Class: Google::Apis::PrivatecaV1::IssuancePolicy

Inherits:
Object
  • Object
show all
Includes:
Core::Hashable, Core::JsonObjectSupport
Defined in:
lib/google/apis/privateca_v1/classes.rb,
lib/google/apis/privateca_v1/representations.rb,
lib/google/apis/privateca_v1/representations.rb

Overview

Defines controls over all certificate issuance within a CaPool.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ IssuancePolicy

Returns a new instance of IssuancePolicy.



1515
1516
1517
 
# File 'lib/google/apis/privateca_v1/classes.rb', line 1515

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#allow_requester_specified_not_before_timeBoolean Also known as: allow_requester_specified_not_before_time?

Optional. If set to true, allows requesters to specify the requested_not_before_time field when creating a Certificate. Certificates requested with this option enabled will have a 'not_before_time' equal to the value specified in the request. The 'not_after_time' will be adjusted to preserve the requested lifetime. The maximum time that a certificate can be backdated with these options is 48 hours in the past. This option cannot be set if backdate_duration is set. Corresponds to the JSON property allowRequesterSpecifiedNotBeforeTime

Returns:

  • (Boolean) 


1463
1464
1465
 
# File 'lib/google/apis/privateca_v1/classes.rb', line 1463

def allow_requester_specified_not_before_time
  @allow_requester_specified_not_before_time
end

#allowed_issuance_modesGoogle::Apis::PrivatecaV1::IssuanceModes

IssuanceModes specifies the allowed ways in which Certificates may be requested from this CaPool. Corresponds to the JSON property allowedIssuanceModes

Returns:



1470
1471
1472
 
# File 'lib/google/apis/privateca_v1/classes.rb', line 1470

def allowed_issuance_modes
  @allowed_issuance_modes
end

#allowed_key_typesArray<Google::Apis::PrivatecaV1::AllowedKeyType>

Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used. Corresponds to the JSON property allowedKeyTypes

Returns:



1477
1478
1479
 
# File 'lib/google/apis/privateca_v1/classes.rb', line 1477

def allowed_key_types
  @allowed_key_types
end

#backdate_durationString

Optional. If set, all certificates issued from this CaPool will be backdated by this duration. The 'not_before_time' will be the issuance time minus this backdate_duration, and the 'not_after_time' will be adjusted to preserve the requested lifetime. The maximum duration that a certificate can be backdated with these options is 48 hours in the past. This option cannot be set if allow_requester_specified_not_before_time is set. Corresponds to the JSON property backdateDuration

Returns:

  • (String) 


1487
1488
1489
 
# File 'lib/google/apis/privateca_v1/classes.rb', line 1487

def backdate_duration
  @backdate_duration
end

#baseline_valuesGoogle::Apis::PrivatecaV1::X509Parameters

An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. Corresponds to the JSON property baselineValues

Returns:



1494
1495
1496
 
# File 'lib/google/apis/privateca_v1/classes.rb', line 1494

def baseline_values
  @baseline_values
end

#identity_constraintsGoogle::Apis::PrivatecaV1::CertificateIdentityConstraints

Describes constraints on a Certificate's Subject and SubjectAltNames. Corresponds to the JSON property identityConstraints

Returns:



1499
1500
1501
 
# File 'lib/google/apis/privateca_v1/classes.rb', line 1499

def identity_constraints
  @identity_constraints
end

#maximum_lifetimeString

Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate resource's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it. Corresponds to the JSON property maximumLifetime

Returns:

  • (String) 


1507
1508
1509
 
# File 'lib/google/apis/privateca_v1/classes.rb', line 1507

def maximum_lifetime
  @maximum_lifetime
end

#passthrough_extensionsGoogle::Apis::PrivatecaV1::CertificateExtensionConstraints

Describes a set of X.509 extensions that may be part of some certificate issuance controls. Corresponds to the JSON property passthroughExtensions

Returns:



1513
1514
1515
 
# File 'lib/google/apis/privateca_v1/classes.rb', line 1513

def passthrough_extensions
  @passthrough_extensions
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
 
# File 'lib/google/apis/privateca_v1/classes.rb', line 1520

def update!(**args)
  @allow_requester_specified_not_before_time = args[:allow_requester_specified_not_before_time] if args.key?(:allow_requester_specified_not_before_time)
  @allowed_issuance_modes = args[:allowed_issuance_modes] if args.key?(:allowed_issuance_modes)
  @allowed_key_types = args[:allowed_key_types] if args.key?(:allowed_key_types)
  @backdate_duration = args[:backdate_duration] if args.key?(:backdate_duration)
  @baseline_values = args[:baseline_values] if args.key?(:baseline_values)
  @identity_constraints = args[:identity_constraints] if args.key?(:identity_constraints)
  @maximum_lifetime = args[:maximum_lifetime] if args.key?(:maximum_lifetime)
  @passthrough_extensions = args[:passthrough_extensions] if args.key?(:passthrough_extensions)
end