Certificate Authority Service V1beta1 API - Class Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy (v0.11.0)

Reference documentation and code samples for the Certificate Authority Service V1beta1 API class Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy.

The issuing policy for a CertificateAuthority. Certificates will not be successfully issued from this CertificateAuthority if they violate the policy.

Inherits

Object

Extended By

Google::Protobuf::MessageExts::ClassMethods

Includes

Google::Protobuf::MessageExts

Methods

#allowed_common_names

def allowed_common_names() -> ::Array<::String>

Returns

(::Array<::String>) — Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.

#allowed_common_names=

def allowed_common_names=(value) -> ::Array<::String>

Parameter

value (::Array<::String>) — Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.

Returns

(::Array<::String>) — Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.

#allowed_config_list

def allowed_config_list() -> ::Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy::AllowedConfigList

Returns

(::Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy::AllowedConfigList) — Optional. All Certificates issued by the CertificateAuthority must match at least one listed ReusableConfigWrapper in the list.

Note: The following fields are mutually exclusive: allowed_config_list, overwrite_config_values. If a field in that set is populated, all other fields in the set will automatically be cleared.

#allowed_config_list=

def allowed_config_list=(value) -> ::Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy::AllowedConfigList

Parameter

value (::Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy::AllowedConfigList) — Optional. All Certificates issued by the CertificateAuthority must match at least one listed ReusableConfigWrapper in the list.

Note: The following fields are mutually exclusive: allowed_config_list, overwrite_config_values. If a field in that set is populated, all other fields in the set will automatically be cleared.

Returns

(::Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy::AllowedConfigList) — Optional. All Certificates issued by the CertificateAuthority must match at least one listed ReusableConfigWrapper in the list.

Note: The following fields are mutually exclusive: allowed_config_list, overwrite_config_values. If a field in that set is populated, all other fields in the set will automatically be cleared.

#allowed_issuance_modes

def allowed_issuance_modes() -> ::Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy::IssuanceModes

Returns

(::Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy::IssuanceModes) — Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

#allowed_issuance_modes=

def allowed_issuance_modes=(value) -> ::Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy::IssuanceModes

Parameter

value (::Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy::IssuanceModes) — Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

Returns

(::Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy::IssuanceModes) — Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

#allowed_locations_and_organizations

def allowed_locations_and_organizations() -> ::Array<::Google::Cloud::Security::PrivateCA::V1beta1::Subject>

Returns

(::Array<::Google::Cloud::Security::PrivateCA::V1beta1::Subject>) — Optional. If any Subject is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed Subject. If a Subject has an empty field, any value will be allowed for that field.

#allowed_locations_and_organizations=

def allowed_locations_and_organizations=(value) -> ::Array<::Google::Cloud::Security::PrivateCA::V1beta1::Subject>

Parameter

value (::Array<::Google::Cloud::Security::PrivateCA::V1beta1::Subject>) — Optional. If any Subject is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed Subject. If a Subject has an empty field, any value will be allowed for that field.

Returns

(::Array<::Google::Cloud::Security::PrivateCA::V1beta1::Subject>) — Optional. If any Subject is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed Subject. If a Subject has an empty field, any value will be allowed for that field.

#allowed_sans

def allowed_sans() -> ::Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy::AllowedSubjectAltNames

Returns

(::Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy::AllowedSubjectAltNames) — Optional. If a AllowedSubjectAltNames is specified here, then all Certificates issued by the CertificateAuthority must match AllowedSubjectAltNames. If no value or an empty value is specified, any value will be allowed for the SubjectAltNames field.

#allowed_sans=

def allowed_sans=(value) -> ::Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy::AllowedSubjectAltNames

Parameter

value (::Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy::AllowedSubjectAltNames) — Optional. If a AllowedSubjectAltNames is specified here, then all Certificates issued by the CertificateAuthority must match AllowedSubjectAltNames. If no value or an empty value is specified, any value will be allowed for the SubjectAltNames field.

Returns

(::Google::Cloud::Security::PrivateCA::V1beta1::CertificateAuthority::CertificateAuthorityPolicy::AllowedSubjectAltNames) — Optional. If a AllowedSubjectAltNames is specified here, then all Certificates issued by the CertificateAuthority must match AllowedSubjectAltNames. If no value or an empty value is specified, any value will be allowed for the SubjectAltNames field.

#maximum_lifetime

def maximum_lifetime() -> ::Google::Protobuf::Duration

Returns

(::Google::Protobuf::Duration) — Optional. The maximum lifetime allowed by the CertificateAuthority. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated.

#maximum_lifetime=

def maximum_lifetime=(value) -> ::Google::Protobuf::Duration

Parameter

value (::Google::Protobuf::Duration) — Optional. The maximum lifetime allowed by the CertificateAuthority. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated.

Returns

(::Google::Protobuf::Duration) — Optional. The maximum lifetime allowed by the CertificateAuthority. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated.

#overwrite_config_values

def overwrite_config_values() -> ::Google::Cloud::Security::PrivateCA::V1beta1::ReusableConfigWrapper

Returns

(::Google::Cloud::Security::PrivateCA::V1beta1::ReusableConfigWrapper) — Optional. All Certificates issued by the CertificateAuthority will use the provided configuration values, overwriting any requested configuration values.

Note: The following fields are mutually exclusive: overwrite_config_values, allowed_config_list. If a field in that set is populated, all other fields in the set will automatically be cleared.

#overwrite_config_values=

def overwrite_config_values=(value) -> ::Google::Cloud::Security::PrivateCA::V1beta1::ReusableConfigWrapper

Parameter

value (::Google::Cloud::Security::PrivateCA::V1beta1::ReusableConfigWrapper) — Optional. All Certificates issued by the CertificateAuthority will use the provided configuration values, overwriting any requested configuration values.

Note: The following fields are mutually exclusive: overwrite_config_values, allowed_config_list. If a field in that set is populated, all other fields in the set will automatically be cleared.

Returns

(::Google::Cloud::Security::PrivateCA::V1beta1::ReusableConfigWrapper) — Optional. All Certificates issued by the CertificateAuthority will use the provided configuration values, overwriting any requested configuration values.

Note: The following fields are mutually exclusive: overwrite_config_values, allowed_config_list. If a field in that set is populated, all other fields in the set will automatically be cleared.