfig

func (x *CertificateConfig) GetReusableConfig() *ReusableConfigWrapper

func (*CertificateConfig) GetSubjectConfig

func (x *CertificateConfig) GetSubjectConfig() *CertificateConfig_SubjectConfig

func (*CertificateConfig) ProtoMessage

func (*CertificateConfig) ProtoMessage()

func (*CertificateConfig) ProtoReflect

func (x *CertificateConfig) ProtoReflect() protoreflect.Message

func (*CertificateConfig) Reset

func (x *CertificateConfig) Reset()

func (*CertificateConfig) String

func (x *CertificateConfig) String() string

CertificateConfig_SubjectConfig

type CertificateConfig_SubjectConfig struct {

	// Required. Contains distinguished name fields such as the location and organization.
	Subject *Subject `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
	// Optional. The "common name" of the distinguished name.
	CommonName string `protobuf:"bytes,2,opt,name=common_name,json=commonName,proto3" json:"common_name,omitempty"`
	// Optional. The subject alternative name fields.
	SubjectAltName *SubjectAltNames `protobuf:"bytes,3,opt,name=subject_alt_name,json=subjectAltName,proto3" json:"subject_alt_name,omitempty"`
	// contains filtered or unexported fields
}

These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.

func (*CertificateConfig_SubjectConfig) Descriptor

func (*CertificateConfig_SubjectConfig) Descriptor() ([]byte, []int)

Deprecated: Use CertificateConfig_SubjectConfig.ProtoReflect.Descriptor instead.

func (*CertificateConfig_SubjectConfig) GetCommonName

func (x *CertificateConfig_SubjectConfig) GetCommonName() string

func (*CertificateConfig_SubjectConfig) GetSubject

func (x *CertificateConfig_SubjectConfig) GetSubject() *Subject

func (*CertificateConfig_SubjectConfig) GetSubjectAltName

func (x *CertificateConfig_SubjectConfig) GetSubjectAltName() *SubjectAltNames

func (*CertificateConfig_SubjectConfig) ProtoMessage

func (*CertificateConfig_SubjectConfig) ProtoMessage()

func (*CertificateConfig_SubjectConfig) ProtoReflect

func (*CertificateConfig_SubjectConfig) Reset

func (*CertificateConfig_SubjectConfig) String

CertificateDescription

type CertificateDescription struct {
	SubjectDescription *CertificateDescription_SubjectDescription `protobuf:"bytes,1,opt,name=subject_description,json=subjectDescription,proto3" json:"subject_description,omitempty"`

	ConfigValues *ReusableConfigValues `protobuf:"bytes,2,opt,name=config_values,json=configValues,proto3" json:"config_values,omitempty"`

	PublicKey *PublicKey `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`

	SubjectKeyId *CertificateDescription_KeyId `protobuf:"bytes,4,opt,name=subject_key_id,json=subjectKeyId,proto3" json:"subject_key_id,omitempty"`

	AuthorityKeyId *CertificateDescription_KeyId `protobuf:"bytes,5,opt,name=authority_key_id,json=authorityKeyId,proto3" json:"authority_key_id,omitempty"`

	CrlDistributionPoints []string `protobuf:"bytes,6,rep,name=crl_distribution_points,json=crlDistributionPoints,proto3" json:"crl_distribution_points,omitempty"`

	AiaIssuingCertificateUrls []string "" /* 140 byte string literal not displayed */

	CertFingerprint *CertificateDescription_CertificateFingerprint `protobuf:"bytes,8,opt,name=cert_fingerprint,json=certFingerprint,proto3" json:"cert_fingerprint,omitempty"`

}

A [CertificateDescription][google.cloud.security.privateca.v1beta1.CertificateDescription] describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.

func (*CertificateDescription) Descriptor

func (*CertificateDescription) Descriptor() ([]byte, []int)

Deprecated: Use CertificateDescription.ProtoReflect.Descriptor instead.

func (*CertificateDescription) GetAiaIssuingCertificateUrls

func (x *CertificateDescription) GetAiaIssuingCertificateUrls() []string

func (*CertificateDescription) GetAuthorityKeyId

func (x *CertificateDescription) GetAuthorityKeyId() *CertificateDescription_KeyId

func (*CertificateDescription) GetCertFingerprint

func (*CertificateDescription) GetConfigValues

func (x *CertificateDescription) GetConfigValues() *ReusableConfigValues

func (*CertificateDescription) GetCrlDistributionPoints

func (x *CertificateDescription) GetCrlDistributionPoints() []string

func (*CertificateDescription) GetPublicKey

func (x *CertificateDescription) GetPublicKey() *PublicKey

func (*CertificateDescription) GetSubjectDescription

func (*CertificateDescription) GetSubjectKeyId

func (*CertificateDescription) ProtoMessage

func (*CertificateDescription) ProtoMessage()

func (*CertificateDescription) ProtoReflect

func (x *CertificateDescription) ProtoReflect() protoreflect.Message

func (*CertificateDescription) Reset

func (x *CertificateDescription) Reset()

func (*CertificateDescription) String

func (x *CertificateDescription) String() string

CertificateDescription_CertificateFingerprint

type CertificateDescription_CertificateFingerprint struct {

	// The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
	Sha256Hash string `protobuf:"bytes,1,opt,name=sha256_hash,json=sha256Hash,proto3" json:"sha256_hash,omitempty"`
	// contains filtered or unexported fields
}

A group of fingerprints for the x509 certificate.

func (*CertificateDescription_CertificateFingerprint) Descriptor

Deprecated: Use CertificateDescription_CertificateFingerprint.ProtoReflect.Descriptor instead.

func (*CertificateDescription_CertificateFingerprint) GetSha256Hash

func (*CertificateDescription_CertificateFingerprint) ProtoMessage

func (*CertificateDescription_CertificateFingerprint) ProtoReflect

func (*CertificateDescription_CertificateFingerprint) Reset

func (*CertificateDescription_CertificateFingerprint) String

CertificateDescription_KeyId

type CertificateDescription_KeyId struct {

	// Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most
	// likely the 160 bit SHA-1 hash of the public key.
	KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
	// contains filtered or unexported fields
}

A KeyId identifies a specific public key, usually by hashing the public key.

func (*CertificateDescription_KeyId) Descriptor

func (*CertificateDescription_KeyId) Descriptor() ([]byte, []int)

Deprecated: Use CertificateDescription_KeyId.ProtoReflect.Descriptor instead.

func (*CertificateDescription_KeyId) GetKeyId

func (x *CertificateDescription_KeyId) GetKeyId() string

func (*CertificateDescription_KeyId) ProtoMessage

func (*CertificateDescription_KeyId) ProtoMessage()

func (*CertificateDescription_KeyId) ProtoReflect

func (*CertificateDescription_KeyId) Reset

func (x *CertificateDescription_KeyId) Reset()

func (*CertificateDescription_KeyId) String

CertificateDescription_SubjectDescription

type CertificateDescription_SubjectDescription struct {

	// Contains distinguished name fields such as the location and organization.
	Subject *Subject `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
	// The "common name" of the distinguished name.
	CommonName string `protobuf:"bytes,2,opt,name=common_name,json=commonName,proto3" json:"common_name,omitempty"`
	// The subject alternative name fields.
	SubjectAltName *SubjectAltNames `protobuf:"bytes,3,opt,name=subject_alt_name,json=subjectAltName,proto3" json:"subject_alt_name,omitempty"`
	// The serial number encoded in lowercase hexadecimal.
	HexSerialNumber string `protobuf:"bytes,4,opt,name=hex_serial_number,json=hexSerialNumber,proto3" json:"hex_serial_number,omitempty"`
	// For convenience, the actual lifetime of an issued certificate.
	// Corresponds to 'not_after_time' - 'not_before_time'.
	Lifetime *durationpb.Duration `protobuf:"bytes,5,opt,name=lifetime,proto3" json:"lifetime,omitempty"`
	// The time at which the certificate becomes valid.
	NotBeforeTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=not_before_time,json=notBeforeTime,proto3" json:"not_before_time,omitempty"`
	// The time at which the certificate expires.
	NotAfterTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=not_after_time,json=notAfterTime,proto3" json:"not_after_time,omitempty"`
	// contains filtered or unexported fields
}

These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime.

func (*CertificateDescription_SubjectDescription) Descriptor

func (*CertificateDescription_SubjectDescription) Descriptor() ([]byte, []int)

Deprecated: Use CertificateDescription_SubjectDescription.ProtoReflect.Descriptor instead.

func (*CertificateDescription_SubjectDescription) GetCommonName

func (*CertificateDescription_SubjectDescription) GetHexSerialNumber

func (x *CertificateDescription_SubjectDescription) GetHexSerialNumber() string

func (*CertificateDescription_SubjectDescription) GetLifetime

func (*CertificateDescription_SubjectDescription) GetNotAfterTime

func (*CertificateDescription_SubjectDescription) GetNotBeforeTime

func (*CertificateDescription_SubjectDescription) GetSubject

func (*CertificateDescription_SubjectDescription) GetSubjectAltName

func (*CertificateDescription_SubjectDescription) ProtoMessage

func (*CertificateDescription_SubjectDescription) ProtoReflect

func (*CertificateDescription_SubjectDescription) Reset

func (*CertificateDescription_SubjectDescription) String

CertificateRevocationList

type CertificateRevocationList struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	SequenceNumber int64 `protobuf:"varint,2,opt,name=sequence_number,json=sequenceNumber,proto3" json:"sequence_number,omitempty"`

	RevokedCertificates []*CertificateRevocationList_RevokedCertificate `protobuf:"bytes,3,rep,name=revoked_certificates,json=revokedCertificates,proto3" json:"revoked_certificates,omitempty"`

	PemCrl string `protobuf:"bytes,4,opt,name=pem_crl,json=pemCrl,proto3" json:"pem_crl,omitempty"`

	AccessUrl string `protobuf:"bytes,5,opt,name=access_url,json=accessUrl,proto3" json:"access_url,omitempty"`

	State CertificateRevocationList_State "" /* 141 byte string literal not displayed */

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	UpdateTime *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`

	Labels map[string]string "" /* 153 byte string literal not displayed */

}

A [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList] corresponds to a signed X.509 certificate Revocation List (CRL). A CRL contains the serial numbers of certificates that should no longer be trusted.

func (*CertificateRevocationList) Descriptor

func (*CertificateRevocationList) Descriptor() ([]byte, []int)

Deprecated: Use CertificateRevocationList.ProtoReflect.Descriptor instead.

func (*CertificateRevocationList) GetAccessUrl

func (x *CertificateRevocationList) GetAccessUrl() string

func (*CertificateRevocationList) GetCreateTime

func (x *CertificateRevocationList) GetCreateTime() *timestamppb.Timestamp

func (*CertificateRevocationList) GetLabels

func (x *CertificateRevocationList) GetLabels() map[string]string

func (*CertificateRevocationList) GetName

func (x *CertificateRevocationList) GetName() string

func (*CertificateRevocationList) GetPemCrl

func (x *CertificateRevocationList) GetPemCrl() string

func (*CertificateRevocationList) GetRevokedCertificates

func (*CertificateRevocationList) GetSequenceNumber

func (x *CertificateRevocationList) GetSequenceNumber() int64

func (*CertificateRevocationList) GetState

func (*CertificateRevocationList) GetUpdateTime

func (x *CertificateRevocationList) GetUpdateTime() *timestamppb.Timestamp

func (*CertificateRevocationList) ProtoMessage

func (*CertificateRevocationList) ProtoMessage()

func (*CertificateRevocationList) ProtoReflect

func (*CertificateRevocationList) Reset

func (x *CertificateRevocationList) Reset()

func (*CertificateRevocationList) String

func (x *CertificateRevocationList) String() string

CertificateRevocationList_RevokedCertificate

type CertificateRevocationList_RevokedCertificate struct {
	Certificate string `protobuf:"bytes,1,opt,name=certificate,proto3" json:"certificate,omitempty"`

	HexSerialNumber string `protobuf:"bytes,2,opt,name=hex_serial_number,json=hexSerialNumber,proto3" json:"hex_serial_number,omitempty"`

	RevocationReason RevocationReason "" /* 172 byte string literal not displayed */

}

Describes a revoked [Certificate][google.cloud.security.privateca.v1beta1.Certificate].

func (*CertificateRevocationList_RevokedCertificate) Descriptor

Deprecated: Use CertificateRevocationList_RevokedCertificate.ProtoReflect.Descriptor instead.

func (*CertificateRevocationList_RevokedCertificate) GetCertificate

func (*CertificateRevocationList_RevokedCertificate) GetHexSerialNumber

func (x *CertificateRevocationList_RevokedCertificate) GetHexSerialNumber() string

func (*CertificateRevocationList_RevokedCertificate) GetRevocationReason

func (*CertificateRevocationList_RevokedCertificate) ProtoMessage

func (*CertificateRevocationList_RevokedCertificate) ProtoReflect

func (*CertificateRevocationList_RevokedCertificate) Reset

func (*CertificateRevocationList_RevokedCertificate) String

CertificateRevocationList_State

type CertificateRevocationList_State int32

The state of a [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList], indicating if it is current.

CertificateRevocationList_STATE_UNSPECIFIED, CertificateRevocationList_ACTIVE, CertificateRevocationList_SUPERSEDED

const (
	// Not specified.
	CertificateRevocationList_STATE_UNSPECIFIED CertificateRevocationList_State = 0
	// The [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList] is up to date.
	CertificateRevocationList_ACTIVE CertificateRevocationList_State = 1
	// The [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList] is no longer current.
	CertificateRevocationList_SUPERSEDED CertificateRevocationList_State = 2
)

func (CertificateRevocationList_State) Descriptor

func (CertificateRevocationList_State) Enum

func (CertificateRevocationList_State) EnumDescriptor

func (CertificateRevocationList_State) EnumDescriptor() ([]byte, []int)

Deprecated: Use CertificateRevocationList_State.Descriptor instead.

func (CertificateRevocationList_State) Number

func (CertificateRevocationList_State) String

func (CertificateRevocationList_State) Type

Certificate_Config

type Certificate_Config struct {
	// Immutable. A description of the certificate and key that does not require X.509 or
	// ASN.1.
	Config *CertificateConfig `protobuf:"bytes,3,opt,name=config,proto3,oneof"`
}

Certificate_PemCsr

type Certificate_PemCsr struct {
	// Immutable. A pem-encoded X.509 certificate signing request (CSR).
	PemCsr string `protobuf:"bytes,2,opt,name=pem_csr,json=pemCsr,proto3,oneof"`
}

Certificate_RevocationDetails

type Certificate_RevocationDetails struct {
	RevocationState RevocationReason "" /* 169 byte string literal not displayed */

	RevocationTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=revocation_time,json=revocationTime,proto3" json:"revocation_time,omitempty"`

}

Describes fields that are relavent to the revocation of a [Certificate][google.cloud.security.privateca.v1beta1.Certificate].

func (*Certificate_RevocationDetails) Descriptor

func (*Certificate_RevocationDetails) Descriptor() ([]byte, []int)

Deprecated: Use Certificate_RevocationDetails.ProtoReflect.Descriptor instead.

func (*Certificate_RevocationDetails) GetRevocationState

func (x *Certificate_RevocationDetails) GetRevocationState() RevocationReason

func (*Certificate_RevocationDetails) GetRevocationTime

func (x *Certificate_RevocationDetails) GetRevocationTime() *timestamppb.Timestamp

func (*Certificate_RevocationDetails) ProtoMessage

func (*Certificate_RevocationDetails) ProtoMessage()

func (*Certificate_RevocationDetails) ProtoReflect

func (*Certificate_RevocationDetails) Reset

func (x *Certificate_RevocationDetails) Reset()

func (*Certificate_RevocationDetails) String

CreateCertificateAuthorityRequest

type CreateCertificateAuthorityRequest struct {
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`

	CertificateAuthorityId string "" /* 129 byte string literal not displayed */

	CertificateAuthority *CertificateAuthority `protobuf:"bytes,3,opt,name=certificate_authority,json=certificateAuthority,proto3" json:"certificate_authority,omitempty"`

	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`

}

Request message for [CertificateAuthorityService.CreateCertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.CreateCertificateAuthority].

func (*CreateCertificateAuthorityRequest) Descriptor

func (*CreateCertificateAuthorityRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateCertificateAuthorityRequest.ProtoReflect.Descriptor instead.

func (*CreateCertificateAuthorityRequest) GetCertificateAuthority

func (x *CreateCertificateAuthorityRequest) GetCertificateAuthority() *CertificateAuthority

func (*CreateCertificateAuthorityRequest) GetCertificateAuthorityId

func (x *CreateCertificateAuthorityRequest) GetCertificateAuthorityId() string

func (*CreateCertificateAuthorityRequest) GetParent

func (*CreateCertificateAuthorityRequest) GetRequestId

func (x *CreateCertificateAuthorityRequest) GetRequestId() string

func (*CreateCertificateAuthorityRequest) ProtoMessage

func (*CreateCertificateAuthorityRequest) ProtoMessage()

func (*CreateCertificateAuthorityRequest) ProtoReflect

func (*CreateCertificateAuthorityRequest) Reset

func (*CreateCertificateAuthorityRequest) String

CreateCertificateRequest

type CreateCertificateRequest struct {

	// Required. The resource name of the location and [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
	// associated with the [Certificate][google.cloud.security.privateca.v1beta1.Certificate], in the format
	// `projects/*/locations/*/certificateAuthorities/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. It must be unique within a location and match the regular
	// expression `[a-zA-Z0-9_-]{1,63}`. This field is required when using a
	// [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] in the Enterprise [CertificateAuthority.Tier][google.cloud.security.privateca.v1beta1.CertificateAuthority.Tier],
	// but is optional and its value is ignored otherwise.
	CertificateId string `protobuf:"bytes,2,opt,name=certificate_id,json=certificateId,proto3" json:"certificate_id,omitempty"`
	// Required. A [Certificate][google.cloud.security.privateca.v1beta1.Certificate] with initial field values.
	Certificate *Certificate `protobuf:"bytes,3,opt,name=certificate,proto3" json:"certificate,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.CreateCertificate][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.CreateCertificate].

func (*CreateCertificateRequest) Descriptor

func (*CreateCertificateRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateCertificateRequest.ProtoReflect.Descriptor instead.

func (*CreateCertificateRequest) GetCertificate

func (x *CreateCertificateRequest) GetCertificate() *Certificate

func (*CreateCertificateRequest) GetCertificateId

func (x *CreateCertificateRequest) GetCertificateId() string

func (*CreateCertificateRequest) GetParent

func (x *CreateCertificateRequest) GetParent() string

func (*CreateCertificateRequest) GetRequestId

func (x *CreateCertificateRequest) GetRequestId() string

func (*CreateCertificateRequest) ProtoMessage

func (*CreateCertificateRequest) ProtoMessage()

func (*CreateCertificateRequest) ProtoReflect

func (x *CreateCertificateRequest) ProtoReflect() protoreflect.Message

func (*CreateCertificateRequest) Reset

func (x *CreateCertificateRequest) Reset()

func (*CreateCertificateRequest) String

func (x *CreateCertificateRequest) String() string

DisableCertificateAuthorityRequest

type DisableCertificateAuthorityRequest struct {

	// Required. The resource name for this [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] in the
	// format `projects/*/locations/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.DisableCertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.DisableCertificateAuthority].

func (*DisableCertificateAuthorityRequest) Descriptor

func (*DisableCertificateAuthorityRequest) Descriptor() ([]byte, []int)

Deprecated: Use DisableCertificateAuthorityRequest.ProtoReflect.Descriptor instead.

func (*DisableCertificateAuthorityRequest) GetName

func (*DisableCertificateAuthorityRequest) GetRequestId

func (x *DisableCertificateAuthorityRequest) GetRequestId() string

func (*DisableCertificateAuthorityRequest) ProtoMessage

func (*DisableCertificateAuthorityRequest) ProtoMessage()

func (*DisableCertificateAuthorityRequest) ProtoReflect

func (*DisableCertificateAuthorityRequest) Reset

func (*DisableCertificateAuthorityRequest) String

EnableCertificateAuthorityRequest

type EnableCertificateAuthorityRequest struct {

	// Required. The resource name for this [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] in the
	// format `projects/*/locations/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.EnableCertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.EnableCertificateAuthority].

func (*EnableCertificateAuthorityRequest) Descriptor

func (*EnableCertificateAuthorityRequest) Descriptor() ([]byte, []int)

Deprecated: Use EnableCertificateAuthorityRequest.ProtoReflect.Descriptor instead.

func (*EnableCertificateAuthorityRequest) GetName

func (*EnableCertificateAuthorityRequest) GetRequestId

func (x *EnableCertificateAuthorityRequest) GetRequestId() string

func (*EnableCertificateAuthorityRequest) ProtoMessage

func (*EnableCertificateAuthorityRequest) ProtoMessage()

func (*EnableCertificateAuthorityRequest) ProtoReflect

func (*EnableCertificateAuthorityRequest) Reset

func (*EnableCertificateAuthorityRequest) String

FetchCertificateAuthorityCsrRequest

type FetchCertificateAuthorityCsrRequest struct {

	// Required. The resource name for this [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] in the
	// format `projects/*/locations/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

Request message for [CertificateAuthorityService.FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.FetchCertificateAuthorityCsr].

func (*FetchCertificateAuthorityCsrRequest) Descriptor

func (*FetchCertificateAuthorityCsrRequest) Descriptor() ([]byte, []int)

Deprecated: Use FetchCertificateAuthorityCsrRequest.ProtoReflect.Descriptor instead.

func (*FetchCertificateAuthorityCsrRequest) GetName

func (*FetchCertificateAuthorityCsrRequest) ProtoMessage

func (*FetchCertificateAuthorityCsrRequest) ProtoMessage()

func (*FetchCertificateAuthorityCsrRequest) ProtoReflect

func (*FetchCertificateAuthorityCsrRequest) Reset

func (*FetchCertificateAuthorityCsrRequest) String