class Google::Apis::PrivatecaV1beta1::CertificateAuthorityPolicy

The issuing policy for a CertificateAuthority. Certificates will not be successfully issued from this CertificateAuthority if they violate the policy.

Attributes

allowed_common_names[RW]

Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported. Corresponds to the JSON property `allowedCommonNames` @return [Array<String>]

allowed_config_list[RW]

Optional. All Certificates issued by the CertificateAuthority must match at least one listed ReusableConfigWrapper in the list. Corresponds to the JSON property `allowedConfigList` @return [Google::Apis::PrivatecaV1beta1::AllowedConfigList]

allowed_issuance_modes[RW]

IssuanceModes specifies the allowed ways in which Certificates may be requested from this CertificateAuthority. Corresponds to the JSON property `allowedIssuanceModes` @return [Google::Apis::PrivatecaV1beta1::IssuanceModes]

allowed_locations_and_organizations[RW]

Optional. If any Subject is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed Subject. If a Subject has an empty field, any value will be allowed for that field. Corresponds to the JSON property `allowedLocationsAndOrganizations` @return [Array<Google::Apis::PrivatecaV1beta1::Subject>]

allowed_sans[RW]

AllowedSubjectAltNames specifies the allowed values for SubjectAltNames by the CertificateAuthority when issuing Certificates. Corresponds to the JSON property `allowedSans` @return [Google::Apis::PrivatecaV1beta1::AllowedSubjectAltNames]

maximum_lifetime[RW]

Optional. The maximum lifetime allowed by the CertificateAuthority. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated. Corresponds to the JSON property `maximumLifetime` @return [String]

overwrite_config_values[RW]

A ReusableConfigWrapper describes values that may assist in creating an X.509 certificate, or a reference to a pre-defined set of values. Corresponds to the JSON property `overwriteConfigValues` @return [Google::Apis::PrivatecaV1beta1::ReusableConfigWrapper]

Public Class Methods

new(**args) click to toggle source
# File lib/google/apis/privateca_v1beta1/classes.rb, line 641
def initialize(**args)
   update!(**args)
end

Public Instance Methods

update!(**args) click to toggle source

Update properties of this object

# File lib/google/apis/privateca_v1beta1/classes.rb, line 646
def update!(**args)
  @allowed_common_names = args[:allowed_common_names] if args.key?(:allowed_common_names)
  @allowed_config_list = args[:allowed_config_list] if args.key?(:allowed_config_list)
  @allowed_issuance_modes = args[:allowed_issuance_modes] if args.key?(:allowed_issuance_modes)
  @allowed_locations_and_organizations = args[:allowed_locations_and_organizations] if args.key?(:allowed_locations_and_organizations)
  @allowed_sans = args[:allowed_sans] if args.key?(:allowed_sans)
  @maximum_lifetime = args[:maximum_lifetime] if args.key?(:maximum_lifetime)
  @overwrite_config_values = args[:overwrite_config_values] if args.key?(:overwrite_config_values)
end