REST Resource: projects.locations.serverTlsPolicies

Resource: ServerTlsPolicy

ServerTlsPolicy is a resource that specifies how a server should authenticate incoming requests. This resource itself does not affect configuration unless it is attached to a target https proxy or endpoint config selector resource.

JSON representation
{
  "name": string,
  "description": string,
  "createTime": string,
  "updateTime": string,
  "labels": {
    string: string,
    ...
  },
  "allowOpen": boolean,
  "serverCertificate": {
    object (CertificateProvider)
  },
  "mtlsPolicy": {
    object (MTLSPolicy)
  }
}
Fields
name

string

Required. Name of the ServerTlsPolicy resource. It matches the pattern projects/*/locations/{location}/serverTlsPolicies/{serverTlsPolicy}

description

string

Optional. Free-text description of the resource.

createTime

string (Timestamp format)

Output only. The timestamp when the resource was created.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

updateTime

string (Timestamp format)

Output only. The timestamp when the resource was updated.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

labels

map (key: string, value: string)

Optional. Set of label tags associated with the resource.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

allowOpen

boolean

Optional. Determines if server allows plaintext connections. If set to true, server allows plain text connections. By default, it is set to false. This setting is not exclusive of other encryption modes. For example, if allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections. See documentation of other encryption modes to confirm compatibility.

serverCertificate

object (CertificateProvider)

Optional. Defines a mechanism to provision server identity (public and private keys). Cannot be combined with allowOpen as a permissive mode that allows both plain text and TLS is not supported.

mtlsPolicy

object (MTLSPolicy)

Optional. Defines a mechanism to provision peer validation certificates for peer to peer authentication (Mutual TLS - mTLS). If not specified, client certificate will not be requested. The connection is treated as TLS and not mTLS. If allowOpen and mtlsPolicy are set, server allows both plain text and mTLS connections.

MTLSPolicy

Specification of the MTLSPolicy.

JSON representation
{
  "clientValidationCa": [
    {
      object (ValidationCA)
    }
  ]
}
Fields
clientValidationCa[]

object (ValidationCA)

Required. Defines the mechanism to obtain the Certificate Authority certificate to validate the client certificate.

Methods

create

Creates a new ServerTlsPolicy in a given project and location.

delete

Deletes a single ServerTlsPolicy.

get

Gets details of a single ServerTlsPolicy.

getIamPolicy

Gets the access control policy for a resource.

list

Lists ServerTlsPolicies in a given project and location.

patch

Updates the parameters of a single ServerTlsPolicy.

setIamPolicy

Sets the access control policy on the specified resource.

testIamPermissions

Returns permissions that a caller has on the specified resource.