Class: Google::Apis::PrivatecaV1::IssuancePolicy

Inherits:

Object

• Object
• Google::Apis::PrivatecaV1::IssuancePolicy

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

lib/google/apis/privateca_v1/classes.rb,
lib/google/apis/privateca_v1/representations.rb,
lib/google/apis/privateca_v1/representations.rb

Overview

Defines controls over all certificate issuance within a CaPool.

Instance Attribute Summary

• #allowed_issuance_modes ⇒ Google::Apis::PrivatecaV1::IssuanceModes

  IssuanceModes specifies the allowed ways in which Certificates may be requested from this CaPool.

• #allowed_key_types ⇒ Array<Google::Apis::PrivatecaV1::AllowedKeyType>

  Optional.

• #backdate_duration ⇒ String

  Optional.

• #baseline_values ⇒ Google::Apis::PrivatecaV1::X509Parameters

  An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions.

• #identity_constraints ⇒ Google::Apis::PrivatecaV1::CertificateIdentityConstraints

  Describes constraints on a Certificate's Subject and SubjectAltNames.

• #maximum_lifetime ⇒ String

  Optional.

• #passthrough_extensions ⇒ Google::Apis::PrivatecaV1::CertificateExtensionConstraints

  Describes a set of X.509 extensions that may be part of some certificate issuance controls.

Instance Method Summary

• #initialize(**args) ⇒ IssuancePolicy constructor

  A new instance of IssuancePolicy.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ IssuancePolicy

Returns a new instance of IssuancePolicy.

# File 'lib/google/apis/privateca_v1/classes.rb', line 1491

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#allowed_issuance_modes ⇒ Google::Apis::PrivatecaV1::IssuanceModes

IssuanceModes specifies the allowed ways in which Certificates may be requested from this CaPool. Corresponds to the JSON property allowedIssuanceModes

Returns:

• (Google::Apis::PrivatecaV1::IssuanceModes)

# File 'lib/google/apis/privateca_v1/classes.rb', line 1446

def allowed_issuance_modes
  @allowed_issuance_modes
end

#allowed_key_types ⇒ Array<Google::Apis::PrivatecaV1::AllowedKeyType>

Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used. Corresponds to the JSON property allowedKeyTypes

Returns:

• (Array<Google::Apis::PrivatecaV1::AllowedKeyType>)

# File 'lib/google/apis/privateca_v1/classes.rb', line 1453

def allowed_key_types
  @allowed_key_types
end

#backdate_duration ⇒ String

Optional. If set, all certificates issued from this CaPool will be backdated by this duration. The 'not_before_time' will be the issuance time minus this backdate_duration, and the 'not_after_time' will be adjusted to preserve the requested lifetime. The maximum duration that a certificate can be backdated with these options is 48 hours in the past. This option cannot be set if allow_requester_specified_not_before_time is set. Corresponds to the JSON property backdateDuration

Returns:

• (String)

# File 'lib/google/apis/privateca_v1/classes.rb', line 1463

def backdate_duration
  @backdate_duration
end

#baseline_values ⇒ Google::Apis::PrivatecaV1::X509Parameters

An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. Corresponds to the JSON property baselineValues

Returns:

• (Google::Apis::PrivatecaV1::X509Parameters)

# File 'lib/google/apis/privateca_v1/classes.rb', line 1470

def baseline_values
  @baseline_values
end

#identity_constraints ⇒ Google::Apis::PrivatecaV1::CertificateIdentityConstraints

Describes constraints on a Certificate's Subject and SubjectAltNames. Corresponds to the JSON property identityConstraints

Returns:

• (Google::Apis::PrivatecaV1::CertificateIdentityConstraints)

# File 'lib/google/apis/privateca_v1/classes.rb', line 1475

def identity_constraints
  @identity_constraints
end

#maximum_lifetime ⇒ String

Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate resource's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it. Corresponds to the JSON property maximumLifetime

Returns:

• (String)

# File 'lib/google/apis/privateca_v1/classes.rb', line 1483

def maximum_lifetime
  @maximum_lifetime
end

#passthrough_extensions ⇒ Google::Apis::PrivatecaV1::CertificateExtensionConstraints

Describes a set of X.509 extensions that may be part of some certificate issuance controls. Corresponds to the JSON property passthroughExtensions

Returns:

• (Google::Apis::PrivatecaV1::CertificateExtensionConstraints)

# File 'lib/google/apis/privateca_v1/classes.rb', line 1489

def passthrough_extensions
  @passthrough_extensions
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'lib/google/apis/privateca_v1/classes.rb', line 1496

def update!(**args)
  @allowed_issuance_modes = args[:allowed_issuance_modes] if args.key?(:allowed_issuance_modes)
  @allowed_key_types = args[:allowed_key_types] if args.key?(:allowed_key_types)
  @backdate_duration = args[:backdate_duration] if args.key?(:backdate_duration)
  @baseline_values = args[:baseline_values] if args.key?(:baseline_values)
  @identity_constraints = args[:identity_constraints] if args.key?(:identity_constraints)
  @maximum_lifetime = args[:maximum_lifetime] if args.key?(:maximum_lifetime)
  @passthrough_extensions = args[:passthrough_extensions] if args.key?(:passthrough_extensions)
end