Variables
RevocationReason_name, RevocationReason_value
var (
RevocationReason_name = map[int32]string{
0: "REVOCATION_REASON_UNSPECIFIED",
1: "KEY_COMPROMISE",
2: "CERTIFICATE_AUTHORITY_COMPROMISE",
3: "AFFILIATION_CHANGED",
4: "SUPERSEDED",
5: "CESSATION_OF_OPERATION",
6: "CERTIFICATE_HOLD",
7: "PRIVILEGE_WITHDRAWN",
8: "ATTRIBUTE_AUTHORITY_COMPROMISE",
}
RevocationReason_value = map[string]int32{
"REVOCATION_REASON_UNSPECIFIED": 0,
"KEY_COMPROMISE": 1,
"CERTIFICATE_AUTHORITY_COMPROMISE": 2,
"AFFILIATION_CHANGED": 3,
"SUPERSEDED": 4,
"CESSATION_OF_OPERATION": 5,
"CERTIFICATE_HOLD": 6,
"PRIVILEGE_WITHDRAWN": 7,
"ATTRIBUTE_AUTHORITY_COMPROMISE": 8,
}
)
Enum value maps for RevocationReason.
CertificateAuthority_Type_name, CertificateAuthority_Type_value
var (
CertificateAuthority_Type_name = map[int32]string{
0: "TYPE_UNSPECIFIED",
1: "SELF_SIGNED",
2: "SUBORDINATE",
}
CertificateAuthority_Type_value = map[string]int32{
"TYPE_UNSPECIFIED": 0,
"SELF_SIGNED": 1,
"SUBORDINATE": 2,
}
)
Enum value maps for CertificateAuthority_Type.
CertificateAuthority_Tier_name, CertificateAuthority_Tier_value
var (
CertificateAuthority_Tier_name = map[int32]string{
0: "TIER_UNSPECIFIED",
1: "ENTERPRISE",
2: "DEVOPS",
}
CertificateAuthority_Tier_value = map[string]int32{
"TIER_UNSPECIFIED": 0,
"ENTERPRISE": 1,
"DEVOPS": 2,
}
)
Enum value maps for CertificateAuthority_Tier.
CertificateAuthority_State_name, CertificateAuthority_State_value
var (
CertificateAuthority_State_name = map[int32]string{
0: "STATE_UNSPECIFIED",
1: "ENABLED",
2: "DISABLED",
3: "PENDING_ACTIVATION",
4: "PENDING_DELETION",
}
CertificateAuthority_State_value = map[string]int32{
"STATE_UNSPECIFIED": 0,
"ENABLED": 1,
"DISABLED": 2,
"PENDING_ACTIVATION": 3,
"PENDING_DELETION": 4,
}
)
Enum value maps for CertificateAuthority_State.
CertificateAuthority_SignHashAlgorithm_name, CertificateAuthority_SignHashAlgorithm_value
var (
CertificateAuthority_SignHashAlgorithm_name = map[int32]string{
0: "SIGN_HASH_ALGORITHM_UNSPECIFIED",
1: "RSA_PSS_2048_SHA256",
2: "RSA_PSS_3072_SHA256",
3: "RSA_PSS_4096_SHA256",
6: "RSA_PKCS1_2048_SHA256",
7: "RSA_PKCS1_3072_SHA256",
8: "RSA_PKCS1_4096_SHA256",
4: "EC_P256_SHA256",
5: "EC_P384_SHA384",
}
CertificateAuthority_SignHashAlgorithm_value = map[string]int32{
"SIGN_HASH_ALGORITHM_UNSPECIFIED": 0,
"RSA_PSS_2048_SHA256": 1,
"RSA_PSS_3072_SHA256": 2,
"RSA_PSS_4096_SHA256": 3,
"RSA_PKCS1_2048_SHA256": 6,
"RSA_PKCS1_3072_SHA256": 7,
"RSA_PKCS1_4096_SHA256": 8,
"EC_P256_SHA256": 4,
"EC_P384_SHA384": 5,
}
)
Enum value maps for CertificateAuthority_SignHashAlgorithm.
CertificateRevocationList_State_name, CertificateRevocationList_State_value
var (
CertificateRevocationList_State_name = map[int32]string{
0: "STATE_UNSPECIFIED",
1: "ACTIVE",
2: "SUPERSEDED",
}
CertificateRevocationList_State_value = map[string]int32{
"STATE_UNSPECIFIED": 0,
"ACTIVE": 1,
"SUPERSEDED": 2,
}
)
Enum value maps for CertificateRevocationList_State.
PublicKey_KeyType_name, PublicKey_KeyType_value
var (
PublicKey_KeyType_name = map[int32]string{
0: "KEY_TYPE_UNSPECIFIED",
1: "PEM_RSA_KEY",
2: "PEM_EC_KEY",
}
PublicKey_KeyType_value = map[string]int32{
"KEY_TYPE_UNSPECIFIED": 0,
"PEM_RSA_KEY": 1,
"PEM_EC_KEY": 2,
}
)
Enum value maps for PublicKey_KeyType.
File_google_cloud_security_privateca_v1beta1_resources_proto
var File_google_cloud_security_privateca_v1beta1_resources_proto protoreflect.FileDescriptor
File_google_cloud_security_privateca_v1beta1_service_proto
var File_google_cloud_security_privateca_v1beta1_service_proto protoreflect.FileDescriptor
Functions
func RegisterCertificateAuthorityServiceServer
func RegisterCertificateAuthorityServiceServer(s *grpc.Server, srv CertificateAuthorityServiceServer)
ActivateCertificateAuthorityRequest
type ActivateCertificateAuthorityRequest struct {
// Required. The resource name for this [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] in the
// format `projects/*/locations/*/certificateAuthorities/*`.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Required. The signed CA certificate issued from
// [FetchCertificateAuthorityCsrResponse.pem_csr][google.cloud.security.privateca.v1beta1.FetchCertificateAuthorityCsrResponse.pem_csr].
PemCaCertificate string `protobuf:"bytes,2,opt,name=pem_ca_certificate,json=pemCaCertificate,proto3" json:"pem_ca_certificate,omitempty"`
// Required. Must include information about the issuer of 'pem_ca_certificate', and any
// further issuers until the self-signed CA.
SubordinateConfig *SubordinateConfig `protobuf:"bytes,3,opt,name=subordinate_config,json=subordinateConfig,proto3" json:"subordinate_config,omitempty"`
// Optional. An ID to identify requests. Specify a unique request ID so that if you must
// retry your request, the server will know to ignore the request if it has
// already been completed. The server will guarantee that for at least 60
// minutes since the first request.
//
// For example, consider a situation where you make an initial request and t
// he request times out. If you make the request again with the same request
// ID, the server can check if original operation with the same request ID
// was received, and if so, will ignore the second request. This prevents
// clients from accidentally creating duplicate commitments.
//
// The request ID must be a valid UUID with the exception that zero UUID is
// not supported (00000000-0000-0000-0000-000000000000).
RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.ActivateCertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.ActivateCertificateAuthority].
func (*ActivateCertificateAuthorityRequest) Descriptor
func (*ActivateCertificateAuthorityRequest) Descriptor() ([]byte, []int)
Deprecated: Use ActivateCertificateAuthorityRequest.ProtoReflect.Descriptor instead.
func (*ActivateCertificateAuthorityRequest) GetName
func (x *ActivateCertificateAuthorityRequest) GetName() string
func (*ActivateCertificateAuthorityRequest) GetPemCaCertificate
func (x *ActivateCertificateAuthorityRequest) GetPemCaCertificate() string
func (*ActivateCertificateAuthorityRequest) GetRequestId
func (x *ActivateCertificateAuthorityRequest) GetRequestId() string
func (*ActivateCertificateAuthorityRequest) GetSubordinateConfig
func (x *ActivateCertificateAuthorityRequest) GetSubordinateConfig() *SubordinateConfig
func (*ActivateCertificateAuthorityRequest) ProtoMessage
func (*ActivateCertificateAuthorityRequest) ProtoMessage()
func (*ActivateCertificateAuthorityRequest) ProtoReflect
func (x *ActivateCertificateAuthorityRequest) ProtoReflect() protoreflect.Message
func (*ActivateCertificateAuthorityRequest) Reset
func (x *ActivateCertificateAuthorityRequest) Reset()
func (*ActivateCertificateAuthorityRequest) String
func (x *ActivateCertificateAuthorityRequest) String() string
Certificate
type Certificate struct {
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
CertificateConfig isCertificate_CertificateConfig `protobuf_oneof:"certificate_config"`
Lifetime *durationpb.Duration `protobuf:"bytes,4,opt,name=lifetime,proto3" json:"lifetime,omitempty"`
RevocationDetails *Certificate_RevocationDetails `protobuf:"bytes,5,opt,name=revocation_details,json=revocationDetails,proto3" json:"revocation_details,omitempty"`
PemCertificate string `protobuf:"bytes,6,opt,name=pem_certificate,json=pemCertificate,proto3" json:"pem_certificate,omitempty"`
CertificateDescription *CertificateDescription "" /* 127 byte string literal not displayed */
PemCertificateChain []string `protobuf:"bytes,8,rep,name=pem_certificate_chain,json=pemCertificateChain,proto3" json:"pem_certificate_chain,omitempty"`
CreateTime *timestamppb.Timestamp `protobuf:"bytes,9,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
UpdateTime *timestamppb.Timestamp `protobuf:"bytes,10,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`
Labels map[string]string "" /* 154 byte string literal not displayed */
}
A [Certificate][google.cloud.security.privateca.v1beta1.Certificate] corresponds to a signed X.509 certificate issued by a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
func (*Certificate) Descriptor
func (*Certificate) Descriptor() ([]byte, []int)
Deprecated: Use Certificate.ProtoReflect.Descriptor instead.
func (*Certificate) GetCertificateConfig
func (m *Certificate) GetCertificateConfig() isCertificate_CertificateConfig
func (*Certificate) GetCertificateDescription
func (x *Certificate) GetCertificateDescription() *CertificateDescription
func (*Certificate) GetConfig
func (x *Certificate) GetConfig() *CertificateConfig
func (*Certificate) GetCreateTime
func (x *Certificate) GetCreateTime() *timestamppb.Timestamp
func (*Certificate) GetLabels
func (x *Certificate) GetLabels() map[string]string
func (*Certificate) GetLifetime
func (x *Certificate) GetLifetime() *durationpb.Duration
func (*Certificate) GetName
func (x *Certificate) GetName() string
func (*Certificate) GetPemCertificate
func (x *Certificate) GetPemCertificate() string
func (*Certificate) GetPemCertificateChain
func (x *Certificate) GetPemCertificateChain() []string
func (*Certificate) GetPemCsr
func (x *Certificate) GetPemCsr() string
func (*Certificate) GetRevocationDetails
func (x *Certificate) GetRevocationDetails() *Certificate_RevocationDetails
func (*Certificate) GetUpdateTime
func (x *Certificate) GetUpdateTime() *timestamppb.Timestamp
func (*Certificate) ProtoMessage
func (*Certificate) ProtoMessage()
func (*Certificate) ProtoReflect
func (x *Certificate) ProtoReflect() protoreflect.Message
func (*Certificate) Reset
func (x *Certificate) Reset()
func (*Certificate) String
func (x *Certificate) String() string
CertificateAuthority
type CertificateAuthority struct {
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
Type CertificateAuthority_Type "" /* 133 byte string literal not displayed */
Tier CertificateAuthority_Tier "" /* 133 byte string literal not displayed */
Config *CertificateConfig `protobuf:"bytes,4,opt,name=config,proto3" json:"config,omitempty"`
Lifetime *durationpb.Duration `protobuf:"bytes,5,opt,name=lifetime,proto3" json:"lifetime,omitempty"`
KeySpec *CertificateAuthority_KeyVersionSpec `protobuf:"bytes,6,opt,name=key_spec,json=keySpec,proto3" json:"key_spec,omitempty"`
CertificatePolicy *CertificateAuthority_CertificateAuthorityPolicy `protobuf:"bytes,7,opt,name=certificate_policy,json=certificatePolicy,proto3" json:"certificate_policy,omitempty"`
IssuingOptions *CertificateAuthority_IssuingOptions `protobuf:"bytes,8,opt,name=issuing_options,json=issuingOptions,proto3" json:"issuing_options,omitempty"`
SubordinateConfig *SubordinateConfig `protobuf:"bytes,19,opt,name=subordinate_config,json=subordinateConfig,proto3" json:"subordinate_config,omitempty"`
State CertificateAuthority_State "" /* 137 byte string literal not displayed */
PemCaCertificates []string `protobuf:"bytes,9,rep,name=pem_ca_certificates,json=pemCaCertificates,proto3" json:"pem_ca_certificates,omitempty"`
CaCertificateDescriptions []*CertificateDescription "" /* 139 byte string literal not displayed */
GcsBucket string `protobuf:"bytes,13,opt,name=gcs_bucket,json=gcsBucket,proto3" json:"gcs_bucket,omitempty"`
AccessUrls *CertificateAuthority_AccessUrls `protobuf:"bytes,14,opt,name=access_urls,json=accessUrls,proto3" json:"access_urls,omitempty"`
CreateTime *timestamppb.Timestamp `protobuf:"bytes,15,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
UpdateTime *timestamppb.Timestamp `protobuf:"bytes,16,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`
DeleteTime *timestamppb.Timestamp `protobuf:"bytes,17,opt,name=delete_time,json=deleteTime,proto3" json:"delete_time,omitempty"`
Labels map[string]string "" /* 154 byte string literal not displayed */
}
A [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] represents an individual Certificate Authority. A [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] can be used to create [Certificates][google.cloud.security.privateca.v1beta1.Certificate].
func (*CertificateAuthority) Descriptor
func (*CertificateAuthority) Descriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority.ProtoReflect.Descriptor instead.
func (*CertificateAuthority) GetAccessUrls
func (x *CertificateAuthority) GetAccessUrls() *CertificateAuthority_AccessUrls
func (*CertificateAuthority) GetCaCertificateDescriptions
func (x *CertificateAuthority) GetCaCertificateDescriptions() []*CertificateDescription
func (*CertificateAuthority) GetCertificatePolicy
func (x *CertificateAuthority) GetCertificatePolicy() *CertificateAuthority_CertificateAuthorityPolicy
func (*CertificateAuthority) GetConfig
func (x *CertificateAuthority) GetConfig() *CertificateConfig
func (*CertificateAuthority) GetCreateTime
func (x *CertificateAuthority) GetCreateTime() *timestamppb.Timestamp
func (*CertificateAuthority) GetDeleteTime
func (x *CertificateAuthority) GetDeleteTime() *timestamppb.Timestamp
func (*CertificateAuthority) GetGcsBucket
func (x *CertificateAuthority) GetGcsBucket() string
func (*CertificateAuthority) GetIssuingOptions
func (x *CertificateAuthority) GetIssuingOptions() *CertificateAuthority_IssuingOptions
func (*CertificateAuthority) GetKeySpec
func (x *CertificateAuthority) GetKeySpec() *CertificateAuthority_KeyVersionSpec
func (*CertificateAuthority) GetLabels
func (x *CertificateAuthority) GetLabels() map[string]string
func (*CertificateAuthority) GetLifetime
func (x *CertificateAuthority) GetLifetime() *durationpb.Duration
func (*CertificateAuthority) GetName
func (x *CertificateAuthority) GetName() string
func (*CertificateAuthority) GetPemCaCertificates
func (x *CertificateAuthority) GetPemCaCertificates() []string
func (*CertificateAuthority) GetState
func (x *CertificateAuthority) GetState() CertificateAuthority_State
func (*CertificateAuthority) GetSubordinateConfig
func (x *CertificateAuthority) GetSubordinateConfig() *SubordinateConfig
func (*CertificateAuthority) GetTier
func (x *CertificateAuthority) GetTier() CertificateAuthority_Tier
func (*CertificateAuthority) GetType
func (x *CertificateAuthority) GetType() CertificateAuthority_Type
func (*CertificateAuthority) GetUpdateTime
func (x *CertificateAuthority) GetUpdateTime() *timestamppb.Timestamp
func (*CertificateAuthority) ProtoMessage
func (*CertificateAuthority) ProtoMessage()
func (*CertificateAuthority) ProtoReflect
func (x *CertificateAuthority) ProtoReflect() protoreflect.Message
func (*CertificateAuthority) Reset
func (x *CertificateAuthority) Reset()
func (*CertificateAuthority) String
func (x *CertificateAuthority) String() string
CertificateAuthorityServiceClient
type CertificateAuthorityServiceClient interface {
// Create a new [Certificate][google.cloud.security.privateca.v1beta1.Certificate] in a given Project, Location from a particular
// [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
CreateCertificate(ctx context.Context, in *CreateCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
// Returns a [Certificate][google.cloud.security.privateca.v1beta1.Certificate].
GetCertificate(ctx context.Context, in *GetCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
// Lists [Certificates][google.cloud.security.privateca.v1beta1.Certificate].
ListCertificates(ctx context.Context, in *ListCertificatesRequest, opts ...grpc.CallOption) (*ListCertificatesResponse, error)
// Revoke a [Certificate][google.cloud.security.privateca.v1beta1.Certificate].
RevokeCertificate(ctx context.Context, in *RevokeCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
// Update a [Certificate][google.cloud.security.privateca.v1beta1.Certificate]. Currently, the only field you can update is the
// [labels][google.cloud.security.privateca.v1beta1.Certificate.labels] field.
UpdateCertificate(ctx context.Context, in *UpdateCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
// Activate a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] that is in state
// [PENDING_ACTIVATION][google.cloud.security.privateca.v1beta1.CertificateAuthority.State.PENDING_ACTIVATION] and is
// of type [SUBORDINATE][google.cloud.security.privateca.v1beta1.CertificateAuthority.Type.SUBORDINATE]. After the
// parent Certificate Authority signs a certificate signing request from
// [FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.FetchCertificateAuthorityCsr], this method can complete the activation
// process.
ActivateCertificateAuthority(ctx context.Context, in *ActivateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
// Create a new [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] in a given Project and Location.
CreateCertificateAuthority(ctx context.Context, in *CreateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
// Disable a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
DisableCertificateAuthority(ctx context.Context, in *DisableCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
// Enable a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
EnableCertificateAuthority(ctx context.Context, in *EnableCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
// Fetch a certificate signing request (CSR) from a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
// that is in state
// [PENDING_ACTIVATION][google.cloud.security.privateca.v1beta1.CertificateAuthority.State.PENDING_ACTIVATION] and is
// of type [SUBORDINATE][google.cloud.security.privateca.v1beta1.CertificateAuthority.Type.SUBORDINATE]. The CSR must
// then be signed by the desired parent Certificate Authority, which could be
// another [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] resource, or could be an on-prem
// certificate authority. See also [ActivateCertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.ActivateCertificateAuthority].
FetchCertificateAuthorityCsr(ctx context.Context, in *FetchCertificateAuthorityCsrRequest, opts ...grpc.CallOption) (*FetchCertificateAuthorityCsrResponse, error)
// Returns a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
GetCertificateAuthority(ctx context.Context, in *GetCertificateAuthorityRequest, opts ...grpc.CallOption) (*CertificateAuthority, error)
// Lists [CertificateAuthorities][google.cloud.security.privateca.v1beta1.CertificateAuthority].
ListCertificateAuthorities(ctx context.Context, in *ListCertificateAuthoritiesRequest, opts ...grpc.CallOption) (*ListCertificateAuthoritiesResponse, error)
// Restore a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] that is scheduled for deletion.
RestoreCertificateAuthority(ctx context.Context, in *RestoreCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
// Schedule a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] for deletion.
ScheduleDeleteCertificateAuthority(ctx context.Context, in *ScheduleDeleteCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
// Update a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
UpdateCertificateAuthority(ctx context.Context, in *UpdateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
// Returns a [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
GetCertificateRevocationList(ctx context.Context, in *GetCertificateRevocationListRequest, opts ...grpc.CallOption) (*CertificateRevocationList, error)
// Lists [CertificateRevocationLists][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
ListCertificateRevocationLists(ctx context.Context, in *ListCertificateRevocationListsRequest, opts ...grpc.CallOption) (*ListCertificateRevocationListsResponse, error)
// Update a [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
UpdateCertificateRevocationList(ctx context.Context, in *UpdateCertificateRevocationListRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
// Returns a [ReusableConfig][google.cloud.security.privateca.v1beta1.ReusableConfig].
GetReusableConfig(ctx context.Context, in *GetReusableConfigRequest, opts ...grpc.CallOption) (*ReusableConfig, error)
// Lists [ReusableConfigs][google.cloud.security.privateca.v1beta1.ReusableConfig].
ListReusableConfigs(ctx context.Context, in *ListReusableConfigsRequest, opts ...grpc.CallOption) (*ListReusableConfigsResponse, error)
}
CertificateAuthorityServiceClient is the client API for CertificateAuthorityService service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
func NewCertificateAuthorityServiceClient
func NewCertificateAuthorityServiceClient(cc grpc.ClientConnInterface) CertificateAuthorityServiceClient
CertificateAuthorityServiceServer
type CertificateAuthorityServiceServer interface {
// Create a new [Certificate][google.cloud.security.privateca.v1beta1.Certificate] in a given Project, Location from a particular
// [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
CreateCertificate(context.Context, *CreateCertificateRequest) (*Certificate, error)
// Returns a [Certificate][google.cloud.security.privateca.v1beta1.Certificate].
GetCertificate(context.Context, *GetCertificateRequest) (*Certificate, error)
// Lists [Certificates][google.cloud.security.privateca.v1beta1.Certificate].
ListCertificates(context.Context, *ListCertificatesRequest) (*ListCertificatesResponse, error)
// Revoke a [Certificate][google.cloud.security.privateca.v1beta1.Certificate].
RevokeCertificate(context.Context, *RevokeCertificateRequest) (*Certificate, error)
// Update a [Certificate][google.cloud.security.privateca.v1beta1.Certificate]. Currently, the only field you can update is the
// [labels][google.cloud.security.privateca.v1beta1.Certificate.labels] field.
UpdateCertificate(context.Context, *UpdateCertificateRequest) (*Certificate, error)
// Activate a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] that is in state
// [PENDING_ACTIVATION][google.cloud.security.privateca.v1beta1.CertificateAuthority.State.PENDING_ACTIVATION] and is
// of type [SUBORDINATE][google.cloud.security.privateca.v1beta1.CertificateAuthority.Type.SUBORDINATE]. After the
// parent Certificate Authority signs a certificate signing request from
// [FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.FetchCertificateAuthorityCsr], this method can complete the activation
// process.
ActivateCertificateAuthority(context.Context, *ActivateCertificateAuthorityRequest) (*longrunning.Operation, error)
// Create a new [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] in a given Project and Location.
CreateCertificateAuthority(context.Context, *CreateCertificateAuthorityRequest) (*longrunning.Operation, error)
// Disable a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
DisableCertificateAuthority(context.Context, *DisableCertificateAuthorityRequest) (*longrunning.Operation, error)
// Enable a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
EnableCertificateAuthority(context.Context, *EnableCertificateAuthorityRequest) (*longrunning.Operation, error)
// Fetch a certificate signing request (CSR) from a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
// that is in state
// [PENDING_ACTIVATION][google.cloud.security.privateca.v1beta1.CertificateAuthority.State.PENDING_ACTIVATION] and is
// of type [SUBORDINATE][google.cloud.security.privateca.v1beta1.CertificateAuthority.Type.SUBORDINATE]. The CSR must
// then be signed by the desired parent Certificate Authority, which could be
// another [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] resource, or could be an on-prem
// certificate authority. See also [ActivateCertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.ActivateCertificateAuthority].
FetchCertificateAuthorityCsr(context.Context, *FetchCertificateAuthorityCsrRequest) (*FetchCertificateAuthorityCsrResponse, error)
// Returns a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
GetCertificateAuthority(context.Context, *GetCertificateAuthorityRequest) (*CertificateAuthority, error)
// Lists [CertificateAuthorities][google.cloud.security.privateca.v1beta1.CertificateAuthority].
ListCertificateAuthorities(context.Context, *ListCertificateAuthoritiesRequest) (*ListCertificateAuthoritiesResponse, error)
// Restore a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] that is scheduled for deletion.
RestoreCertificateAuthority(context.Context, *RestoreCertificateAuthorityRequest) (*longrunning.Operation, error)
// Schedule a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] for deletion.
ScheduleDeleteCertificateAuthority(context.Context, *ScheduleDeleteCertificateAuthorityRequest) (*longrunning.Operation, error)
// Update a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
UpdateCertificateAuthority(context.Context, *UpdateCertificateAuthorityRequest) (*longrunning.Operation, error)
// Returns a [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
GetCertificateRevocationList(context.Context, *GetCertificateRevocationListRequest) (*CertificateRevocationList, error)
// Lists [CertificateRevocationLists][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
ListCertificateRevocationLists(context.Context, *ListCertificateRevocationListsRequest) (*ListCertificateRevocationListsResponse, error)
// Update a [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
UpdateCertificateRevocationList(context.Context, *UpdateCertificateRevocationListRequest) (*longrunning.Operation, error)
// Returns a [ReusableConfig][google.cloud.security.privateca.v1beta1.ReusableConfig].
GetReusableConfig(context.Context, *GetReusableConfigRequest) (*ReusableConfig, error)
// Lists [ReusableConfigs][google.cloud.security.privateca.v1beta1.ReusableConfig].
ListReusableConfigs(context.Context, *ListReusableConfigsRequest) (*ListReusableConfigsResponse, error)
}
CertificateAuthorityServiceServer is the server API for CertificateAuthorityService service.
CertificateAuthority_AccessUrls
type CertificateAuthority_AccessUrls struct {
CaCertificateAccessUrl string "" /* 131 byte string literal not displayed */
CrlAccessUrl string `protobuf:"bytes,2,opt,name=crl_access_url,json=crlAccessUrl,proto3" json:"crl_access_url,omitempty"`
}
URLs where a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] will publish content.
func (*CertificateAuthority_AccessUrls) Descriptor
func (*CertificateAuthority_AccessUrls) Descriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_AccessUrls.ProtoReflect.Descriptor instead.
func (*CertificateAuthority_AccessUrls) GetCaCertificateAccessUrl
func (x *CertificateAuthority_AccessUrls) GetCaCertificateAccessUrl() string
func (*CertificateAuthority_AccessUrls) GetCrlAccessUrl
func (x *CertificateAuthority_AccessUrls) GetCrlAccessUrl() string
func (*CertificateAuthority_AccessUrls) ProtoMessage
func (*CertificateAuthority_AccessUrls) ProtoMessage()
func (*CertificateAuthority_AccessUrls) ProtoReflect
func (x *CertificateAuthority_AccessUrls) ProtoReflect() protoreflect.Message
func (*CertificateAuthority_AccessUrls) Reset
func (x *CertificateAuthority_AccessUrls) Reset()
func (*CertificateAuthority_AccessUrls) String
func (x *CertificateAuthority_AccessUrls) String() string
CertificateAuthority_CertificateAuthorityPolicy
type CertificateAuthority_CertificateAuthorityPolicy struct {
ConfigPolicy isCertificateAuthority_CertificateAuthorityPolicy_ConfigPolicy `protobuf_oneof:"config_policy"`
AllowedLocationsAndOrganizations []*Subject "" /* 161 byte string literal not displayed */
AllowedCommonNames []string `protobuf:"bytes,4,rep,name=allowed_common_names,json=allowedCommonNames,proto3" json:"allowed_common_names,omitempty"`
AllowedSans *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames `protobuf:"bytes,5,opt,name=allowed_sans,json=allowedSans,proto3" json:"allowed_sans,omitempty"`
MaximumLifetime *durationpb.Duration `protobuf:"bytes,6,opt,name=maximum_lifetime,json=maximumLifetime,proto3" json:"maximum_lifetime,omitempty"`
AllowedIssuanceModes *CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes `protobuf:"bytes,8,opt,name=allowed_issuance_modes,json=allowedIssuanceModes,proto3" json:"allowed_issuance_modes,omitempty"`
}
The issuing policy for a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]. [Certificates][google.cloud.security.privateca.v1beta1.Certificate] will not be successfully issued from this [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] if they violate the policy.
func (*CertificateAuthority_CertificateAuthorityPolicy) Descriptor
func (*CertificateAuthority_CertificateAuthorityPolicy) Descriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_CertificateAuthorityPolicy.ProtoReflect.Descriptor instead.
func (*CertificateAuthority_CertificateAuthorityPolicy) GetAllowedCommonNames
func (x *CertificateAuthority_CertificateAuthorityPolicy) GetAllowedCommonNames() []string
func (*CertificateAuthority_CertificateAuthorityPolicy) GetAllowedConfigList
func (x *CertificateAuthority_CertificateAuthorityPolicy) GetAllowedConfigList() *CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList
func (*CertificateAuthority_CertificateAuthorityPolicy) GetAllowedIssuanceModes
func (x *CertificateAuthority_CertificateAuthorityPolicy) GetAllowedIssuanceModes() *CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes
func (*CertificateAuthority_CertificateAuthorityPolicy) GetAllowedLocationsAndOrganizations
func (x *CertificateAuthority_CertificateAuthorityPolicy) GetAllowedLocationsAndOrganizations() []*Subject
func (*CertificateAuthority_CertificateAuthorityPolicy) GetAllowedSans
func (x *CertificateAuthority_CertificateAuthorityPolicy) GetAllowedSans() *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames
func (*CertificateAuthority_CertificateAuthorityPolicy) GetConfigPolicy
func (m *CertificateAuthority_CertificateAuthorityPolicy) GetConfigPolicy() isCertificateAuthority_CertificateAuthorityPolicy_ConfigPolicy
func (*CertificateAuthority_CertificateAuthorityPolicy) GetMaximumLifetime
func (x *CertificateAuthority_CertificateAuthorityPolicy) GetMaximumLifetime() *durationpb.Duration
func (*CertificateAuthority_CertificateAuthorityPolicy) GetOverwriteConfigValues
func (x *CertificateAuthority_CertificateAuthorityPolicy) GetOverwriteConfigValues() *ReusableConfigWrapper
func (*CertificateAuthority_CertificateAuthorityPolicy) ProtoMessage
func (*CertificateAuthority_CertificateAuthorityPolicy) ProtoMessage()
func (*CertificateAuthority_CertificateAuthorityPolicy) ProtoReflect
func (x *CertificateAuthority_CertificateAuthorityPolicy) ProtoReflect() protoreflect.Message
func (*CertificateAuthority_CertificateAuthorityPolicy) Reset
func (x *CertificateAuthority_CertificateAuthorityPolicy) Reset()
func (*CertificateAuthority_CertificateAuthorityPolicy) String
func (x *CertificateAuthority_CertificateAuthorityPolicy) String() string
CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList
type CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList struct {
// Required. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
// must match at least one listed [ReusableConfigWrapper][google.cloud.security.privateca.v1beta1.ReusableConfigWrapper]. If a
// [ReusableConfigWrapper][google.cloud.security.privateca.v1beta1.ReusableConfigWrapper] has an empty field, any value will be
// allowed for that field.
AllowedConfigValues []*ReusableConfigWrapper `protobuf:"bytes,1,rep,name=allowed_config_values,json=allowedConfigValues,proto3" json:"allowed_config_values,omitempty"`
// contains filtered or unexported fields
}
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) Descriptor
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) Descriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList.ProtoReflect.Descriptor instead.
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) GetAllowedConfigValues
func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) GetAllowedConfigValues() []*ReusableConfigWrapper
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) ProtoMessage
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) ProtoMessage()
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) ProtoReflect
func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) ProtoReflect() protoreflect.Message
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) Reset
func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) Reset()
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) String
func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) String() string
CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList_
type CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList_ struct {
// Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
// must match at least one listed [ReusableConfigWrapper][google.cloud.security.privateca.v1beta1.ReusableConfigWrapper] in the list.
AllowedConfigList *CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList `protobuf:"bytes,1,opt,name=allowed_config_list,json=allowedConfigList,proto3,oneof"`
}
CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames
type CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames struct {
AllowedDnsNames []string `protobuf:"bytes,1,rep,name=allowed_dns_names,json=allowedDnsNames,proto3" json:"allowed_dns_names,omitempty"`
AllowedUris []string `protobuf:"bytes,2,rep,name=allowed_uris,json=allowedUris,proto3" json:"allowed_uris,omitempty"`
AllowedEmailAddresses []string `protobuf:"bytes,3,rep,name=allowed_email_addresses,json=allowedEmailAddresses,proto3" json:"allowed_email_addresses,omitempty"`
AllowedIps []string `protobuf:"bytes,4,rep,name=allowed_ips,json=allowedIps,proto3" json:"allowed_ips,omitempty"`
AllowGlobbingDnsWildcards bool "" /* 141 byte string literal not displayed */
AllowCustomSans bool `protobuf:"varint,6,opt,name=allow_custom_sans,json=allowCustomSans,proto3" json:"allow_custom_sans,omitempty"`
}
[AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames] specifies the allowed values for [SubjectAltNames][google.cloud.security.privateca.v1beta1.SubjectAltNames] by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] when issuing [Certificates][google.cloud.security.privateca.v1beta1.Certificate].
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) Descriptor
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) Descriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames.ProtoReflect.Descriptor instead.
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowCustomSans
func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowCustomSans() bool
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowGlobbingDnsWildcards
func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowGlobbingDnsWildcards() bool
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedDnsNames
func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedDnsNames() []string
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedEmailAddresses
func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedEmailAddresses() []string
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedIps
func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedIps() []string
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedUris
func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedUris() []string
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) ProtoMessage
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) ProtoMessage()
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) ProtoReflect
func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) ProtoReflect() protoreflect.Message
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) Reset
func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) Reset()
func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) String
func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) String() string
CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes
type CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes struct {
AllowCsrBasedIssuance bool "" /* 129 byte string literal not displayed */
AllowConfigBasedIssuance bool "" /* 138 byte string literal not displayed */
}
[IssuanceModes][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.IssuanceModes] specifies the allowed ways in which [Certificates][google.cloud.security.privateca.v1beta1.Certificate] may be requested from this [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) Descriptor
func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) Descriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes.ProtoReflect.Descriptor instead.
func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) GetAllowConfigBasedIssuance
func (x *CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) GetAllowConfigBasedIssuance() bool
func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) GetAllowCsrBasedIssuance
func (x *CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) GetAllowCsrBasedIssuance() bool
func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) ProtoMessage
func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) ProtoMessage()
func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) ProtoReflect
func (x *CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) ProtoReflect() protoreflect.Message
func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) Reset
func (x *CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) Reset()
func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) String
func (x *CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) String() string
CertificateAuthority_CertificateAuthorityPolicy_OverwriteConfigValues
type CertificateAuthority_CertificateAuthorityPolicy_OverwriteConfigValues struct {
// Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
// will use the provided configuration values, overwriting any requested
// configuration values.
OverwriteConfigValues *ReusableConfigWrapper `protobuf:"bytes,2,opt,name=overwrite_config_values,json=overwriteConfigValues,proto3,oneof"`
}
CertificateAuthority_IssuingOptions
type CertificateAuthority_IssuingOptions struct {
// Required. When true, includes a URL to the issuing CA certificate in the
// "authority information access" X.509 extension.
IncludeCaCertUrl bool `protobuf:"varint,1,opt,name=include_ca_cert_url,json=includeCaCertUrl,proto3" json:"include_ca_cert_url,omitempty"`
// Required. When true, includes a URL to the CRL corresponding to certificates
// issued from a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
// CRLs will expire 7 days from their creation. However, we will rebuild
// daily. CRLs are also rebuilt shortly after a certificate is revoked.
IncludeCrlAccessUrl bool `protobuf:"varint,2,opt,name=include_crl_access_url,json=includeCrlAccessUrl,proto3" json:"include_crl_access_url,omitempty"`
// contains filtered or unexported fields
}
Options that affect all certificates issued by a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
func (*CertificateAuthority_IssuingOptions) Descriptor
func (*CertificateAuthority_IssuingOptions) Descriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_IssuingOptions.ProtoReflect.Descriptor instead.
func (*CertificateAuthority_IssuingOptions) GetIncludeCaCertUrl
func (x *CertificateAuthority_IssuingOptions) GetIncludeCaCertUrl() bool
func (*CertificateAuthority_IssuingOptions) GetIncludeCrlAccessUrl
func (x *CertificateAuthority_IssuingOptions) GetIncludeCrlAccessUrl() bool
func (*CertificateAuthority_IssuingOptions) ProtoMessage
func (*CertificateAuthority_IssuingOptions) ProtoMessage()
func (*CertificateAuthority_IssuingOptions) ProtoReflect
func (x *CertificateAuthority_IssuingOptions) ProtoReflect() protoreflect.Message
func (*CertificateAuthority_IssuingOptions) Reset
func (x *CertificateAuthority_IssuingOptions) Reset()
func (*CertificateAuthority_IssuingOptions) String
func (x *CertificateAuthority_IssuingOptions) String() string
CertificateAuthority_KeyVersionSpec
type CertificateAuthority_KeyVersionSpec struct {
// Types that are assignable to KeyVersion:
//
// *CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion
// *CertificateAuthority_KeyVersionSpec_Algorithm
KeyVersion isCertificateAuthority_KeyVersionSpec_KeyVersion `protobuf_oneof:"KeyVersion"`
// contains filtered or unexported fields
}
A Cloud KMS key configuration that a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] will use.
func (*CertificateAuthority_KeyVersionSpec) Descriptor
func (*CertificateAuthority_KeyVersionSpec) Descriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_KeyVersionSpec.ProtoReflect.Descriptor instead.
func (*CertificateAuthority_KeyVersionSpec) GetAlgorithm
func (x *CertificateAuthority_KeyVersionSpec) GetAlgorithm() CertificateAuthority_SignHashAlgorithm
func (*CertificateAuthority_KeyVersionSpec) GetCloudKmsKeyVersion
func (x *CertificateAuthority_KeyVersionSpec) GetCloudKmsKeyVersion() string
func (*CertificateAuthority_KeyVersionSpec) GetKeyVersion
func (m *CertificateAuthority_KeyVersionSpec) GetKeyVersion() isCertificateAuthority_KeyVersionSpec_KeyVersion
func (*CertificateAuthority_KeyVersionSpec) ProtoMessage
func (*CertificateAuthority_KeyVersionSpec) ProtoMessage()
func (*CertificateAuthority_KeyVersionSpec) ProtoReflect
func (x *CertificateAuthority_KeyVersionSpec) ProtoReflect() protoreflect.Message
func (*CertificateAuthority_KeyVersionSpec) Reset
func (x *CertificateAuthority_KeyVersionSpec) Reset()
func (*CertificateAuthority_KeyVersionSpec) String
func (x *CertificateAuthority_KeyVersionSpec) String() string
CertificateAuthority_KeyVersionSpec_Algorithm
type CertificateAuthority_KeyVersionSpec_Algorithm struct {
Algorithm CertificateAuthority_SignHashAlgorithm "" /* 135 byte string literal not displayed */
}
CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion
type CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion struct {
// Required. The resource name for an existing Cloud KMS CryptoKeyVersion in the
// format
// `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
// This option enables full flexibility in the key's capabilities and
// properties.
CloudKmsKeyVersion string `protobuf:"bytes,1,opt,name=cloud_kms_key_version,json=cloudKmsKeyVersion,proto3,oneof"`
}
CertificateAuthority_SignHashAlgorithm
type CertificateAuthority_SignHashAlgorithm int32
The algorithm of a Cloud KMS CryptoKeyVersion of a
[CryptoKey][google.cloud.kms.v1.CryptoKey] with the
[CryptoKeyPurpose][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose] value
ASYMMETRIC_SIGN
. These values correspond to the
[CryptoKeyVersionAlgorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm]
values. For RSA signing algorithms, the PSS algorithms should be preferred,
use PKCS1 algorithms if required for compatibility. For further
recommandations, see
https://cloud.google.com/kms/docs/algorithms#algorithm_recommendations.
CertificateAuthority_SIGN_HASH_ALGORITHM_UNSPECIFIED, CertificateAuthority_RSA_PSS_2048_SHA256, CertificateAuthority_RSA_PSS_3072_SHA256, CertificateAuthority_RSA_PSS_4096_SHA256, CertificateAuthority_RSA_PKCS1_2048_SHA256, CertificateAuthority_RSA_PKCS1_3072_SHA256, CertificateAuthority_RSA_PKCS1_4096_SHA256, CertificateAuthority_EC_P256_SHA256, CertificateAuthority_EC_P384_SHA384
const (
// Not specified.
CertificateAuthority_SIGN_HASH_ALGORITHM_UNSPECIFIED CertificateAuthority_SignHashAlgorithm = 0
// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256
CertificateAuthority_RSA_PSS_2048_SHA256 CertificateAuthority_SignHashAlgorithm = 1
// maps to CryptoKeyVersionAlgorithm. RSA_SIGN_PSS_3072_SHA256
CertificateAuthority_RSA_PSS_3072_SHA256 CertificateAuthority_SignHashAlgorithm = 2
// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_4096_SHA256
CertificateAuthority_RSA_PSS_4096_SHA256 CertificateAuthority_SignHashAlgorithm = 3
// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256
CertificateAuthority_RSA_PKCS1_2048_SHA256 CertificateAuthority_SignHashAlgorithm = 6
// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_3072_SHA256
CertificateAuthority_RSA_PKCS1_3072_SHA256 CertificateAuthority_SignHashAlgorithm = 7
// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_4096_SHA256
CertificateAuthority_RSA_PKCS1_4096_SHA256 CertificateAuthority_SignHashAlgorithm = 8
// maps to CryptoKeyVersionAlgorithm.EC_SIGN_P256_SHA256
CertificateAuthority_EC_P256_SHA256 CertificateAuthority_SignHashAlgorithm = 4
// maps to CryptoKeyVersionAlgorithm.EC_SIGN_P384_SHA384
CertificateAuthority_EC_P384_SHA384 CertificateAuthority_SignHashAlgorithm = 5
)
func (CertificateAuthority_SignHashAlgorithm) Descriptor
func (CertificateAuthority_SignHashAlgorithm) Descriptor() protoreflect.EnumDescriptor
func (CertificateAuthority_SignHashAlgorithm) Enum
func (CertificateAuthority_SignHashAlgorithm) EnumDescriptor
func (CertificateAuthority_SignHashAlgorithm) EnumDescriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_SignHashAlgorithm.Descriptor instead.
func (CertificateAuthority_SignHashAlgorithm) Number
func (x CertificateAuthority_SignHashAlgorithm) Number() protoreflect.EnumNumber
func (CertificateAuthority_SignHashAlgorithm) String
func (x CertificateAuthority_SignHashAlgorithm) String() string
func (CertificateAuthority_SignHashAlgorithm) Type
func (CertificateAuthority_SignHashAlgorithm) Type() protoreflect.EnumType
CertificateAuthority_State
type CertificateAuthority_State int32
The state of a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority], indicating if it can be used.
CertificateAuthority_STATE_UNSPECIFIED, CertificateAuthority_ENABLED, CertificateAuthority_DISABLED, CertificateAuthority_PENDING_ACTIVATION, CertificateAuthority_PENDING_DELETION
const (
// Not specified.
CertificateAuthority_STATE_UNSPECIFIED CertificateAuthority_State = 0
// Certificates can be issued from this CA. CRLs will be generated for this
// CA.
CertificateAuthority_ENABLED CertificateAuthority_State = 1
// Certificates cannot be issued from this CA. CRLs will still be generated.
CertificateAuthority_DISABLED CertificateAuthority_State = 2
// Certificates cannot be issued from this CA. CRLs will not be generated.
CertificateAuthority_PENDING_ACTIVATION CertificateAuthority_State = 3
// Certificates cannot be issued from this CA. CRLs will not be generated.
CertificateAuthority_PENDING_DELETION CertificateAuthority_State = 4
)
func (CertificateAuthority_State) Descriptor
func (CertificateAuthority_State) Descriptor() protoreflect.EnumDescriptor
func (CertificateAuthority_State) Enum
func (x CertificateAuthority_State) Enum() *CertificateAuthority_State
func (CertificateAuthority_State) EnumDescriptor
func (CertificateAuthority_State) EnumDescriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_State.Descriptor instead.
func (CertificateAuthority_State) Number
func (x CertificateAuthority_State) Number() protoreflect.EnumNumber
func (CertificateAuthority_State) String
func (x CertificateAuthority_State) String() string
func (CertificateAuthority_State) Type
func (CertificateAuthority_State) Type() protoreflect.EnumType
CertificateAuthority_Tier
type CertificateAuthority_Tier int32
The tier of a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority], indicating its supported functionality and/or billing SKU.
CertificateAuthority_TIER_UNSPECIFIED, CertificateAuthority_ENTERPRISE, CertificateAuthority_DEVOPS
const (
// Not specified.
CertificateAuthority_TIER_UNSPECIFIED CertificateAuthority_Tier = 0
// Enterprise tier.
CertificateAuthority_ENTERPRISE CertificateAuthority_Tier = 1
// DevOps tier.
CertificateAuthority_DEVOPS CertificateAuthority_Tier = 2
)
func (CertificateAuthority_Tier) Descriptor
func (CertificateAuthority_Tier) Descriptor() protoreflect.EnumDescriptor
func (CertificateAuthority_Tier) Enum
func (x CertificateAuthority_Tier) Enum() *CertificateAuthority_Tier
func (CertificateAuthority_Tier) EnumDescriptor
func (CertificateAuthority_Tier) EnumDescriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_Tier.Descriptor instead.
func (CertificateAuthority_Tier) Number
func (x CertificateAuthority_Tier) Number() protoreflect.EnumNumber
func (CertificateAuthority_Tier) String
func (x CertificateAuthority_Tier) String() string
func (CertificateAuthority_Tier) Type
func (CertificateAuthority_Tier) Type() protoreflect.EnumType
CertificateAuthority_Type
type CertificateAuthority_Type int32
The type of a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority], indicating its issuing chain.
CertificateAuthority_TYPE_UNSPECIFIED, CertificateAuthority_SELF_SIGNED, CertificateAuthority_SUBORDINATE
const (
// Not specified.
CertificateAuthority_TYPE_UNSPECIFIED CertificateAuthority_Type = 0
// Self-signed CA.
CertificateAuthority_SELF_SIGNED CertificateAuthority_Type = 1
// Subordinate CA. Could be issued by a Private CA [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
// or an unmanaged CA.
CertificateAuthority_SUBORDINATE CertificateAuthority_Type = 2
)
func (CertificateAuthority_Type) Descriptor
func (CertificateAuthority_Type) Descriptor() protoreflect.EnumDescriptor
func (CertificateAuthority_Type) Enum
func (x CertificateAuthority_Type) Enum() *CertificateAuthority_Type
func (CertificateAuthority_Type) EnumDescriptor
func (CertificateAuthority_Type) EnumDescriptor() ([]byte, []int)
Deprecated: Use CertificateAuthority_Type.Descriptor instead.
func (CertificateAuthority_Type) Number
func (x CertificateAuthority_Type) Number() protoreflect.EnumNumber
func (CertificateAuthority_Type) String
func (x CertificateAuthority_Type) String() string
func (CertificateAuthority_Type) Type
func (CertificateAuthority_Type) Type() protoreflect.EnumType
CertificateConfig
type CertificateConfig struct {
// Required. Specifies some of the values in a certificate that are related to the
// subject.
SubjectConfig *CertificateConfig_SubjectConfig `protobuf:"bytes,1,opt,name=subject_config,json=subjectConfig,proto3" json:"subject_config,omitempty"`
// Required. Describes how some of the technical fields in a certificate should be
// populated.
ReusableConfig *ReusableConfigWrapper `protobuf:"bytes,2,opt,name=reusable_config,json=reusableConfig,proto3" json:"reusable_config,omitempty"`
// Optional. The public key that corresponds to this config. This is, for example, used
// when issuing [Certificates][google.cloud.security.privateca.v1beta1.Certificate], but not when creating a
// self-signed [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] or [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] CSR.
PublicKey *PublicKey `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
// contains filtered or unexported fields
}
A [CertificateConfig][google.cloud.security.privateca.v1beta1.CertificateConfig] describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.
func (*CertificateConfig) Descriptor
func (*CertificateConfig) Descriptor() ([]byte, []int)
Deprecated: Use CertificateConfig.ProtoReflect.Descriptor instead.
func (*CertificateConfig) GetPublicKey
func (x *CertificateConfig) GetPublicKey() *PublicKey
func (*CertificateConfig) GetReusableConfig
func (x *CertificateConfig) GetReusableConfig() *ReusableConfigWrapper
func (*CertificateConfig) GetSubjectConfig
func (x *CertificateConfig) GetSubjectConfig() *CertificateConfig_SubjectConfig
func (*CertificateConfig) ProtoMessage
func (*CertificateConfig) ProtoMessage()
func (*CertificateConfig) ProtoReflect
func (x *CertificateConfig) ProtoReflect() protoreflect.Message
func (*CertificateConfig) Reset
func (x *CertificateConfig) Reset()
func (*CertificateConfig) String
func (x *CertificateConfig) String() string
CertificateConfig_SubjectConfig
type CertificateConfig_SubjectConfig struct {
// Required. Contains distinguished name fields such as the location and organization.
Subject *Subject `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
// Optional. The "common name" of the distinguished name.
CommonName string `protobuf:"bytes,2,opt,name=common_name,json=commonName,proto3" json:"common_name,omitempty"`
// Optional. The subject alternative name fields.
SubjectAltName *SubjectAltNames `protobuf:"bytes,3,opt,name=subject_alt_name,json=subjectAltName,proto3" json:"subject_alt_name,omitempty"`
// contains filtered or unexported fields
}
These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.
func (*CertificateConfig_SubjectConfig) Descriptor
func (*CertificateConfig_SubjectConfig) Descriptor() ([]byte, []int)
Deprecated: Use CertificateConfig_SubjectConfig.ProtoReflect.Descriptor instead.
func (*CertificateConfig_SubjectConfig) GetCommonName
func (x *CertificateConfig_SubjectConfig) GetCommonName() string
func (*CertificateConfig_SubjectConfig) GetSubject
func (x *CertificateConfig_SubjectConfig) GetSubject() *Subject
func (*CertificateConfig_SubjectConfig) GetSubjectAltName
func (x *CertificateConfig_SubjectConfig) GetSubjectAltName() *SubjectAltNames
func (*CertificateConfig_SubjectConfig) ProtoMessage
func (*CertificateConfig_SubjectConfig) ProtoMessage()
func (*CertificateConfig_SubjectConfig) ProtoReflect
func (x *CertificateConfig_SubjectConfig) ProtoReflect() protoreflect.Message
func (*CertificateConfig_SubjectConfig) Reset
func (x *CertificateConfig_SubjectConfig) Reset()
func (*CertificateConfig_SubjectConfig) String
func (x *CertificateConfig_SubjectConfig) String() string
CertificateDescription
type CertificateDescription struct {
SubjectDescription *CertificateDescription_SubjectDescription `protobuf:"bytes,1,opt,name=subject_description,json=subjectDescription,proto3" json:"subject_description,omitempty"`
ConfigValues *ReusableConfigValues `protobuf:"bytes,2,opt,name=config_values,json=configValues,proto3" json:"config_values,omitempty"`
PublicKey *PublicKey `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
SubjectKeyId *CertificateDescription_KeyId `protobuf:"bytes,4,opt,name=subject_key_id,json=subjectKeyId,proto3" json:"subject_key_id,omitempty"`
AuthorityKeyId *CertificateDescription_KeyId `protobuf:"bytes,5,opt,name=authority_key_id,json=authorityKeyId,proto3" json:"authority_key_id,omitempty"`
CrlDistributionPoints []string `protobuf:"bytes,6,rep,name=crl_distribution_points,json=crlDistributionPoints,proto3" json:"crl_distribution_points,omitempty"`
AiaIssuingCertificateUrls []string "" /* 140 byte string literal not displayed */
CertFingerprint *CertificateDescription_CertificateFingerprint `protobuf:"bytes,8,opt,name=cert_fingerprint,json=certFingerprint,proto3" json:"cert_fingerprint,omitempty"`
}
A [CertificateDescription][google.cloud.security.privateca.v1beta1.CertificateDescription] describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.
func (*CertificateDescription) Descriptor
func (*CertificateDescription) Descriptor() ([]byte, []int)
Deprecated: Use CertificateDescription.ProtoReflect.Descriptor instead.
func (*CertificateDescription) GetAiaIssuingCertificateUrls
func (x *CertificateDescription) GetAiaIssuingCertificateUrls() []string
func (*CertificateDescription) GetAuthorityKeyId
func (x *CertificateDescription) GetAuthorityKeyId() *CertificateDescription_KeyId
func (*CertificateDescription) GetCertFingerprint
func (x *CertificateDescription) GetCertFingerprint() *CertificateDescription_CertificateFingerprint
func (*CertificateDescription) GetConfigValues
func (x *CertificateDescription) GetConfigValues() *ReusableConfigValues
func (*CertificateDescription) GetCrlDistributionPoints
func (x *CertificateDescription) GetCrlDistributionPoints() []string
func (*CertificateDescription) GetPublicKey
func (x *CertificateDescription) GetPublicKey() *PublicKey
func (*CertificateDescription) GetSubjectDescription
func (x *CertificateDescription) GetSubjectDescription() *CertificateDescription_SubjectDescription
func (*CertificateDescription) GetSubjectKeyId
func (x *CertificateDescription) GetSubjectKeyId() *CertificateDescription_KeyId
func (*CertificateDescription) ProtoMessage
func (*CertificateDescription) ProtoMessage()
func (*CertificateDescription) ProtoReflect
func (x *CertificateDescription) ProtoReflect() protoreflect.Message
func (*CertificateDescription) Reset
func (x *CertificateDescription) Reset()
func (*CertificateDescription) String
func (x *CertificateDescription) String() string
CertificateDescription_CertificateFingerprint
type CertificateDescription_CertificateFingerprint struct {
// The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
Sha256Hash string `protobuf:"bytes,1,opt,name=sha256_hash,json=sha256Hash,proto3" json:"sha256_hash,omitempty"`
// contains filtered or unexported fields
}
A group of fingerprints for the x509 certificate.
func (*CertificateDescription_CertificateFingerprint) Descriptor
func (*CertificateDescription_CertificateFingerprint) Descriptor() ([]byte, []int)
Deprecated: Use CertificateDescription_CertificateFingerprint.ProtoReflect.Descriptor instead.
func (*CertificateDescription_CertificateFingerprint) GetSha256Hash
func (x *CertificateDescription_CertificateFingerprint) GetSha256Hash() string
func (*CertificateDescription_CertificateFingerprint) ProtoMessage
func (*CertificateDescription_CertificateFingerprint) ProtoMessage()
func (*CertificateDescription_CertificateFingerprint) ProtoReflect
func (x *CertificateDescription_CertificateFingerprint) ProtoReflect() protoreflect.Message
func (*CertificateDescription_CertificateFingerprint) Reset
func (x *CertificateDescription_CertificateFingerprint) Reset()
func (*CertificateDescription_CertificateFingerprint) String
func (x *CertificateDescription_CertificateFingerprint) String() string
CertificateDescription_KeyId
type CertificateDescription_KeyId struct {
// Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most
// likely the 160 bit SHA-1 hash of the public key.
KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
// contains filtered or unexported fields
}
A KeyId identifies a specific public key, usually by hashing the public key.
func (*CertificateDescription_KeyId) Descriptor
func (*CertificateDescription_KeyId) Descriptor() ([]byte, []int)
Deprecated: Use CertificateDescription_KeyId.ProtoReflect.Descriptor instead.
func (*CertificateDescription_KeyId) GetKeyId
func (x *CertificateDescription_KeyId) GetKeyId() string
func (*CertificateDescription_KeyId) ProtoMessage
func (*CertificateDescription_KeyId) ProtoMessage()
func (*CertificateDescription_KeyId) ProtoReflect
func (x *CertificateDescription_KeyId) ProtoReflect() protoreflect.Message
func (*CertificateDescription_KeyId) Reset
func (x *CertificateDescription_KeyId) Reset()
func (*CertificateDescription_KeyId) String
func (x *CertificateDescription_KeyId) String() string
CertificateDescription_SubjectDescription
type CertificateDescription_SubjectDescription struct {
// Contains distinguished name fields such as the location and organization.
Subject *Subject `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
// The "common name" of the distinguished name.
CommonName string `protobuf:"bytes,2,opt,name=common_name,json=commonName,proto3" json:"common_name,omitempty"`
// The subject alternative name fields.
SubjectAltName *SubjectAltNames `protobuf:"bytes,3,opt,name=subject_alt_name,json=subjectAltName,proto3" json:"subject_alt_name,omitempty"`
// The serial number encoded in lowercase hexadecimal.
HexSerialNumber string `protobuf:"bytes,4,opt,name=hex_serial_number,json=hexSerialNumber,proto3" json:"hex_serial_number,omitempty"`
// For convenience, the actual lifetime of an issued certificate.
// Corresponds to 'not_after_time' - 'not_before_time'.
Lifetime *durationpb.Duration `protobuf:"bytes,5,opt,name=lifetime,proto3" json:"lifetime,omitempty"`
// The time at which the certificate becomes valid.
NotBeforeTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=not_before_time,json=notBeforeTime,proto3" json:"not_before_time,omitempty"`
// The time at which the certificate expires.
NotAfterTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=not_after_time,json=notAfterTime,proto3" json:"not_after_time,omitempty"`
// contains filtered or unexported fields
}
These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime.
func (*CertificateDescription_SubjectDescription) Descriptor
func (*CertificateDescription_SubjectDescription) Descriptor() ([]byte, []int)
Deprecated: Use CertificateDescription_SubjectDescription.ProtoReflect.Descriptor instead.
func (*CertificateDescription_SubjectDescription) GetCommonName
func (x *CertificateDescription_SubjectDescription) GetCommonName() string
func (*CertificateDescription_SubjectDescription) GetHexSerialNumber
func (x *CertificateDescription_SubjectDescription) GetHexSerialNumber() string
func (*CertificateDescription_SubjectDescription) GetLifetime
func (x *CertificateDescription_SubjectDescription) GetLifetime() *durationpb.Duration
func (*CertificateDescription_SubjectDescription) GetNotAfterTime
func (x *CertificateDescription_SubjectDescription) GetNotAfterTime() *timestamppb.Timestamp
func (*CertificateDescription_SubjectDescription) GetNotBeforeTime
func (x *CertificateDescription_SubjectDescription) GetNotBeforeTime() *timestamppb.Timestamp
func (*CertificateDescription_SubjectDescription) GetSubject
func (x *CertificateDescription_SubjectDescription) GetSubject() *Subject
func (*CertificateDescription_SubjectDescription) GetSubjectAltName
func (x *CertificateDescription_SubjectDescription) GetSubjectAltName() *SubjectAltNames
func (*CertificateDescription_SubjectDescription) ProtoMessage
func (*CertificateDescription_SubjectDescription) ProtoMessage()
func (*CertificateDescription_SubjectDescription) ProtoReflect
func (x *CertificateDescription_SubjectDescription) ProtoReflect() protoreflect.Message
func (*CertificateDescription_SubjectDescription) Reset
func (x *CertificateDescription_SubjectDescription) Reset()
func (*CertificateDescription_SubjectDescription) String
func (x *CertificateDescription_SubjectDescription) String() string
CertificateRevocationList
type CertificateRevocationList struct {
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
SequenceNumber int64 `protobuf:"varint,2,opt,name=sequence_number,json=sequenceNumber,proto3" json:"sequence_number,omitempty"`
RevokedCertificates []*CertificateRevocationList_RevokedCertificate `protobuf:"bytes,3,rep,name=revoked_certificates,json=revokedCertificates,proto3" json:"revoked_certificates,omitempty"`
PemCrl string `protobuf:"bytes,4,opt,name=pem_crl,json=pemCrl,proto3" json:"pem_crl,omitempty"`
AccessUrl string `protobuf:"bytes,5,opt,name=access_url,json=accessUrl,proto3" json:"access_url,omitempty"`
State CertificateRevocationList_State "" /* 141 byte string literal not displayed */
CreateTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
UpdateTime *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`
Labels map[string]string "" /* 153 byte string literal not displayed */
}
A [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList] corresponds to a signed X.509 certificate Revocation List (CRL). A CRL contains the serial numbers of certificates that should no longer be trusted.
func (*CertificateRevocationList) Descriptor
func (*CertificateRevocationList) Descriptor() ([]byte, []int)
Deprecated: Use CertificateRevocationList.ProtoReflect.Descriptor instead.
func (*CertificateRevocationList) GetAccessUrl
func (x *CertificateRevocationList) GetAccessUrl() string
func (*CertificateRevocationList) GetCreateTime
func (x *CertificateRevocationList) GetCreateTime() *timestamppb.Timestamp
func (*CertificateRevocationList) GetLabels
func (x *CertificateRevocationList) GetLabels() map[string]string
func (*CertificateRevocationList) GetName
func (x *CertificateRevocationList) GetName() string
func (*CertificateRevocationList) GetPemCrl
func (x *CertificateRevocationList) GetPemCrl() string
func (*CertificateRevocationList) GetRevokedCertificates
func (x *CertificateRevocationList) GetRevokedCertificates() []*CertificateRevocationList_RevokedCertificate
func (*CertificateRevocationList) GetSequenceNumber
func (x *CertificateRevocationList) GetSequenceNumber() int64
func (*CertificateRevocationList) GetState
func (x *CertificateRevocationList) GetState() CertificateRevocationList_State
func (*CertificateRevocationList) GetUpdateTime
func (x *CertificateRevocationList) GetUpdateTime() *timestamppb.Timestamp
func (*CertificateRevocationList) ProtoMessage
func (*CertificateRevocationList) ProtoMessage()
func (*CertificateRevocationList) ProtoReflect
func (x *CertificateRevocationList) ProtoReflect() protoreflect.Message
func (*CertificateRevocationList) Reset
func (x *CertificateRevocationList) Reset()
func (*CertificateRevocationList) String
func (x *CertificateRevocationList) String() string
CertificateRevocationList_RevokedCertificate
type CertificateRevocationList_RevokedCertificate struct {
Certificate string `protobuf:"bytes,1,opt,name=certificate,proto3" json:"certificate,omitempty"`
HexSerialNumber string `protobuf:"bytes,2,opt,name=hex_serial_number,json=hexSerialNumber,proto3" json:"hex_serial_number,omitempty"`
RevocationReason RevocationReason "" /* 172 byte string literal not displayed */
}
Describes a revoked [Certificate][google.cloud.security.privateca.v1beta1.Certificate].
func (*CertificateRevocationList_RevokedCertificate) Descriptor
func (*CertificateRevocationList_RevokedCertificate) Descriptor() ([]byte, []int)
Deprecated: Use CertificateRevocationList_RevokedCertificate.ProtoReflect.Descriptor instead.
func (*CertificateRevocationList_RevokedCertificate) GetCertificate
func (x *CertificateRevocationList_RevokedCertificate) GetCertificate() string
func (*CertificateRevocationList_RevokedCertificate) GetHexSerialNumber
func (x *CertificateRevocationList_RevokedCertificate) GetHexSerialNumber() string
func (*CertificateRevocationList_RevokedCertificate) GetRevocationReason
func (x *CertificateRevocationList_RevokedCertificate) GetRevocationReason() RevocationReason
func (*CertificateRevocationList_RevokedCertificate) ProtoMessage
func (*CertificateRevocationList_RevokedCertificate) ProtoMessage()
func (*CertificateRevocationList_RevokedCertificate) ProtoReflect
func (x *CertificateRevocationList_RevokedCertificate) ProtoReflect() protoreflect.Message
func (*CertificateRevocationList_RevokedCertificate) Reset
func (x *CertificateRevocationList_RevokedCertificate) Reset()
func (*CertificateRevocationList_RevokedCertificate) String
func (x *CertificateRevocationList_RevokedCertificate) String() string
CertificateRevocationList_State
type CertificateRevocationList_State int32
The state of a [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList], indicating if it is current.
CertificateRevocationList_STATE_UNSPECIFIED, CertificateRevocationList_ACTIVE, CertificateRevocationList_SUPERSEDED
const (
// Not specified.
CertificateRevocationList_STATE_UNSPECIFIED CertificateRevocationList_State = 0
// The [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList] is up to date.
CertificateRevocationList_ACTIVE CertificateRevocationList_State = 1
// The [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList] is no longer current.
CertificateRevocationList_SUPERSEDED CertificateRevocationList_State = 2
)
func (CertificateRevocationList_State) Descriptor
func (CertificateRevocationList_State) Descriptor() protoreflect.EnumDescriptor
func (CertificateRevocationList_State) Enum
func (x CertificateRevocationList_State) Enum() *CertificateRevocationList_State
func (CertificateRevocationList_State) EnumDescriptor
func (CertificateRevocationList_State) EnumDescriptor() ([]byte, []int)
Deprecated: Use CertificateRevocationList_State.Descriptor instead.
func (CertificateRevocationList_State) Number
func (x CertificateRevocationList_State) Number() protoreflect.EnumNumber
func (CertificateRevocationList_State) String
func (x CertificateRevocationList_State) String() string
func (CertificateRevocationList_State) Type
func (CertificateRevocationList_State) Type() protoreflect.EnumType
Certificate_Config
type Certificate_Config struct {
// Immutable. A description of the certificate and key that does not require X.509 or
// ASN.1.
Config *CertificateConfig `protobuf:"bytes,3,opt,name=config,proto3,oneof"`
}
Certificate_PemCsr
type Certificate_PemCsr struct {
// Immutable. A pem-encoded X.509 certificate signing request (CSR).
PemCsr string `protobuf:"bytes,2,opt,name=pem_csr,json=pemCsr,proto3,oneof"`
}
Certificate_RevocationDetails
type Certificate_RevocationDetails struct {
RevocationState RevocationReason "" /* 169 byte string literal not displayed */
RevocationTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=revocation_time,json=revocationTime,proto3" json:"revocation_time,omitempty"`
}
Describes fields that are relavent to the revocation of a [Certificate][google.cloud.security.privateca.v1beta1.Certificate].
func (*Certificate_RevocationDetails) Descriptor
func (*Certificate_RevocationDetails) Descriptor() ([]byte, []int)
Deprecated: Use Certificate_RevocationDetails.ProtoReflect.Descriptor instead.
func (*Certificate_RevocationDetails) GetRevocationState
func (x *Certificate_RevocationDetails) GetRevocationState() RevocationReason
func (*Certificate_RevocationDetails) GetRevocationTime
func (x *Certificate_RevocationDetails) GetRevocationTime() *timestamppb.Timestamp
func (*Certificate_RevocationDetails) ProtoMessage
func (*Certificate_RevocationDetails) ProtoMessage()
func (*Certificate_RevocationDetails) ProtoReflect
func (x *Certificate_RevocationDetails) ProtoReflect() protoreflect.Message
func (*Certificate_RevocationDetails) Reset
func (x *Certificate_RevocationDetails) Reset()
func (*Certificate_RevocationDetails) String
func (x *Certificate_RevocationDetails) String() string
CreateCertificateAuthorityRequest
type CreateCertificateAuthorityRequest struct {
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
CertificateAuthorityId string "" /* 129 byte string literal not displayed */
CertificateAuthority *CertificateAuthority `protobuf:"bytes,3,opt,name=certificate_authority,json=certificateAuthority,proto3" json:"certificate_authority,omitempty"`
RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
}
Request message for [CertificateAuthorityService.CreateCertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.CreateCertificateAuthority].
func (*CreateCertificateAuthorityRequest) Descriptor
func (*CreateCertificateAuthorityRequest) Descriptor() ([]byte, []int)
Deprecated: Use CreateCertificateAuthorityRequest.ProtoReflect.Descriptor instead.
func (*CreateCertificateAuthorityRequest) GetCertificateAuthority
func (x *CreateCertificateAuthorityRequest) GetCertificateAuthority() *CertificateAuthority
func (*CreateCertificateAuthorityRequest) GetCertificateAuthorityId
func (x *CreateCertificateAuthorityRequest) GetCertificateAuthorityId() string
func (*CreateCertificateAuthorityRequest) GetParent
func (x *CreateCertificateAuthorityRequest) GetParent() string
func (*CreateCertificateAuthorityRequest) GetRequestId
func (x *CreateCertificateAuthorityRequest) GetRequestId() string
func (*CreateCertificateAuthorityRequest) ProtoMessage
func (*CreateCertificateAuthorityRequest) ProtoMessage()
func (*CreateCertificateAuthorityRequest) ProtoReflect
func (x *CreateCertificateAuthorityRequest) ProtoReflect() protoreflect.Message
func (*CreateCertificateAuthorityRequest) Reset
func (x *CreateCertificateAuthorityRequest) Reset()
func (*CreateCertificateAuthorityRequest) String
func (x *CreateCertificateAuthorityRequest) String() string
CreateCertificateRequest
type CreateCertificateRequest struct {
// Required. The resource name of the location and [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
// associated with the [Certificate][google.cloud.security.privateca.v1beta1.Certificate], in the format
// `projects/*/locations/*/certificateAuthorities/*`.
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Optional. It must be unique within a location and match the regular
// expression `[a-zA-Z0-9_-]{1,63}`. This field is required when using a
// [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] in the Enterprise [CertificateAuthority.Tier][google.cloud.security.privateca.v1beta1.CertificateAuthority.Tier],
// but is optional and its value is ignored otherwise.
CertificateId string `protobuf:"bytes,2,opt,name=certificate_id,json=certificateId,proto3" json:"certificate_id,omitempty"`
// Required. A [Certificate][google.cloud.security.privateca.v1beta1.Certificate] with initial field values.
Certificate *Certificate `protobuf:"bytes,3,opt,name=certificate,proto3" json:"certificate,omitempty"`
// Optional. An ID to identify requests. Specify a unique request ID so that if you must
// retry your request, the server will know to ignore the request if it has
// already been completed. The server will guarantee that for at least 60
// minutes since the first request.
//
// For example, consider a situation where you make an initial request and t
// he request times out. If you make the request again with the same request
// ID, the server can check if original operation with the same request ID
// was received, and if so, will ignore the second request. This prevents
// clients from accidentally creating duplicate commitments.
//
// The request ID must be a valid UUID with the exception that zero UUID is
// not supported (00000000-0000-0000-0000-000000000000).
RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
// contains filtered or unexported fields
}
Request message for [CertificateAuthorityService.CreateCertificate][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.CreateCertificate].
func (*CreateCertificateRequest) Descriptor
func (*CreateCertificateRequest) Descriptor() ([]byte, []int)
Deprecated: Use CreateCertificateRequest.ProtoReflect.Descriptor instead.
func (*CreateCertificateRequest) GetCertificate
func (x *CreateCertificateRequest) GetCertificate() *Certificate
func (*CreateCertificateRequest) GetCertificateId
func (x *CreateCertificateRequest) GetCertificateId() string
func (*CreateCertificateRequest) GetParent
func (x *CreateCertificateRequest) GetParent() string
func (*CreateCertificateRequest) GetRequestId
func (x *CreateCertificateRequest) GetRequestId() string
func (*CreateCertificateRequest) ProtoMessage
func (*CreateCertificateRequest) ProtoMessage()
func (*CreateCertificateRequest) ProtoReflect
func (x *CreateCertificateRequest) ProtoReflect() protoreflect.Message
func (*CreateCertificateRequest) Reset
func (x *CreateCertificateRequest) Reset()