Google Native

v0.27.0 published on Friday, Oct 21, 2022 by Pulumi

Certificate

Create a new Certificate in a given Project, Location from a particular CertificateAuthority. Auto-naming is currently not supported for this resource. Note - this resource’s API doesn’t support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

Create Certificate Resource

new Certificate(name: string, args: CertificateArgs, opts?: CustomResourceOptions);
@overload
def Certificate(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                certificate_authority_id: Optional[str] = None,
                certificate_id: Optional[str] = None,
                config: Optional[CertificateConfigArgs] = None,
                labels: Optional[Mapping[str, str]] = None,
                lifetime: Optional[str] = None,
                location: Optional[str] = None,
                pem_csr: Optional[str] = None,
                project: Optional[str] = None,
                request_id: Optional[str] = None)
@overload
def Certificate(resource_name: str,
                args: CertificateArgs,
                opts: Optional[ResourceOptions] = None)
func NewCertificate(ctx *Context, name string, args CertificateArgs, opts ...ResourceOption) (*Certificate, error)
public Certificate(string name, CertificateArgs args, CustomResourceOptions? opts = null)
public Certificate(String name, CertificateArgs args)
public Certificate(String name, CertificateArgs args, CustomResourceOptions options)
type: google-native:privateca/v1beta1:Certificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args CertificateArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args CertificateArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args CertificateArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args CertificateArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args CertificateArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Certificate Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Certificate resource accepts the following input properties:

CertificateAuthorityId string
Lifetime string

Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.

CertificateId string

Optional. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}. This field is required when using a CertificateAuthority in the Enterprise CertificateAuthority.Tier, but is optional and its value is ignored otherwise.

Config Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.CertificateConfigArgs

Immutable. A description of the certificate and key that does not require X.509 or ASN.1.

Labels Dictionary<string, string>

Optional. Labels with user-defined metadata.

Location string
PemCsr string

Immutable. A pem-encoded X.509 certificate signing request (CSR).

Project string
RequestId string

Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

CertificateAuthorityId string
Lifetime string

Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.

CertificateId string

Optional. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}. This field is required when using a CertificateAuthority in the Enterprise CertificateAuthority.Tier, but is optional and its value is ignored otherwise.

Config CertificateConfigArgs

Immutable. A description of the certificate and key that does not require X.509 or ASN.1.

Labels map[string]string

Optional. Labels with user-defined metadata.

Location string
PemCsr string

Immutable. A pem-encoded X.509 certificate signing request (CSR).

Project string
RequestId string

Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

certificateAuthorityId String
lifetime String

Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.

certificateId String

Optional. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}. This field is required when using a CertificateAuthority in the Enterprise CertificateAuthority.Tier, but is optional and its value is ignored otherwise.

config CertificateConfigArgs

Immutable. A description of the certificate and key that does not require X.509 or ASN.1.

labels Map<String,String>

Optional. Labels with user-defined metadata.

location String
pemCsr String

Immutable. A pem-encoded X.509 certificate signing request (CSR).

project String
requestId String

Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

certificateAuthorityId string
lifetime string

Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.

certificateId string

Optional. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}. This field is required when using a CertificateAuthority in the Enterprise CertificateAuthority.Tier, but is optional and its value is ignored otherwise.

config CertificateConfigArgs

Immutable. A description of the certificate and key that does not require X.509 or ASN.1.

labels {[key: string]: string}

Optional. Labels with user-defined metadata.

location string
pemCsr string

Immutable. A pem-encoded X.509 certificate signing request (CSR).

project string
requestId string

Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

certificate_authority_id str
lifetime str

Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.

certificate_id str

Optional. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}. This field is required when using a CertificateAuthority in the Enterprise CertificateAuthority.Tier, but is optional and its value is ignored otherwise.

config CertificateConfigArgs

Immutable. A description of the certificate and key that does not require X.509 or ASN.1.

labels Mapping[str, str]

Optional. Labels with user-defined metadata.

location str
pem_csr str

Immutable. A pem-encoded X.509 certificate signing request (CSR).

project str
request_id str

Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

certificateAuthorityId String
lifetime String

Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.

certificateId String

Optional. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}. This field is required when using a CertificateAuthority in the Enterprise CertificateAuthority.Tier, but is optional and its value is ignored otherwise.

config Property Map

Immutable. A description of the certificate and key that does not require X.509 or ASN.1.

labels Map<String>

Optional. Labels with user-defined metadata.

location String
pemCsr String

Immutable. A pem-encoded X.509 certificate signing request (CSR).

project String
requestId String

Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

Outputs

All input properties are implicitly available as output properties. Additionally, the Certificate resource produces the following output properties:

CertificateDescription Pulumi.GoogleNative.Privateca.V1Beta1.Outputs.CertificateDescriptionResponse

A structured description of the issued X.509 certificate.

CreateTime string

The time at which this Certificate was created.

Id string

The provider-assigned unique ID for this managed resource.

Name string

The resource path for this Certificate in the format projects/*/locations/*/certificateAuthorities/*/certificates/*.

PemCertificate string

The pem-encoded, signed X.509 certificate.

PemCertificateChain List<string>

The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.

RevocationDetails Pulumi.GoogleNative.Privateca.V1Beta1.Outputs.RevocationDetailsResponse

Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.

UpdateTime string

The time at which this Certificate was updated.

CertificateDescription CertificateDescriptionResponse

A structured description of the issued X.509 certificate.

CreateTime string

The time at which this Certificate was created.

Id string

The provider-assigned unique ID for this managed resource.

Name string

The resource path for this Certificate in the format projects/*/locations/*/certificateAuthorities/*/certificates/*.

PemCertificate string

The pem-encoded, signed X.509 certificate.

PemCertificateChain []string

The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.

RevocationDetails RevocationDetailsResponse

Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.

UpdateTime string

The time at which this Certificate was updated.

certificateDescription CertificateDescriptionResponse

A structured description of the issued X.509 certificate.

createTime String

The time at which this Certificate was created.

id String

The provider-assigned unique ID for this managed resource.

name String

The resource path for this Certificate in the format projects/*/locations/*/certificateAuthorities/*/certificates/*.

pemCertificate String

The pem-encoded, signed X.509 certificate.

pemCertificateChain List<String>

The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.

revocationDetails RevocationDetailsResponse

Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.

updateTime String

The time at which this Certificate was updated.

certificateDescription CertificateDescriptionResponse

A structured description of the issued X.509 certificate.

createTime string

The time at which this Certificate was created.

id string

The provider-assigned unique ID for this managed resource.

name string

The resource path for this Certificate in the format projects/*/locations/*/certificateAuthorities/*/certificates/*.

pemCertificate string

The pem-encoded, signed X.509 certificate.

pemCertificateChain string[]

The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.

revocationDetails RevocationDetailsResponse

Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.

updateTime string

The time at which this Certificate was updated.

certificate_description CertificateDescriptionResponse

A structured description of the issued X.509 certificate.

create_time str

The time at which this Certificate was created.

id str

The provider-assigned unique ID for this managed resource.

name str

The resource path for this Certificate in the format projects/*/locations/*/certificateAuthorities/*/certificates/*.

pem_certificate str

The pem-encoded, signed X.509 certificate.

pem_certificate_chain Sequence[str]

The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.

revocation_details RevocationDetailsResponse

Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.

update_time str

The time at which this Certificate was updated.

certificateDescription Property Map

A structured description of the issued X.509 certificate.

createTime String

The time at which this Certificate was created.

id String

The provider-assigned unique ID for this managed resource.

name String

The resource path for this Certificate in the format projects/*/locations/*/certificateAuthorities/*/certificates/*.

pemCertificate String

The pem-encoded, signed X.509 certificate.

pemCertificateChain List<String>

The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.

revocationDetails Property Map

Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.

updateTime String

The time at which this Certificate was updated.

Supporting Types

CaOptions

IsCa bool

Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.

MaxIssuerPathLength int

Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.

IsCa bool

Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.

MaxIssuerPathLength int

Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.

isCa Boolean

Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.

maxIssuerPathLength Integer

Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.

isCa boolean

Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.

maxIssuerPathLength number

Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.

is_ca bool

Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.

max_issuer_path_length int

Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.

isCa Boolean

Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.

maxIssuerPathLength Number

Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.

CaOptionsResponse

IsCa bool

Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.

MaxIssuerPathLength int

Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.

IsCa bool

Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.

MaxIssuerPathLength int

Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.

isCa Boolean

Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.

maxIssuerPathLength Integer

Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.

isCa boolean

Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.

maxIssuerPathLength number

Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.

is_ca bool

Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.

max_issuer_path_length int

Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.

isCa Boolean

Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.

maxIssuerPathLength Number

Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.

CertificateConfig

ReusableConfig Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.ReusableConfigWrapper

Describes how some of the technical fields in a certificate should be populated.

SubjectConfig Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.SubjectConfig

Specifies some of the values in a certificate that are related to the subject.

PublicKey Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.PublicKey

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

ReusableConfig ReusableConfigWrapper

Describes how some of the technical fields in a certificate should be populated.

SubjectConfig SubjectConfig

Specifies some of the values in a certificate that are related to the subject.

PublicKey PublicKey

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

reusableConfig ReusableConfigWrapper

Describes how some of the technical fields in a certificate should be populated.

subjectConfig SubjectConfig

Specifies some of the values in a certificate that are related to the subject.

publicKey PublicKey

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

reusableConfig ReusableConfigWrapper

Describes how some of the technical fields in a certificate should be populated.

subjectConfig SubjectConfig

Specifies some of the values in a certificate that are related to the subject.

publicKey PublicKey

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

reusable_config ReusableConfigWrapper

Describes how some of the technical fields in a certificate should be populated.

subject_config SubjectConfig

Specifies some of the values in a certificate that are related to the subject.

public_key PublicKey

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

reusableConfig Property Map

Describes how some of the technical fields in a certificate should be populated.

subjectConfig Property Map

Specifies some of the values in a certificate that are related to the subject.

publicKey Property Map

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

CertificateConfigResponse

PublicKey Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.PublicKeyResponse

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

ReusableConfig Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.ReusableConfigWrapperResponse

Describes how some of the technical fields in a certificate should be populated.

SubjectConfig Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.SubjectConfigResponse

Specifies some of the values in a certificate that are related to the subject.

PublicKey PublicKeyResponse

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

ReusableConfig ReusableConfigWrapperResponse

Describes how some of the technical fields in a certificate should be populated.

SubjectConfig SubjectConfigResponse

Specifies some of the values in a certificate that are related to the subject.

publicKey PublicKeyResponse

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

reusableConfig ReusableConfigWrapperResponse

Describes how some of the technical fields in a certificate should be populated.

subjectConfig SubjectConfigResponse

Specifies some of the values in a certificate that are related to the subject.

publicKey PublicKeyResponse

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

reusableConfig ReusableConfigWrapperResponse

Describes how some of the technical fields in a certificate should be populated.

subjectConfig SubjectConfigResponse

Specifies some of the values in a certificate that are related to the subject.

public_key PublicKeyResponse

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

reusable_config ReusableConfigWrapperResponse

Describes how some of the technical fields in a certificate should be populated.

subject_config SubjectConfigResponse

Specifies some of the values in a certificate that are related to the subject.

publicKey Property Map

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

reusableConfig Property Map

Describes how some of the technical fields in a certificate should be populated.

subjectConfig Property Map

Specifies some of the values in a certificate that are related to the subject.

CertificateDescriptionResponse

AiaIssuingCertificateUrls List<string>

Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.

AuthorityKeyId Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.KeyIdResponse

Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1

CertFingerprint Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.CertificateFingerprintResponse

The hash of the x.509 certificate.

ConfigValues Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.ReusableConfigValuesResponse

Describes some of the technical fields in a certificate.

CrlDistributionPoints List<string>

Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13

PublicKey Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.PublicKeyResponse

The public key that corresponds to an issued certificate.

SubjectDescription Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.SubjectDescriptionResponse

Describes some of the values in a certificate that are related to the subject and lifetime.

SubjectKeyId Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.KeyIdResponse

Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.

AiaIssuingCertificateUrls []string

Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.

AuthorityKeyId KeyIdResponse

Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1

CertFingerprint CertificateFingerprintResponse

The hash of the x.509 certificate.

ConfigValues ReusableConfigValuesResponse

Describes some of the technical fields in a certificate.

CrlDistributionPoints []string

Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13

PublicKey PublicKeyResponse

The public key that corresponds to an issued certificate.

SubjectDescription SubjectDescriptionResponse

Describes some of the values in a certificate that are related to the subject and lifetime.

SubjectKeyId KeyIdResponse

Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.

aiaIssuingCertificateUrls List<String>

Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.

authorityKeyId KeyIdResponse

Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1

certFingerprint CertificateFingerprintResponse

The hash of the x.509 certificate.

configValues ReusableConfigValuesResponse

Describes some of the technical fields in a certificate.

crlDistributionPoints List<String>

Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13

publicKey PublicKeyResponse

The public key that corresponds to an issued certificate.

subjectDescription SubjectDescriptionResponse

Describes some of the values in a certificate that are related to the subject and lifetime.

subjectKeyId KeyIdResponse

Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.

aiaIssuingCertificateUrls string[]

Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.

authorityKeyId KeyIdResponse

Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1

certFingerprint CertificateFingerprintResponse

The hash of the x.509 certificate.

configValues ReusableConfigValuesResponse

Describes some of the technical fields in a certificate.

crlDistributionPoints string[]

Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13

publicKey PublicKeyResponse

The public key that corresponds to an issued certificate.

subjectDescription SubjectDescriptionResponse

Describes some of the values in a certificate that are related to the subject and lifetime.

subjectKeyId KeyIdResponse

Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.

aia_issuing_certificate_urls Sequence[str]

Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.

authority_key_id KeyIdResponse

Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1

cert_fingerprint CertificateFingerprintResponse

The hash of the x.509 certificate.

config_values ReusableConfigValuesResponse

Describes some of the technical fields in a certificate.

crl_distribution_points Sequence[str]

Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13

public_key PublicKeyResponse

The public key that corresponds to an issued certificate.

subject_description SubjectDescriptionResponse

Describes some of the values in a certificate that are related to the subject and lifetime.

subject_key_id KeyIdResponse

Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.

aiaIssuingCertificateUrls List<String>

Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.

authorityKeyId Property Map

Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1

certFingerprint Property Map

The hash of the x.509 certificate.

configValues Property Map

Describes some of the technical fields in a certificate.

crlDistributionPoints List<String>

Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13

publicKey Property Map

The public key that corresponds to an issued certificate.

subjectDescription Property Map

Describes some of the values in a certificate that are related to the subject and lifetime.

subjectKeyId Property Map

Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.

CertificateFingerprintResponse

Sha256Hash string

The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.

Sha256Hash string

The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.

sha256Hash String

The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.

sha256Hash string

The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.

sha256_hash str

The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.

sha256Hash String

The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.

ExtendedKeyUsageOptions

ClientAuth bool

Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.

CodeSigning bool

Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".

EmailProtection bool

Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".

OcspSigning bool

Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".

ServerAuth bool

Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.

TimeStamping bool

Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".

ClientAuth bool

Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.

CodeSigning bool

Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".

EmailProtection bool

Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".

OcspSigning bool

Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".

ServerAuth bool

Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.

TimeStamping bool

Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".

clientAuth Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.

codeSigning Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".

emailProtection Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".

ocspSigning Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".

serverAuth Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.

timeStamping Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".

clientAuth boolean

Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.

codeSigning boolean

Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".

emailProtection boolean

Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".

ocspSigning boolean

Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".

serverAuth boolean

Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.

timeStamping boolean

Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".

client_auth bool

Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.

code_signing bool

Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".

email_protection bool

Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".

ocsp_signing bool

Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".

server_auth bool

Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.

time_stamping bool

Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".

clientAuth Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.

codeSigning Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".

emailProtection Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".

ocspSigning Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".

serverAuth Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.

timeStamping Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".

ExtendedKeyUsageOptionsResponse

ClientAuth bool

Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.

CodeSigning bool

Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".

EmailProtection bool

Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".

OcspSigning bool

Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".

ServerAuth bool

Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.

TimeStamping bool

Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".

ClientAuth bool

Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.

CodeSigning bool

Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".

EmailProtection bool

Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".

OcspSigning bool

Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".

ServerAuth bool

Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.

TimeStamping bool

Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".

clientAuth Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.

codeSigning Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".

emailProtection Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".

ocspSigning Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".

serverAuth Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.

timeStamping Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".

clientAuth boolean

Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.

codeSigning boolean

Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".

emailProtection boolean

Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".

ocspSigning boolean

Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".

serverAuth boolean

Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.

timeStamping boolean

Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".

client_auth bool

Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.

code_signing bool

Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".

email_protection bool

Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".

ocsp_signing bool

Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".

server_auth bool

Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.

time_stamping bool

Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".

clientAuth Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.

codeSigning Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".

emailProtection Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".

ocspSigning Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".

serverAuth Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.

timeStamping Boolean

Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".

KeyIdResponse

KeyId string

Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.

KeyId string

Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.

keyId String

Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.

keyId string

Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.

key_id str

Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.

keyId String

Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.

KeyUsage

BaseKeyUsage Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.KeyUsageOptions

Describes high-level ways in which a key may be used.

ExtendedKeyUsage Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.ExtendedKeyUsageOptions

Detailed scenarios in which a key may be used.

UnknownExtendedKeyUsages List<Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.ObjectId>

Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.

BaseKeyUsage KeyUsageOptions

Describes high-level ways in which a key may be used.

ExtendedKeyUsage ExtendedKeyUsageOptions

Detailed scenarios in which a key may be used.

UnknownExtendedKeyUsages []ObjectId

Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.

baseKeyUsage KeyUsageOptions

Describes high-level ways in which a key may be used.

extendedKeyUsage ExtendedKeyUsageOptions

Detailed scenarios in which a key may be used.

unknownExtendedKeyUsages List<ObjectId>

Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.

baseKeyUsage KeyUsageOptions

Describes high-level ways in which a key may be used.

extendedKeyUsage ExtendedKeyUsageOptions

Detailed scenarios in which a key may be used.

unknownExtendedKeyUsages ObjectId[]

Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.

base_key_usage KeyUsageOptions

Describes high-level ways in which a key may be used.

extended_key_usage ExtendedKeyUsageOptions

Detailed scenarios in which a key may be used.

unknown_extended_key_usages Sequence[ObjectId]

Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.

baseKeyUsage Property Map

Describes high-level ways in which a key may be used.

extendedKeyUsage Property Map

Detailed scenarios in which a key may be used.

unknownExtendedKeyUsages List<Property Map>

Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.

KeyUsageOptions

CertSign bool

The key may be used to sign certificates.

ContentCommitment bool

The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".

CrlSign bool

The key may be used sign certificate revocation lists.

DataEncipherment bool

The key may be used to encipher data.

DecipherOnly bool

The key may be used to decipher only.

DigitalSignature bool

The key may be used for digital signatures.

EncipherOnly bool

The key may be used to encipher only.

KeyAgreement bool

The key may be used in a key agreement protocol.

KeyEncipherment bool

The key may be used to encipher other keys.

CertSign bool

The key may be used to sign certificates.

ContentCommitment bool

The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".

CrlSign bool

The key may be used sign certificate revocation lists.

DataEncipherment bool

The key may be used to encipher data.

DecipherOnly bool

The key may be used to decipher only.

DigitalSignature bool

The key may be used for digital signatures.

EncipherOnly bool

The key may be used to encipher only.

KeyAgreement bool

The key may be used in a key agreement protocol.

KeyEncipherment bool

The key may be used to encipher other keys.

certSign Boolean

The key may be used to sign certificates.

contentCommitment Boolean

The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".

crlSign Boolean

The key may be used sign certificate revocation lists.

dataEncipherment Boolean

The key may be used to encipher data.

decipherOnly Boolean

The key may be used to decipher only.

digitalSignature Boolean

The key may be used for digital signatures.

encipherOnly Boolean

The key may be used to encipher only.

keyAgreement Boolean

The key may be used in a key agreement protocol.

keyEncipherment Boolean

The key may be used to encipher other keys.

certSign boolean

The key may be used to sign certificates.

contentCommitment boolean

The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".

crlSign boolean

The key may be used sign certificate revocation lists.

dataEncipherment boolean

The key may be used to encipher data.

decipherOnly boolean

The key may be used to decipher only.

digitalSignature boolean

The key may be used for digital signatures.

encipherOnly boolean

The key may be used to encipher only.

keyAgreement boolean

The key may be used in a key agreement protocol.

keyEncipherment boolean

The key may be used to encipher other keys.

cert_sign bool

The key may be used to sign certificates.

content_commitment bool

The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".

crl_sign bool

The key may be used sign certificate revocation lists.

data_encipherment bool

The key may be used to encipher data.

decipher_only bool

The key may be used to decipher only.

digital_signature bool

The key may be used for digital signatures.

encipher_only bool

The key may be used to encipher only.

key_agreement bool

The key may be used in a key agreement protocol.

key_encipherment bool

The key may be used to encipher other keys.

certSign Boolean

The key may be used to sign certificates.

contentCommitment Boolean

The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".

crlSign Boolean

The key may be used sign certificate revocation lists.

dataEncipherment Boolean

The key may be used to encipher data.

decipherOnly Boolean

The key may be used to decipher only.

digitalSignature Boolean

The key may be used for digital signatures.

encipherOnly Boolean

The key may be used to encipher only.

keyAgreement Boolean

The key may be used in a key agreement protocol.

keyEncipherment Boolean

The key may be used to encipher other keys.

KeyUsageOptionsResponse

CertSign bool

The key may be used to sign certificates.

ContentCommitment bool

The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".

CrlSign bool

The key may be used sign certificate revocation lists.

DataEncipherment bool

The key may be used to encipher data.

DecipherOnly bool

The key may be used to decipher only.

DigitalSignature bool

The key may be used for digital signatures.

EncipherOnly bool

The key may be used to encipher only.

KeyAgreement bool

The key may be used in a key agreement protocol.

KeyEncipherment bool

The key may be used to encipher other keys.

CertSign bool

The key may be used to sign certificates.

ContentCommitment bool

The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".

CrlSign bool

The key may be used sign certificate revocation lists.

DataEncipherment bool

The key may be used to encipher data.

DecipherOnly bool

The key may be used to decipher only.

DigitalSignature bool

The key may be used for digital signatures.

EncipherOnly bool

The key may be used to encipher only.

KeyAgreement bool

The key may be used in a key agreement protocol.

KeyEncipherment bool

The key may be used to encipher other keys.

certSign Boolean

The key may be used to sign certificates.

contentCommitment Boolean

The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".

crlSign Boolean

The key may be used sign certificate revocation lists.

dataEncipherment Boolean

The key may be used to encipher data.

decipherOnly Boolean

The key may be used to decipher only.

digitalSignature Boolean

The key may be used for digital signatures.

encipherOnly Boolean

The key may be used to encipher only.

keyAgreement Boolean

The key may be used in a key agreement protocol.

keyEncipherment Boolean

The key may be used to encipher other keys.

certSign boolean

The key may be used to sign certificates.

contentCommitment boolean

The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".

crlSign boolean

The key may be used sign certificate revocation lists.

dataEncipherment boolean

The key may be used to encipher data.

decipherOnly boolean

The key may be used to decipher only.

digitalSignature boolean

The key may be used for digital signatures.

encipherOnly boolean

The key may be used to encipher only.

keyAgreement boolean

The key may be used in a key agreement protocol.

keyEncipherment boolean

The key may be used to encipher other keys.

cert_sign bool

The key may be used to sign certificates.

content_commitment bool

The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".

crl_sign bool

The key may be used sign certificate revocation lists.

data_encipherment bool

The key may be used to encipher data.

decipher_only bool

The key may be used to decipher only.

digital_signature bool

The key may be used for digital signatures.

encipher_only bool

The key may be used to encipher only.

key_agreement bool

The key may be used in a key agreement protocol.

key_encipherment bool

The key may be used to encipher other keys.

certSign Boolean

The key may be used to sign certificates.

contentCommitment Boolean

The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".

crlSign Boolean

The key may be used sign certificate revocation lists.

dataEncipherment Boolean

The key may be used to encipher data.

decipherOnly Boolean

The key may be used to decipher only.

digitalSignature Boolean

The key may be used for digital signatures.

encipherOnly Boolean

The key may be used to encipher only.

keyAgreement Boolean

The key may be used in a key agreement protocol.

keyEncipherment Boolean

The key may be used to encipher other keys.

KeyUsageResponse

BaseKeyUsage Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.KeyUsageOptionsResponse

Describes high-level ways in which a key may be used.

ExtendedKeyUsage Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.ExtendedKeyUsageOptionsResponse

Detailed scenarios in which a key may be used.

UnknownExtendedKeyUsages List<Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.ObjectIdResponse>

Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.

BaseKeyUsage KeyUsageOptionsResponse

Describes high-level ways in which a key may be used.

ExtendedKeyUsage ExtendedKeyUsageOptionsResponse

Detailed scenarios in which a key may be used.

UnknownExtendedKeyUsages []ObjectIdResponse

Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.

baseKeyUsage KeyUsageOptionsResponse

Describes high-level ways in which a key may be used.

extendedKeyUsage ExtendedKeyUsageOptionsResponse

Detailed scenarios in which a key may be used.

unknownExtendedKeyUsages List<ObjectIdResponse>

Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.

baseKeyUsage KeyUsageOptionsResponse

Describes high-level ways in which a key may be used.

extendedKeyUsage ExtendedKeyUsageOptionsResponse

Detailed scenarios in which a key may be used.

unknownExtendedKeyUsages ObjectIdResponse[]

Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.

base_key_usage KeyUsageOptionsResponse

Describes high-level ways in which a key may be used.

extended_key_usage ExtendedKeyUsageOptionsResponse

Detailed scenarios in which a key may be used.

unknown_extended_key_usages Sequence[ObjectIdResponse]

Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.

baseKeyUsage Property Map

Describes high-level ways in which a key may be used.

extendedKeyUsage Property Map

Detailed scenarios in which a key may be used.

unknownExtendedKeyUsages List<Property Map>

Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.

ObjectId

ObjectIdPath List<int>

The parts of an OID path. The most significant parts of the path come first.

ObjectIdPath []int

The parts of an OID path. The most significant parts of the path come first.

objectIdPath List<Integer>

The parts of an OID path. The most significant parts of the path come first.

objectIdPath number[]

The parts of an OID path. The most significant parts of the path come first.

object_id_path Sequence[int]

The parts of an OID path. The most significant parts of the path come first.

objectIdPath List<Number>

The parts of an OID path. The most significant parts of the path come first.

ObjectIdResponse

ObjectIdPath List<int>

The parts of an OID path. The most significant parts of the path come first.

ObjectIdPath []int

The parts of an OID path. The most significant parts of the path come first.

objectIdPath List<Integer>

The parts of an OID path. The most significant parts of the path come first.

objectIdPath number[]

The parts of an OID path. The most significant parts of the path come first.

object_id_path Sequence[int]

The parts of an OID path. The most significant parts of the path come first.

objectIdPath List<Number>

The parts of an OID path. The most significant parts of the path come first.

PublicKey

Key string

A public key. When this is specified in a request, the padding and encoding can be any of the options described by the respective 'KeyType' value. When this is generated by the service, it will always be an RFC 5280 SubjectPublicKeyInfo structure containing an algorithm identifier and a key.

Type Pulumi.GoogleNative.Privateca.V1Beta1.PublicKeyType

Optional. The type of public key. If specified, it must match the public key used for thekey field.

Key string

A public key. When this is specified in a request, the padding and encoding can be any of the options described by the respective 'KeyType' value. When this is generated by the service, it will always be an RFC 5280 SubjectPublicKeyInfo structure containing an algorithm identifier and a key.

Type PublicKeyType

Optional. The type of public key. If specified, it must match the public key used for thekey field.

key String

A public key. When this is specified in a request, the padding and encoding can be any of the options described by the respective 'KeyType' value. When this is generated by the service, it will always be an RFC 5280 SubjectPublicKeyInfo structure containing an algorithm identifier and a key.

type PublicKeyType

Optional. The type of public key. If specified, it must match the public key used for thekey field.

key string

A public key. When this is specified in a request, the padding and encoding can be any of the options described by the respective 'KeyType' value. When this is generated by the service, it will always be an RFC 5280 SubjectPublicKeyInfo structure containing an algorithm identifier and a key.

type PublicKeyType

Optional. The type of public key. If specified, it must match the public key used for thekey field.

key str

A public key. When this is specified in a request, the padding and encoding can be any of the options described by the respective 'KeyType' value. When this is generated by the service, it will always be an RFC 5280 SubjectPublicKeyInfo structure containing an algorithm identifier and a key.

type PublicKeyType

Optional. The type of public key. If specified, it must match the public key used for thekey field.

key String

A public key. When this is specified in a request, the padding and encoding can be any of the options described by the respective 'KeyType' value. When this is generated by the service, it will always be an RFC 5280 SubjectPublicKeyInfo structure containing an algorithm identifier and a key.

type "KEY_TYPE_UNSPECIFIED" | "PEM_RSA_KEY" | "PEM_EC_KEY"

Optional. The type of public key. If specified, it must match the public key used for thekey field.

PublicKeyResponse

Key string

A public key. When this is specified in a request, the padding and encoding can be any of the options described by the respective 'KeyType' value. When this is generated by the service, it will always be an RFC 5280 SubjectPublicKeyInfo structure containing an algorithm identifier and a key.

Type string

Optional. The type of public key. If specified, it must match the public key used for thekey field.

Key string

A public key. When this is specified in a request, the padding and encoding can be any of the options described by the respective 'KeyType' value. When this is generated by the service, it will always be an RFC 5280 SubjectPublicKeyInfo structure containing an algorithm identifier and a key.

Type string

Optional. The type of public key. If specified, it must match the public key used for thekey field.

key String

A public key. When this is specified in a request, the padding and encoding can be any of the options described by the respective 'KeyType' value. When this is generated by the service, it will always be an RFC 5280 SubjectPublicKeyInfo structure containing an algorithm identifier and a key.

type String

Optional. The type of public key. If specified, it must match the public key used for thekey field.

key string

A public key. When this is specified in a request, the padding and encoding can be any of the options described by the respective 'KeyType' value. When this is generated by the service, it will always be an RFC 5280 SubjectPublicKeyInfo structure containing an algorithm identifier and a key.

type string

Optional. The type of public key. If specified, it must match the public key used for thekey field.

key str

A public key. When this is specified in a request, the padding and encoding can be any of the options described by the respective 'KeyType' value. When this is generated by the service, it will always be an RFC 5280 SubjectPublicKeyInfo structure containing an algorithm identifier and a key.

type str

Optional. The type of public key. If specified, it must match the public key used for thekey field.

key String

A public key. When this is specified in a request, the padding and encoding can be any of the options described by the respective 'KeyType' value. When this is generated by the service, it will always be an RFC 5280 SubjectPublicKeyInfo structure containing an algorithm identifier and a key.

type String

Optional. The type of public key. If specified, it must match the public key used for thekey field.

PublicKeyType

KeyTypeUnspecified
KEY_TYPE_UNSPECIFIED

Default unspecified value.

PemRsaKey
PEM_RSA_KEY

A PEM-encoded PKCS#1/RFC 3447 RSAPublicKey structure, or an RFC 5280 SubjectPublicKeyInfo structure containing the former.

PemEcKey
PEM_EC_KEY

An RFC 5280 SubjectPublicKeyInfo structure containing a PEM-encoded compressed NIST P-256/secp256r1/prime256v1 or P-384 key.

PublicKeyTypeKeyTypeUnspecified
KEY_TYPE_UNSPECIFIED

Default unspecified value.

PublicKeyTypePemRsaKey
PEM_RSA_KEY

A PEM-encoded PKCS#1/RFC 3447 RSAPublicKey structure, or an RFC 5280 SubjectPublicKeyInfo structure containing the former.

PublicKeyTypePemEcKey
PEM_EC_KEY

An RFC 5280 SubjectPublicKeyInfo structure containing a PEM-encoded compressed NIST P-256/secp256r1/prime256v1 or P-384 key.

KeyTypeUnspecified
KEY_TYPE_UNSPECIFIED

Default unspecified value.

PemRsaKey
PEM_RSA_KEY

A PEM-encoded PKCS#1/RFC 3447 RSAPublicKey structure, or an RFC 5280 SubjectPublicKeyInfo structure containing the former.

PemEcKey
PEM_EC_KEY

An RFC 5280 SubjectPublicKeyInfo structure containing a PEM-encoded compressed NIST P-256/secp256r1/prime256v1 or P-384 key.

KeyTypeUnspecified
KEY_TYPE_UNSPECIFIED

Default unspecified value.

PemRsaKey
PEM_RSA_KEY

A PEM-encoded PKCS#1/RFC 3447 RSAPublicKey structure, or an RFC 5280 SubjectPublicKeyInfo structure containing the former.

PemEcKey
PEM_EC_KEY

An RFC 5280 SubjectPublicKeyInfo structure containing a PEM-encoded compressed NIST P-256/secp256r1/prime256v1 or P-384 key.

KEY_TYPE_UNSPECIFIED
KEY_TYPE_UNSPECIFIED

Default unspecified value.

PEM_RSA_KEY
PEM_RSA_KEY

A PEM-encoded PKCS#1/RFC 3447 RSAPublicKey structure, or an RFC 5280 SubjectPublicKeyInfo structure containing the former.

PEM_EC_KEY
PEM_EC_KEY

An RFC 5280 SubjectPublicKeyInfo structure containing a PEM-encoded compressed NIST P-256/secp256r1/prime256v1 or P-384 key.

"KEY_TYPE_UNSPECIFIED"
KEY_TYPE_UNSPECIFIED

Default unspecified value.

"PEM_RSA_KEY"
PEM_RSA_KEY

A PEM-encoded PKCS#1/RFC 3447 RSAPublicKey structure, or an RFC 5280 SubjectPublicKeyInfo structure containing the former.

"PEM_EC_KEY"
PEM_EC_KEY

An RFC 5280 SubjectPublicKeyInfo structure containing a PEM-encoded compressed NIST P-256/secp256r1/prime256v1 or P-384 key.

ReusableConfigValues

AdditionalExtensions List<Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.X509Extension>

Optional. Describes custom X.509 extensions.

AiaOcspServers List<string>

Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.

CaOptions Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.CaOptions

Optional. Describes options in this ReusableConfigValues that are relevant in a CA certificate.

KeyUsage Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.KeyUsage

Optional. Indicates the intended use for keys that correspond to a certificate.

PolicyIds List<Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.ObjectId>

Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.

AdditionalExtensions []X509Extension

Optional. Describes custom X.509 extensions.

AiaOcspServers []string

Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.

CaOptions CaOptions

Optional. Describes options in this ReusableConfigValues that are relevant in a CA certificate.

KeyUsage KeyUsage

Optional. Indicates the intended use for keys that correspond to a certificate.

PolicyIds []ObjectId

Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.

additionalExtensions List<X509Extension>

Optional. Describes custom X.509 extensions.

aiaOcspServers List<String>

Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.

caOptions CaOptions

Optional. Describes options in this ReusableConfigValues that are relevant in a CA certificate.

keyUsage KeyUsage

Optional. Indicates the intended use for keys that correspond to a certificate.

policyIds List<ObjectId>

Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.

additionalExtensions X509Extension[]

Optional. Describes custom X.509 extensions.

aiaOcspServers string[]

Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.

caOptions CaOptions

Optional. Describes options in this ReusableConfigValues that are relevant in a CA certificate.

keyUsage KeyUsage

Optional. Indicates the intended use for keys that correspond to a certificate.

policyIds ObjectId[]

Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.

additional_extensions Sequence[X509Extension]

Optional. Describes custom X.509 extensions.

aia_ocsp_servers Sequence[str]

Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.

ca_options CaOptions

Optional. Describes options in this ReusableConfigValues that are relevant in a CA certificate.

key_usage KeyUsage

Optional. Indicates the intended use for keys that correspond to a certificate.

policy_ids Sequence[ObjectId]

Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.

additionalExtensions List<Property Map>

Optional. Describes custom X.509 extensions.

aiaOcspServers List<String>

Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.

caOptions Property Map

Optional. Describes options in this ReusableConfigValues that are relevant in a CA certificate.

keyUsage Property Map

Optional. Indicates the intended use for keys that correspond to a certificate.

policyIds List<Property Map>

Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.

ReusableConfigValuesResponse

AdditionalExtensions List<Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.X509ExtensionResponse>

Optional. Describes custom X.509 extensions.

AiaOcspServers List<string>

Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.

CaOptions Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.CaOptionsResponse

Optional. Describes options in this ReusableConfigValues that are relevant in a CA certificate.

KeyUsage Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.KeyUsageResponse

Optional. Indicates the intended use for keys that correspond to a certificate.

PolicyIds List<Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.ObjectIdResponse>

Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.

AdditionalExtensions []X509ExtensionResponse

Optional. Describes custom X.509 extensions.

AiaOcspServers []string

Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.

CaOptions CaOptionsResponse

Optional. Describes options in this ReusableConfigValues that are relevant in a CA certificate.

KeyUsage KeyUsageResponse

Optional. Indicates the intended use for keys that correspond to a certificate.

PolicyIds []ObjectIdResponse

Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.

additionalExtensions List<X509ExtensionResponse>

Optional. Describes custom X.509 extensions.

aiaOcspServers List<String>

Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.

caOptions CaOptionsResponse

Optional. Describes options in this ReusableConfigValues that are relevant in a CA certificate.

keyUsage KeyUsageResponse

Optional. Indicates the intended use for keys that correspond to a certificate.

policyIds List<ObjectIdResponse>

Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.

additionalExtensions X509ExtensionResponse[]

Optional. Describes custom X.509 extensions.

aiaOcspServers string[]

Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.

caOptions CaOptionsResponse

Optional. Describes options in this ReusableConfigValues that are relevant in a CA certificate.

keyUsage KeyUsageResponse

Optional. Indicates the intended use for keys that correspond to a certificate.

policyIds ObjectIdResponse[]

Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.

additional_extensions Sequence[X509ExtensionResponse]

Optional. Describes custom X.509 extensions.

aia_ocsp_servers Sequence[str]

Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.

ca_options CaOptionsResponse

Optional. Describes options in this ReusableConfigValues that are relevant in a CA certificate.

key_usage KeyUsageResponse

Optional. Indicates the intended use for keys that correspond to a certificate.

policy_ids Sequence[ObjectIdResponse]

Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.

additionalExtensions List<Property Map>

Optional. Describes custom X.509 extensions.

aiaOcspServers List<String>

Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.

caOptions Property Map

Optional. Describes options in this ReusableConfigValues that are relevant in a CA certificate.

keyUsage Property Map

Optional. Indicates the intended use for keys that correspond to a certificate.

policyIds List<Property Map>

Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.

ReusableConfigWrapper

ReusableConfig string

A resource path to a ReusableConfig in the format projects/*/locations/*/reusableConfigs/*.

ReusableConfigValues Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.ReusableConfigValues

A user-specified inline ReusableConfigValues.

ReusableConfig string

A resource path to a ReusableConfig in the format projects/*/locations/*/reusableConfigs/*.

ReusableConfigValues ReusableConfigValues

A user-specified inline ReusableConfigValues.

reusableConfig String

A resource path to a ReusableConfig in the format projects/*/locations/*/reusableConfigs/*.

reusableConfigValues ReusableConfigValues

A user-specified inline ReusableConfigValues.

reusableConfig string

A resource path to a ReusableConfig in the format projects/*/locations/*/reusableConfigs/*.

reusableConfigValues ReusableConfigValues

A user-specified inline ReusableConfigValues.

reusable_config str

A resource path to a ReusableConfig in the format projects/*/locations/*/reusableConfigs/*.

reusable_config_values ReusableConfigValues

A user-specified inline ReusableConfigValues.

reusableConfig String

A resource path to a ReusableConfig in the format projects/*/locations/*/reusableConfigs/*.

reusableConfigValues Property Map

A user-specified inline ReusableConfigValues.

ReusableConfigWrapperResponse

ReusableConfig string

A resource path to a ReusableConfig in the format projects/*/locations/*/reusableConfigs/*.

ReusableConfigValues Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.ReusableConfigValuesResponse

A user-specified inline ReusableConfigValues.

ReusableConfig string

A resource path to a ReusableConfig in the format projects/*/locations/*/reusableConfigs/*.

ReusableConfigValues ReusableConfigValuesResponse

A user-specified inline ReusableConfigValues.

reusableConfig String

A resource path to a ReusableConfig in the format projects/*/locations/*/reusableConfigs/*.

reusableConfigValues ReusableConfigValuesResponse

A user-specified inline ReusableConfigValues.

reusableConfig string

A resource path to a ReusableConfig in the format projects/*/locations/*/reusableConfigs/*.

reusableConfigValues ReusableConfigValuesResponse

A user-specified inline ReusableConfigValues.

reusable_config str

A resource path to a ReusableConfig in the format projects/*/locations/*/reusableConfigs/*.

reusable_config_values ReusableConfigValuesResponse

A user-specified inline ReusableConfigValues.

reusableConfig String

A resource path to a ReusableConfig in the format projects/*/locations/*/reusableConfigs/*.

reusableConfigValues Property Map

A user-specified inline ReusableConfigValues.

RevocationDetailsResponse

RevocationState string

Indicates why a Certificate was revoked.

RevocationTime string

The time at which this Certificate was revoked.

RevocationState string

Indicates why a Certificate was revoked.

RevocationTime string

The time at which this Certificate was revoked.

revocationState String

Indicates why a Certificate was revoked.

revocationTime String

The time at which this Certificate was revoked.

revocationState string

Indicates why a Certificate was revoked.

revocationTime string

The time at which this Certificate was revoked.

revocation_state str

Indicates why a Certificate was revoked.

revocation_time str

The time at which this Certificate was revoked.

revocationState String

Indicates why a Certificate was revoked.

revocationTime String

The time at which this Certificate was revoked.

Subject

CountryCode string

The country code of the subject.

Locality string

The locality or city of the subject.

Organization string

The organization of the subject.

OrganizationalUnit string

The organizational_unit of the subject.

PostalCode string

The postal code of the subject.

Province string

The province, territory, or regional state of the subject.

StreetAddress string

The street address of the subject.

CountryCode string

The country code of the subject.

Locality string

The locality or city of the subject.

Organization string

The organization of the subject.

OrganizationalUnit string

The organizational_unit of the subject.

PostalCode string

The postal code of the subject.

Province string

The province, territory, or regional state of the subject.

StreetAddress string

The street address of the subject.

countryCode String

The country code of the subject.

locality String

The locality or city of the subject.

organization String

The organization of the subject.

organizationalUnit String

The organizational_unit of the subject.

postalCode String

The postal code of the subject.

province String

The province, territory, or regional state of the subject.

streetAddress String

The street address of the subject.

countryCode string

The country code of the subject.

locality string

The locality or city of the subject.

organization string

The organization of the subject.

organizationalUnit string

The organizational_unit of the subject.

postalCode string

The postal code of the subject.

province string

The province, territory, or regional state of the subject.

streetAddress string

The street address of the subject.

country_code str

The country code of the subject.

locality str

The locality or city of the subject.

organization str

The organization of the subject.

organizational_unit str

The organizational_unit of the subject.

postal_code str

The postal code of the subject.

province str

The province, territory, or regional state of the subject.

street_address str

The street address of the subject.

countryCode String

The country code of the subject.

locality String

The locality or city of the subject.

organization String

The organization of the subject.

organizationalUnit String

The organizational_unit of the subject.

postalCode String

The postal code of the subject.

province String

The province, territory, or regional state of the subject.

streetAddress String

The street address of the subject.

SubjectAltNames

CustomSans List<Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.X509Extension>

Contains additional subject alternative name values.

DnsNames List<string>

Contains only valid, fully-qualified host names.

EmailAddresses List<string>

Contains only valid RFC 2822 E-mail addresses.

IpAddresses List<string>

Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.

Uris List<string>

Contains only valid RFC 3986 URIs.

CustomSans []X509Extension

Contains additional subject alternative name values.

DnsNames []string

Contains only valid, fully-qualified host names.

EmailAddresses []string

Contains only valid RFC 2822 E-mail addresses.

IpAddresses []string

Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.

Uris []string

Contains only valid RFC 3986 URIs.

customSans List<X509Extension>

Contains additional subject alternative name values.

dnsNames List<String>

Contains only valid, fully-qualified host names.

emailAddresses List<String>

Contains only valid RFC 2822 E-mail addresses.

ipAddresses List<String>

Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.

uris List<String>

Contains only valid RFC 3986 URIs.

customSans X509Extension[]

Contains additional subject alternative name values.

dnsNames string[]

Contains only valid, fully-qualified host names.

emailAddresses string[]

Contains only valid RFC 2822 E-mail addresses.

ipAddresses string[]

Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.

uris string[]

Contains only valid RFC 3986 URIs.

custom_sans Sequence[X509Extension]

Contains additional subject alternative name values.

dns_names Sequence[str]

Contains only valid, fully-qualified host names.

email_addresses Sequence[str]

Contains only valid RFC 2822 E-mail addresses.

ip_addresses Sequence[str]

Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.

uris Sequence[str]

Contains only valid RFC 3986 URIs.

customSans List<Property Map>

Contains additional subject alternative name values.

dnsNames List<String>

Contains only valid, fully-qualified host names.

emailAddresses List<String>

Contains only valid RFC 2822 E-mail addresses.

ipAddresses List<String>

Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.

uris List<String>

Contains only valid RFC 3986 URIs.

SubjectAltNamesResponse

CustomSans List<Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.X509ExtensionResponse>

Contains additional subject alternative name values.

DnsNames List<string>

Contains only valid, fully-qualified host names.

EmailAddresses List<string>

Contains only valid RFC 2822 E-mail addresses.

IpAddresses List<string>

Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.

Uris List<string>

Contains only valid RFC 3986 URIs.

CustomSans []X509ExtensionResponse

Contains additional subject alternative name values.

DnsNames []string

Contains only valid, fully-qualified host names.

EmailAddresses []string

Contains only valid RFC 2822 E-mail addresses.

IpAddresses []string

Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.

Uris []string

Contains only valid RFC 3986 URIs.

customSans List<X509ExtensionResponse>

Contains additional subject alternative name values.

dnsNames List<String>

Contains only valid, fully-qualified host names.

emailAddresses List<String>

Contains only valid RFC 2822 E-mail addresses.

ipAddresses List<String>

Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.

uris List<String>

Contains only valid RFC 3986 URIs.

customSans X509ExtensionResponse[]

Contains additional subject alternative name values.

dnsNames string[]

Contains only valid, fully-qualified host names.

emailAddresses string[]

Contains only valid RFC 2822 E-mail addresses.

ipAddresses string[]

Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.

uris string[]

Contains only valid RFC 3986 URIs.

custom_sans Sequence[X509ExtensionResponse]

Contains additional subject alternative name values.

dns_names Sequence[str]

Contains only valid, fully-qualified host names.

email_addresses Sequence[str]

Contains only valid RFC 2822 E-mail addresses.

ip_addresses Sequence[str]

Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.

uris Sequence[str]

Contains only valid RFC 3986 URIs.

customSans List<Property Map>

Contains additional subject alternative name values.

dnsNames List<String>

Contains only valid, fully-qualified host names.

emailAddresses List<String>

Contains only valid RFC 2822 E-mail addresses.

ipAddresses List<String>

Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.

uris List<String>

Contains only valid RFC 3986 URIs.

SubjectConfig

Subject Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.Subject

Contains distinguished name fields such as the location and organization.

CommonName string

Optional. The "common name" of the distinguished name.

SubjectAltName Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.SubjectAltNames

Optional. The subject alternative name fields.

Subject Subject

Contains distinguished name fields such as the location and organization.

CommonName string

Optional. The "common name" of the distinguished name.

SubjectAltName SubjectAltNames

Optional. The subject alternative name fields.

subject Subject

Contains distinguished name fields such as the location and organization.

commonName String

Optional. The "common name" of the distinguished name.

subjectAltName SubjectAltNames

Optional. The subject alternative name fields.

subject Subject

Contains distinguished name fields such as the location and organization.

commonName string

Optional. The "common name" of the distinguished name.

subjectAltName SubjectAltNames

Optional. The subject alternative name fields.

subject Subject

Contains distinguished name fields such as the location and organization.

common_name str

Optional. The "common name" of the distinguished name.

subject_alt_name SubjectAltNames

Optional. The subject alternative name fields.

subject Property Map

Contains distinguished name fields such as the location and organization.

commonName String

Optional. The "common name" of the distinguished name.

subjectAltName Property Map

Optional. The subject alternative name fields.

SubjectConfigResponse

CommonName string

Optional. The "common name" of the distinguished name.

Subject Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.SubjectResponse

Contains distinguished name fields such as the location and organization.

SubjectAltName Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.SubjectAltNamesResponse

Optional. The subject alternative name fields.

CommonName string

Optional. The "common name" of the distinguished name.

Subject SubjectResponse

Contains distinguished name fields such as the location and organization.

SubjectAltName SubjectAltNamesResponse

Optional. The subject alternative name fields.

commonName String

Optional. The "common name" of the distinguished name.

subject SubjectResponse

Contains distinguished name fields such as the location and organization.

subjectAltName SubjectAltNamesResponse

Optional. The subject alternative name fields.

commonName string

Optional. The "common name" of the distinguished name.

subject SubjectResponse

Contains distinguished name fields such as the location and organization.

subjectAltName SubjectAltNamesResponse

Optional. The subject alternative name fields.

common_name str

Optional. The "common name" of the distinguished name.

subject SubjectResponse

Contains distinguished name fields such as the location and organization.

subject_alt_name SubjectAltNamesResponse

Optional. The subject alternative name fields.

commonName String

Optional. The "common name" of the distinguished name.

subject Property Map

Contains distinguished name fields such as the location and organization.

subjectAltName Property Map

Optional. The subject alternative name fields.

SubjectDescriptionResponse

CommonName string

The "common name" of the distinguished name.

HexSerialNumber string

The serial number encoded in lowercase hexadecimal.

Lifetime string

For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.

NotAfterTime string

The time at which the certificate expires.

NotBeforeTime string

The time at which the certificate becomes valid.

Subject Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.SubjectResponse

Contains distinguished name fields such as the location and organization.

SubjectAltName Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.SubjectAltNamesResponse

The subject alternative name fields.

CommonName string

The "common name" of the distinguished name.

HexSerialNumber string

The serial number encoded in lowercase hexadecimal.

Lifetime string

For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.

NotAfterTime string

The time at which the certificate expires.

NotBeforeTime string

The time at which the certificate becomes valid.

Subject SubjectResponse

Contains distinguished name fields such as the location and organization.

SubjectAltName SubjectAltNamesResponse

The subject alternative name fields.

commonName String

The "common name" of the distinguished name.

hexSerialNumber String

The serial number encoded in lowercase hexadecimal.

lifetime String

For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.

notAfterTime String

The time at which the certificate expires.

notBeforeTime String

The time at which the certificate becomes valid.

subject SubjectResponse

Contains distinguished name fields such as the location and organization.

subjectAltName SubjectAltNamesResponse

The subject alternative name fields.

commonName string

The "common name" of the distinguished name.

hexSerialNumber string

The serial number encoded in lowercase hexadecimal.

lifetime string

For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.

notAfterTime string

The time at which the certificate expires.

notBeforeTime string

The time at which the certificate becomes valid.

subject SubjectResponse

Contains distinguished name fields such as the location and organization.

subjectAltName SubjectAltNamesResponse

The subject alternative name fields.

common_name str

The "common name" of the distinguished name.

hex_serial_number str

The serial number encoded in lowercase hexadecimal.

lifetime str

For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.

not_after_time str

The time at which the certificate expires.

not_before_time str

The time at which the certificate becomes valid.

subject SubjectResponse

Contains distinguished name fields such as the location and organization.

subject_alt_name SubjectAltNamesResponse

The subject alternative name fields.

commonName String

The "common name" of the distinguished name.

hexSerialNumber String

The serial number encoded in lowercase hexadecimal.

lifetime String

For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.

notAfterTime String

The time at which the certificate expires.

notBeforeTime String

The time at which the certificate becomes valid.

subject Property Map

Contains distinguished name fields such as the location and organization.

subjectAltName Property Map

The subject alternative name fields.

SubjectResponse

CountryCode string

The country code of the subject.

Locality string

The locality or city of the subject.

Organization string

The organization of the subject.

OrganizationalUnit string

The organizational_unit of the subject.

PostalCode string

The postal code of the subject.

Province string

The province, territory, or regional state of the subject.

StreetAddress string

The street address of the subject.

CountryCode string

The country code of the subject.

Locality string

The locality or city of the subject.

Organization string

The organization of the subject.

OrganizationalUnit string

The organizational_unit of the subject.

PostalCode string

The postal code of the subject.

Province string

The province, territory, or regional state of the subject.

StreetAddress string

The street address of the subject.

countryCode String

The country code of the subject.

locality String

The locality or city of the subject.

organization String

The organization of the subject.

organizationalUnit String

The organizational_unit of the subject.

postalCode String

The postal code of the subject.

province String

The province, territory, or regional state of the subject.

streetAddress String

The street address of the subject.

countryCode string

The country code of the subject.

locality string

The locality or city of the subject.

organization string

The organization of the subject.

organizationalUnit string

The organizational_unit of the subject.

postalCode string

The postal code of the subject.

province string

The province, territory, or regional state of the subject.

streetAddress string

The street address of the subject.

country_code str

The country code of the subject.

locality str

The locality or city of the subject.

organization str

The organization of the subject.

organizational_unit str

The organizational_unit of the subject.

postal_code str

The postal code of the subject.

province str

The province, territory, or regional state of the subject.

street_address str

The street address of the subject.

countryCode String

The country code of the subject.

locality String

The locality or city of the subject.

organization String

The organization of the subject.

organizationalUnit String

The organizational_unit of the subject.

postalCode String

The postal code of the subject.

province String

The province, territory, or regional state of the subject.

streetAddress String

The street address of the subject.

X509Extension

Critical bool

Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).

ObjectId Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.ObjectId

The OID for this X.509 extension.

Value string

The value of this X.509 extension.

Critical bool

Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).

ObjectId ObjectId

The OID for this X.509 extension.

Value string

The value of this X.509 extension.

critical Boolean

Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).

objectId ObjectId

The OID for this X.509 extension.

value String

The value of this X.509 extension.

critical boolean

Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).

objectId ObjectId

The OID for this X.509 extension.

value string

The value of this X.509 extension.

critical bool

Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).

object_id ObjectId

The OID for this X.509 extension.

value str

The value of this X.509 extension.

critical Boolean

Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).

objectId Property Map

The OID for this X.509 extension.

value String

The value of this X.509 extension.

X509ExtensionResponse

Critical bool

Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).

ObjectId Pulumi.GoogleNative.Privateca.V1Beta1.Inputs.ObjectIdResponse

The OID for this X.509 extension.

Value string

The value of this X.509 extension.

Critical bool

Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).

ObjectId ObjectIdResponse

The OID for this X.509 extension.

Value string

The value of this X.509 extension.

critical Boolean

Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).

objectId ObjectIdResponse

The OID for this X.509 extension.

value String

The value of this X.509 extension.

critical boolean

Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).

objectId ObjectIdResponse

The OID for this X.509 extension.

value string

The value of this X.509 extension.

critical bool

Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).

object_id ObjectIdResponse

The OID for this X.509 extension.

value str

The value of this X.509 extension.

critical Boolean

Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).

objectId Property Map

The OID for this X.509 extension.

value String

The value of this X.509 extension.

Package Details

Repository
https://github.com/pulumi/pulumi-google-native
License
Apache-2.0