REST Resource: projects.locations.edgeCacheKeysets

Resource: EdgeCacheKeyset
- JSON representation
PublicKey
- JSON representation
Secret
- JSON representation
Methods

Resource: EdgeCacheKeyset

Represents a collection of public keys used for validating signed requests.

JSON representation

JSON representation
{ "name": string, "createTime": string, "updateTime": string, "description": string, "labels": { string: string, ... }, "publicKeys": [ { object (`PublicKey`) } ], "validationSharedKeys": [ { object (`Secret`) } ] }

{
  "name": string,
  "createTime": string,
  "updateTime": string,
  "description": string,
  "labels": {
    string: string,
    ...
  },
  "publicKeys": [
    {
      object (PublicKey)
    }
  ],
  "validationSharedKeys": [
    {
      object (Secret)
    }
  ]
}

Fields
`name`	`string` Required. The name of the resource as provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression `[a-zA-Z]([a-zA-Z0-9_-])*` which means the first character must be a letter, and all following characters must be a dash, an underscore, a letter, or a digit.
`createTime`	`string (Timestamp format)` Output only. The creation timestamp in RFC3339 text format. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `"2014-10-02T15:01:23Z"` and `"2014-10-02T15:01:23.045123456Z"`.
`updateTime`	`string (Timestamp format)` Output only. The update timestamp in RFC3339 text format. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `"2014-10-02T15:01:23Z"` and `"2014-10-02T15:01:23.045123456Z"`.
`description`	`string` Optional. A human-readable description of the resource.
`labels`	`map (key: string, value: string)` Optional. A set of label tags associated with the `EdgeCacheKeyset` resource. An object containing a list of `"key": value` pairs. Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.
`publicKeys[]`	`object (PublicKey)` Optional. An ordered list of Ed25519 public keys to use for validating signed requests. Ed25519 public keys are not secret and only allow Google to validate that a request was signed by your corresponding private key. Ensure that the private key is kept secret and that only authorized users can add public keys to a keyset. You can rotate keys by appending (pushing) a new key to the list of public keys, and removing any superseded keys. You must specify `publicKeys` or `validationSharedKeys` (or both). The keys in `publicKeys` are checked first. You can specify at most one Google-managed public key. If you specify `publicKeys`, you must specify at least one key and can specify up to three keys.
`validationSharedKeys[]`	`object (Secret)` Optional. An ordered list of shared keys to use for validating signed requests. Shared keys are secret. Ensure that only authorized users can add `validationSharedKeys` to a keyset. You can rotate keys by appending (pushing) a new key to the list of `validationSharedKeys` and removing any superseded keys. You must specify `publicKeys` or `validationSharedKeys` (or both). The keys in `publicKeys` are checked first. If you specify `validationSharedKeys`, you must specify at least one key and can specify up to three keys.

PublicKey

An Ed25519 public key used for validating signed requests.

JSON representation
{ "id": string, "value": string, "managed": boolean }

Fields

Fields
`id`	`string` Required. The ID of the public key. The ID must be 1-64 characters long, and match the regular expression `[a-zA-Z]([a-zA-Z0-9_-])*` which means the first character must be a letter, and all following characters must be a dash, an underscore, a letter, or a digit.
`value`	`string` Optional. The base64-encoded value of the Ed25519 public key. The base64 encoding can be padded (44 bytes) or unpadded (43 bytes). Representations or encodings of the public key other than this are rejected with an error. Either `value` or `managed` must be specified.
`managed`	`boolean` Optional. Set to `true` to have the CDN automatically manage this public key. Managed keys are used by the CDN for dual-token authentication. Media CDN internally generates, uses, and rotates the underlying public and private key pair. It is not possible to use a managed key outside of dual-token authentication. Either `value` or `managed` must be specified.

id

string

Required. The ID of the public key.

The ID must be 1-64 characters long, and match the regular expression [a-zA-Z]([a-zA-Z0-9_-])* which means the first character must be a letter, and all following characters must be a dash, an underscore, a letter, or a digit.

value

string

Optional. The base64-encoded value of the Ed25519 public key.

The base64 encoding can be padded (44 bytes) or unpadded (43 bytes). Representations or encodings of the public key other than this are rejected with an error.

Either value or managed must be specified.

managed

boolean

Optional. Set to true to have the CDN automatically manage this public key.

Managed keys are used by the CDN for dual-token authentication. Media CDN internally generates, uses, and rotates the underlying public and private key pair. It is not possible to use a managed key outside of dual-token authentication.

Either value or managed must be specified.

Secret

A secret key stored in Secret Manager.

JSON representation
{ "secretVersion": string }

Fields

Fields
`secretVersion`	`string` Required. The name of the secret in Secret Manager. The resource name of the secret version must be in the format `projects//secrets//versions/` where the `` values are replaced by the name of the secret. The secrets must be at least 16 bytes. The recommended secret size depends on the signature algorithm that you're using. If you're using `HMAC-SHA1`, we recommend 20-byte secrets. If you're using `HMAC-SHA256`, we recommend 32-byte secrets. See RFC 2104, Section 3 for more details on these recommendations.

secretVersion

string

Required. The name of the secret in Secret Manager.

The resource name of the secret version must be in the format projects/*/secrets/*/versions/* where the * values are replaced by the name of the secret.

The secrets must be at least 16 bytes. The recommended secret size depends on the signature algorithm that you're using.

If you're using HMAC-SHA1, we recommend 20-byte secrets.
If you're using HMAC-SHA256, we recommend 32-byte secrets.

See RFC 2104, Section 3 for more details on these recommendations.

Methods
`create`	Creates a new EdgeCacheKeyset in a given project and location.
`delete`	Deletes a single EdgeCacheKeyset.
`get`	Gets details of a single EdgeCacheKeyset.
`getIamPolicy`	Gets the access control policy for a resource.
`list`	Lists EdgeCacheKeysets in a given project and location.
`patch`	Updates the parameters of a single EdgeCacheKeyset.
`setIamPolicy`	Sets the access control policy on the specified resource.
`testIamPermissions`	Returns permissions that a caller has on the specified resource.

REST Resource: projects.locations.edgeCacheKeysets

Resource: EdgeCacheKeyset

PublicKey

Secret

Methods

`create`

`delete`

`get`

`getIamPolicy`

`list`

`patch`

`setIamPolicy`

`testIamPermissions`