Package Classes (1.13.0)

[Certificate Authority Service][google.cloud.security.privateca.v1.CertificateAuthorityService] manages private certificate authorities and issued certificates.

[Certificate Authority Service][google.cloud.security.privateca.v1.CertificateAuthorityService] manages private certificate authorities and issued certificates.

A pager for iterating through list_ca_pools requests.

This class thinly wraps an initial ListCaPoolsResponse object, and provides an __aiter__ method to iterate through its ca_pools field.

If there are more pages, the __aiter__ method will make additional ListCaPools requests and continue to iterate through the ca_pools field on the corresponding responses.

All the usual ListCaPoolsResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_ca_pools requests.

This class thinly wraps an initial ListCaPoolsResponse object, and provides an __iter__ method to iterate through its ca_pools field.

If there are more pages, the __iter__ method will make additional ListCaPools requests and continue to iterate through the ca_pools field on the corresponding responses.

All the usual ListCaPoolsResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_certificate_authorities requests.

This class thinly wraps an initial ListCertificateAuthoritiesResponse object, and provides an __aiter__ method to iterate through its certificate_authorities field.

If there are more pages, the __aiter__ method will make additional ListCertificateAuthorities requests and continue to iterate through the certificate_authorities field on the corresponding responses.

All the usual ListCertificateAuthoritiesResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_certificate_authorities requests.

This class thinly wraps an initial ListCertificateAuthoritiesResponse object, and provides an __iter__ method to iterate through its certificate_authorities field.

If there are more pages, the __iter__ method will make additional ListCertificateAuthorities requests and continue to iterate through the certificate_authorities field on the corresponding responses.

All the usual ListCertificateAuthoritiesResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_certificate_revocation_lists requests.

This class thinly wraps an initial ListCertificateRevocationListsResponse object, and provides an __aiter__ method to iterate through its certificate_revocation_lists field.

If there are more pages, the __aiter__ method will make additional ListCertificateRevocationLists requests and continue to iterate through the certificate_revocation_lists field on the corresponding responses.

All the usual ListCertificateRevocationListsResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_certificate_revocation_lists requests.

This class thinly wraps an initial ListCertificateRevocationListsResponse object, and provides an __iter__ method to iterate through its certificate_revocation_lists field.

If there are more pages, the __iter__ method will make additional ListCertificateRevocationLists requests and continue to iterate through the certificate_revocation_lists field on the corresponding responses.

All the usual ListCertificateRevocationListsResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_certificate_templates requests.

This class thinly wraps an initial ListCertificateTemplatesResponse object, and provides an __aiter__ method to iterate through its certificate_templates field.

If there are more pages, the __aiter__ method will make additional ListCertificateTemplates requests and continue to iterate through the certificate_templates field on the corresponding responses.

All the usual ListCertificateTemplatesResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_certificate_templates requests.

This class thinly wraps an initial ListCertificateTemplatesResponse object, and provides an __iter__ method to iterate through its certificate_templates field.

If there are more pages, the __iter__ method will make additional ListCertificateTemplates requests and continue to iterate through the certificate_templates field on the corresponding responses.

All the usual ListCertificateTemplatesResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_certificates requests.

This class thinly wraps an initial ListCertificatesResponse object, and provides an __aiter__ method to iterate through its certificates field.

If there are more pages, the __aiter__ method will make additional ListCertificates requests and continue to iterate through the certificates field on the corresponding responses.

All the usual ListCertificatesResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_certificates requests.

This class thinly wraps an initial ListCertificatesResponse object, and provides an __iter__ method to iterate through its certificates field.

If there are more pages, the __iter__ method will make additional ListCertificates requests and continue to iterate through the certificates field on the corresponding responses.

All the usual ListCertificatesResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

Request message for CertificateAuthorityService.ActivateCertificateAuthority.

A CaPool represents a group of CertificateAuthorities that form a trust anchor. A CaPool can be used to manage issuance policies for one or more CertificateAuthority resources and to rotate CA certificates in and out of the trust anchor.

Defines controls over all certificate issuance within a CaPool.

Describes a "type" of key that may be used in a Certificate issued from a CaPool. Note that a single AllowedKeyType may refer to either a fully-qualified key algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA key.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

Describes an Elliptic Curve key that may be used in a Certificate issued from a CaPool.

Describes an elliptic curve-based signature algorithm that may be used in a Certificate issued from a CaPool.

Describes an RSA key that may be used in a Certificate issued from a CaPool.

IssuanceModes specifies the allowed ways in which Certificates may be requested from this CaPool.

The abstract base class for a message.

Options relating to the publication of each CertificateAuthority's CA certificate and CRLs and their inclusion as extensions in issued Certificates. The options set here apply to certificates issued by any CertificateAuthority in the CaPool.

Supported encoding formats for publishing.

The tier of a CaPool, indicating its supported functionality and/or billing SKU.

A Certificate corresponds to a signed X.509 certificate issued by a CertificateAuthority.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

The abstract base class for a message.

Describes fields that are relavent to the revocation of a Certificate.

A CertificateAuthority represents an individual Certificate Authority. A CertificateAuthority can be used to create Certificates.

URLs where a CertificateAuthority will publish content.

A Cloud KMS key configuration that a CertificateAuthority will use.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

The abstract base class for a message.

The algorithm of a Cloud KMS CryptoKeyVersion of a CryptoKey with the CryptoKeyPurpose value ASYMMETRIC_SIGN. These values correspond to the CryptoKeyVersionAlgorithm values. For RSA signing algorithms, the PSS algorithms should be preferred, use PKCS1 algorithms if required for compatibility. For further recommendations, see https://cloud.google.com/kms/docs/algorithms#algorithm_recommendations.

The state of a CertificateAuthority, indicating if it can be used.

The type of a CertificateAuthority, indicating its issuing chain.

A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.

A KeyId identifies a specific public key, usually by hashing the public key.

These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.

A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.

A group of fingerprints for the x509 certificate.

A KeyId identifies a specific public key, usually by hashing the public key.

These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime.

Describes a set of X.509 extensions that may be part of some certificate issuance controls.

Describes well-known X.509 extensions that can appear in a Certificate, not including the SubjectAltNames extension.

Describes constraints on a Certificate's Subject and SubjectAltNames.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

A CertificateRevocationList corresponds to a signed X.509 certificate Revocation List (CRL). A CRL contains the serial numbers of certificates that should no longer be trusted.

The abstract base class for a message.

Describes a revoked Certificate.

The state of a CertificateRevocationList, indicating if it is current.

A CertificateTemplate refers to a managed template for certificate issuance.

The abstract base class for a message.

Request message for CertificateAuthorityService.CreateCaPool.

Request message for CertificateAuthorityService.CreateCertificateAuthority.

Request message for CertificateAuthorityService.CreateCertificate.

Request message for CertificateAuthorityService.CreateCertificateTemplate.

Request message for CertificateAuthorityService.DeleteCaPool.

Request message for CertificateAuthorityService.DeleteCertificateAuthority.

Request message for CertificateAuthorityService.DeleteCertificateTemplate.

Request message for CertificateAuthorityService.DisableCertificateAuthority.

Request message for CertificateAuthorityService.EnableCertificateAuthority.

Request message for CertificateAuthorityService.FetchCaCerts.

Response message for CertificateAuthorityService.FetchCaCerts.

Request message for CertificateAuthorityService.FetchCertificateAuthorityCsr.

Response message for CertificateAuthorityService.FetchCertificateAuthorityCsr.

Request message for CertificateAuthorityService.GetCaPool.

Request message for CertificateAuthorityService.GetCertificateAuthority.

Request message for CertificateAuthorityService.GetCertificate.

Request message for CertificateAuthorityService.GetCertificateRevocationList.

Request message for CertificateAuthorityService.GetCertificateTemplate.

A KeyUsage describes key usage values that may appear in an X.509 certificate.

KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value.

KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3.

Request message for CertificateAuthorityService.ListCaPools.

Response message for CertificateAuthorityService.ListCaPools.

Request message for CertificateAuthorityService.ListCertificateAuthorities.

Response message for CertificateAuthorityService.ListCertificateAuthorities.

Request message for CertificateAuthorityService.ListCertificateRevocationLists.

Response message for CertificateAuthorityService.ListCertificateRevocationLists.

Request message for CertificateAuthorityService.ListCertificateTemplates.

Response message for CertificateAuthorityService.ListCertificateTemplates.

Request message for CertificateAuthorityService.ListCertificates.

Response message for CertificateAuthorityService.ListCertificates.

An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.

Represents the metadata of the long-running operation.

A PublicKey describes a public key.

Types of public keys formats that are supported. Currently, only PEM format is supported.

A RevocationReason indicates whether a Certificate has been revoked, and the reason for revocation. These correspond to standard revocation reasons from RFC 5280. Note that the enum labels and values in this definition are not the same ASN.1 values defined in RFC 5280. These values will be translated to the correct ASN.1 values when a CRL is created.

Request message for CertificateAuthorityService.RevokeCertificate.

Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate.

SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name).

Describes the way in which a Certificate's Subject and/or SubjectAltNames will be resolved.

Describes a subordinate CA's issuers. This is either a resource name to a known issuing CertificateAuthority, or a PEM issuer certificate chain.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons.

Request message for CertificateAuthorityService.UndeleteCertificateAuthority.

Request message for CertificateAuthorityService.UpdateCaPool.

Request message for CertificateAuthorityService.UpdateCertificateAuthority.

Request message for CertificateAuthorityService.UpdateCertificate.

Request message for CertificateAuthorityService.UpdateCertificateRevocationList.

Request message for CertificateAuthorityService.UpdateCertificateTemplate.

An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.

An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions.

Describes values that are relevant in a CA certificate.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

Describes the X.509 name constraints extension, per https://tools.ietf.org/html/rfc5280#section-4.2.1.10

[Certificate Authority Service][google.cloud.security.privateca.v1beta1.CertificateAuthorityService] manages private certificate authorities and issued certificates.

[Certificate Authority Service][google.cloud.security.privateca.v1beta1.CertificateAuthorityService] manages private certificate authorities and issued certificates.

A pager for iterating through list_certificate_authorities requests.

This class thinly wraps an initial ListCertificateAuthoritiesResponse object, and provides an __aiter__ method to iterate through its certificate_authorities field.

If there are more pages, the __aiter__ method will make additional ListCertificateAuthorities requests and continue to iterate through the certificate_authorities field on the corresponding responses.

All the usual ListCertificateAuthoritiesResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_certificate_authorities requests.

This class thinly wraps an initial ListCertificateAuthoritiesResponse object, and provides an __iter__ method to iterate through its certificate_authorities field.

If there are more pages, the __iter__ method will make additional ListCertificateAuthorities requests and continue to iterate through the certificate_authorities field on the corresponding responses.

All the usual ListCertificateAuthoritiesResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_certificate_revocation_lists requests.

This class thinly wraps an initial ListCertificateRevocationListsResponse object, and provides an __aiter__ method to iterate through its certificate_revocation_lists field.

If there are more pages, the __aiter__ method will make additional ListCertificateRevocationLists requests and continue to iterate through the certificate_revocation_lists field on the corresponding responses.

All the usual ListCertificateRevocationListsResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_certificate_revocation_lists requests.

This class thinly wraps an initial ListCertificateRevocationListsResponse object, and provides an __iter__ method to iterate through its certificate_revocation_lists field.

If there are more pages, the __iter__ method will make additional ListCertificateRevocationLists requests and continue to iterate through the certificate_revocation_lists field on the corresponding responses.

All the usual ListCertificateRevocationListsResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_certificates requests.

This class thinly wraps an initial ListCertificatesResponse object, and provides an __aiter__ method to iterate through its certificates field.

If there are more pages, the __aiter__ method will make additional ListCertificates requests and continue to iterate through the certificates field on the corresponding responses.

All the usual ListCertificatesResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_certificates requests.

This class thinly wraps an initial ListCertificatesResponse object, and provides an __iter__ method to iterate through its certificates field.

If there are more pages, the __iter__ method will make additional ListCertificates requests and continue to iterate through the certificates field on the corresponding responses.

All the usual ListCertificatesResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_reusable_configs requests.

This class thinly wraps an initial ListReusableConfigsResponse object, and provides an __aiter__ method to iterate through its reusable_configs field.

If there are more pages, the __aiter__ method will make additional ListReusableConfigs requests and continue to iterate through the reusable_configs field on the corresponding responses.

All the usual ListReusableConfigsResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

A pager for iterating through list_reusable_configs requests.

This class thinly wraps an initial ListReusableConfigsResponse object, and provides an __iter__ method to iterate through its reusable_configs field.

If there are more pages, the __iter__ method will make additional ListReusableConfigs requests and continue to iterate through the reusable_configs field on the corresponding responses.

All the usual ListReusableConfigsResponse attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.

Request message for CertificateAuthorityService.ActivateCertificateAuthority.

A Certificate corresponds to a signed X.509 certificate issued by a CertificateAuthority.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

The abstract base class for a message.

Describes fields that are relavent to the revocation of a Certificate.

A CertificateAuthority represents an individual Certificate Authority. A CertificateAuthority can be used to create Certificates.

URLs where a CertificateAuthority will publish content.

The issuing policy for a CertificateAuthority. Certificates will not be successfully issued from this CertificateAuthority if they violate the policy.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

AllowedSubjectAltNames specifies the allowed values for SubjectAltNames by the CertificateAuthority when issuing Certificates.

IssuanceModes specifies the allowed ways in which Certificates may be requested from this CertificateAuthority.

Options that affect all certificates issued by a CertificateAuthority.

A Cloud KMS key configuration that a CertificateAuthority will use.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

The abstract base class for a message.

The algorithm of a Cloud KMS CryptoKeyVersion of a CryptoKey with the CryptoKeyPurpose value ASYMMETRIC_SIGN. These values correspond to the CryptoKeyVersionAlgorithm values. For RSA signing algorithms, the PSS algorithms should be preferred, use PKCS1 algorithms if required for compatibility. For further recommandations, see https://cloud.google.com/kms/docs/algorithms#algorithm_recommendations.

The state of a CertificateAuthority, indicating if it can be used.

The tier of a CertificateAuthority, indicating its supported functionality and/or billing SKU.

The type of a CertificateAuthority, indicating its issuing chain.

A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.

These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.

A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.

A group of fingerprints for the x509 certificate.

A KeyId identifies a specific public key, usually by hashing the public key.

These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime.

A CertificateRevocationList corresponds to a signed X.509 certificate Revocation List (CRL). A CRL contains the serial numbers of certificates that should no longer be trusted.

The abstract base class for a message.

Describes a revoked Certificate.

The state of a CertificateRevocationList, indicating if it is current.

Request message for CertificateAuthorityService.CreateCertificateAuthority.

Request message for CertificateAuthorityService.CreateCertificate.

Request message for CertificateAuthorityService.DisableCertificateAuthority.

Request message for CertificateAuthorityService.EnableCertificateAuthority.

Request message for CertificateAuthorityService.FetchCertificateAuthorityCsr.

Response message for CertificateAuthorityService.FetchCertificateAuthorityCsr.

Request message for CertificateAuthorityService.GetCertificateAuthority.

Request message for CertificateAuthorityService.GetCertificate.

Request message for CertificateAuthorityService.GetCertificateRevocationList.

Request message for CertificateAuthorityService.GetReusableConfig.

A KeyUsage describes key usage values that may appear in an X.509 certificate.

KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value.

KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3.

Request message for CertificateAuthorityService.ListCertificateAuthorities.

Response message for CertificateAuthorityService.ListCertificateAuthorities.

Request message for CertificateAuthorityService.ListCertificateRevocationLists.

Response message for CertificateAuthorityService.ListCertificateRevocationLists.

Request message for CertificateAuthorityService.ListCertificates.

Response message for CertificateAuthorityService.ListCertificates.

Request message for CertificateAuthorityService.ListReusableConfigs.

Response message for CertificateAuthorityService.ListReusableConfigs.

An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.

Represents the metadata of the long-running operation.

A PublicKey describes a public key.

Types of public keys that are supported. At a minimum, we support RSA and ECDSA, for the key sizes or curves listed: https://cloud.google.com/kms/docs/algorithms#asymmetric_signing_algorithms

Request message for CertificateAuthorityService.RestoreCertificateAuthority.

A ReusableConfig refers to a managed ReusableConfigValues. Those, in turn, are used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions.

The abstract base class for a message.

A ReusableConfigValues is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions.

Describes values that are relevant in a CA certificate.

A ReusableConfigWrapper describes values that may assist in creating an X.509 certificate, or a reference to a pre-defined set of values.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

A RevocationReason indicates whether a Certificate has been revoked, and the reason for revocation. These correspond to standard revocation reasons from RFC 5280. Note that the enum labels and values in this definition are not the same ASN.1 values defined in RFC 5280. These values will be translated to the correct ASN.1 values when a CRL is created.

Request message for CertificateAuthorityService.RevokeCertificate.

Request message for CertificateAuthorityService.ScheduleDeleteCertificateAuthority.

Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate.

SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name).

Describes a subordinate CA's issuers. This is either a resource path to a known issuing CertificateAuthority, or a PEM issuer certificate chain.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons.

Request message for CertificateAuthorityService.UpdateCertificateAuthority.

Request message for CertificateAuthorityService.UpdateCertificate.

Request message for CertificateAuthorityService.UpdateCertificateRevocationList.

An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.

API documentation for security.privateca_v1.services.certificate_authority_service.pagers module.

API documentation for security.privateca_v1beta1.services.certificate_authority_service.pagers module.