Class: Google::Apis::IamV1::InlineCertificateIssuanceConfig

Inherits:
Object
  • Object
show all
Includes:
Core::Hashable, Core::JsonObjectSupport
Defined in:
lib/google/apis/iam_v1/classes.rb,
lib/google/apis/iam_v1/representations.rb,
lib/google/apis/iam_v1/representations.rb

Overview

Represents configuration for generating mutual TLS (mTLS) certificates for the identities within this pool.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ InlineCertificateIssuanceConfig

Returns a new instance of InlineCertificateIssuanceConfig.



1000
1001
1002
 
# File 'lib/google/apis/iam_v1/classes.rb', line 1000

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#ca_poolsHash<String,String>

Optional. A required mapping of a Google Cloud region to the CA pool resource located in that region. The CA pool is used for certificate issuance, adhering to the following constraints: * Key format: A supported cloud region name equivalent to the location identifier in the corresponding map entry's value. * Value format: A valid CA pool resource path format like: "projects/project/ locations/location/caPools/ca_pool" * Region Matching: Workloads are ONLY issued certificates from CA pools within the same region. Also the CA pool region (in value) must match the workload's region (key). Corresponds to the JSON property caPools

Returns:

  • (Hash<String,String>) 


965
966
967
 
# File 'lib/google/apis/iam_v1/classes.rb', line 965

def ca_pools
  @ca_pools
end

#key_algorithmString

Optional. Key algorithm to use when generating the key pair. This key pair will be used to create the certificate. If not specified, this will default to ECDSA_P256. Corresponds to the JSON property keyAlgorithm

Returns:

  • (String) 


972
973
974
 
# File 'lib/google/apis/iam_v1/classes.rb', line 972

def key_algorithm
  @key_algorithm
end

#lifetimeString

Optional. Lifetime of the workload certificates issued by the CA pool. Must be between 24 hours and 30 days. If not specified, this will be defaulted to 24 hours. Corresponds to the JSON property lifetime

Returns:

  • (String) 


979
980
981
 
# File 'lib/google/apis/iam_v1/classes.rb', line 979

def lifetime
  @lifetime
end

#rotation_window_percentageFixnum

Optional. Rotation window percentage, the percentage of remaining lifetime after which certificate rotation is initiated. Must be between 50 and 80. If no value is specified, rotation window percentage is defaulted to 50. Corresponds to the JSON property rotationWindowPercentage

Returns:

  • (Fixnum) 


986
987
988
 
# File 'lib/google/apis/iam_v1/classes.rb', line 986

def rotation_window_percentage
  @rotation_window_percentage
end

#use_default_shared_caBoolean Also known as: use_default_shared_ca?

Optional. If set to true, the trust domain will utilize the GCP-provisioned default CA. A default CA in the same region as the workload will be selected to issue the certificate. Enabling this will clear any existing ca_pools configuration to provision the certificates. NOTE: This field is mutually exclusive with ca_pools. If this flag is enabled, certificates will be automatically provisioned from the default shared CAs. This flag should not be set if you want to use your own CA pools to provision the certificates. Corresponds to the JSON property useDefaultSharedCa

Returns:

  • (Boolean) 


997
998
999
 
# File 'lib/google/apis/iam_v1/classes.rb', line 997

def use_default_shared_ca
  @use_default_shared_ca
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



1005
1006
1007
1008
1009
1010
1011
 
# File 'lib/google/apis/iam_v1/classes.rb', line 1005

def update!(**args)
  @ca_pools = args[:ca_pools] if args.key?(:ca_pools)
  @key_algorithm = args[:key_algorithm] if args.key?(:key_algorithm)
  @lifetime = args[:lifetime] if args.key?(:lifetime)
  @rotation_window_percentage = args[:rotation_window_percentage] if args.key?(:rotation_window_percentage)
  @use_default_shared_ca = args[:use_default_shared_ca] if args.key?(:use_default_shared_ca)
end