Reference documentation and code samples for the Certificate Authority v1 API enum SubjectRequestMode.
Describes the way in which a
[Certificate][google.cloud.security.privateca.v1.Certificate]'s
[Subject][google.cloud.security.privateca.v1.Subject] and/or
[SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] will be
resolved.
The default mode used in most cases. Indicates that the certificate's
[Subject][google.cloud.security.privateca.v1.Subject] and/or
[SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] are
specified in the certificate request. This mode requires the caller to have
the privateca.certificates.create permission.
ReflectedSpiffe
A mode reserved for special cases. Indicates that the certificate should
have one SPIFFE
[SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] set
by the service based on the caller's identity. This mode will ignore any
explicitly specified [Subject][google.cloud.security.privateca.v1.Subject]
and/or
[SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] in
the certificate request. This mode requires the caller to have the
privateca.certificates.createForSelf permission.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-21 UTC."],[[["This page provides reference documentation for the `SubjectRequestMode` enum within the Google Cloud Security PrivateCA V1 API, with the latest version being 3.9.0."],["The `SubjectRequestMode` enum determines how a certificate's Subject and SubjectAltNames are resolved."],["There are three fields available for the `SubjectRequestMode` enum which are: `Default`, `ReflectedSpiffe`, and `Unspecified`, each serving different use cases and permissions."],["The `Default` mode requires `privateca.certificates.create` permission and has the Subject and SubjectAltNames specified in the certificate request, while `ReflectedSpiffe` requires `privateca.certificates.createForSelf` and uses the caller's identity to set the SubjectAltNames, ignoring any explicit specification."],["This page also provides links to reference documentation for prior versions, going as far back as 1.0.0."]]],[]]