GoogleApi.PrivateCA.V1beta1.Model.CertificateAuthorityPolicy (google_api_private_ca v0.5.0) View Source

The issuing policy for a CertificateAuthority. Certificates will not be successfully issued from this CertificateAuthority if they violate the policy.

Attributes

  • allowedCommonNames (type: list(String.t), default: nil) - Optional. If any value is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.
  • allowedConfigList (type: GoogleApi.PrivateCA.V1beta1.Model.AllowedConfigList.t, default: nil) - Optional. All Certificates issued by the CertificateAuthority must match at least one listed ReusableConfigWrapper in the list.
  • allowedIssuanceModes (type: GoogleApi.PrivateCA.V1beta1.Model.IssuanceModes.t, default: nil) - Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.
  • allowedLocationsAndOrganizations (type: list(GoogleApi.PrivateCA.V1beta1.Model.Subject.t), default: nil) - Optional. If any Subject is specified here, then all Certificates issued by the CertificateAuthority must match at least one listed Subject. If a Subject has an empty field, any value will be allowed for that field.
  • allowedSans (type: GoogleApi.PrivateCA.V1beta1.Model.AllowedSubjectAltNames.t, default: nil) - Optional. If a AllowedSubjectAltNames is specified here, then all Certificates issued by the CertificateAuthority must match AllowedSubjectAltNames. If no value or an empty value is specified, any value will be allowed for the SubjectAltNames field.
  • maximumLifetime (type: String.t, default: nil) - Optional. The maximum lifetime allowed by the CertificateAuthority. Note that if the any part if the issuing chain expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated.
  • overwriteConfigValues (type: GoogleApi.PrivateCA.V1beta1.Model.ReusableConfigWrapper.t, default: nil) - Optional. All Certificates issued by the CertificateAuthority will use the provided configuration values, overwriting any requested configuration values.

Link to this section Summary

Functions

Unwrap a decoded JSON object into its complex fields.

Link to this section Types

Specs

t() :: %GoogleApi.PrivateCA.V1beta1.Model.CertificateAuthorityPolicy{
  allowedCommonNames: [String.t()] | nil,
  allowedConfigList:
    GoogleApi.PrivateCA.V1beta1.Model.AllowedConfigList.t() | nil,
  allowedIssuanceModes:
    GoogleApi.PrivateCA.V1beta1.Model.IssuanceModes.t() | nil,
  allowedLocationsAndOrganizations:
    [GoogleApi.PrivateCA.V1beta1.Model.Subject.t()] | nil,
  allowedSans:
    GoogleApi.PrivateCA.V1beta1.Model.AllowedSubjectAltNames.t() | nil,
  maximumLifetime: String.t() | nil,
  overwriteConfigValues:
    GoogleApi.PrivateCA.V1beta1.Model.ReusableConfigWrapper.t() | nil
}

Link to this section Functions

Specs

decode(struct(), keyword()) :: struct()

Unwrap a decoded JSON object into its complex fields.