Class: Google::Apis::PrivatecaV1beta1::CertificateAuthorityPolicy

Inherits:

Object

• Object
• Google::Apis::PrivatecaV1beta1::CertificateAuthorityPolicy

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

generated/google/apis/privateca_v1beta1/classes.rb,
generated/google/apis/privateca_v1beta1/representations.rb,
generated/google/apis/privateca_v1beta1/representations.rb

Overview

The issuing policy for a CertificateAuthority. Certificates will not be successfully issued from this CertificateAuthority if they violate the policy.

Instance Attribute Summary

• #allowed_common_names ⇒ Array<String>

  Optional.

• #allowed_config_list ⇒ Google::Apis::PrivatecaV1beta1::AllowedConfigList

  Optional.

• #allowed_issuance_modes ⇒ Google::Apis::PrivatecaV1beta1::IssuanceModes

  IssuanceModes specifies the allowed ways in which Certificates may be requested from this CertificateAuthority.

• #allowed_locations_and_organizations ⇒ Array<Google::Apis::PrivatecaV1beta1::Subject>

  Optional.

• #allowed_sans ⇒ Google::Apis::PrivatecaV1beta1::AllowedSubjectAltNames

  AllowedSubjectAltNames specifies the allowed values for SubjectAltNames by the CertificateAuthority when issuing Certificates.

• #maximum_lifetime ⇒ String

  Optional.

• #overwrite_config_values ⇒ Google::Apis::PrivatecaV1beta1::ReusableConfigWrapper

  A ReusableConfigWrapper describes values that may assist in creating an X.509 certificate, or a reference to a pre-defined set of values.

Instance Method Summary

• #initialize(**args) ⇒ CertificateAuthorityPolicy constructor

  A new instance of CertificateAuthorityPolicy.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ CertificateAuthorityPolicy

Returns a new instance of CertificateAuthorityPolicy.

# File 'generated/google/apis/privateca_v1beta1/classes.rb', line 641

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#allowed_common_names ⇒ Array<String>

Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported. Corresponds to the JSON property allowedCommonNames

Returns:

• (Array<String>)

# File 'generated/google/apis/privateca_v1beta1/classes.rb', line 601

def allowed_common_names
  @allowed_common_names
end

#allowed_config_list ⇒ Google::Apis::PrivatecaV1beta1::AllowedConfigList

Optional. All Certificates issued by the CertificateAuthority must match at least one listed ReusableConfigWrapper in the list. Corresponds to the JSON property allowedConfigList

Returns:

• (Google::Apis::PrivatecaV1beta1::AllowedConfigList)

# File 'generated/google/apis/privateca_v1beta1/classes.rb', line 607

def allowed_config_list
  @allowed_config_list
end

#allowed_issuance_modes ⇒ Google::Apis::PrivatecaV1beta1::IssuanceModes

IssuanceModes specifies the allowed ways in which Certificates may be requested from this CertificateAuthority. Corresponds to the JSON property allowedIssuanceModes

Returns:

• (Google::Apis::PrivatecaV1beta1::IssuanceModes)

# File 'generated/google/apis/privateca_v1beta1/classes.rb', line 613

def allowed_issuance_modes
  @allowed_issuance_modes
end

#allowed_locations_and_organizations ⇒ Array<Google::Apis::PrivatecaV1beta1::Subject>

Optional. If any Subject is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed Subject. If a Subject has an empty field, any value will be allowed for that field. Corresponds to the JSON property allowedLocationsAndOrganizations

Returns:

• (Array<Google::Apis::PrivatecaV1beta1::Subject>)

# File 'generated/google/apis/privateca_v1beta1/classes.rb', line 620

def allowed_locations_and_organizations
  @allowed_locations_and_organizations
end

#allowed_sans ⇒ Google::Apis::PrivatecaV1beta1::AllowedSubjectAltNames

AllowedSubjectAltNames specifies the allowed values for SubjectAltNames by the CertificateAuthority when issuing Certificates. Corresponds to the JSON property allowedSans

Returns:

• (Google::Apis::PrivatecaV1beta1::AllowedSubjectAltNames)

# File 'generated/google/apis/privateca_v1beta1/classes.rb', line 626

def allowed_sans
  @allowed_sans
end

#maximum_lifetime ⇒ String

Optional. The maximum lifetime allowed by the CertificateAuthority. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated. Corresponds to the JSON property maximumLifetime

Returns:

• (String)

# File 'generated/google/apis/privateca_v1beta1/classes.rb', line 633

def maximum_lifetime
  @maximum_lifetime
end

#overwrite_config_values ⇒ Google::Apis::PrivatecaV1beta1::ReusableConfigWrapper

A ReusableConfigWrapper describes values that may assist in creating an X.509 certificate, or a reference to a pre-defined set of values. Corresponds to the JSON property overwriteConfigValues

Returns:

• (Google::Apis::PrivatecaV1beta1::ReusableConfigWrapper)

# File 'generated/google/apis/privateca_v1beta1/classes.rb', line 639

def overwrite_config_values
  @overwrite_config_values
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'generated/google/apis/privateca_v1beta1/classes.rb', line 646

def update!(**args)
  @allowed_common_names = args[:allowed_common_names] if args.key?(:allowed_common_names)
  @allowed_config_list = args[:allowed_config_list] if args.key?(:allowed_config_list)
  @allowed_issuance_modes = args[:allowed_issuance_modes] if args.key?(:allowed_issuance_modes)
  @allowed_locations_and_organizations = args[:allowed_locations_and_organizations] if args.key?(:allowed_locations_and_organizations)
  @allowed_sans = args[:allowed_sans] if args.key?(:allowed_sans)
  @maximum_lifetime = args[:maximum_lifetime] if args.key?(:maximum_lifetime)
  @overwrite_config_values = args[:overwrite_config_values] if args.key?(:overwrite_config_values)
end