google-cloud-security-private_ca-v1 0.6.0 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 58084b2bd3dbcab64029ee0b38ceaaafc2af9df59e748bdb0953145607691c65
-  data.tar.gz: 555e1f7567b1e89e24d9ff5337e4a1600ce5e7597c967e9d967c86de5e0bff1b
+  metadata.gz: b46fb508d2c940fde6820fef28d4d3202aa4b945c214ca7a92cc161249b703a0
+  data.tar.gz: 9a5ae173c2edba0f4cdd85ef3055c7a94be6d781d614a461814122ec17d7d418
 SHA512:
-  metadata.gz: 762a68d3616ab499b87b8195a2e49b605a96bd8a433bf1493b315a87722c718017d8dfa9c5e92229547d3a44fefaa26bb7bb2ed2ebf7d1ba87bad90080cafc5c
-  data.tar.gz: 9cc9a52be3d6acad60466fc5005a8dfd68321c8b57408cf609572151df7d4fc785f7bf98d226d5df963908d7de0ed374bda28b3450caa259034342b7e1c18245
+  metadata.gz: 2e67c0e7ae30f4984a503792d3a36acfab95ceb10e22676366ea4e0ba5f71f7989c0ccd82fccc838b6ac1859a35bb58a37aab23f947ee0392e341a70484926f0
+  data.tar.gz: 24cb909fb4469682565a1f8d4c8162a8a38fc25485ca1f12834b468266f9093701425720cf18c9aefb17de731705c5345aa82bd4d5eeeac1a30b7fe2bdc8bba8

data/README.md

@@ -47,7 +47,7 @@ for general usage information.
 
 To enable logging for this library, set the logger for the underlying [gRPC](https://github.com/grpc/grpc/tree/master/src/ruby) library.
 The logger that you set may be a Ruby stdlib [`Logger`](https://ruby-doc.org/current/stdlibs/logger/Logger.html) as shown below,
-or a [`Google::Cloud::Logging::Logger`](https://googleapis.dev/ruby/google-cloud-logging/latest)
+or a [`Google::Cloud::Logging::Logger`](https://cloud.google.com/ruby/docs/reference/google-cloud-logging/latest)
 that will write logs to [Cloud Logging](https://cloud.google.com/logging/). See [grpc/logconfig.rb](https://github.com/grpc/grpc/blob/master/src/ruby/lib/grpc/logconfig.rb)
 and the gRPC [spec_helper.rb](https://github.com/grpc/grpc/blob/master/src/ruby/spec/spec_helper.rb) for additional information.
 

data/lib/google/cloud/security/private_ca/v1/certificate_authority_service/client.rb

@@ -1000,7 +1000,7 @@ module Google
               #   @param options [::Gapic::CallOptions, ::Hash]
               #     Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
               #
-              # @overload disable_certificate_authority(name: nil, request_id: nil)
+              # @overload disable_certificate_authority(name: nil, request_id: nil, ignore_dependent_resources: nil)
               #   Pass arguments to `disable_certificate_authority` via keyword arguments. Note that at
               #   least one keyword argument is required. To specify no parameters, or to keep all
               #   the default parameter values, pass an empty Hash as a request object (see above).
@@ -1023,6 +1023,11 @@ module Google
               #
               #     The request ID must be a valid UUID with the exception that zero UUID is
               #     not supported (00000000-0000-0000-0000-000000000000).
+              #   @param ignore_dependent_resources [::Boolean]
+              #     Optional. This field allows this CA to be disabled even if it's being
+              #     depended on by another resource. However, doing so may result in unintended
+              #     and unrecoverable effects on any dependent resource(s) since the CA will
+              #     no longer be able to issue certificates.
               #
               # @yield [response, operation] Access the result along with the RPC operation
               # @yieldparam response [::Gapic::Operation]
@@ -1627,7 +1632,7 @@ module Google
               #   @param options [::Gapic::CallOptions, ::Hash]
               #     Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
               #
-              # @overload delete_certificate_authority(name: nil, request_id: nil, ignore_active_certificates: nil, skip_grace_period: nil)
+              # @overload delete_certificate_authority(name: nil, request_id: nil, ignore_active_certificates: nil, skip_grace_period: nil, ignore_dependent_resources: nil)
               #   Pass arguments to `delete_certificate_authority` via keyword arguments. Note that at
               #   least one keyword argument is required. To specify no parameters, or to keep all
               #   the default parameter values, pass an empty Hash as a request object (see above).
@@ -1657,6 +1662,11 @@ module Google
               #     Optional. If this flag is set, the Certificate Authority will be deleted as
               #     soon as possible without a 30-day grace period where undeletion would have
               #     been allowed. If you proceed, there will be no way to recover this CA.
+              #   @param ignore_dependent_resources [::Boolean]
+              #     Optional. This field allows this ca to be deleted even if it's being
+              #     depended on by another resource. However, doing so may result in unintended
+              #     and unrecoverable effects on any dependent resource(s) since the CA will
+              #     no longer be able to issue certificates.
               #
               # @yield [response, operation] Access the result along with the RPC operation
               # @yieldparam response [::Gapic::Operation]
@@ -2273,7 +2283,7 @@ module Google
               #   @param options [::Gapic::CallOptions, ::Hash]
               #     Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
               #
-              # @overload delete_ca_pool(name: nil, request_id: nil)
+              # @overload delete_ca_pool(name: nil, request_id: nil, ignore_dependent_resources: nil)
               #   Pass arguments to `delete_ca_pool` via keyword arguments. Note that at
               #   least one keyword argument is required. To specify no parameters, or to keep all
               #   the default parameter values, pass an empty Hash as a request object (see above).
@@ -2296,6 +2306,11 @@ module Google
               #
               #     The request ID must be a valid UUID with the exception that zero UUID is
               #     not supported (00000000-0000-0000-0000-000000000000).
+              #   @param ignore_dependent_resources [::Boolean]
+              #     Optional. This field allows this pool to be deleted even if it's being
+              #     depended on by another resource. However, doing so may result in unintended
+              #     and unrecoverable effects on any dependent resource(s) since the pool will
+              #     no longer be able to issue certificates.
               #
               # @yield [response, operation] Access the result along with the RPC operation
               # @yieldparam response [::Gapic::Operation]
@@ -3361,9 +3376,9 @@ module Google
               #    *  (`String`) The path to a service account key file in JSON format
               #    *  (`Hash`) A service account key as a Hash
               #    *  (`Google::Auth::Credentials`) A googleauth credentials object
-              #       (see the [googleauth docs](https://googleapis.dev/ruby/googleauth/latest/index.html))
+              #       (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials))
               #    *  (`Signet::OAuth2::Client`) A signet oauth2 client object
-              #       (see the [signet docs](https://googleapis.dev/ruby/signet/latest/Signet/OAuth2/Client.html))
+              #       (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client))
               #    *  (`GRPC::Core::Channel`) a gRPC channel with included credentials
               #    *  (`GRPC::Core::ChannelCredentials`) a gRPC credentails object
               #    *  (`nil`) indicating no credentials

data/lib/google/cloud/security/private_ca/v1/certificate_authority_service/operations.rb

@@ -621,9 +621,9 @@ module Google
               #    *  (`String`) The path to a service account key file in JSON format
               #    *  (`Hash`) A service account key as a Hash
               #    *  (`Google::Auth::Credentials`) A googleauth credentials object
-              #       (see the [googleauth docs](https://googleapis.dev/ruby/googleauth/latest/index.html))
+              #       (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials))
               #    *  (`Signet::OAuth2::Client`) A signet oauth2 client object
-              #       (see the [signet docs](https://googleapis.dev/ruby/signet/latest/Signet/OAuth2/Client.html))
+              #       (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client))
               #    *  (`GRPC::Core::Channel`) a gRPC channel with included credentials
               #    *  (`GRPC::Core::ChannelCredentials`) a gRPC credentails object
               #    *  (`nil`) indicating no credentials

data/lib/google/cloud/security/private_ca/v1/certificate_authority_service/rest/client.rb

@@ -813,7 +813,7 @@ module Google
                 #   @param options [::Gapic::CallOptions, ::Hash]
                 #     Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
                 #
-                # @overload disable_certificate_authority(name: nil, request_id: nil)
+                # @overload disable_certificate_authority(name: nil, request_id: nil, ignore_dependent_resources: nil)
                 #   Pass arguments to `disable_certificate_authority` via keyword arguments. Note that at
                 #   least one keyword argument is required. To specify no parameters, or to keep all
                 #   the default parameter values, pass an empty Hash as a request object (see above).
@@ -836,6 +836,11 @@ module Google
                 #
                 #     The request ID must be a valid UUID with the exception that zero UUID is
                 #     not supported (00000000-0000-0000-0000-000000000000).
+                #   @param ignore_dependent_resources [::Boolean]
+                #     Optional. This field allows this CA to be disabled even if it's being
+                #     depended on by another resource. However, doing so may result in unintended
+                #     and unrecoverable effects on any dependent resource(s) since the CA will
+                #     no longer be able to issue certificates.
                 # @yield [result, operation] Access the result along with the TransportOperation object
                 # @yieldparam result [::Gapic::Operation]
                 # @yieldparam operation [::Gapic::Rest::TransportOperation]
@@ -1276,7 +1281,7 @@ module Google
                 #   @param options [::Gapic::CallOptions, ::Hash]
                 #     Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
                 #
-                # @overload delete_certificate_authority(name: nil, request_id: nil, ignore_active_certificates: nil, skip_grace_period: nil)
+                # @overload delete_certificate_authority(name: nil, request_id: nil, ignore_active_certificates: nil, skip_grace_period: nil, ignore_dependent_resources: nil)
                 #   Pass arguments to `delete_certificate_authority` via keyword arguments. Note that at
                 #   least one keyword argument is required. To specify no parameters, or to keep all
                 #   the default parameter values, pass an empty Hash as a request object (see above).
@@ -1306,6 +1311,11 @@ module Google
                 #     Optional. If this flag is set, the Certificate Authority will be deleted as
                 #     soon as possible without a 30-day grace period where undeletion would have
                 #     been allowed. If you proceed, there will be no way to recover this CA.
+                #   @param ignore_dependent_resources [::Boolean]
+                #     Optional. This field allows this ca to be deleted even if it's being
+                #     depended on by another resource. However, doing so may result in unintended
+                #     and unrecoverable effects on any dependent resource(s) since the CA will
+                #     no longer be able to issue certificates.
                 # @yield [result, operation] Access the result along with the TransportOperation object
                 # @yieldparam result [::Gapic::Operation]
                 # @yieldparam operation [::Gapic::Rest::TransportOperation]
@@ -1751,7 +1761,7 @@ module Google
                 #   @param options [::Gapic::CallOptions, ::Hash]
                 #     Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
                 #
-                # @overload delete_ca_pool(name: nil, request_id: nil)
+                # @overload delete_ca_pool(name: nil, request_id: nil, ignore_dependent_resources: nil)
                 #   Pass arguments to `delete_ca_pool` via keyword arguments. Note that at
                 #   least one keyword argument is required. To specify no parameters, or to keep all
                 #   the default parameter values, pass an empty Hash as a request object (see above).
@@ -1774,6 +1784,11 @@ module Google
                 #
                 #     The request ID must be a valid UUID with the exception that zero UUID is
                 #     not supported (00000000-0000-0000-0000-000000000000).
+                #   @param ignore_dependent_resources [::Boolean]
+                #     Optional. This field allows this pool to be deleted even if it's being
+                #     depended on by another resource. However, doing so may result in unintended
+                #     and unrecoverable effects on any dependent resource(s) since the pool will
+                #     no longer be able to issue certificates.
                 # @yield [result, operation] Access the result along with the TransportOperation object
                 # @yieldparam result [::Gapic::Operation]
                 # @yieldparam operation [::Gapic::Rest::TransportOperation]
@@ -2564,9 +2579,9 @@ module Google
                 #    *  (`String`) The path to a service account key file in JSON format
                 #    *  (`Hash`) A service account key as a Hash
                 #    *  (`Google::Auth::Credentials`) A googleauth credentials object
-                #       (see the [googleauth docs](https://googleapis.dev/ruby/googleauth/latest/index.html))
+                #       (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials))
                 #    *  (`Signet::OAuth2::Client`) A signet oauth2 client object
-                #       (see the [signet docs](https://googleapis.dev/ruby/signet/latest/Signet/OAuth2/Client.html))
+                #       (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client))
                 #    *  (`nil`) indicating no credentials
                 #   @return [::Object]
                 # @!attribute [rw] scope

data/lib/google/cloud/security/private_ca/v1/certificate_authority_service/rest/operations.rb

@@ -412,9 +412,9 @@ module Google
                 #    *  (`String`) The path to a service account key file in JSON format
                 #    *  (`Hash`) A service account key as a Hash
                 #    *  (`Google::Auth::Credentials`) A googleauth credentials object
-                #       (see the [googleauth docs](https://googleapis.dev/ruby/googleauth/latest/index.html))
+                #       (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials))
                 #    *  (`Signet::OAuth2::Client`) A signet oauth2 client object
-                #       (see the [signet docs](https://googleapis.dev/ruby/signet/latest/Signet/OAuth2/Client.html))
+                #       (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client))
                 #    *  (`nil`) indicating no credentials
                 #   @return [::Object]
                 # @!attribute [rw] scope

data/lib/google/cloud/security/private_ca/v1/version.rb

@@ -22,7 +22,7 @@ module Google
     module Security
       module PrivateCA
         module V1
-          VERSION = "0.6.0"
+          VERSION = "0.8.0"
         end
       end
     end

data/lib/google/cloud/security/privateca/v1/resources_pb.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 # Generated by the protocol buffer compiler.  DO NOT EDIT!
 # source: google/cloud/security/privateca/v1/resources.proto
 
@@ -9,319 +10,34 @@ require 'google/protobuf/duration_pb'
 require 'google/protobuf/timestamp_pb'
 require 'google/type/expr_pb'
 
-Google::Protobuf::DescriptorPool.generated_pool.build do
-  add_file("google/cloud/security/privateca/v1/resources.proto", :syntax => :proto3) do
-    add_message "google.cloud.security.privateca.v1.CertificateAuthority" do
-      optional :name, :string, 1
-      optional :type, :enum, 2, "google.cloud.security.privateca.v1.CertificateAuthority.Type"
-      optional :config, :message, 3, "google.cloud.security.privateca.v1.CertificateConfig"
-      optional :lifetime, :message, 4, "google.protobuf.Duration"
-      optional :key_spec, :message, 5, "google.cloud.security.privateca.v1.CertificateAuthority.KeyVersionSpec"
-      optional :subordinate_config, :message, 6, "google.cloud.security.privateca.v1.SubordinateConfig"
-      optional :tier, :enum, 7, "google.cloud.security.privateca.v1.CaPool.Tier"
-      optional :state, :enum, 8, "google.cloud.security.privateca.v1.CertificateAuthority.State"
-      repeated :pem_ca_certificates, :string, 9
-      repeated :ca_certificate_descriptions, :message, 10, "google.cloud.security.privateca.v1.CertificateDescription"
-      optional :gcs_bucket, :string, 11
-      optional :access_urls, :message, 12, "google.cloud.security.privateca.v1.CertificateAuthority.AccessUrls"
-      optional :create_time, :message, 13, "google.protobuf.Timestamp"
-      optional :update_time, :message, 14, "google.protobuf.Timestamp"
-      optional :delete_time, :message, 15, "google.protobuf.Timestamp"
-      optional :expire_time, :message, 16, "google.protobuf.Timestamp"
-      map :labels, :string, :string, 17
-    end
-    add_message "google.cloud.security.privateca.v1.CertificateAuthority.AccessUrls" do
-      optional :ca_certificate_access_url, :string, 1
-      repeated :crl_access_urls, :string, 2
-    end
-    add_message "google.cloud.security.privateca.v1.CertificateAuthority.KeyVersionSpec" do
-      oneof :KeyVersion do
-        optional :cloud_kms_key_version, :string, 1
-        optional :algorithm, :enum, 2, "google.cloud.security.privateca.v1.CertificateAuthority.SignHashAlgorithm"
-      end
-    end
-    add_enum "google.cloud.security.privateca.v1.CertificateAuthority.Type" do
-      value :TYPE_UNSPECIFIED, 0
-      value :SELF_SIGNED, 1
-      value :SUBORDINATE, 2
-    end
-    add_enum "google.cloud.security.privateca.v1.CertificateAuthority.State" do
-      value :STATE_UNSPECIFIED, 0
-      value :ENABLED, 1
-      value :DISABLED, 2
-      value :STAGED, 3
-      value :AWAITING_USER_ACTIVATION, 4
-      value :DELETED, 5
-    end
-    add_enum "google.cloud.security.privateca.v1.CertificateAuthority.SignHashAlgorithm" do
-      value :SIGN_HASH_ALGORITHM_UNSPECIFIED, 0
-      value :RSA_PSS_2048_SHA256, 1
-      value :RSA_PSS_3072_SHA256, 2
-      value :RSA_PSS_4096_SHA256, 3
-      value :RSA_PKCS1_2048_SHA256, 6
-      value :RSA_PKCS1_3072_SHA256, 7
-      value :RSA_PKCS1_4096_SHA256, 8
-      value :EC_P256_SHA256, 4
-      value :EC_P384_SHA384, 5
-    end
-    add_message "google.cloud.security.privateca.v1.CaPool" do
-      optional :name, :string, 1
-      optional :tier, :enum, 2, "google.cloud.security.privateca.v1.CaPool.Tier"
-      optional :issuance_policy, :message, 3, "google.cloud.security.privateca.v1.CaPool.IssuancePolicy"
-      optional :publishing_options, :message, 4, "google.cloud.security.privateca.v1.CaPool.PublishingOptions"
-      map :labels, :string, :string, 5
-    end
-    add_message "google.cloud.security.privateca.v1.CaPool.PublishingOptions" do
-      optional :publish_ca_cert, :bool, 1
-      optional :publish_crl, :bool, 2
-    end
-    add_message "google.cloud.security.privateca.v1.CaPool.IssuancePolicy" do
-      repeated :allowed_key_types, :message, 1, "google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType"
-      optional :maximum_lifetime, :message, 2, "google.protobuf.Duration"
-      optional :allowed_issuance_modes, :message, 3, "google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes"
-      optional :baseline_values, :message, 4, "google.cloud.security.privateca.v1.X509Parameters"
-      optional :identity_constraints, :message, 5, "google.cloud.security.privateca.v1.CertificateIdentityConstraints"
-      optional :passthrough_extensions, :message, 6, "google.cloud.security.privateca.v1.CertificateExtensionConstraints"
-    end
-    add_message "google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType" do
-      oneof :key_type do
-        optional :rsa, :message, 1, "google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.RsaKeyType"
-        optional :elliptic_curve, :message, 2, "google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.EcKeyType"
-      end
-    end
-    add_message "google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.RsaKeyType" do
-      optional :min_modulus_size, :int64, 1
-      optional :max_modulus_size, :int64, 2
-    end
-    add_message "google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.EcKeyType" do
-      optional :signature_algorithm, :enum, 1, "google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.EcKeyType.EcSignatureAlgorithm"
-    end
-    add_enum "google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.EcKeyType.EcSignatureAlgorithm" do
-      value :EC_SIGNATURE_ALGORITHM_UNSPECIFIED, 0
-      value :ECDSA_P256, 1
-      value :ECDSA_P384, 2
-      value :EDDSA_25519, 3
-    end
-    add_message "google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes" do
-      optional :allow_csr_based_issuance, :bool, 1
-      optional :allow_config_based_issuance, :bool, 2
-    end
-    add_enum "google.cloud.security.privateca.v1.CaPool.Tier" do
-      value :TIER_UNSPECIFIED, 0
-      value :ENTERPRISE, 1
-      value :DEVOPS, 2
-    end
-    add_message "google.cloud.security.privateca.v1.CertificateRevocationList" do
-      optional :name, :string, 1
-      optional :sequence_number, :int64, 2
-      repeated :revoked_certificates, :message, 3, "google.cloud.security.privateca.v1.CertificateRevocationList.RevokedCertificate"
-      optional :pem_crl, :string, 4
-      optional :access_url, :string, 5
-      optional :state, :enum, 6, "google.cloud.security.privateca.v1.CertificateRevocationList.State"
-      optional :create_time, :message, 7, "google.protobuf.Timestamp"
-      optional :update_time, :message, 8, "google.protobuf.Timestamp"
-      optional :revision_id, :string, 9
-      map :labels, :string, :string, 10
-    end
-    add_message "google.cloud.security.privateca.v1.CertificateRevocationList.RevokedCertificate" do
-      optional :certificate, :string, 1
-      optional :hex_serial_number, :string, 2
-      optional :revocation_reason, :enum, 3, "google.cloud.security.privateca.v1.RevocationReason"
-    end
-    add_enum "google.cloud.security.privateca.v1.CertificateRevocationList.State" do
-      value :STATE_UNSPECIFIED, 0
-      value :ACTIVE, 1
-      value :SUPERSEDED, 2
-    end
-    add_message "google.cloud.security.privateca.v1.Certificate" do
-      optional :name, :string, 1
-      optional :issuer_certificate_authority, :string, 4
-      optional :lifetime, :message, 5, "google.protobuf.Duration"
-      optional :certificate_template, :string, 6
-      optional :subject_mode, :enum, 7, "google.cloud.security.privateca.v1.SubjectRequestMode"
-      optional :revocation_details, :message, 8, "google.cloud.security.privateca.v1.Certificate.RevocationDetails"
-      optional :pem_certificate, :string, 9
-      optional :certificate_description, :message, 10, "google.cloud.security.privateca.v1.CertificateDescription"
-      repeated :pem_certificate_chain, :string, 11
-      optional :create_time, :message, 12, "google.protobuf.Timestamp"
-      optional :update_time, :message, 13, "google.protobuf.Timestamp"
-      map :labels, :string, :string, 14
-      oneof :certificate_config do
-        optional :pem_csr, :string, 2
-        optional :config, :message, 3, "google.cloud.security.privateca.v1.CertificateConfig"
-      end
-    end
-    add_message "google.cloud.security.privateca.v1.Certificate.RevocationDetails" do
-      optional :revocation_state, :enum, 1, "google.cloud.security.privateca.v1.RevocationReason"
-      optional :revocation_time, :message, 2, "google.protobuf.Timestamp"
-    end
-    add_message "google.cloud.security.privateca.v1.CertificateTemplate" do
-      optional :name, :string, 1
-      optional :predefined_values, :message, 2, "google.cloud.security.privateca.v1.X509Parameters"
-      optional :identity_constraints, :message, 3, "google.cloud.security.privateca.v1.CertificateIdentityConstraints"
-      optional :passthrough_extensions, :message, 4, "google.cloud.security.privateca.v1.CertificateExtensionConstraints"
-      optional :description, :string, 5
-      optional :create_time, :message, 6, "google.protobuf.Timestamp"
-      optional :update_time, :message, 7, "google.protobuf.Timestamp"
-      map :labels, :string, :string, 8
-    end
-    add_message "google.cloud.security.privateca.v1.X509Parameters" do
-      optional :key_usage, :message, 1, "google.cloud.security.privateca.v1.KeyUsage"
-      optional :ca_options, :message, 2, "google.cloud.security.privateca.v1.X509Parameters.CaOptions"
-      repeated :policy_ids, :message, 3, "google.cloud.security.privateca.v1.ObjectId"
-      repeated :aia_ocsp_servers, :string, 4
-      optional :name_constraints, :message, 6, "google.cloud.security.privateca.v1.X509Parameters.NameConstraints"
-      repeated :additional_extensions, :message, 5, "google.cloud.security.privateca.v1.X509Extension"
-    end
-    add_message "google.cloud.security.privateca.v1.X509Parameters.CaOptions" do
-      proto3_optional :is_ca, :bool, 1
-      proto3_optional :max_issuer_path_length, :int32, 2
-    end
-    add_message "google.cloud.security.privateca.v1.X509Parameters.NameConstraints" do
-      optional :critical, :bool, 1
-      repeated :permitted_dns_names, :string, 2
-      repeated :excluded_dns_names, :string, 3
-      repeated :permitted_ip_ranges, :string, 4
-      repeated :excluded_ip_ranges, :string, 5
-      repeated :permitted_email_addresses, :string, 6
-      repeated :excluded_email_addresses, :string, 7
-      repeated :permitted_uris, :string, 8
-      repeated :excluded_uris, :string, 9
-    end
-    add_message "google.cloud.security.privateca.v1.SubordinateConfig" do
-      oneof :subordinate_config do
-        optional :certificate_authority, :string, 1
-        optional :pem_issuer_chain, :message, 2, "google.cloud.security.privateca.v1.SubordinateConfig.SubordinateConfigChain"
-      end
-    end
-    add_message "google.cloud.security.privateca.v1.SubordinateConfig.SubordinateConfigChain" do
-      repeated :pem_certificates, :string, 1
-    end
-    add_message "google.cloud.security.privateca.v1.PublicKey" do
-      optional :key, :bytes, 1
-      optional :format, :enum, 2, "google.cloud.security.privateca.v1.PublicKey.KeyFormat"
-    end
-    add_enum "google.cloud.security.privateca.v1.PublicKey.KeyFormat" do
-      value :KEY_FORMAT_UNSPECIFIED, 0
-      value :PEM, 1
-    end
-    add_message "google.cloud.security.privateca.v1.CertificateConfig" do
-      optional :subject_config, :message, 1, "google.cloud.security.privateca.v1.CertificateConfig.SubjectConfig"
-      optional :x509_config, :message, 2, "google.cloud.security.privateca.v1.X509Parameters"
-      optional :public_key, :message, 3, "google.cloud.security.privateca.v1.PublicKey"
-    end
-    add_message "google.cloud.security.privateca.v1.CertificateConfig.SubjectConfig" do
-      optional :subject, :message, 1, "google.cloud.security.privateca.v1.Subject"
-      optional :subject_alt_name, :message, 2, "google.cloud.security.privateca.v1.SubjectAltNames"
-    end
-    add_message "google.cloud.security.privateca.v1.CertificateDescription" do
-      optional :subject_description, :message, 1, "google.cloud.security.privateca.v1.CertificateDescription.SubjectDescription"
-      optional :x509_description, :message, 2, "google.cloud.security.privateca.v1.X509Parameters"
-      optional :public_key, :message, 3, "google.cloud.security.privateca.v1.PublicKey"
-      optional :subject_key_id, :message, 4, "google.cloud.security.privateca.v1.CertificateDescription.KeyId"
-      optional :authority_key_id, :message, 5, "google.cloud.security.privateca.v1.CertificateDescription.KeyId"
-      repeated :crl_distribution_points, :string, 6
-      repeated :aia_issuing_certificate_urls, :string, 7
-      optional :cert_fingerprint, :message, 8, "google.cloud.security.privateca.v1.CertificateDescription.CertificateFingerprint"
-    end
-    add_message "google.cloud.security.privateca.v1.CertificateDescription.SubjectDescription" do
-      optional :subject, :message, 1, "google.cloud.security.privateca.v1.Subject"
-      optional :subject_alt_name, :message, 2, "google.cloud.security.privateca.v1.SubjectAltNames"
-      optional :hex_serial_number, :string, 3
-      optional :lifetime, :message, 4, "google.protobuf.Duration"
-      optional :not_before_time, :message, 5, "google.protobuf.Timestamp"
-      optional :not_after_time, :message, 6, "google.protobuf.Timestamp"
-    end
-    add_message "google.cloud.security.privateca.v1.CertificateDescription.KeyId" do
-      optional :key_id, :string, 1
-    end
-    add_message "google.cloud.security.privateca.v1.CertificateDescription.CertificateFingerprint" do
-      optional :sha256_hash, :string, 1
-    end
-    add_message "google.cloud.security.privateca.v1.ObjectId" do
-      repeated :object_id_path, :int32, 1
-    end
-    add_message "google.cloud.security.privateca.v1.X509Extension" do
-      optional :object_id, :message, 1, "google.cloud.security.privateca.v1.ObjectId"
-      optional :critical, :bool, 2
-      optional :value, :bytes, 3
-    end
-    add_message "google.cloud.security.privateca.v1.KeyUsage" do
-      optional :base_key_usage, :message, 1, "google.cloud.security.privateca.v1.KeyUsage.KeyUsageOptions"
-      optional :extended_key_usage, :message, 2, "google.cloud.security.privateca.v1.KeyUsage.ExtendedKeyUsageOptions"
-      repeated :unknown_extended_key_usages, :message, 3, "google.cloud.security.privateca.v1.ObjectId"
-    end
-    add_message "google.cloud.security.privateca.v1.KeyUsage.KeyUsageOptions" do
-      optional :digital_signature, :bool, 1
-      optional :content_commitment, :bool, 2
-      optional :key_encipherment, :bool, 3
-      optional :data_encipherment, :bool, 4
-      optional :key_agreement, :bool, 5
-      optional :cert_sign, :bool, 6
-      optional :crl_sign, :bool, 7
-      optional :encipher_only, :bool, 8
-      optional :decipher_only, :bool, 9
-    end
-    add_message "google.cloud.security.privateca.v1.KeyUsage.ExtendedKeyUsageOptions" do
-      optional :server_auth, :bool, 1
-      optional :client_auth, :bool, 2
-      optional :code_signing, :bool, 3
-      optional :email_protection, :bool, 4
-      optional :time_stamping, :bool, 5
-      optional :ocsp_signing, :bool, 6
-    end
-    add_message "google.cloud.security.privateca.v1.Subject" do
-      optional :common_name, :string, 1
-      optional :country_code, :string, 2
-      optional :organization, :string, 3
-      optional :organizational_unit, :string, 4
-      optional :locality, :string, 5
-      optional :province, :string, 6
-      optional :street_address, :string, 7
-      optional :postal_code, :string, 8
-    end
-    add_message "google.cloud.security.privateca.v1.SubjectAltNames" do
-      repeated :dns_names, :string, 1
-      repeated :uris, :string, 2
-      repeated :email_addresses, :string, 3
-      repeated :ip_addresses, :string, 4
-      repeated :custom_sans, :message, 5, "google.cloud.security.privateca.v1.X509Extension"
-    end
-    add_message "google.cloud.security.privateca.v1.CertificateIdentityConstraints" do
-      optional :cel_expression, :message, 1, "google.type.Expr"
-      proto3_optional :allow_subject_passthrough, :bool, 2
-      proto3_optional :allow_subject_alt_names_passthrough, :bool, 3
-    end
-    add_message "google.cloud.security.privateca.v1.CertificateExtensionConstraints" do
-      repeated :known_extensions, :enum, 1, "google.cloud.security.privateca.v1.CertificateExtensionConstraints.KnownCertificateExtension"
-      repeated :additional_extensions, :message, 2, "google.cloud.security.privateca.v1.ObjectId"
-    end
-    add_enum "google.cloud.security.privateca.v1.CertificateExtensionConstraints.KnownCertificateExtension" do
-      value :KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED, 0
-      value :BASE_KEY_USAGE, 1
-      value :EXTENDED_KEY_USAGE, 2
-      value :CA_OPTIONS, 3
-      value :POLICY_IDS, 4
-      value :AIA_OCSP_SERVERS, 5
-      value :NAME_CONSTRAINTS, 6
-    end
-    add_enum "google.cloud.security.privateca.v1.RevocationReason" do
-      value :REVOCATION_REASON_UNSPECIFIED, 0
-      value :KEY_COMPROMISE, 1
-      value :CERTIFICATE_AUTHORITY_COMPROMISE, 2
-      value :AFFILIATION_CHANGED, 3
-      value :SUPERSEDED, 4
-      value :CESSATION_OF_OPERATION, 5
-      value :CERTIFICATE_HOLD, 6
-      value :PRIVILEGE_WITHDRAWN, 7
-      value :ATTRIBUTE_AUTHORITY_COMPROMISE, 8
-    end
-    add_enum "google.cloud.security.privateca.v1.SubjectRequestMode" do
-      value :SUBJECT_REQUEST_MODE_UNSPECIFIED, 0
-      value :DEFAULT, 1
-      value :REFLECTED_SPIFFE, 2
+
+descriptor_data = "\n2google/cloud/security/privateca/v1/resources.proto\x12\"google.cloud.security.privateca.v1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x1egoogle/protobuf/duration.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x16google/type/expr.proto\"\xf5\x0f\n\x14\x43\x65rtificateAuthority\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x03\x12S\n\x04type\x18\x02 \x01(\x0e\x32=.google.cloud.security.privateca.v1.CertificateAuthority.TypeB\x06\xe0\x41\x02\xe0\x41\x05\x12M\n\x06\x63onfig\x18\x03 \x01(\x0b\x32\x35.google.cloud.security.privateca.v1.CertificateConfigB\x06\xe0\x41\x02\xe0\x41\x05\x12\x33\n\x08lifetime\x18\x04 \x01(\x0b\x32\x19.google.protobuf.DurationB\x06\xe0\x41\x02\xe0\x41\x05\x12\x61\n\x08key_spec\x18\x05 \x01(\x0b\x32G.google.cloud.security.privateca.v1.CertificateAuthority.KeyVersionSpecB\x06\xe0\x41\x02\xe0\x41\x05\x12V\n\x12subordinate_config\x18\x06 \x01(\x0b\x32\x35.google.cloud.security.privateca.v1.SubordinateConfigB\x03\xe0\x41\x01\x12\x42\n\x04tier\x18\x07 \x01(\x0e\x32/.google.cloud.security.privateca.v1.CaPool.TierB\x03\xe0\x41\x03\x12R\n\x05state\x18\x08 \x01(\x0e\x32>.google.cloud.security.privateca.v1.CertificateAuthority.StateB\x03\xe0\x41\x03\x12 \n\x13pem_ca_certificates\x18\t \x03(\tB\x03\xe0\x41\x03\x12\x64\n\x1b\x63\x61_certificate_descriptions\x18\n \x03(\x0b\x32:.google.cloud.security.privateca.v1.CertificateDescriptionB\x03\xe0\x41\x03\x12\x17\n\ngcs_bucket\x18\x0b \x01(\tB\x03\xe0\x41\x05\x12]\n\x0b\x61\x63\x63\x65ss_urls\x18\x0c \x01(\x0b\x32\x43.google.cloud.security.privateca.v1.CertificateAuthority.AccessUrlsB\x03\xe0\x41\x03\x12\x34\n\x0b\x63reate_time\x18\r \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0bupdate_time\x18\x0e \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0b\x64\x65lete_time\x18\x0f \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0b\x65xpire_time\x18\x10 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12Y\n\x06labels\x18\x11 \x03(\x0b\x32\x44.google.cloud.security.privateca.v1.CertificateAuthority.LabelsEntryB\x03\xe0\x41\x01\x1aH\n\nAccessUrls\x12!\n\x19\x63\x61_certificate_access_url\x18\x01 \x01(\t\x12\x17\n\x0f\x63rl_access_urls\x18\x02 \x03(\t\x1a\xa0\x01\n\x0eKeyVersionSpec\x12\x1f\n\x15\x63loud_kms_key_version\x18\x01 \x01(\tH\x00\x12_\n\talgorithm\x18\x02 \x01(\x0e\x32J.google.cloud.security.privateca.v1.CertificateAuthority.SignHashAlgorithmH\x00\x42\x0c\n\nKeyVersion\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\">\n\x04Type\x12\x14\n\x10TYPE_UNSPECIFIED\x10\x00\x12\x0f\n\x0bSELF_SIGNED\x10\x01\x12\x0f\n\x0bSUBORDINATE\x10\x02\"p\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\x0b\n\x07\x45NABLED\x10\x01\x12\x0c\n\x08\x44ISABLED\x10\x02\x12\n\n\x06STAGED\x10\x03\x12\x1c\n\x18\x41WAITING_USER_ACTIVATION\x10\x04\x12\x0b\n\x07\x44\x45LETED\x10\x05\"\xfc\x01\n\x11SignHashAlgorithm\x12#\n\x1fSIGN_HASH_ALGORITHM_UNSPECIFIED\x10\x00\x12\x17\n\x13RSA_PSS_2048_SHA256\x10\x01\x12\x17\n\x13RSA_PSS_3072_SHA256\x10\x02\x12\x17\n\x13RSA_PSS_4096_SHA256\x10\x03\x12\x19\n\x15RSA_PKCS1_2048_SHA256\x10\x06\x12\x19\n\x15RSA_PKCS1_3072_SHA256\x10\x07\x12\x19\n\x15RSA_PKCS1_4096_SHA256\x10\x08\x12\x12\n\x0e\x45\x43_P256_SHA256\x10\x04\x12\x12\n\x0e\x45\x43_P384_SHA384\x10\x05:\x9d\x01\xea\x41\x99\x01\n-privateca.googleapis.com/CertificateAuthority\x12hprojects/{project}/locations/{location}/caPools/{ca_pool}/certificateAuthorities/{certificate_authority}\"\xf0\x0e\n\x06\x43\x61Pool\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x03\x12\x45\n\x04tier\x18\x02 \x01(\x0e\x32/.google.cloud.security.privateca.v1.CaPool.TierB\x06\xe0\x41\x02\xe0\x41\x05\x12W\n\x0fissuance_policy\x18\x03 \x01(\x0b\x32\x39.google.cloud.security.privateca.v1.CaPool.IssuancePolicyB\x03\xe0\x41\x01\x12]\n\x12publishing_options\x18\x04 \x01(\x0b\x32<.google.cloud.security.privateca.v1.CaPool.PublishingOptionsB\x03\xe0\x41\x01\x12K\n\x06labels\x18\x05 \x03(\x0b\x32\x36.google.cloud.security.privateca.v1.CaPool.LabelsEntryB\x03\xe0\x41\x01\x1aK\n\x11PublishingOptions\x12\x1c\n\x0fpublish_ca_cert\x18\x01 \x01(\x08\x42\x03\xe0\x41\x01\x12\x18\n\x0bpublish_crl\x18\x02 \x01(\x08\x42\x03\xe0\x41\x01\x1a\xef\t\n\x0eIssuancePolicy\x12h\n\x11\x61llowed_key_types\x18\x01 \x03(\x0b\x32H.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyTypeB\x03\xe0\x41\x01\x12\x38\n\x10maximum_lifetime\x18\x02 \x01(\x0b\x32\x19.google.protobuf.DurationB\x03\xe0\x41\x01\x12l\n\x16\x61llowed_issuance_modes\x18\x03 \x01(\x0b\x32G.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModesB\x03\xe0\x41\x01\x12P\n\x0f\x62\x61seline_values\x18\x04 \x01(\x0b\x32\x32.google.cloud.security.privateca.v1.X509ParametersB\x03\xe0\x41\x01\x12\x65\n\x14identity_constraints\x18\x05 \x01(\x0b\x32\x42.google.cloud.security.privateca.v1.CertificateIdentityConstraintsB\x03\xe0\x41\x01\x12h\n\x16passthrough_extensions\x18\x06 \x01(\x0b\x32\x43.google.cloud.security.privateca.v1.CertificateExtensionConstraintsB\x03\xe0\x41\x01\x1a\xc5\x04\n\x0e\x41llowedKeyType\x12\x62\n\x03rsa\x18\x01 \x01(\x0b\x32S.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.RsaKeyTypeH\x00\x12l\n\x0e\x65lliptic_curve\x18\x02 \x01(\x0b\x32R.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.EcKeyTypeH\x00\x1aJ\n\nRsaKeyType\x12\x1d\n\x10min_modulus_size\x18\x01 \x01(\x03\x42\x03\xe0\x41\x01\x12\x1d\n\x10max_modulus_size\x18\x02 \x01(\x03\x42\x03\xe0\x41\x01\x1a\x88\x02\n\tEcKeyType\x12\x89\x01\n\x13signature_algorithm\x18\x01 \x01(\x0e\x32g.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.EcKeyType.EcSignatureAlgorithmB\x03\xe0\x41\x01\"o\n\x14\x45\x63SignatureAlgorithm\x12&\n\"EC_SIGNATURE_ALGORITHM_UNSPECIFIED\x10\x00\x12\x0e\n\nECDSA_P256\x10\x01\x12\x0e\n\nECDSA_P384\x10\x02\x12\x0f\n\x0b\x45\x44\x44SA_25519\x10\x03\x42\n\n\x08key_type\x1a`\n\rIssuanceModes\x12%\n\x18\x61llow_csr_based_issuance\x18\x01 \x01(\x08\x42\x03\xe0\x41\x01\x12(\n\x1b\x61llow_config_based_issuance\x18\x02 \x01(\x08\x42\x03\xe0\x41\x01\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"8\n\x04Tier\x12\x14\n\x10TIER_UNSPECIFIED\x10\x00\x12\x0e\n\nENTERPRISE\x10\x01\x12\n\n\x06\x44\x45VOPS\x10\x02:_\xea\x41\\\n\x1fprivateca.googleapis.com/CaPool\x12\x39projects/{project}/locations/{location}/caPools/{ca_pool}\"\xbc\x08\n\x19\x43\x65rtificateRevocationList\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x03\x12\x1c\n\x0fsequence_number\x18\x02 \x01(\x03\x42\x03\xe0\x41\x03\x12s\n\x14revoked_certificates\x18\x03 \x03(\x0b\x32P.google.cloud.security.privateca.v1.CertificateRevocationList.RevokedCertificateB\x03\xe0\x41\x03\x12\x14\n\x07pem_crl\x18\x04 \x01(\tB\x03\xe0\x41\x03\x12\x17\n\naccess_url\x18\x05 \x01(\tB\x03\xe0\x41\x03\x12W\n\x05state\x18\x06 \x01(\x0e\x32\x43.google.cloud.security.privateca.v1.CertificateRevocationList.StateB\x03\xe0\x41\x03\x12\x34\n\x0b\x63reate_time\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0bupdate_time\x18\x08 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x18\n\x0brevision_id\x18\t \x01(\tB\x03\xe0\x41\x03\x12^\n\x06labels\x18\n \x03(\x0b\x32I.google.cloud.security.privateca.v1.CertificateRevocationList.LabelsEntryB\x03\xe0\x41\x01\x1a\xc0\x01\n\x12RevokedCertificate\x12>\n\x0b\x63\x65rtificate\x18\x01 \x01(\tB)\xfa\x41&\n$privateca.googleapis.com/Certificate\x12\x19\n\x11hex_serial_number\x18\x02 \x01(\t\x12O\n\x11revocation_reason\x18\x03 \x01(\x0e\x32\x34.google.cloud.security.privateca.v1.RevocationReason\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\":\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\n\n\x06\x41\x43TIVE\x10\x01\x12\x0e\n\nSUPERSEDED\x10\x02:\xdc\x01\xea\x41\xd8\x01\n2privateca.googleapis.com/CertificateRevocationList\x12\xa1\x01projects/{project}/locations/{location}/caPools/{ca_pool}/certificateAuthorities/{certificate_authority}/certificateRevocationLists/{certificate_revocation_list}\"\x8f\n\n\x0b\x43\x65rtificate\x12:\n\x04name\x18\x01 \x01(\tB,\xe0\x41\x03\xfa\x41&\n$privateca.googleapis.com/Certificate\x12\x16\n\x07pem_csr\x18\x02 \x01(\tB\x03\xe0\x41\x05H\x00\x12L\n\x06\x63onfig\x18\x03 \x01(\x0b\x32\x35.google.cloud.security.privateca.v1.CertificateConfigB\x03\xe0\x41\x05H\x00\x12[\n\x1cissuer_certificate_authority\x18\x04 \x01(\tB5\xe0\x41\x03\xfa\x41/\n-privateca.googleapis.com/CertificateAuthority\x12\x33\n\x08lifetime\x18\x05 \x01(\x0b\x32\x19.google.protobuf.DurationB\x06\xe0\x41\x02\xe0\x41\x05\x12R\n\x14\x63\x65rtificate_template\x18\x06 \x01(\tB4\xe0\x41\x05\xfa\x41.\n,privateca.googleapis.com/CertificateTemplate\x12Q\n\x0csubject_mode\x18\x07 \x01(\x0e\x32\x36.google.cloud.security.privateca.v1.SubjectRequestModeB\x03\xe0\x41\x05\x12\x62\n\x12revocation_details\x18\x08 \x01(\x0b\x32\x41.google.cloud.security.privateca.v1.Certificate.RevocationDetailsB\x03\xe0\x41\x03\x12\x1c\n\x0fpem_certificate\x18\t \x01(\tB\x03\xe0\x41\x03\x12`\n\x17\x63\x65rtificate_description\x18\n \x01(\x0b\x32:.google.cloud.security.privateca.v1.CertificateDescriptionB\x03\xe0\x41\x03\x12\"\n\x15pem_certificate_chain\x18\x0b \x03(\tB\x03\xe0\x41\x03\x12\x34\n\x0b\x63reate_time\x18\x0c \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0bupdate_time\x18\r \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12P\n\x06labels\x18\x0e \x03(\x0b\x32;.google.cloud.security.privateca.v1.Certificate.LabelsEntryB\x03\xe0\x41\x01\x1a\x98\x01\n\x11RevocationDetails\x12N\n\x10revocation_state\x18\x01 \x01(\x0e\x32\x34.google.cloud.security.privateca.v1.RevocationReason\x12\x33\n\x0frevocation_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01:\x7f\xea\x41|\n$privateca.googleapis.com/Certificate\x12Tprojects/{project}/locations/{location}/caPools/{ca_pool}/certificates/{certificate}B\x14\n\x12\x63\x65rtificate_config\"\x97\x06\n\x13\x43\x65rtificateTemplate\x12\x42\n\x04name\x18\x01 \x01(\tB4\xe0\x41\x03\xfa\x41.\n,privateca.googleapis.com/CertificateTemplate\x12R\n\x11predefined_values\x18\x02 \x01(\x0b\x32\x32.google.cloud.security.privateca.v1.X509ParametersB\x03\xe0\x41\x01\x12\x65\n\x14identity_constraints\x18\x03 \x01(\x0b\x32\x42.google.cloud.security.privateca.v1.CertificateIdentityConstraintsB\x03\xe0\x41\x01\x12h\n\x16passthrough_extensions\x18\x04 \x01(\x0b\x32\x43.google.cloud.security.privateca.v1.CertificateExtensionConstraintsB\x03\xe0\x41\x01\x12\x18\n\x0b\x64\x65scription\x18\x05 \x01(\tB\x03\xe0\x41\x01\x12\x34\n\x0b\x63reate_time\x18\x06 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0bupdate_time\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12X\n\x06labels\x18\x08 \x03(\x0b\x32\x43.google.cloud.security.privateca.v1.CertificateTemplate.LabelsEntryB\x03\xe0\x41\x01\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01:\x87\x01\xea\x41\x83\x01\n,privateca.googleapis.com/CertificateTemplate\x12Sprojects/{project}/locations/{location}/certificateTemplates/{certificate_template}\"\xce\x06\n\x0eX509Parameters\x12\x44\n\tkey_usage\x18\x01 \x01(\x0b\x32,.google.cloud.security.privateca.v1.KeyUsageB\x03\xe0\x41\x01\x12U\n\nca_options\x18\x02 \x01(\x0b\x32<.google.cloud.security.privateca.v1.X509Parameters.CaOptionsB\x03\xe0\x41\x01\x12\x45\n\npolicy_ids\x18\x03 \x03(\x0b\x32,.google.cloud.security.privateca.v1.ObjectIdB\x03\xe0\x41\x01\x12\x1d\n\x10\x61ia_ocsp_servers\x18\x04 \x03(\tB\x03\xe0\x41\x01\x12\x61\n\x10name_constraints\x18\x06 \x01(\x0b\x32\x42.google.cloud.security.privateca.v1.X509Parameters.NameConstraintsB\x03\xe0\x41\x01\x12U\n\x15\x61\x64\x64itional_extensions\x18\x05 \x03(\x0b\x32\x31.google.cloud.security.privateca.v1.X509ExtensionB\x03\xe0\x41\x01\x1as\n\tCaOptions\x12\x17\n\x05is_ca\x18\x01 \x01(\x08\x42\x03\xe0\x41\x01H\x00\x88\x01\x01\x12(\n\x16max_issuer_path_length\x18\x02 \x01(\x05\x42\x03\xe0\x41\x01H\x01\x88\x01\x01\x42\x08\n\x06_is_caB\x19\n\x17_max_issuer_path_length\x1a\x89\x02\n\x0fNameConstraints\x12\x10\n\x08\x63ritical\x18\x01 \x01(\x08\x12\x1b\n\x13permitted_dns_names\x18\x02 \x03(\t\x12\x1a\n\x12\x65xcluded_dns_names\x18\x03 \x03(\t\x12\x1b\n\x13permitted_ip_ranges\x18\x04 \x03(\t\x12\x1a\n\x12\x65xcluded_ip_ranges\x18\x05 \x03(\t\x12!\n\x19permitted_email_addresses\x18\x06 \x03(\t\x12 \n\x18\x65xcluded_email_addresses\x18\x07 \x03(\t\x12\x16\n\x0epermitted_uris\x18\x08 \x03(\t\x12\x15\n\rexcluded_uris\x18\t \x03(\t\"\xa9\x02\n\x11SubordinateConfig\x12V\n\x15\x63\x65rtificate_authority\x18\x01 \x01(\tB5\xe0\x41\x02\xfa\x41/\n-privateca.googleapis.com/CertificateAuthorityH\x00\x12m\n\x10pem_issuer_chain\x18\x02 \x01(\x0b\x32L.google.cloud.security.privateca.v1.SubordinateConfig.SubordinateConfigChainB\x03\xe0\x41\x02H\x00\x1a\x37\n\x16SubordinateConfigChain\x12\x1d\n\x10pem_certificates\x18\x01 \x03(\tB\x03\xe0\x41\x02\x42\x14\n\x12subordinate_config\"\x9d\x01\n\tPublicKey\x12\x10\n\x03key\x18\x01 \x01(\x0c\x42\x03\xe0\x41\x02\x12L\n\x06\x66ormat\x18\x02 \x01(\x0e\x32\x37.google.cloud.security.privateca.v1.PublicKey.KeyFormatB\x03\xe0\x41\x02\"0\n\tKeyFormat\x12\x1a\n\x16KEY_FORMAT_UNSPECIFIED\x10\x00\x12\x07\n\x03PEM\x10\x01\"\xb4\x03\n\x11\x43\x65rtificateConfig\x12`\n\x0esubject_config\x18\x01 \x01(\x0b\x32\x43.google.cloud.security.privateca.v1.CertificateConfig.SubjectConfigB\x03\xe0\x41\x02\x12L\n\x0bx509_config\x18\x02 \x01(\x0b\x32\x32.google.cloud.security.privateca.v1.X509ParametersB\x03\xe0\x41\x02\x12\x46\n\npublic_key\x18\x03 \x01(\x0b\x32-.google.cloud.security.privateca.v1.PublicKeyB\x03\xe0\x41\x01\x1a\xa6\x01\n\rSubjectConfig\x12\x41\n\x07subject\x18\x01 \x01(\x0b\x32+.google.cloud.security.privateca.v1.SubjectB\x03\xe0\x41\x02\x12R\n\x10subject_alt_name\x18\x02 \x01(\x0b\x32\x33.google.cloud.security.privateca.v1.SubjectAltNamesB\x03\xe0\x41\x01\"\xa1\x08\n\x16\x43\x65rtificateDescription\x12j\n\x13subject_description\x18\x01 \x01(\x0b\x32M.google.cloud.security.privateca.v1.CertificateDescription.SubjectDescription\x12L\n\x10x509_description\x18\x02 \x01(\x0b\x32\x32.google.cloud.security.privateca.v1.X509Parameters\x12\x41\n\npublic_key\x18\x03 \x01(\x0b\x32-.google.cloud.security.privateca.v1.PublicKey\x12X\n\x0esubject_key_id\x18\x04 \x01(\x0b\x32@.google.cloud.security.privateca.v1.CertificateDescription.KeyId\x12Z\n\x10\x61uthority_key_id\x18\x05 \x01(\x0b\x32@.google.cloud.security.privateca.v1.CertificateDescription.KeyId\x12\x1f\n\x17\x63rl_distribution_points\x18\x06 \x03(\t\x12$\n\x1c\x61ia_issuing_certificate_urls\x18\x07 \x03(\t\x12k\n\x10\x63\x65rt_fingerprint\x18\x08 \x01(\x0b\x32Q.google.cloud.security.privateca.v1.CertificateDescription.CertificateFingerprint\x1a\xd2\x02\n\x12SubjectDescription\x12<\n\x07subject\x18\x01 \x01(\x0b\x32+.google.cloud.security.privateca.v1.Subject\x12M\n\x10subject_alt_name\x18\x02 \x01(\x0b\x32\x33.google.cloud.security.privateca.v1.SubjectAltNames\x12\x19\n\x11hex_serial_number\x18\x03 \x01(\t\x12+\n\x08lifetime\x18\x04 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x33\n\x0fnot_before_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x32\n\x0enot_after_time\x18\x06 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x1a\x1c\n\x05KeyId\x12\x13\n\x06key_id\x18\x01 \x01(\tB\x03\xe0\x41\x01\x1a-\n\x16\x43\x65rtificateFingerprint\x12\x13\n\x0bsha256_hash\x18\x01 \x01(\t\"\'\n\x08ObjectId\x12\x1b\n\x0eobject_id_path\x18\x01 \x03(\x05\x42\x03\xe0\x41\x02\"\x80\x01\n\rX509Extension\x12\x44\n\tobject_id\x18\x01 \x01(\x0b\x32,.google.cloud.security.privateca.v1.ObjectIdB\x03\xe0\x41\x02\x12\x15\n\x08\x63ritical\x18\x02 \x01(\x08\x42\x03\xe0\x41\x01\x12\x12\n\x05value\x18\x03 \x01(\x0c\x42\x03\xe0\x41\x02\"\xa2\x05\n\x08KeyUsage\x12T\n\x0e\x62\x61se_key_usage\x18\x01 \x01(\x0b\x32<.google.cloud.security.privateca.v1.KeyUsage.KeyUsageOptions\x12`\n\x12\x65xtended_key_usage\x18\x02 \x01(\x0b\x32\x44.google.cloud.security.privateca.v1.KeyUsage.ExtendedKeyUsageOptions\x12Q\n\x1bunknown_extended_key_usages\x18\x03 \x03(\x0b\x32,.google.cloud.security.privateca.v1.ObjectId\x1a\xe7\x01\n\x0fKeyUsageOptions\x12\x19\n\x11\x64igital_signature\x18\x01 \x01(\x08\x12\x1a\n\x12\x63ontent_commitment\x18\x02 \x01(\x08\x12\x18\n\x10key_encipherment\x18\x03 \x01(\x08\x12\x19\n\x11\x64\x61ta_encipherment\x18\x04 \x01(\x08\x12\x15\n\rkey_agreement\x18\x05 \x01(\x08\x12\x11\n\tcert_sign\x18\x06 \x01(\x08\x12\x10\n\x08\x63rl_sign\x18\x07 \x01(\x08\x12\x15\n\rencipher_only\x18\x08 \x01(\x08\x12\x15\n\rdecipher_only\x18\t \x01(\x08\x1a\xa0\x01\n\x17\x45xtendedKeyUsageOptions\x12\x13\n\x0bserver_auth\x18\x01 \x01(\x08\x12\x13\n\x0b\x63lient_auth\x18\x02 \x01(\x08\x12\x14\n\x0c\x63ode_signing\x18\x03 \x01(\x08\x12\x18\n\x10\x65mail_protection\x18\x04 \x01(\x08\x12\x15\n\rtime_stamping\x18\x05 \x01(\x08\x12\x14\n\x0cocsp_signing\x18\x06 \x01(\x08\"\xb8\x01\n\x07Subject\x12\x13\n\x0b\x63ommon_name\x18\x01 \x01(\t\x12\x14\n\x0c\x63ountry_code\x18\x02 \x01(\t\x12\x14\n\x0corganization\x18\x03 \x01(\t\x12\x1b\n\x13organizational_unit\x18\x04 \x01(\t\x12\x10\n\x08locality\x18\x05 \x01(\t\x12\x10\n\x08province\x18\x06 \x01(\t\x12\x16\n\x0estreet_address\x18\x07 \x01(\t\x12\x13\n\x0bpostal_code\x18\x08 \x01(\t\"\xa9\x01\n\x0fSubjectAltNames\x12\x11\n\tdns_names\x18\x01 \x03(\t\x12\x0c\n\x04uris\x18\x02 \x03(\t\x12\x17\n\x0f\x65mail_addresses\x18\x03 \x03(\t\x12\x14\n\x0cip_addresses\x18\x04 \x03(\t\x12\x46\n\x0b\x63ustom_sans\x18\x05 \x03(\x0b\x32\x31.google.cloud.security.privateca.v1.X509Extension\"\xfa\x01\n\x1e\x43\x65rtificateIdentityConstraints\x12.\n\x0e\x63\x65l_expression\x18\x01 \x01(\x0b\x32\x11.google.type.ExprB\x03\xe0\x41\x01\x12+\n\x19\x61llow_subject_passthrough\x18\x02 \x01(\x08\x42\x03\xe0\x41\x02H\x00\x88\x01\x01\x12\x35\n#allow_subject_alt_names_passthrough\x18\x03 \x01(\x08\x42\x03\xe0\x41\x02H\x01\x88\x01\x01\x42\x1c\n\x1a_allow_subject_passthroughB&\n$_allow_subject_alt_names_passthrough\"\xb4\x03\n\x1f\x43\x65rtificateExtensionConstraints\x12|\n\x10known_extensions\x18\x01 \x03(\x0e\x32].google.cloud.security.privateca.v1.CertificateExtensionConstraints.KnownCertificateExtensionB\x03\xe0\x41\x01\x12P\n\x15\x61\x64\x64itional_extensions\x18\x02 \x03(\x0b\x32,.google.cloud.security.privateca.v1.ObjectIdB\x03\xe0\x41\x01\"\xc0\x01\n\x19KnownCertificateExtension\x12+\n\'KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED\x10\x00\x12\x12\n\x0e\x42\x41SE_KEY_USAGE\x10\x01\x12\x16\n\x12\x45XTENDED_KEY_USAGE\x10\x02\x12\x0e\n\nCA_OPTIONS\x10\x03\x12\x0e\n\nPOLICY_IDS\x10\x04\x12\x14\n\x10\x41IA_OCSP_SERVERS\x10\x05\x12\x14\n\x10NAME_CONSTRAINTS\x10\x06*\x87\x02\n\x10RevocationReason\x12!\n\x1dREVOCATION_REASON_UNSPECIFIED\x10\x00\x12\x12\n\x0eKEY_COMPROMISE\x10\x01\x12$\n CERTIFICATE_AUTHORITY_COMPROMISE\x10\x02\x12\x17\n\x13\x41\x46\x46ILIATION_CHANGED\x10\x03\x12\x0e\n\nSUPERSEDED\x10\x04\x12\x1a\n\x16\x43\x45SSATION_OF_OPERATION\x10\x05\x12\x14\n\x10\x43\x45RTIFICATE_HOLD\x10\x06\x12\x17\n\x13PRIVILEGE_WITHDRAWN\x10\x07\x12\"\n\x1e\x41TTRIBUTE_AUTHORITY_COMPROMISE\x10\x08*]\n\x12SubjectRequestMode\x12$\n SUBJECT_REQUEST_MODE_UNSPECIFIED\x10\x00\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x01\x12\x14\n\x10REFLECTED_SPIFFE\x10\x02\x42\xff\x01\n&com.google.cloud.security.privateca.v1B\x17PrivateCaResourcesProtoP\x01ZDcloud.google.com/go/security/privateca/apiv1/privatecapb;privatecapb\xf8\x01\x01\xaa\x02\"Google.Cloud.Security.PrivateCA.V1\xca\x02\"Google\\Cloud\\Security\\PrivateCA\\V1\xea\x02&Google::Cloud::Security::PrivateCA::V1b\x06proto3"
+
+pool = Google::Protobuf::DescriptorPool.generated_pool
+
+begin
+  pool.add_serialized_file(descriptor_data)
+rescue TypeError => e
+  # Compatibility code: will be removed in the next major version.
+  require 'google/protobuf/descriptor_pb'
+  parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
+  parsed.clear_dependency
+  serialized = parsed.class.encode(parsed)
+  file = pool.add_serialized_file(serialized)
+  warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
+  imports = [
+    ["google.protobuf.Duration", "google/protobuf/duration.proto"],
+    ["google.protobuf.Timestamp", "google/protobuf/timestamp.proto"],
+    ["google.type.Expr", "google/type/expr.proto"],
+  ]
+  imports.each do |type_name, expected_filename|
+    import_file = pool.lookup(type_name).file_descriptor
+    if import_file.name != expected_filename
+      warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
     end
   end
+  warn "Each proto file must use a consistent fully-qualified name."
+  warn "This will become an error in the next major version."
 end
 
 module Google

data/lib/google/cloud/security/privateca/v1/service_pb.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 # Generated by the protocol buffer compiler.  DO NOT EDIT!
 # source: google/cloud/security/privateca/v1/service.proto
 
@@ -9,200 +10,38 @@ require 'google/api/field_behavior_pb'
 require 'google/api/resource_pb'
 require 'google/cloud/security/privateca/v1/resources_pb'
 require 'google/longrunning/operations_pb'
+require 'google/protobuf/empty_pb'
 require 'google/protobuf/field_mask_pb'
 require 'google/protobuf/timestamp_pb'
 
-Google::Protobuf::DescriptorPool.generated_pool.build do
-  add_file("google/cloud/security/privateca/v1/service.proto", :syntax => :proto3) do
-    add_message "google.cloud.security.privateca.v1.CreateCertificateRequest" do
-      optional :parent, :string, 1
-      optional :certificate_id, :string, 2
-      optional :certificate, :message, 3, "google.cloud.security.privateca.v1.Certificate"
-      optional :request_id, :string, 4
-      optional :validate_only, :bool, 5
-      optional :issuing_certificate_authority_id, :string, 6
-    end
-    add_message "google.cloud.security.privateca.v1.GetCertificateRequest" do
-      optional :name, :string, 1
-    end
-    add_message "google.cloud.security.privateca.v1.ListCertificatesRequest" do
-      optional :parent, :string, 1
-      optional :page_size, :int32, 2
-      optional :page_token, :string, 3
-      optional :filter, :string, 4
-      optional :order_by, :string, 5
-    end
-    add_message "google.cloud.security.privateca.v1.ListCertificatesResponse" do
-      repeated :certificates, :message, 1, "google.cloud.security.privateca.v1.Certificate"
-      optional :next_page_token, :string, 2
-      repeated :unreachable, :string, 3
-    end
-    add_message "google.cloud.security.privateca.v1.RevokeCertificateRequest" do
-      optional :name, :string, 1
-      optional :reason, :enum, 2, "google.cloud.security.privateca.v1.RevocationReason"
-      optional :request_id, :string, 3
-    end
-    add_message "google.cloud.security.privateca.v1.UpdateCertificateRequest" do
-      optional :certificate, :message, 1, "google.cloud.security.privateca.v1.Certificate"
-      optional :update_mask, :message, 2, "google.protobuf.FieldMask"
-      optional :request_id, :string, 3
-    end
-    add_message "google.cloud.security.privateca.v1.ActivateCertificateAuthorityRequest" do
-      optional :name, :string, 1
-      optional :pem_ca_certificate, :string, 2
-      optional :subordinate_config, :message, 3, "google.cloud.security.privateca.v1.SubordinateConfig"
-      optional :request_id, :string, 4
-    end
-    add_message "google.cloud.security.privateca.v1.CreateCertificateAuthorityRequest" do
-      optional :parent, :string, 1
-      optional :certificate_authority_id, :string, 2
-      optional :certificate_authority, :message, 3, "google.cloud.security.privateca.v1.CertificateAuthority"
-      optional :request_id, :string, 4
-    end
-    add_message "google.cloud.security.privateca.v1.DisableCertificateAuthorityRequest" do
-      optional :name, :string, 1
-      optional :request_id, :string, 2
-    end
-    add_message "google.cloud.security.privateca.v1.EnableCertificateAuthorityRequest" do
-      optional :name, :string, 1
-      optional :request_id, :string, 2
-    end
-    add_message "google.cloud.security.privateca.v1.FetchCertificateAuthorityCsrRequest" do
-      optional :name, :string, 1
-    end
-    add_message "google.cloud.security.privateca.v1.FetchCertificateAuthorityCsrResponse" do
-      optional :pem_csr, :string, 1
-    end
-    add_message "google.cloud.security.privateca.v1.GetCertificateAuthorityRequest" do
-      optional :name, :string, 1
-    end
-    add_message "google.cloud.security.privateca.v1.ListCertificateAuthoritiesRequest" do
-      optional :parent, :string, 1
-      optional :page_size, :int32, 2
-      optional :page_token, :string, 3
-      optional :filter, :string, 4
-      optional :order_by, :string, 5
-    end
-    add_message "google.cloud.security.privateca.v1.ListCertificateAuthoritiesResponse" do
-      repeated :certificate_authorities, :message, 1, "google.cloud.security.privateca.v1.CertificateAuthority"
-      optional :next_page_token, :string, 2
-      repeated :unreachable, :string, 3
-    end
-    add_message "google.cloud.security.privateca.v1.UndeleteCertificateAuthorityRequest" do
-      optional :name, :string, 1
-      optional :request_id, :string, 2
-    end
-    add_message "google.cloud.security.privateca.v1.DeleteCertificateAuthorityRequest" do
-      optional :name, :string, 1
-      optional :request_id, :string, 2
-      optional :ignore_active_certificates, :bool, 4
-      optional :skip_grace_period, :bool, 5
-    end
-    add_message "google.cloud.security.privateca.v1.UpdateCertificateAuthorityRequest" do
-      optional :certificate_authority, :message, 1, "google.cloud.security.privateca.v1.CertificateAuthority"
-      optional :update_mask, :message, 2, "google.protobuf.FieldMask"
-      optional :request_id, :string, 3
-    end
-    add_message "google.cloud.security.privateca.v1.CreateCaPoolRequest" do
-      optional :parent, :string, 1
-      optional :ca_pool_id, :string, 2
-      optional :ca_pool, :message, 3, "google.cloud.security.privateca.v1.CaPool"
-      optional :request_id, :string, 4
-    end
-    add_message "google.cloud.security.privateca.v1.UpdateCaPoolRequest" do
-      optional :ca_pool, :message, 1, "google.cloud.security.privateca.v1.CaPool"
-      optional :update_mask, :message, 2, "google.protobuf.FieldMask"
-      optional :request_id, :string, 3
-    end
-    add_message "google.cloud.security.privateca.v1.DeleteCaPoolRequest" do
-      optional :name, :string, 1
-      optional :request_id, :string, 2
-    end
-    add_message "google.cloud.security.privateca.v1.FetchCaCertsRequest" do
-      optional :ca_pool, :string, 1
-      optional :request_id, :string, 2
-    end
-    add_message "google.cloud.security.privateca.v1.FetchCaCertsResponse" do
-      repeated :ca_certs, :message, 1, "google.cloud.security.privateca.v1.FetchCaCertsResponse.CertChain"
-    end
-    add_message "google.cloud.security.privateca.v1.FetchCaCertsResponse.CertChain" do
-      repeated :certificates, :string, 1
-    end
-    add_message "google.cloud.security.privateca.v1.GetCaPoolRequest" do
-      optional :name, :string, 1
-    end
-    add_message "google.cloud.security.privateca.v1.ListCaPoolsRequest" do
-      optional :parent, :string, 1
-      optional :page_size, :int32, 2
-      optional :page_token, :string, 3
-      optional :filter, :string, 4
-      optional :order_by, :string, 5
-    end
-    add_message "google.cloud.security.privateca.v1.ListCaPoolsResponse" do
-      repeated :ca_pools, :message, 1, "google.cloud.security.privateca.v1.CaPool"
-      optional :next_page_token, :string, 2
-      repeated :unreachable, :string, 3
-    end
-    add_message "google.cloud.security.privateca.v1.GetCertificateRevocationListRequest" do
-      optional :name, :string, 1
-    end
-    add_message "google.cloud.security.privateca.v1.ListCertificateRevocationListsRequest" do
-      optional :parent, :string, 1
-      optional :page_size, :int32, 2
-      optional :page_token, :string, 3
-      optional :filter, :string, 4
-      optional :order_by, :string, 5
-    end
-    add_message "google.cloud.security.privateca.v1.ListCertificateRevocationListsResponse" do
-      repeated :certificate_revocation_lists, :message, 1, "google.cloud.security.privateca.v1.CertificateRevocationList"
-      optional :next_page_token, :string, 2
-      repeated :unreachable, :string, 3
-    end
-    add_message "google.cloud.security.privateca.v1.UpdateCertificateRevocationListRequest" do
-      optional :certificate_revocation_list, :message, 1, "google.cloud.security.privateca.v1.CertificateRevocationList"
-      optional :update_mask, :message, 2, "google.protobuf.FieldMask"
-      optional :request_id, :string, 3
-    end
-    add_message "google.cloud.security.privateca.v1.CreateCertificateTemplateRequest" do
-      optional :parent, :string, 1
-      optional :certificate_template_id, :string, 2
-      optional :certificate_template, :message, 3, "google.cloud.security.privateca.v1.CertificateTemplate"
-      optional :request_id, :string, 4
-    end
-    add_message "google.cloud.security.privateca.v1.DeleteCertificateTemplateRequest" do
-      optional :name, :string, 1
-      optional :request_id, :string, 2
-    end
-    add_message "google.cloud.security.privateca.v1.GetCertificateTemplateRequest" do
-      optional :name, :string, 1
-    end
-    add_message "google.cloud.security.privateca.v1.ListCertificateTemplatesRequest" do
-      optional :parent, :string, 1
-      optional :page_size, :int32, 2
-      optional :page_token, :string, 3
-      optional :filter, :string, 4
-      optional :order_by, :string, 5
-    end
-    add_message "google.cloud.security.privateca.v1.ListCertificateTemplatesResponse" do
-      repeated :certificate_templates, :message, 1, "google.cloud.security.privateca.v1.CertificateTemplate"
-      optional :next_page_token, :string, 2
-      repeated :unreachable, :string, 3
-    end
-    add_message "google.cloud.security.privateca.v1.UpdateCertificateTemplateRequest" do
-      optional :certificate_template, :message, 1, "google.cloud.security.privateca.v1.CertificateTemplate"
-      optional :update_mask, :message, 2, "google.protobuf.FieldMask"
-      optional :request_id, :string, 3
-    end
-    add_message "google.cloud.security.privateca.v1.OperationMetadata" do
-      optional :create_time, :message, 1, "google.protobuf.Timestamp"
-      optional :end_time, :message, 2, "google.protobuf.Timestamp"
-      optional :target, :string, 3
-      optional :verb, :string, 4
-      optional :status_message, :string, 5
-      optional :requested_cancellation, :bool, 6
-      optional :api_version, :string, 7
+
+descriptor_data = "\n0google/cloud/security/privateca/v1/service.proto\x12\"google.cloud.security.privateca.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x32google/cloud/security/privateca/v1/resources.proto\x1a#google/longrunning/operations.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a google/protobuf/field_mask.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\x9f\x02\n\x18\x43reateCertificateRequest\x12\x37\n\x06parent\x18\x01 \x01(\tB\'\xe0\x41\x02\xfa\x41!\n\x1fprivateca.googleapis.com/CaPool\x12\x1b\n\x0e\x63\x65rtificate_id\x18\x02 \x01(\tB\x03\xe0\x41\x01\x12I\n\x0b\x63\x65rtificate\x18\x03 \x01(\x0b\x32/.google.cloud.security.privateca.v1.CertificateB\x03\xe0\x41\x02\x12\x17\n\nrequest_id\x18\x04 \x01(\tB\x03\xe0\x41\x01\x12\x1a\n\rvalidate_only\x18\x05 \x01(\x08\x42\x03\xe0\x41\x01\x12-\n issuing_certificate_authority_id\x18\x06 \x01(\tB\x03\xe0\x41\x01\"S\n\x15GetCertificateRequest\x12:\n\x04name\x18\x01 \x01(\tB,\xe0\x41\x02\xfa\x41&\n$privateca.googleapis.com/Certificate\"\xaf\x01\n\x17ListCertificatesRequest\x12\x37\n\x06parent\x18\x01 \x01(\tB\'\xe0\x41\x02\xfa\x41!\n\x1fprivateca.googleapis.com/CaPool\x12\x16\n\tpage_size\x18\x02 \x01(\x05\x42\x03\xe0\x41\x01\x12\x17\n\npage_token\x18\x03 \x01(\tB\x03\xe0\x41\x01\x12\x13\n\x06\x66ilter\x18\x04 \x01(\tB\x03\xe0\x41\x01\x12\x15\n\x08order_by\x18\x05 \x01(\tB\x03\xe0\x41\x01\"\x8f\x01\n\x18ListCertificatesResponse\x12\x45\n\x0c\x63\x65rtificates\x18\x01 \x03(\x0b\x32/.google.cloud.security.privateca.v1.Certificate\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\x12\x13\n\x0bunreachable\x18\x03 \x03(\t\"\xba\x01\n\x18RevokeCertificateRequest\x12:\n\x04name\x18\x01 \x01(\tB,\xe0\x41\x02\xfa\x41&\n$privateca.googleapis.com/Certificate\x12I\n\x06reason\x18\x02 \x01(\x0e\x32\x34.google.cloud.security.privateca.v1.RevocationReasonB\x03\xe0\x41\x02\x12\x17\n\nrequest_id\x18\x03 \x01(\tB\x03\xe0\x41\x01\"\xb4\x01\n\x18UpdateCertificateRequest\x12I\n\x0b\x63\x65rtificate\x18\x01 \x01(\x0b\x32/.google.cloud.security.privateca.v1.CertificateB\x03\xe0\x41\x02\x12\x34\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMaskB\x03\xe0\x41\x02\x12\x17\n\nrequest_id\x18\x03 \x01(\tB\x03\xe0\x41\x01\"\xfc\x01\n#ActivateCertificateAuthorityRequest\x12\x43\n\x04name\x18\x01 \x01(\tB5\xe0\x41\x02\xfa\x41/\n-privateca.googleapis.com/CertificateAuthority\x12\x1f\n\x12pem_ca_certificate\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12V\n\x12subordinate_config\x18\x03 \x01(\x0b\x32\x35.google.cloud.security.privateca.v1.SubordinateConfigB\x03\xe0\x41\x02\x12\x17\n\nrequest_id\x18\x04 \x01(\tB\x03\xe0\x41\x01\"\xfa\x01\n!CreateCertificateAuthorityRequest\x12\x37\n\x06parent\x18\x01 \x01(\tB\'\xe0\x41\x02\xfa\x41!\n\x1fprivateca.googleapis.com/CaPool\x12%\n\x18\x63\x65rtificate_authority_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12\\\n\x15\x63\x65rtificate_authority\x18\x03 \x01(\x0b\x32\x38.google.cloud.security.privateca.v1.CertificateAuthorityB\x03\xe0\x41\x02\x12\x17\n\nrequest_id\x18\x04 \x01(\tB\x03\xe0\x41\x01\"\xab\x01\n\"DisableCertificateAuthorityRequest\x12\x43\n\x04name\x18\x01 \x01(\tB5\xe0\x41\x02\xfa\x41/\n-privateca.googleapis.com/CertificateAuthority\x12\x17\n\nrequest_id\x18\x02 \x01(\tB\x03\xe0\x41\x01\x12\'\n\x1aignore_dependent_resources\x18\x03 \x01(\x08\x42\x03\xe0\x41\x01\"\x81\x01\n!EnableCertificateAuthorityRequest\x12\x43\n\x04name\x18\x01 \x01(\tB5\xe0\x41\x02\xfa\x41/\n-privateca.googleapis.com/CertificateAuthority\x12\x17\n\nrequest_id\x18\x02 \x01(\tB\x03\xe0\x41\x01\"j\n#FetchCertificateAuthorityCsrRequest\x12\x43\n\x04name\x18\x01 \x01(\tB5\xe0\x41\x02\xfa\x41/\n-privateca.googleapis.com/CertificateAuthority\"<\n$FetchCertificateAuthorityCsrResponse\x12\x14\n\x07pem_csr\x18\x01 \x01(\tB\x03\xe0\x41\x03\"e\n\x1eGetCertificateAuthorityRequest\x12\x43\n\x04name\x18\x01 \x01(\tB5\xe0\x41\x02\xfa\x41/\n-privateca.googleapis.com/CertificateAuthority\"\xb9\x01\n!ListCertificateAuthoritiesRequest\x12\x37\n\x06parent\x18\x01 \x01(\tB\'\xe0\x41\x02\xfa\x41!\n\x1fprivateca.googleapis.com/CaPool\x12\x16\n\tpage_size\x18\x02 \x01(\x05\x42\x03\xe0\x41\x01\x12\x17\n\npage_token\x18\x03 \x01(\tB\x03\xe0\x41\x01\x12\x13\n\x06\x66ilter\x18\x04 \x01(\tB\x03\xe0\x41\x01\x12\x15\n\x08order_by\x18\x05 \x01(\tB\x03\xe0\x41\x01\"\xad\x01\n\"ListCertificateAuthoritiesResponse\x12Y\n\x17\x63\x65rtificate_authorities\x18\x01 \x03(\x0b\x32\x38.google.cloud.security.privateca.v1.CertificateAuthority\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\x12\x13\n\x0bunreachable\x18\x03 \x03(\t\"\x83\x01\n#UndeleteCertificateAuthorityRequest\x12\x43\n\x04name\x18\x01 \x01(\tB5\xe0\x41\x02\xfa\x41/\n-privateca.googleapis.com/CertificateAuthority\x12\x17\n\nrequest_id\x18\x02 \x01(\tB\x03\xe0\x41\x01\"\xf3\x01\n!DeleteCertificateAuthorityRequest\x12\x43\n\x04name\x18\x01 \x01(\tB5\xe0\x41\x02\xfa\x41/\n-privateca.googleapis.com/CertificateAuthority\x12\x17\n\nrequest_id\x18\x02 \x01(\tB\x03\xe0\x41\x01\x12\'\n\x1aignore_active_certificates\x18\x04 \x01(\x08\x42\x03\xe0\x41\x01\x12\x1e\n\x11skip_grace_period\x18\x05 \x01(\x08\x42\x03\xe0\x41\x01\x12\'\n\x1aignore_dependent_resources\x18\x06 \x01(\x08\x42\x03\xe0\x41\x01\"\xd0\x01\n!UpdateCertificateAuthorityRequest\x12\\\n\x15\x63\x65rtificate_authority\x18\x01 \x01(\x0b\x32\x38.google.cloud.security.privateca.v1.CertificateAuthorityB\x03\xe0\x41\x02\x12\x34\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMaskB\x03\xe0\x41\x02\x12\x17\n\nrequest_id\x18\x03 \x01(\tB\x03\xe0\x41\x01\"\xc4\x01\n\x13\x43reateCaPoolRequest\x12\x39\n\x06parent\x18\x01 \x01(\tB)\xe0\x41\x02\xfa\x41#\n!locations.googleapis.com/Location\x12\x17\n\nca_pool_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12@\n\x07\x63\x61_pool\x18\x03 \x01(\x0b\x32*.google.cloud.security.privateca.v1.CaPoolB\x03\xe0\x41\x02\x12\x17\n\nrequest_id\x18\x04 \x01(\tB\x03\xe0\x41\x01\"\xa6\x01\n\x13UpdateCaPoolRequest\x12@\n\x07\x63\x61_pool\x18\x01 \x01(\x0b\x32*.google.cloud.security.privateca.v1.CaPoolB\x03\xe0\x41\x02\x12\x34\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMaskB\x03\xe0\x41\x02\x12\x17\n\nrequest_id\x18\x03 \x01(\tB\x03\xe0\x41\x01\"\x8e\x01\n\x13\x44\x65leteCaPoolRequest\x12\x35\n\x04name\x18\x01 \x01(\tB\'\xe0\x41\x02\xfa\x41!\n\x1fprivateca.googleapis.com/CaPool\x12\x17\n\nrequest_id\x18\x02 \x01(\tB\x03\xe0\x41\x01\x12\'\n\x1aignore_dependent_resources\x18\x04 \x01(\x08\x42\x03\xe0\x41\x01\"h\n\x13\x46\x65tchCaCertsRequest\x12\x38\n\x07\x63\x61_pool\x18\x01 \x01(\tB\'\xe0\x41\x02\xfa\x41!\n\x1fprivateca.googleapis.com/CaPool\x12\x17\n\nrequest_id\x18\x02 \x01(\tB\x03\xe0\x41\x01\"\x8f\x01\n\x14\x46\x65tchCaCertsResponse\x12T\n\x08\x63\x61_certs\x18\x01 \x03(\x0b\x32\x42.google.cloud.security.privateca.v1.FetchCaCertsResponse.CertChain\x1a!\n\tCertChain\x12\x14\n\x0c\x63\x65rtificates\x18\x01 \x03(\t\"I\n\x10GetCaPoolRequest\x12\x35\n\x04name\x18\x01 \x01(\tB\'\xe0\x41\x02\xfa\x41!\n\x1fprivateca.googleapis.com/CaPool\"\xac\x01\n\x12ListCaPoolsRequest\x12\x39\n\x06parent\x18\x01 \x01(\tB)\xe0\x41\x02\xfa\x41#\n!locations.googleapis.com/Location\x12\x16\n\tpage_size\x18\x02 \x01(\x05\x42\x03\xe0\x41\x01\x12\x17\n\npage_token\x18\x03 \x01(\tB\x03\xe0\x41\x01\x12\x13\n\x06\x66ilter\x18\x04 \x01(\tB\x03\xe0\x41\x01\x12\x15\n\x08order_by\x18\x05 \x01(\tB\x03\xe0\x41\x01\"\x81\x01\n\x13ListCaPoolsResponse\x12<\n\x08\x63\x61_pools\x18\x01 \x03(\x0b\x32*.google.cloud.security.privateca.v1.CaPool\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\x12\x13\n\x0bunreachable\x18\x03 \x03(\t\"o\n#GetCertificateRevocationListRequest\x12H\n\x04name\x18\x01 \x01(\tB:\xe0\x41\x02\xfa\x41\x34\n2privateca.googleapis.com/CertificateRevocationList\"\xcb\x01\n%ListCertificateRevocationListsRequest\x12\x45\n\x06parent\x18\x01 \x01(\tB5\xe0\x41\x02\xfa\x41/\n-privateca.googleapis.com/CertificateAuthority\x12\x16\n\tpage_size\x18\x02 \x01(\x05\x42\x03\xe0\x41\x01\x12\x17\n\npage_token\x18\x03 \x01(\tB\x03\xe0\x41\x01\x12\x13\n\x06\x66ilter\x18\x04 \x01(\tB\x03\xe0\x41\x01\x12\x15\n\x08order_by\x18\x05 \x01(\tB\x03\xe0\x41\x01\"\xbb\x01\n&ListCertificateRevocationListsResponse\x12\x63\n\x1c\x63\x65rtificate_revocation_lists\x18\x01 \x03(\x0b\x32=.google.cloud.security.privateca.v1.CertificateRevocationList\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\x12\x13\n\x0bunreachable\x18\x03 \x03(\t\"\xe0\x01\n&UpdateCertificateRevocationListRequest\x12g\n\x1b\x63\x65rtificate_revocation_list\x18\x01 \x01(\x0b\x32=.google.cloud.security.privateca.v1.CertificateRevocationListB\x03\xe0\x41\x02\x12\x34\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMaskB\x03\xe0\x41\x02\x12\x17\n\nrequest_id\x18\x03 \x01(\tB\x03\xe0\x41\x01\"\xf8\x01\n CreateCertificateTemplateRequest\x12\x39\n\x06parent\x18\x01 \x01(\tB)\xe0\x41\x02\xfa\x41#\n!locations.googleapis.com/Location\x12$\n\x17\x63\x65rtificate_template_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12Z\n\x14\x63\x65rtificate_template\x18\x03 \x01(\x0b\x32\x37.google.cloud.security.privateca.v1.CertificateTemplateB\x03\xe0\x41\x02\x12\x17\n\nrequest_id\x18\x04 \x01(\tB\x03\xe0\x41\x01\"\x7f\n DeleteCertificateTemplateRequest\x12\x42\n\x04name\x18\x01 \x01(\tB4\xe0\x41\x02\xfa\x41.\n,privateca.googleapis.com/CertificateTemplate\x12\x17\n\nrequest_id\x18\x02 \x01(\tB\x03\xe0\x41\x01\"c\n\x1dGetCertificateTemplateRequest\x12\x42\n\x04name\x18\x01 \x01(\tB4\xe0\x41\x02\xfa\x41.\n,privateca.googleapis.com/CertificateTemplate\"\xb9\x01\n\x1fListCertificateTemplatesRequest\x12\x39\n\x06parent\x18\x01 \x01(\tB)\xe0\x41\x02\xfa\x41#\n!locations.googleapis.com/Location\x12\x16\n\tpage_size\x18\x02 \x01(\x05\x42\x03\xe0\x41\x01\x12\x17\n\npage_token\x18\x03 \x01(\tB\x03\xe0\x41\x01\x12\x13\n\x06\x66ilter\x18\x04 \x01(\tB\x03\xe0\x41\x01\x12\x15\n\x08order_by\x18\x05 \x01(\tB\x03\xe0\x41\x01\"\xa8\x01\n ListCertificateTemplatesResponse\x12V\n\x15\x63\x65rtificate_templates\x18\x01 \x03(\x0b\x32\x37.google.cloud.security.privateca.v1.CertificateTemplate\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\x12\x13\n\x0bunreachable\x18\x03 \x03(\t\"\xcd\x01\n UpdateCertificateTemplateRequest\x12Z\n\x14\x63\x65rtificate_template\x18\x01 \x01(\x0b\x32\x37.google.cloud.security.privateca.v1.CertificateTemplateB\x03\xe0\x41\x02\x12\x34\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMaskB\x03\xe0\x41\x02\x12\x17\n\nrequest_id\x18\x03 \x01(\tB\x03\xe0\x41\x01\"\x80\x02\n\x11OperationMetadata\x12\x34\n\x0b\x63reate_time\x18\x01 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x31\n\x08\x65nd_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x13\n\x06target\x18\x03 \x01(\tB\x03\xe0\x41\x03\x12\x11\n\x04verb\x18\x04 \x01(\tB\x03\xe0\x41\x03\x12\x1b\n\x0estatus_message\x18\x05 \x01(\tB\x03\xe0\x41\x03\x12#\n\x16requested_cancellation\x18\x06 \x01(\x08\x42\x03\xe0\x41\x03\x12\x18\n\x0b\x61pi_version\x18\x07 \x01(\tB\x03\xe0\x41\x03\x32\xfa;\n\x1b\x43\x65rtificateAuthorityService\x12\xf7\x01\n\x11\x43reateCertificate\x12<.google.cloud.security.privateca.v1.CreateCertificateRequest\x1a/.google.cloud.security.privateca.v1.Certificate\"s\x82\xd3\xe4\x93\x02I\":/v1/{parent=projects/*/locations/*/caPools/*}/certificates:\x0b\x63\x65rtificate\xda\x41!parent,certificate,certificate_id\x12\xc7\x01\n\x0eGetCertificate\x12\x39.google.cloud.security.privateca.v1.GetCertificateRequest\x1a/.google.cloud.security.privateca.v1.Certificate\"I\x82\xd3\xe4\x93\x02<\x12:/v1/{name=projects/*/locations/*/caPools/*/certificates/*}\xda\x41\x04name\x12\xda\x01\n\x10ListCertificates\x12;.google.cloud.security.privateca.v1.ListCertificatesRequest\x1a<.google.cloud.security.privateca.v1.ListCertificatesResponse\"K\x82\xd3\xe4\x93\x02<\x12:/v1/{parent=projects/*/locations/*/caPools/*}/certificates\xda\x41\x06parent\x12\xd7\x01\n\x11RevokeCertificate\x12<.google.cloud.security.privateca.v1.RevokeCertificateRequest\x1a/.google.cloud.security.privateca.v1.Certificate\"S\x82\xd3\xe4\x93\x02\x46\"A/v1/{name=projects/*/locations/*/caPools/*/certificates/*}:revoke:\x01*\xda\x41\x04name\x12\xf9\x01\n\x11UpdateCertificate\x12<.google.cloud.security.privateca.v1.UpdateCertificateRequest\x1a/.google.cloud.security.privateca.v1.Certificate\"u\x82\xd3\xe4\x93\x02U2F/v1/{certificate.name=projects/*/locations/*/caPools/*/certificates/*}:\x0b\x63\x65rtificate\xda\x41\x17\x63\x65rtificate,update_mask\x12\x94\x02\n\x1c\x41\x63tivateCertificateAuthority\x12G.google.cloud.security.privateca.v1.ActivateCertificateAuthorityRequest\x1a\x1d.google.longrunning.Operation\"\x8b\x01\x82\xd3\xe4\x93\x02R\"M/v1/{name=projects/*/locations/*/caPools/*/certificateAuthorities/*}:activate:\x01*\xda\x41\x04name\xca\x41)\n\x14\x43\x65rtificateAuthority\x12\x11OperationMetadata\x12\xcc\x02\n\x1a\x43reateCertificateAuthority\x12\x45.google.cloud.security.privateca.v1.CreateCertificateAuthorityRequest\x1a\x1d.google.longrunning.Operation\"\xc7\x01\x82\xd3\xe4\x93\x02]\"D/v1/{parent=projects/*/locations/*/caPools/*}/certificateAuthorities:\x15\x63\x65rtificate_authority\xda\x41\x35parent,certificate_authority,certificate_authority_id\xca\x41)\n\x14\x43\x65rtificateAuthority\x12\x11OperationMetadata\x12\x91\x02\n\x1b\x44isableCertificateAuthority\x12\x46.google.cloud.security.privateca.v1.DisableCertificateAuthorityRequest\x1a\x1d.google.longrunning.Operation\"\x8a\x01\x82\xd3\xe4\x93\x02Q\"L/v1/{name=projects/*/locations/*/caPools/*/certificateAuthorities/*}:disable:\x01*\xda\x41\x04name\xca\x41)\n\x14\x43\x65rtificateAuthority\x12\x11OperationMetadata\x12\x8e\x02\n\x1a\x45nableCertificateAuthority\x12\x45.google.cloud.security.privateca.v1.EnableCertificateAuthorityRequest\x1a\x1d.google.longrunning.Operation\"\x89\x01\x82\xd3\xe4\x93\x02P\"K/v1/{name=projects/*/locations/*/caPools/*/certificateAuthorities/*}:enable:\x01*\xda\x41\x04name\xca\x41)\n\x14\x43\x65rtificateAuthority\x12\x11OperationMetadata\x12\x8c\x02\n\x1c\x46\x65tchCertificateAuthorityCsr\x12G.google.cloud.security.privateca.v1.FetchCertificateAuthorityCsrRequest\x1aH.google.cloud.security.privateca.v1.FetchCertificateAuthorityCsrResponse\"Y\x82\xd3\xe4\x93\x02L\x12J/v1/{name=projects/*/locations/*/caPools/*/certificateAuthorities/*}:fetch\xda\x41\x04name\x12\xec\x01\n\x17GetCertificateAuthority\x12\x42.google.cloud.security.privateca.v1.GetCertificateAuthorityRequest\x1a\x38.google.cloud.security.privateca.v1.CertificateAuthority\"S\x82\xd3\xe4\x93\x02\x46\x12\x44/v1/{name=projects/*/locations/*/caPools/*/certificateAuthorities/*}\xda\x41\x04name\x12\x82\x02\n\x1aListCertificateAuthorities\x12\x45.google.cloud.security.privateca.v1.ListCertificateAuthoritiesRequest\x1a\x46.google.cloud.security.privateca.v1.ListCertificateAuthoritiesResponse\"U\x82\xd3\xe4\x93\x02\x46\x12\x44/v1/{parent=projects/*/locations/*/caPools/*}/certificateAuthorities\xda\x41\x06parent\x12\x94\x02\n\x1cUndeleteCertificateAuthority\x12G.google.cloud.security.privateca.v1.UndeleteCertificateAuthorityRequest\x1a\x1d.google.longrunning.Operation\"\x8b\x01\x82\xd3\xe4\x93\x02R\"M/v1/{name=projects/*/locations/*/caPools/*/certificateAuthorities/*}:undelete:\x01*\xda\x41\x04name\xca\x41)\n\x14\x43\x65rtificateAuthority\x12\x11OperationMetadata\x12\x83\x02\n\x1a\x44\x65leteCertificateAuthority\x12\x45.google.cloud.security.privateca.v1.DeleteCertificateAuthorityRequest\x1a\x1d.google.longrunning.Operation\"\x7f\x82\xd3\xe4\x93\x02\x46*D/v1/{name=projects/*/locations/*/caPools/*/certificateAuthorities/*}\xda\x41\x04name\xca\x41)\n\x14\x43\x65rtificateAuthority\x12\x11OperationMetadata\x12\xce\x02\n\x1aUpdateCertificateAuthority\x12\x45.google.cloud.security.privateca.v1.UpdateCertificateAuthorityRequest\x1a\x1d.google.longrunning.Operation\"\xc9\x01\x82\xd3\xe4\x93\x02s2Z/v1/{certificate_authority.name=projects/*/locations/*/caPools/*/certificateAuthorities/*}:\x15\x63\x65rtificate_authority\xda\x41!certificate_authority,update_mask\xca\x41)\n\x14\x43\x65rtificateAuthority\x12\x11OperationMetadata\x12\xde\x01\n\x0c\x43reateCaPool\x12\x37.google.cloud.security.privateca.v1.CreateCaPoolRequest\x1a\x1d.google.longrunning.Operation\"v\x82\xd3\xe4\x93\x02\x36\"+/v1/{parent=projects/*/locations/*}/caPools:\x07\x63\x61_pool\xda\x41\x19parent,ca_pool,ca_pool_id\xca\x41\x1b\n\x06\x43\x61Pool\x12\x11OperationMetadata\x12\xe0\x01\n\x0cUpdateCaPool\x12\x37.google.cloud.security.privateca.v1.UpdateCaPoolRequest\x1a\x1d.google.longrunning.Operation\"x\x82\xd3\xe4\x93\x02>23/v1/{ca_pool.name=projects/*/locations/*/caPools/*}:\x07\x63\x61_pool\xda\x41\x13\x63\x61_pool,update_mask\xca\x41\x1b\n\x06\x43\x61Pool\x12\x11OperationMetadata\x12\xa9\x01\n\tGetCaPool\x12\x34.google.cloud.security.privateca.v1.GetCaPoolRequest\x1a*.google.cloud.security.privateca.v1.CaPool\":\x82\xd3\xe4\x93\x02-\x12+/v1/{name=projects/*/locations/*/caPools/*}\xda\x41\x04name\x12\xbc\x01\n\x0bListCaPools\x12\x36.google.cloud.security.privateca.v1.ListCaPoolsRequest\x1a\x37.google.cloud.security.privateca.v1.ListCaPoolsResponse\"<\x82\xd3\xe4\x93\x02-\x12+/v1/{parent=projects/*/locations/*}/caPools\xda\x41\x06parent\x12\xcf\x01\n\x0c\x44\x65leteCaPool\x12\x37.google.cloud.security.privateca.v1.DeleteCaPoolRequest\x1a\x1d.google.longrunning.Operation\"g\x82\xd3\xe4\x93\x02-*+/v1/{name=projects/*/locations/*/caPools/*}\xda\x41\x04name\xca\x41*\n\x15google.protobuf.Empty\x12\x11OperationMetadata\x12\xd3\x01\n\x0c\x46\x65tchCaCerts\x12\x37.google.cloud.security.privateca.v1.FetchCaCertsRequest\x1a\x38.google.cloud.security.privateca.v1.FetchCaCertsResponse\"P\x82\xd3\xe4\x93\x02@\";/v1/{ca_pool=projects/*/locations/*/caPools/*}:fetchCaCerts:\x01*\xda\x41\x07\x63\x61_pool\x12\x98\x02\n\x1cGetCertificateRevocationList\x12G.google.cloud.security.privateca.v1.GetCertificateRevocationListRequest\x1a=.google.cloud.security.privateca.v1.CertificateRevocationList\"p\x82\xd3\xe4\x93\x02\x63\x12\x61/v1/{name=projects/*/locations/*/caPools/*/certificateAuthorities/*/certificateRevocationLists/*}\xda\x41\x04name\x12\xab\x02\n\x1eListCertificateRevocationLists\x12I.google.cloud.security.privateca.v1.ListCertificateRevocationListsRequest\x1aJ.google.cloud.security.privateca.v1.ListCertificateRevocationListsResponse\"r\x82\xd3\xe4\x93\x02\x63\x12\x61/v1/{parent=projects/*/locations/*/caPools/*/certificateAuthorities/*}/certificateRevocationLists\xda\x41\x06parent\x12\x8d\x03\n\x1fUpdateCertificateRevocationList\x12J.google.cloud.security.privateca.v1.UpdateCertificateRevocationListRequest\x1a\x1d.google.longrunning.Operation\"\xfe\x01\x82\xd3\xe4\x93\x02\x9c\x01\x32}/v1/{certificate_revocation_list.name=projects/*/locations/*/caPools/*/certificateAuthorities/*/certificateRevocationLists/*}:\x1b\x63\x65rtificate_revocation_list\xda\x41\'certificate_revocation_list,update_mask\xca\x41.\n\x19\x43\x65rtificateRevocationList\x12\x11OperationMetadata\x12\xba\x02\n\x19\x43reateCertificateTemplate\x12\x44.google.cloud.security.privateca.v1.CreateCertificateTemplateRequest\x1a\x1d.google.longrunning.Operation\"\xb7\x01\x82\xd3\xe4\x93\x02P\"8/v1/{parent=projects/*/locations/*}/certificateTemplates:\x14\x63\x65rtificate_template\xda\x41\x33parent,certificate_template,certificate_template_id\xca\x41(\n\x13\x43\x65rtificateTemplate\x12\x11OperationMetadata\x12\x9a\x02\n\x19\x44\x65leteCertificateTemplate\x12\x44.google.cloud.security.privateca.v1.DeleteCertificateTemplateRequest\x1a\x1d.google.longrunning.Operation\"\x97\x01\x82\xd3\xe4\x93\x02:*8/v1/{name=projects/*/locations/*/certificateTemplates/*}\xda\x41\x04name\xca\x41M\n\x15google.protobuf.Empty\x12\x34google.cloud.security.privateca.v1.OperationMetadata\x12\xdd\x01\n\x16GetCertificateTemplate\x12\x41.google.cloud.security.privateca.v1.GetCertificateTemplateRequest\x1a\x37.google.cloud.security.privateca.v1.CertificateTemplate\"G\x82\xd3\xe4\x93\x02:\x12\x38/v1/{name=projects/*/locations/*/certificateTemplates/*}\xda\x41\x04name\x12\xf0\x01\n\x18ListCertificateTemplates\x12\x43.google.cloud.security.privateca.v1.ListCertificateTemplatesRequest\x1a\x44.google.cloud.security.privateca.v1.ListCertificateTemplatesResponse\"I\x82\xd3\xe4\x93\x02:\x12\x38/v1/{parent=projects/*/locations/*}/certificateTemplates\xda\x41\x06parent\x12\xbc\x02\n\x19UpdateCertificateTemplate\x12\x44.google.cloud.security.privateca.v1.UpdateCertificateTemplateRequest\x1a\x1d.google.longrunning.Operation\"\xb9\x01\x82\xd3\xe4\x93\x02\x65\x32M/v1/{certificate_template.name=projects/*/locations/*/certificateTemplates/*}:\x14\x63\x65rtificate_template\xda\x41 certificate_template,update_mask\xca\x41(\n\x13\x43\x65rtificateTemplate\x12\x11OperationMetadata\x1aL\xca\x41\x18privateca.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\xf6\x01\n&com.google.cloud.security.privateca.v1B\x0ePrivateCaProtoP\x01ZDcloud.google.com/go/security/privateca/apiv1/privatecapb;privatecapb\xf8\x01\x01\xaa\x02\"Google.Cloud.Security.PrivateCA.V1\xca\x02\"Google\\Cloud\\Security\\PrivateCA\\V1\xea\x02&Google::Cloud::Security::PrivateCA::V1b\x06proto3"
+
+pool = Google::Protobuf::DescriptorPool.generated_pool
+
+begin
+  pool.add_serialized_file(descriptor_data)
+rescue TypeError => e
+  # Compatibility code: will be removed in the next major version.
+  require 'google/protobuf/descriptor_pb'
+  parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
+  parsed.clear_dependency
+  serialized = parsed.class.encode(parsed)
+  file = pool.add_serialized_file(serialized)
+  warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
+  imports = [
+    ["google.cloud.security.privateca.v1.Certificate", "google/cloud/security/privateca/v1/resources.proto"],
+    ["google.protobuf.FieldMask", "google/protobuf/field_mask.proto"],
+    ["google.protobuf.Timestamp", "google/protobuf/timestamp.proto"],
+  ]
+  imports.each do |type_name, expected_filename|
+    import_file = pool.lookup(type_name).file_descriptor
+    if import_file.name != expected_filename
+      warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
     end
   end
+  warn "Each proto file must use a consistent fully-qualified name."
+  warn "This will become an error in the next major version."
 end
 
 module Google

data/proto_docs/google/api/client.rb

@@ -35,7 +35,9 @@ module Google
     # Details about how and where to publish client libraries.
     # @!attribute [rw] version
     #   @return [::String]
-    #     Version of the API to apply these settings to.
+    #     Version of the API to apply these settings to. This is the full protobuf
+    #     package for the API, ending in the version element.
+    #     Examples: "google.cloud.speech.v1" and "google.spanner.admin.database.v1".
     # @!attribute [rw] launch_stage
     #   @return [::Google::Api::LaunchStage]
     #     Launch stage of this version of the API.
@@ -81,7 +83,7 @@ module Google
     #     long-running operation pattern.
     # @!attribute [rw] new_issue_uri
     #   @return [::String]
-    #     Link to a place that API users can report issues.  Example:
+    #     Link to a *public* URI where users can report issues.  Example:
     #     https://issuetracker.google.com/issues/new?component=190865&template=1161103
     # @!attribute [rw] documentation_uri
     #   @return [::String]
@@ -111,6 +113,10 @@ module Google
     #     Client library settings.  If the same version string appears multiple
     #     times in this list, then the last one wins.  Settings from earlier
     #     settings with the same version string are discarded.
+    # @!attribute [rw] proto_reference_documentation_uri
+    #   @return [::String]
+    #     Optional link to proto reference documentation.  Example:
+    #     https://cloud.google.com/pubsub/lite/docs/reference/rpc
     class Publishing
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -203,9 +209,57 @@ module Google
     # @!attribute [rw] common
     #   @return [::Google::Api::CommonLanguageSettings]
     #     Some settings.
+    # @!attribute [rw] renamed_services
+    #   @return [::Google::Protobuf::Map{::String => ::String}]
+    #     Map from original service names to renamed versions.
+    #     This is used when the default generated types
+    #     would cause a naming conflict. (Neither name is
+    #     fully-qualified.)
+    #     Example: Subscriber to SubscriberServiceApi.
+    # @!attribute [rw] renamed_resources
+    #   @return [::Google::Protobuf::Map{::String => ::String}]
+    #     Map from full resource types to the effective short name
+    #     for the resource. This is used when otherwise resource
+    #     named from different services would cause naming collisions.
+    #     Example entry:
+    #     "datalabeling.googleapis.com/Dataset": "DataLabelingDataset"
+    # @!attribute [rw] ignored_resources
+    #   @return [::Array<::String>]
+    #     List of full resource types to ignore during generation.
+    #     This is typically used for API-specific Location resources,
+    #     which should be handled by the generator as if they were actually
+    #     the common Location resources.
+    #     Example entry: "documentai.googleapis.com/Location"
+    # @!attribute [rw] forced_namespace_aliases
+    #   @return [::Array<::String>]
+    #     Namespaces which must be aliased in snippets due to
+    #     a known (but non-generator-predictable) naming collision
+    # @!attribute [rw] handwritten_signatures
+    #   @return [::Array<::String>]
+    #     Method signatures (in the form "service.method(signature)")
+    #     which are provided separately, so shouldn't be generated.
+    #     Snippets *calling* these methods are still generated, however.
     class DotnetSettings
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # @!attribute [rw] key
+      #   @return [::String]
+      # @!attribute [rw] value
+      #   @return [::String]
+      class RenamedServicesEntry
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # @!attribute [rw] key
+      #   @return [::String]
+      # @!attribute [rw] value
+      #   @return [::String]
+      class RenamedResourcesEntry
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
     end
 
     # Settings for Ruby client libraries.
@@ -240,8 +294,8 @@ module Google
     #     Example of a YAML configuration::
     #
     #      publishing:
-    #        method_behavior:
-    #          - selector: CreateAdDomain
+    #        method_settings:
+    #          - selector: google.cloud.speech.v2.Speech.BatchRecognize
     #            long_running:
     #              initial_poll_delay:
     #                seconds: 60 # 1 minute
@@ -299,6 +353,15 @@ module Google
 
       # Street View Org.
       STREET_VIEW = 4
+
+      # Shopping Org.
+      SHOPPING = 5
+
+      # Geo Org.
+      GEO = 6
+
+      # Generative AI - https://developers.generativeai.google
+      GENERATIVE_AI = 7
     end
 
     # To where should client libraries be published?

data/proto_docs/google/cloud/security/privateca/v1/resources.rb

@@ -1459,7 +1459,7 @@ module Google
             DEFAULT = 1
 
             # A mode reserved for special cases. Indicates that the certificate should
-            # have one or more SPIFFE
+            # have one SPIFFE
             # {::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames SubjectAltNames} set
             # by the service based on the caller's identity. This mode will ignore any
             # explicitly specified {::Google::Cloud::Security::PrivateCA::V1::Subject Subject}

data/proto_docs/google/cloud/security/privateca/v1/service.rb

@@ -313,6 +313,12 @@ module Google
           #
           #     The request ID must be a valid UUID with the exception that zero UUID is
           #     not supported (00000000-0000-0000-0000-000000000000).
+          # @!attribute [rw] ignore_dependent_resources
+          #   @return [::Boolean]
+          #     Optional. This field allows this CA to be disabled even if it's being
+          #     depended on by another resource. However, doing so may result in unintended
+          #     and unrecoverable effects on any dependent resource(s) since the CA will
+          #     no longer be able to issue certificates.
           class DisableCertificateAuthorityRequest
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -490,6 +496,12 @@ module Google
           #     Optional. If this flag is set, the Certificate Authority will be deleted as
           #     soon as possible without a 30-day grace period where undeletion would have
           #     been allowed. If you proceed, there will be no way to recover this CA.
+          # @!attribute [rw] ignore_dependent_resources
+          #   @return [::Boolean]
+          #     Optional. This field allows this ca to be deleted even if it's being
+          #     depended on by another resource. However, doing so may result in unintended
+          #     and unrecoverable effects on any dependent resource(s) since the CA will
+          #     no longer be able to issue certificates.
           class DeleteCertificateAuthorityRequest
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -611,6 +623,12 @@ module Google
           #
           #     The request ID must be a valid UUID with the exception that zero UUID is
           #     not supported (00000000-0000-0000-0000-000000000000).
+          # @!attribute [rw] ignore_dependent_resources
+          #   @return [::Boolean]
+          #     Optional. This field allows this pool to be deleted even if it's being
+          #     depended on by another resource. However, doing so may result in unintended
+          #     and unrecoverable effects on any dependent resource(s) since the pool will
+          #     no longer be able to issue certificates.
           class DeleteCaPoolRequest
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/protobuf/any.rb

@@ -43,8 +43,12 @@ module Google
     #     if (any.is(Foo.class)) {
     #       foo = any.unpack(Foo.class);
     #     }
+    #     // or ...
+    #     if (any.isSameTypeAs(Foo.getDefaultInstance())) {
+    #       foo = any.unpack(Foo.getDefaultInstance());
+    #     }
     #
-    # Example 3: Pack and unpack a message in Python.
+    #  Example 3: Pack and unpack a message in Python.
     #
     #     foo = Foo(...)
     #     any = Any()
@@ -54,7 +58,7 @@ module Google
     #       any.Unpack(foo)
     #       ...
     #
-    # Example 4: Pack and unpack a message in Go
+    #  Example 4: Pack and unpack a message in Go
     #
     #      foo := &pb.Foo{...}
     #      any, err := anypb.New(foo)
@@ -73,9 +77,8 @@ module Google
     # in the type URL, for example "foo.bar.com/x/y.z" will yield type
     # name "y.z".
     #
-    #
     # JSON
-    #
+    # ====
     # The JSON representation of an `Any` value uses the regular
     # representation of the deserialized, embedded message, with an
     # additional field `@type` which contains the type URL. Example:

data/proto_docs/google/protobuf/timestamp.rb

@@ -69,7 +69,6 @@ module Google
     #     Timestamp timestamp = Timestamp.newBuilder().setSeconds(millis / 1000)
     #         .setNanos((int) ((millis % 1000) * 1000000)).build();
     #
-    #
     # Example 5: Compute Timestamp from Java `Instant.now()`.
     #
     #     Instant now = Instant.now();
@@ -78,7 +77,6 @@ module Google
     #         Timestamp.newBuilder().setSeconds(now.getEpochSecond())
     #             .setNanos(now.getNano()).build();
     #
-    #
     # Example 6: Compute Timestamp from current time in Python.
     #
     #     timestamp = Timestamp()
@@ -108,7 +106,7 @@ module Google
     # [`strftime`](https://docs.python.org/2/library/time.html#time.strftime) with
     # the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one can use
     # the Joda Time's [`ISODateTimeFormat.dateTime()`](
-    # http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime%2D%2D
+    # http://joda-time.sourceforge.net/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime()
     # ) to obtain a formatter capable of generating timestamps in this format.
     # @!attribute [rw] seconds
     #   @return [::Integer]

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-security-private_ca-v1
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.8.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-03-08 00:00:00.000000000 Z
+date: 2023-05-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
@@ -16,7 +16,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.18.0
+        version: 0.19.0
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -26,7 +26,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.18.0
+        version: 0.19.0
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a