RubyGems - google-cloud-security-private_ca-v1 - Versions diffs - 2.6.0 → 2.7.0 - Mend

google-cloud-security-private_ca-v1 2.6.0 → 2.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0e081e17355053920ee8b7e9ca104605868a383098b36c57b7ed764d636560f5
-  data.tar.gz: a4e2e3333ea2d81f1f8da72ba5948f35532d0c232bfd62b8b2194a988b7e9d11
+  metadata.gz: 9922cb12d0a3db22b8fc40e38527c5522d15e61d6574c823348f317a5ae19ed0
+  data.tar.gz: 178c6111d4d63f7d790a111d6777831dcc9de219870d4c6aad98e8a437942a7a
 SHA512:
-  metadata.gz: e1cfba5561a9e3d226eff4cdfe31d6f19338165965d485be6ebbea1c07771f6b0ec1fbda8c335b41bd0ff25137293f3edab39d9a4911de7421b812c160724fb5
-  data.tar.gz: 5876f2608d83ae63819ee73a35453d005d21587cd7550a5a2dff221bd5ed9e96f2f40ed87dbfa830a2ed226ece8b26290406d806bbcfe152c98be7d0691d4c0a
+  metadata.gz: e2c608858722bd6b4686655d9e561cb1b2007184514030e546e46671fefcfa46a205fd40387a73201367766323f1c3e809fb4671817de3f7174bf2a744738d10
+  data.tar.gz: 04f681712227f7500a5869b3081c396a78ae885161f21e2171c00a76f3386bb6fa8a03abbb558b9059089d294d49c425f0237057524679cf96451b4d9b17f746

data/lib/google/cloud/security/private_ca/v1/certificate_authority_service/client.rb CHANGED Viewed

@@ -486,9 +486,18 @@ module Google
               #   the default parameter values, pass an empty Hash as a request object (see above).
               #
               #   @param parent [::String]
-              #     Required. The resource name of the location associated with the
+              #     Required. The resource name of the parent associated with the
               #     {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificates}, in the
-              #     format `projects/*/locations/*/caPools/*`.
+              #     format `projects/*/locations/*/caPools/*`. The parent resource name can be
+              #     in one of two forms:
+              #
+              #     1.  **Specific CA Pool:** To list certificates within a single CA Pool:
+              #         `projects/*/locations/*/caPools/*`
+              #
+              #     2.  **All CA Pools in a Location:** To list certificates across *all* CA
+              #         Pools in a given project and location, use the wildcard character (`-`)
+              #         in place of the CA Pool ID.
+              #         Example: `projects/*/locations/*/caPools/-`
               #   @param page_size [::Integer]
               #     Optional. Limit on the number of
               #     {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificates} to include

data/lib/google/cloud/security/private_ca/v1/certificate_authority_service/rest/client.rb CHANGED Viewed

@@ -467,9 +467,18 @@ module Google
                 #   the default parameter values, pass an empty Hash as a request object (see above).
                 #
                 #   @param parent [::String]
-                #     Required. The resource name of the location associated with the
+                #     Required. The resource name of the parent associated with the
                 #     {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificates}, in the
-                #     format `projects/*/locations/*/caPools/*`.
+                #     format `projects/*/locations/*/caPools/*`. The parent resource name can be
+                #     in one of two forms:
+                #
+                #     1.  **Specific CA Pool:** To list certificates within a single CA Pool:
+                #         `projects/*/locations/*/caPools/*`
+                #
+                #     2.  **All CA Pools in a Location:** To list certificates across *all* CA
+                #         Pools in a given project and location, use the wildcard character (`-`)
+                #         in place of the CA Pool ID.
+                #         Example: `projects/*/locations/*/caPools/-`
                 #   @param page_size [::Integer]
                 #     Optional. Limit on the number of
                 #     {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificates} to include

data/lib/google/cloud/security/private_ca/v1/version.rb CHANGED Viewed

@@ -22,7 +22,7 @@ module Google
     module Security
       module PrivateCA
         module V1
-          VERSION = "2.6.0"
+          VERSION = "2.7.0"
         end
       end
     end

data/lib/google/cloud/security/privateca/v1/resources_pb.rb CHANGED Viewed

@@ -11,7 +11,7 @@ require 'google/protobuf/timestamp_pb'
 require 'google/type/expr_pb'
-descriptor_data = "\n2google/cloud/security/privateca/v1/resources.proto\x12\"google.cloud.security.privateca.v1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x1egoogle/protobuf/duration.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x16google/type/expr.proto\"\x86\x12\n\x14\x43\x65rtificateAuthority\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x08\x12S\n\x04type\x18\x02 \x01(\x0e\x32=.google.cloud.security.privateca.v1.CertificateAuthority.TypeB\x06\xe0\x41\x02\xe0\x41\x05\x12M\n\x06\x63onfig\x18\x03 \x01(\x0b\x32\x35.google.cloud.security.privateca.v1.CertificateConfigB\x06\xe0\x41\x02\xe0\x41\x05\x12\x33\n\x08lifetime\x18\x04 \x01(\x0b\x32\x19.google.protobuf.DurationB\x06\xe0\x41\x02\xe0\x41\x05\x12\x61\n\x08key_spec\x18\x05 \x01(\x0b\x32G.google.cloud.security.privateca.v1.CertificateAuthority.KeyVersionSpecB\x06\xe0\x41\x02\xe0\x41\x05\x12V\n\x12subordinate_config\x18\x06 \x01(\x0b\x32\x35.google.cloud.security.privateca.v1.SubordinateConfigB\x03\xe0\x41\x01\x12\x42\n\x04tier\x18\x07 \x01(\x0e\x32/.google.cloud.security.privateca.v1.CaPool.TierB\x03\xe0\x41\x03\x12R\n\x05state\x18\x08 \x01(\x0e\x32>.google.cloud.security.privateca.v1.CertificateAuthority.StateB\x03\xe0\x41\x03\x12 \n\x13pem_ca_certificates\x18\t \x03(\tB\x03\xe0\x41\x03\x12\x64\n\x1b\x63\x61_certificate_descriptions\x18\n \x03(\x0b\x32:.google.cloud.security.privateca.v1.CertificateDescriptionB\x03\xe0\x41\x03\x12\x17\n\ngcs_bucket\x18\x0b \x01(\tB\x03\xe0\x41\x05\x12]\n\x0b\x61\x63\x63\x65ss_urls\x18\x0c \x01(\x0b\x32\x43.google.cloud.security.privateca.v1.CertificateAuthority.AccessUrlsB\x03\xe0\x41\x03\x12\x34\n\x0b\x63reate_time\x18\r \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0bupdate_time\x18\x0e \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0b\x64\x65lete_time\x18\x0f \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0b\x65xpire_time\x18\x10 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12Y\n\x06labels\x18\x11 \x03(\x0b\x32\x44.google.cloud.security.privateca.v1.CertificateAuthority.LabelsEntryB\x03\xe0\x41\x01\x12u\n\x18user_defined_access_urls\x18\x12 \x01(\x0b\x32N.google.cloud.security.privateca.v1.CertificateAuthority.UserDefinedAccessUrlsB\x03\xe0\x41\x01\x12\x1a\n\rsatisfies_pzs\x18\x13 \x01(\x08\x42\x03\xe0\x41\x03\x12\x1a\n\rsatisfies_pzi\x18\x14 \x01(\x08\x42\x03\xe0\x41\x03\x1aH\n\nAccessUrls\x12!\n\x19\x63\x61_certificate_access_url\x18\x01 \x01(\t\x12\x17\n\x0f\x63rl_access_urls\x18\x02 \x03(\t\x1a\xa0\x01\n\x0eKeyVersionSpec\x12\x1f\n\x15\x63loud_kms_key_version\x18\x01 \x01(\tH\x00\x12_\n\talgorithm\x18\x02 \x01(\x0e\x32J.google.cloud.security.privateca.v1.CertificateAuthority.SignHashAlgorithmH\x00\x42\x0c\n\nKeyVersion\x1a`\n\x15UserDefinedAccessUrls\x12)\n\x1c\x61ia_issuing_certificate_urls\x18\x01 \x03(\tB\x03\xe0\x41\x01\x12\x1c\n\x0f\x63rl_access_urls\x18\x02 \x03(\tB\x03\xe0\x41\x01\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\">\n\x04Type\x12\x14\n\x10TYPE_UNSPECIFIED\x10\x00\x12\x0f\n\x0bSELF_SIGNED\x10\x01\x12\x0f\n\x0bSUBORDINATE\x10\x02\"p\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\x0b\n\x07\x45NABLED\x10\x01\x12\x0c\n\x08\x44ISABLED\x10\x02\x12\n\n\x06STAGED\x10\x03\x12\x1c\n\x18\x41WAITING_USER_ACTIVATION\x10\x04\x12\x0b\n\x07\x44\x45LETED\x10\x05\"\xfc\x01\n\x11SignHashAlgorithm\x12#\n\x1fSIGN_HASH_ALGORITHM_UNSPECIFIED\x10\x00\x12\x17\n\x13RSA_PSS_2048_SHA256\x10\x01\x12\x17\n\x13RSA_PSS_3072_SHA256\x10\x02\x12\x17\n\x13RSA_PSS_4096_SHA256\x10\x03\x12\x19\n\x15RSA_PKCS1_2048_SHA256\x10\x06\x12\x19\n\x15RSA_PKCS1_3072_SHA256\x10\x07\x12\x19\n\x15RSA_PKCS1_4096_SHA256\x10\x08\x12\x12\n\x0e\x45\x43_P256_SHA256\x10\x04\x12\x12\n\x0e\x45\x43_P384_SHA384\x10\x05:\x9d\x01\xea\x41\x99\x01\n-privateca.googleapis.com/CertificateAuthority\x12hprojects/{project}/locations/{location}/caPools/{ca_pool}/certificateAuthorities/{certificate_authority}\"\xdc\x10\n\x06\x43\x61Pool\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x08\x12\x45\n\x04tier\x18\x02 \x01(\x0e\x32/.google.cloud.security.privateca.v1.CaPool.TierB\x06\xe0\x41\x02\xe0\x41\x05\x12W\n\x0fissuance_policy\x18\x03 \x01(\x0b\x32\x39.google.cloud.security.privateca.v1.CaPool.IssuancePolicyB\x03\xe0\x41\x01\x12]\n\x12publishing_options\x18\x04 \x01(\x0b\x32<.google.cloud.security.privateca.v1.CaPool.PublishingOptionsB\x03\xe0\x41\x01\x12K\n\x06labels\x18\x05 \x03(\x0b\x32\x36.google.cloud.security.privateca.v1.CaPool.LabelsEntryB\x03\xe0\x41\x01\x1a\xfb\x01\n\x11PublishingOptions\x12\x1c\n\x0fpublish_ca_cert\x18\x01 \x01(\x08\x42\x03\xe0\x41\x01\x12\x18\n\x0bpublish_crl\x18\x02 \x01(\x08\x42\x03\xe0\x41\x01\x12i\n\x0f\x65ncoding_format\x18\x03 \x01(\x0e\x32K.google.cloud.security.privateca.v1.CaPool.PublishingOptions.EncodingFormatB\x03\xe0\x41\x01\"C\n\x0e\x45ncodingFormat\x12\x1f\n\x1b\x45NCODING_FORMAT_UNSPECIFIED\x10\x00\x12\x07\n\x03PEM\x10\x01\x12\x07\n\x03\x44\x45R\x10\x02\x1a\xaa\n\n\x0eIssuancePolicy\x12h\n\x11\x61llowed_key_types\x18\x01 \x03(\x0b\x32H.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyTypeB\x03\xe0\x41\x01\x12\x39\n\x11\x62\x61\x63kdate_duration\x18\x07 \x01(\x0b\x32\x19.google.protobuf.DurationB\x03\xe0\x41\x01\x12\x38\n\x10maximum_lifetime\x18\x02 \x01(\x0b\x32\x19.google.protobuf.DurationB\x03\xe0\x41\x01\x12l\n\x16\x61llowed_issuance_modes\x18\x03 \x01(\x0b\x32G.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModesB\x03\xe0\x41\x01\x12P\n\x0f\x62\x61seline_values\x18\x04 \x01(\x0b\x32\x32.google.cloud.security.privateca.v1.X509ParametersB\x03\xe0\x41\x01\x12\x65\n\x14identity_constraints\x18\x05 \x01(\x0b\x32\x42.google.cloud.security.privateca.v1.CertificateIdentityConstraintsB\x03\xe0\x41\x01\x12h\n\x16passthrough_extensions\x18\x06 \x01(\x0b\x32\x43.google.cloud.security.privateca.v1.CertificateExtensionConstraintsB\x03\xe0\x41\x01\x1a\xc5\x04\n\x0e\x41llowedKeyType\x12\x62\n\x03rsa\x18\x01 \x01(\x0b\x32S.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.RsaKeyTypeH\x00\x12l\n\x0e\x65lliptic_curve\x18\x02 \x01(\x0b\x32R.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.EcKeyTypeH\x00\x1aJ\n\nRsaKeyType\x12\x1d\n\x10min_modulus_size\x18\x01 \x01(\x03\x42\x03\xe0\x41\x01\x12\x1d\n\x10max_modulus_size\x18\x02 \x01(\x03\x42\x03\xe0\x41\x01\x1a\x88\x02\n\tEcKeyType\x12\x89\x01\n\x13signature_algorithm\x18\x01 \x01(\x0e\x32g.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.EcKeyType.EcSignatureAlgorithmB\x03\xe0\x41\x01\"o\n\x14\x45\x63SignatureAlgorithm\x12&\n\"EC_SIGNATURE_ALGORITHM_UNSPECIFIED\x10\x00\x12\x0e\n\nECDSA_P256\x10\x01\x12\x0e\n\nECDSA_P384\x10\x02\x12\x0f\n\x0b\x45\x44\x44SA_25519\x10\x03\x42\n\n\x08key_type\x1a`\n\rIssuanceModes\x12%\n\x18\x61llow_csr_based_issuance\x18\x01 \x01(\x08\x42\x03\xe0\x41\x01\x12(\n\x1b\x61llow_config_based_issuance\x18\x02 \x01(\x08\x42\x03\xe0\x41\x01\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"8\n\x04Tier\x12\x14\n\x10TIER_UNSPECIFIED\x10\x00\x12\x0e\n\nENTERPRISE\x10\x01\x12\n\n\x06\x44\x45VOPS\x10\x02:_\xea\x41\\\n\x1fprivateca.googleapis.com/CaPool\x12\x39projects/{project}/locations/{location}/caPools/{ca_pool}\"\xbc\x08\n\x19\x43\x65rtificateRevocationList\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x08\x12\x1c\n\x0fsequence_number\x18\x02 \x01(\x03\x42\x03\xe0\x41\x03\x12s\n\x14revoked_certificates\x18\x03 \x03(\x0b\x32P.google.cloud.security.privateca.v1.CertificateRevocationList.RevokedCertificateB\x03\xe0\x41\x03\x12\x14\n\x07pem_crl\x18\x04 \x01(\tB\x03\xe0\x41\x03\x12\x17\n\naccess_url\x18\x05 \x01(\tB\x03\xe0\x41\x03\x12W\n\x05state\x18\x06 \x01(\x0e\x32\x43.google.cloud.security.privateca.v1.CertificateRevocationList.StateB\x03\xe0\x41\x03\x12\x34\n\x0b\x63reate_time\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0bupdate_time\x18\x08 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x18\n\x0brevision_id\x18\t \x01(\tB\x03\xe0\x41\x03\x12^\n\x06labels\x18\n \x03(\x0b\x32I.google.cloud.security.privateca.v1.CertificateRevocationList.LabelsEntryB\x03\xe0\x41\x01\x1a\xc0\x01\n\x12RevokedCertificate\x12>\n\x0b\x63\x65rtificate\x18\x01 \x01(\tB)\xfa\x41&\n$privateca.googleapis.com/Certificate\x12\x19\n\x11hex_serial_number\x18\x02 \x01(\t\x12O\n\x11revocation_reason\x18\x03 \x01(\x0e\x32\x34.google.cloud.security.privateca.v1.RevocationReason\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\":\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\n\n\x06\x41\x43TIVE\x10\x01\x12\x0e\n\nSUPERSEDED\x10\x02:\xdc\x01\xea\x41\xd8\x01\n2privateca.googleapis.com/CertificateRevocationList\x12\xa1\x01projects/{project}/locations/{location}/caPools/{ca_pool}/certificateAuthorities/{certificate_authority}/certificateRevocationLists/{certificate_revocation_list}\"\xe6\t\n\x0b\x43\x65rtificate\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x08\x12\x16\n\x07pem_csr\x18\x02 \x01(\tB\x03\xe0\x41\x05H\x00\x12L\n\x06\x63onfig\x18\x03 \x01(\x0b\x32\x35.google.cloud.security.privateca.v1.CertificateConfigB\x03\xe0\x41\x05H\x00\x12[\n\x1cissuer_certificate_authority\x18\x04 \x01(\tB5\xe0\x41\x03\xfa\x41/\n-privateca.googleapis.com/CertificateAuthority\x12\x33\n\x08lifetime\x18\x05 \x01(\x0b\x32\x19.google.protobuf.DurationB\x06\xe0\x41\x02\xe0\x41\x05\x12R\n\x14\x63\x65rtificate_template\x18\x06 \x01(\tB4\xe0\x41\x05\xfa\x41.\n,privateca.googleapis.com/CertificateTemplate\x12Q\n\x0csubject_mode\x18\x07 \x01(\x0e\x32\x36.google.cloud.security.privateca.v1.SubjectRequestModeB\x03\xe0\x41\x05\x12\x62\n\x12revocation_details\x18\x08 \x01(\x0b\x32\x41.google.cloud.security.privateca.v1.Certificate.RevocationDetailsB\x03\xe0\x41\x03\x12\x1c\n\x0fpem_certificate\x18\t \x01(\tB\x03\xe0\x41\x03\x12`\n\x17\x63\x65rtificate_description\x18\n \x01(\x0b\x32:.google.cloud.security.privateca.v1.CertificateDescriptionB\x03\xe0\x41\x03\x12\"\n\x15pem_certificate_chain\x18\x0b \x03(\tB\x03\xe0\x41\x03\x12\x34\n\x0b\x63reate_time\x18\x0c \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0bupdate_time\x18\r \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12P\n\x06labels\x18\x0e \x03(\x0b\x32;.google.cloud.security.privateca.v1.Certificate.LabelsEntryB\x03\xe0\x41\x01\x1a\x98\x01\n\x11RevocationDetails\x12N\n\x10revocation_state\x18\x01 \x01(\x0e\x32\x34.google.cloud.security.privateca.v1.RevocationReason\x12\x33\n\x0frevocation_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01:\x7f\xea\x41|\n$privateca.googleapis.com/Certificate\x12Tprojects/{project}/locations/{location}/caPools/{ca_pool}/certificates/{certificate}B\x14\n\x12\x63\x65rtificate_config\"\xa0\x06\n\x13\x43\x65rtificateTemplate\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x08\x12\x38\n\x10maximum_lifetime\x18\t \x01(\x0b\x32\x19.google.protobuf.DurationB\x03\xe0\x41\x01\x12R\n\x11predefined_values\x18\x02 \x01(\x0b\x32\x32.google.cloud.security.privateca.v1.X509ParametersB\x03\xe0\x41\x01\x12\x65\n\x14identity_constraints\x18\x03 \x01(\x0b\x32\x42.google.cloud.security.privateca.v1.CertificateIdentityConstraintsB\x03\xe0\x41\x01\x12h\n\x16passthrough_extensions\x18\x04 \x01(\x0b\x32\x43.google.cloud.security.privateca.v1.CertificateExtensionConstraintsB\x03\xe0\x41\x01\x12\x18\n\x0b\x64\x65scription\x18\x05 \x01(\tB\x03\xe0\x41\x01\x12\x34\n\x0b\x63reate_time\x18\x06 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0bupdate_time\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12X\n\x06labels\x18\x08 \x03(\x0b\x32\x43.google.cloud.security.privateca.v1.CertificateTemplate.LabelsEntryB\x03\xe0\x41\x01\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01:\x87\x01\xea\x41\x83\x01\n,privateca.googleapis.com/CertificateTemplate\x12Sprojects/{project}/locations/{location}/certificateTemplates/{certificate_template}\"\xce\x06\n\x0eX509Parameters\x12\x44\n\tkey_usage\x18\x01 \x01(\x0b\x32,.google.cloud.security.privateca.v1.KeyUsageB\x03\xe0\x41\x01\x12U\n\nca_options\x18\x02 \x01(\x0b\x32<.google.cloud.security.privateca.v1.X509Parameters.CaOptionsB\x03\xe0\x41\x01\x12\x45\n\npolicy_ids\x18\x03 \x03(\x0b\x32,.google.cloud.security.privateca.v1.ObjectIdB\x03\xe0\x41\x01\x12\x1d\n\x10\x61ia_ocsp_servers\x18\x04 \x03(\tB\x03\xe0\x41\x01\x12\x61\n\x10name_constraints\x18\x06 \x01(\x0b\x32\x42.google.cloud.security.privateca.v1.X509Parameters.NameConstraintsB\x03\xe0\x41\x01\x12U\n\x15\x61\x64\x64itional_extensions\x18\x05 \x03(\x0b\x32\x31.google.cloud.security.privateca.v1.X509ExtensionB\x03\xe0\x41\x01\x1as\n\tCaOptions\x12\x17\n\x05is_ca\x18\x01 \x01(\x08\x42\x03\xe0\x41\x01H\x00\x88\x01\x01\x12(\n\x16max_issuer_path_length\x18\x02 \x01(\x05\x42\x03\xe0\x41\x01H\x01\x88\x01\x01\x42\x08\n\x06_is_caB\x19\n\x17_max_issuer_path_length\x1a\x89\x02\n\x0fNameConstraints\x12\x10\n\x08\x63ritical\x18\x01 \x01(\x08\x12\x1b\n\x13permitted_dns_names\x18\x02 \x03(\t\x12\x1a\n\x12\x65xcluded_dns_names\x18\x03 \x03(\t\x12\x1b\n\x13permitted_ip_ranges\x18\x04 \x03(\t\x12\x1a\n\x12\x65xcluded_ip_ranges\x18\x05 \x03(\t\x12!\n\x19permitted_email_addresses\x18\x06 \x03(\t\x12 \n\x18\x65xcluded_email_addresses\x18\x07 \x03(\t\x12\x16\n\x0epermitted_uris\x18\x08 \x03(\t\x12\x15\n\rexcluded_uris\x18\t \x03(\t\"\xa9\x02\n\x11SubordinateConfig\x12V\n\x15\x63\x65rtificate_authority\x18\x01 \x01(\tB5\xe0\x41\x02\xfa\x41/\n-privateca.googleapis.com/CertificateAuthorityH\x00\x12m\n\x10pem_issuer_chain\x18\x02 \x01(\x0b\x32L.google.cloud.security.privateca.v1.SubordinateConfig.SubordinateConfigChainB\x03\xe0\x41\x02H\x00\x1a\x37\n\x16SubordinateConfigChain\x12\x1d\n\x10pem_certificates\x18\x01 \x03(\tB\x03\xe0\x41\x02\x42\x14\n\x12subordinate_config\"\x9d\x01\n\tPublicKey\x12\x10\n\x03key\x18\x01 \x01(\x0c\x42\x03\xe0\x41\x02\x12L\n\x06\x66ormat\x18\x02 \x01(\x0e\x32\x37.google.cloud.security.privateca.v1.PublicKey.KeyFormatB\x03\xe0\x41\x02\"0\n\tKeyFormat\x12\x1a\n\x16KEY_FORMAT_UNSPECIFIED\x10\x00\x12\x07\n\x03PEM\x10\x01\"\xac\x04\n\x11\x43\x65rtificateConfig\x12`\n\x0esubject_config\x18\x01 \x01(\x0b\x32\x43.google.cloud.security.privateca.v1.CertificateConfig.SubjectConfigB\x03\xe0\x41\x02\x12L\n\x0bx509_config\x18\x02 \x01(\x0b\x32\x32.google.cloud.security.privateca.v1.X509ParametersB\x03\xe0\x41\x02\x12\x46\n\npublic_key\x18\x03 \x01(\x0b\x32-.google.cloud.security.privateca.v1.PublicKeyB\x03\xe0\x41\x01\x12X\n\x0esubject_key_id\x18\x04 \x01(\x0b\x32;.google.cloud.security.privateca.v1.CertificateConfig.KeyIdB\x03\xe0\x41\x01\x1a\xa6\x01\n\rSubjectConfig\x12\x41\n\x07subject\x18\x01 \x01(\x0b\x32+.google.cloud.security.privateca.v1.SubjectB\x03\xe0\x41\x01\x12R\n\x10subject_alt_name\x18\x02 \x01(\x0b\x32\x33.google.cloud.security.privateca.v1.SubjectAltNamesB\x03\xe0\x41\x01\x1a\x1c\n\x05KeyId\x12\x13\n\x06key_id\x18\x01 \x01(\tB\x03\xe0\x41\x02\"\xc1\x08\n\x16\x43\x65rtificateDescription\x12j\n\x13subject_description\x18\x01 \x01(\x0b\x32M.google.cloud.security.privateca.v1.CertificateDescription.SubjectDescription\x12L\n\x10x509_description\x18\x02 \x01(\x0b\x32\x32.google.cloud.security.privateca.v1.X509Parameters\x12\x41\n\npublic_key\x18\x03 \x01(\x0b\x32-.google.cloud.security.privateca.v1.PublicKey\x12X\n\x0esubject_key_id\x18\x04 \x01(\x0b\x32@.google.cloud.security.privateca.v1.CertificateDescription.KeyId\x12Z\n\x10\x61uthority_key_id\x18\x05 \x01(\x0b\x32@.google.cloud.security.privateca.v1.CertificateDescription.KeyId\x12\x1f\n\x17\x63rl_distribution_points\x18\x06 \x03(\t\x12$\n\x1c\x61ia_issuing_certificate_urls\x18\x07 \x03(\t\x12k\n\x10\x63\x65rt_fingerprint\x18\x08 \x01(\x0b\x32Q.google.cloud.security.privateca.v1.CertificateDescription.CertificateFingerprint\x12\x1e\n\x16tbs_certificate_digest\x18\t \x01(\t\x1a\xd2\x02\n\x12SubjectDescription\x12<\n\x07subject\x18\x01 \x01(\x0b\x32+.google.cloud.security.privateca.v1.Subject\x12M\n\x10subject_alt_name\x18\x02 \x01(\x0b\x32\x33.google.cloud.security.privateca.v1.SubjectAltNames\x12\x19\n\x11hex_serial_number\x18\x03 \x01(\t\x12+\n\x08lifetime\x18\x04 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x33\n\x0fnot_before_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x32\n\x0enot_after_time\x18\x06 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x1a\x1c\n\x05KeyId\x12\x13\n\x06key_id\x18\x01 \x01(\tB\x03\xe0\x41\x01\x1a-\n\x16\x43\x65rtificateFingerprint\x12\x13\n\x0bsha256_hash\x18\x01 \x01(\t\"\'\n\x08ObjectId\x12\x1b\n\x0eobject_id_path\x18\x01 \x03(\x05\x42\x03\xe0\x41\x02\"\x80\x01\n\rX509Extension\x12\x44\n\tobject_id\x18\x01 \x01(\x0b\x32,.google.cloud.security.privateca.v1.ObjectIdB\x03\xe0\x41\x02\x12\x15\n\x08\x63ritical\x18\x02 \x01(\x08\x42\x03\xe0\x41\x01\x12\x12\n\x05value\x18\x03 \x01(\x0c\x42\x03\xe0\x41\x02\"\xa2\x05\n\x08KeyUsage\x12T\n\x0e\x62\x61se_key_usage\x18\x01 \x01(\x0b\x32<.google.cloud.security.privateca.v1.KeyUsage.KeyUsageOptions\x12`\n\x12\x65xtended_key_usage\x18\x02 \x01(\x0b\x32\x44.google.cloud.security.privateca.v1.KeyUsage.ExtendedKeyUsageOptions\x12Q\n\x1bunknown_extended_key_usages\x18\x03 \x03(\x0b\x32,.google.cloud.security.privateca.v1.ObjectId\x1a\xe7\x01\n\x0fKeyUsageOptions\x12\x19\n\x11\x64igital_signature\x18\x01 \x01(\x08\x12\x1a\n\x12\x63ontent_commitment\x18\x02 \x01(\x08\x12\x18\n\x10key_encipherment\x18\x03 \x01(\x08\x12\x19\n\x11\x64\x61ta_encipherment\x18\x04 \x01(\x08\x12\x15\n\rkey_agreement\x18\x05 \x01(\x08\x12\x11\n\tcert_sign\x18\x06 \x01(\x08\x12\x10\n\x08\x63rl_sign\x18\x07 \x01(\x08\x12\x15\n\rencipher_only\x18\x08 \x01(\x08\x12\x15\n\rdecipher_only\x18\t \x01(\x08\x1a\xa0\x01\n\x17\x45xtendedKeyUsageOptions\x12\x13\n\x0bserver_auth\x18\x01 \x01(\x08\x12\x13\n\x0b\x63lient_auth\x18\x02 \x01(\x08\x12\x14\n\x0c\x63ode_signing\x18\x03 \x01(\x08\x12\x18\n\x10\x65mail_protection\x18\x04 \x01(\x08\x12\x15\n\rtime_stamping\x18\x05 \x01(\x08\x12\x14\n\x0cocsp_signing\x18\x06 \x01(\x08\"\xbe\x01\n\x15\x41ttributeTypeAndValue\x12\x41\n\x04type\x18\x01 \x01(\x0e\x32\x31.google.cloud.security.privateca.v1.AttributeTypeH\x00\x12\x41\n\tobject_id\x18\x02 \x01(\x0b\x32,.google.cloud.security.privateca.v1.ObjectIdH\x00\x12\r\n\x05value\x18\x03 \x01(\tB\x10\n\x0e\x61ttribute_type\"j\n\x19RelativeDistinguishedName\x12M\n\nattributes\x18\x01 \x03(\x0b\x32\x39.google.cloud.security.privateca.v1.AttributeTypeAndValue\"\x8d\x02\n\x07Subject\x12\x13\n\x0b\x63ommon_name\x18\x01 \x01(\t\x12\x14\n\x0c\x63ountry_code\x18\x02 \x01(\t\x12\x14\n\x0corganization\x18\x03 \x01(\t\x12\x1b\n\x13organizational_unit\x18\x04 \x01(\t\x12\x10\n\x08locality\x18\x05 \x01(\t\x12\x10\n\x08province\x18\x06 \x01(\t\x12\x16\n\x0estreet_address\x18\x07 \x01(\t\x12\x13\n\x0bpostal_code\x18\x08 \x01(\t\x12S\n\x0crdn_sequence\x18\t \x03(\x0b\x32=.google.cloud.security.privateca.v1.RelativeDistinguishedName\"\xa9\x01\n\x0fSubjectAltNames\x12\x11\n\tdns_names\x18\x01 \x03(\t\x12\x0c\n\x04uris\x18\x02 \x03(\t\x12\x17\n\x0f\x65mail_addresses\x18\x03 \x03(\t\x12\x14\n\x0cip_addresses\x18\x04 \x03(\t\x12\x46\n\x0b\x63ustom_sans\x18\x05 \x03(\x0b\x32\x31.google.cloud.security.privateca.v1.X509Extension\"\xfa\x01\n\x1e\x43\x65rtificateIdentityConstraints\x12.\n\x0e\x63\x65l_expression\x18\x01 \x01(\x0b\x32\x11.google.type.ExprB\x03\xe0\x41\x01\x12+\n\x19\x61llow_subject_passthrough\x18\x02 \x01(\x08\x42\x03\xe0\x41\x02H\x00\x88\x01\x01\x12\x35\n#allow_subject_alt_names_passthrough\x18\x03 \x01(\x08\x42\x03\xe0\x41\x02H\x01\x88\x01\x01\x42\x1c\n\x1a_allow_subject_passthroughB&\n$_allow_subject_alt_names_passthrough\"\xb4\x03\n\x1f\x43\x65rtificateExtensionConstraints\x12|\n\x10known_extensions\x18\x01 \x03(\x0e\x32].google.cloud.security.privateca.v1.CertificateExtensionConstraints.KnownCertificateExtensionB\x03\xe0\x41\x01\x12P\n\x15\x61\x64\x64itional_extensions\x18\x02 \x03(\x0b\x32,.google.cloud.security.privateca.v1.ObjectIdB\x03\xe0\x41\x01\"\xc0\x01\n\x19KnownCertificateExtension\x12+\n\'KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED\x10\x00\x12\x12\n\x0e\x42\x41SE_KEY_USAGE\x10\x01\x12\x16\n\x12\x45XTENDED_KEY_USAGE\x10\x02\x12\x0e\n\nCA_OPTIONS\x10\x03\x12\x0e\n\nPOLICY_IDS\x10\x04\x12\x14\n\x10\x41IA_OCSP_SERVERS\x10\x05\x12\x14\n\x10NAME_CONSTRAINTS\x10\x06*\xbe\x01\n\rAttributeType\x12\x1e\n\x1a\x41TTRIBUTE_TYPE_UNSPECIFIED\x10\x00\x12\x0f\n\x0b\x43OMMON_NAME\x10\x01\x12\x10\n\x0c\x43OUNTRY_CODE\x10\x02\x12\x10\n\x0cORGANIZATION\x10\x03\x12\x17\n\x13ORGANIZATIONAL_UNIT\x10\x04\x12\x0c\n\x08LOCALITY\x10\x05\x12\x0c\n\x08PROVINCE\x10\x06\x12\x12\n\x0eSTREET_ADDRESS\x10\x07\x12\x0f\n\x0bPOSTAL_CODE\x10\x08*\x87\x02\n\x10RevocationReason\x12!\n\x1dREVOCATION_REASON_UNSPECIFIED\x10\x00\x12\x12\n\x0eKEY_COMPROMISE\x10\x01\x12$\n CERTIFICATE_AUTHORITY_COMPROMISE\x10\x02\x12\x17\n\x13\x41\x46\x46ILIATION_CHANGED\x10\x03\x12\x0e\n\nSUPERSEDED\x10\x04\x12\x1a\n\x16\x43\x45SSATION_OF_OPERATION\x10\x05\x12\x14\n\x10\x43\x45RTIFICATE_HOLD\x10\x06\x12\x17\n\x13PRIVILEGE_WITHDRAWN\x10\x07\x12\"\n\x1e\x41TTRIBUTE_AUTHORITY_COMPROMISE\x10\x08*o\n\x12SubjectRequestMode\x12$\n SUBJECT_REQUEST_MODE_UNSPECIFIED\x10\x00\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x01\x12\x10\n\x0cRDN_SEQUENCE\x10\x03\x12\x14\n\x10REFLECTED_SPIFFE\x10\x02\x42\xfc\x01\n&com.google.cloud.security.privateca.v1B\x17PrivateCaResourcesProtoP\x01ZDcloud.google.com/go/security/privateca/apiv1/privatecapb;privatecapb\xaa\x02\"Google.Cloud.Security.PrivateCA.V1\xca\x02\"Google\\Cloud\\Security\\PrivateCA\\V1\xea\x02&Google::Cloud::Security::PrivateCA::V1b\x06proto3"
+descriptor_data = "\n2google/cloud/security/privateca/v1/resources.proto\x12\"google.cloud.security.privateca.v1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x1egoogle/protobuf/duration.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x16google/type/expr.proto\"\x86\x12\n\x14\x43\x65rtificateAuthority\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x08\x12S\n\x04type\x18\x02 \x01(\x0e\x32=.google.cloud.security.privateca.v1.CertificateAuthority.TypeB\x06\xe0\x41\x02\xe0\x41\x05\x12M\n\x06\x63onfig\x18\x03 \x01(\x0b\x32\x35.google.cloud.security.privateca.v1.CertificateConfigB\x06\xe0\x41\x02\xe0\x41\x05\x12\x33\n\x08lifetime\x18\x04 \x01(\x0b\x32\x19.google.protobuf.DurationB\x06\xe0\x41\x02\xe0\x41\x05\x12\x61\n\x08key_spec\x18\x05 \x01(\x0b\x32G.google.cloud.security.privateca.v1.CertificateAuthority.KeyVersionSpecB\x06\xe0\x41\x02\xe0\x41\x05\x12V\n\x12subordinate_config\x18\x06 \x01(\x0b\x32\x35.google.cloud.security.privateca.v1.SubordinateConfigB\x03\xe0\x41\x01\x12\x42\n\x04tier\x18\x07 \x01(\x0e\x32/.google.cloud.security.privateca.v1.CaPool.TierB\x03\xe0\x41\x03\x12R\n\x05state\x18\x08 \x01(\x0e\x32>.google.cloud.security.privateca.v1.CertificateAuthority.StateB\x03\xe0\x41\x03\x12 \n\x13pem_ca_certificates\x18\t \x03(\tB\x03\xe0\x41\x03\x12\x64\n\x1b\x63\x61_certificate_descriptions\x18\n \x03(\x0b\x32:.google.cloud.security.privateca.v1.CertificateDescriptionB\x03\xe0\x41\x03\x12\x17\n\ngcs_bucket\x18\x0b \x01(\tB\x03\xe0\x41\x05\x12]\n\x0b\x61\x63\x63\x65ss_urls\x18\x0c \x01(\x0b\x32\x43.google.cloud.security.privateca.v1.CertificateAuthority.AccessUrlsB\x03\xe0\x41\x03\x12\x34\n\x0b\x63reate_time\x18\r \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0bupdate_time\x18\x0e \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0b\x64\x65lete_time\x18\x0f \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0b\x65xpire_time\x18\x10 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12Y\n\x06labels\x18\x11 \x03(\x0b\x32\x44.google.cloud.security.privateca.v1.CertificateAuthority.LabelsEntryB\x03\xe0\x41\x01\x12u\n\x18user_defined_access_urls\x18\x12 \x01(\x0b\x32N.google.cloud.security.privateca.v1.CertificateAuthority.UserDefinedAccessUrlsB\x03\xe0\x41\x01\x12\x1a\n\rsatisfies_pzs\x18\x13 \x01(\x08\x42\x03\xe0\x41\x03\x12\x1a\n\rsatisfies_pzi\x18\x14 \x01(\x08\x42\x03\xe0\x41\x03\x1aH\n\nAccessUrls\x12!\n\x19\x63\x61_certificate_access_url\x18\x01 \x01(\t\x12\x17\n\x0f\x63rl_access_urls\x18\x02 \x03(\t\x1a\xa0\x01\n\x0eKeyVersionSpec\x12\x1f\n\x15\x63loud_kms_key_version\x18\x01 \x01(\tH\x00\x12_\n\talgorithm\x18\x02 \x01(\x0e\x32J.google.cloud.security.privateca.v1.CertificateAuthority.SignHashAlgorithmH\x00\x42\x0c\n\nKeyVersion\x1a`\n\x15UserDefinedAccessUrls\x12)\n\x1c\x61ia_issuing_certificate_urls\x18\x01 \x03(\tB\x03\xe0\x41\x01\x12\x1c\n\x0f\x63rl_access_urls\x18\x02 \x03(\tB\x03\xe0\x41\x01\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\">\n\x04Type\x12\x14\n\x10TYPE_UNSPECIFIED\x10\x00\x12\x0f\n\x0bSELF_SIGNED\x10\x01\x12\x0f\n\x0bSUBORDINATE\x10\x02\"p\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\x0b\n\x07\x45NABLED\x10\x01\x12\x0c\n\x08\x44ISABLED\x10\x02\x12\n\n\x06STAGED\x10\x03\x12\x1c\n\x18\x41WAITING_USER_ACTIVATION\x10\x04\x12\x0b\n\x07\x44\x45LETED\x10\x05\"\xfc\x01\n\x11SignHashAlgorithm\x12#\n\x1fSIGN_HASH_ALGORITHM_UNSPECIFIED\x10\x00\x12\x17\n\x13RSA_PSS_2048_SHA256\x10\x01\x12\x17\n\x13RSA_PSS_3072_SHA256\x10\x02\x12\x17\n\x13RSA_PSS_4096_SHA256\x10\x03\x12\x19\n\x15RSA_PKCS1_2048_SHA256\x10\x06\x12\x19\n\x15RSA_PKCS1_3072_SHA256\x10\x07\x12\x19\n\x15RSA_PKCS1_4096_SHA256\x10\x08\x12\x12\n\x0e\x45\x43_P256_SHA256\x10\x04\x12\x12\n\x0e\x45\x43_P384_SHA384\x10\x05:\x9d\x01\xea\x41\x99\x01\n-privateca.googleapis.com/CertificateAuthority\x12hprojects/{project}/locations/{location}/caPools/{ca_pool}/certificateAuthorities/{certificate_authority}\"\xe6\x11\n\x06\x43\x61Pool\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x08\x12\x45\n\x04tier\x18\x02 \x01(\x0e\x32/.google.cloud.security.privateca.v1.CaPool.TierB\x06\xe0\x41\x02\xe0\x41\x05\x12W\n\x0fissuance_policy\x18\x03 \x01(\x0b\x32\x39.google.cloud.security.privateca.v1.CaPool.IssuancePolicyB\x03\xe0\x41\x01\x12]\n\x12publishing_options\x18\x04 \x01(\x0b\x32<.google.cloud.security.privateca.v1.CaPool.PublishingOptionsB\x03\xe0\x41\x01\x12P\n\x0f\x65ncryption_spec\x18\x08 \x01(\x0b\x32\x32.google.cloud.security.privateca.v1.EncryptionSpecB\x03\xe0\x41\x01\x12K\n\x06labels\x18\x05 \x03(\x0b\x32\x36.google.cloud.security.privateca.v1.CaPool.LabelsEntryB\x03\xe0\x41\x01\x1a\xfb\x01\n\x11PublishingOptions\x12\x1c\n\x0fpublish_ca_cert\x18\x01 \x01(\x08\x42\x03\xe0\x41\x01\x12\x18\n\x0bpublish_crl\x18\x02 \x01(\x08\x42\x03\xe0\x41\x01\x12i\n\x0f\x65ncoding_format\x18\x03 \x01(\x0e\x32K.google.cloud.security.privateca.v1.CaPool.PublishingOptions.EncodingFormatB\x03\xe0\x41\x01\"C\n\x0e\x45ncodingFormat\x12\x1f\n\x1b\x45NCODING_FORMAT_UNSPECIFIED\x10\x00\x12\x07\n\x03PEM\x10\x01\x12\x07\n\x03\x44\x45R\x10\x02\x1a\xe2\n\n\x0eIssuancePolicy\x12h\n\x11\x61llowed_key_types\x18\x01 \x03(\x0b\x32H.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyTypeB\x03\xe0\x41\x01\x12\x39\n\x11\x62\x61\x63kdate_duration\x18\x07 \x01(\x0b\x32\x19.google.protobuf.DurationB\x03\xe0\x41\x01\x12\x36\n)allow_requester_specified_not_before_time\x18\x08 \x01(\x08\x42\x03\xe0\x41\x01\x12\x38\n\x10maximum_lifetime\x18\x02 \x01(\x0b\x32\x19.google.protobuf.DurationB\x03\xe0\x41\x01\x12l\n\x16\x61llowed_issuance_modes\x18\x03 \x01(\x0b\x32G.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModesB\x03\xe0\x41\x01\x12P\n\x0f\x62\x61seline_values\x18\x04 \x01(\x0b\x32\x32.google.cloud.security.privateca.v1.X509ParametersB\x03\xe0\x41\x01\x12\x65\n\x14identity_constraints\x18\x05 \x01(\x0b\x32\x42.google.cloud.security.privateca.v1.CertificateIdentityConstraintsB\x03\xe0\x41\x01\x12h\n\x16passthrough_extensions\x18\x06 \x01(\x0b\x32\x43.google.cloud.security.privateca.v1.CertificateExtensionConstraintsB\x03\xe0\x41\x01\x1a\xc5\x04\n\x0e\x41llowedKeyType\x12\x62\n\x03rsa\x18\x01 \x01(\x0b\x32S.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.RsaKeyTypeH\x00\x12l\n\x0e\x65lliptic_curve\x18\x02 \x01(\x0b\x32R.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.EcKeyTypeH\x00\x1aJ\n\nRsaKeyType\x12\x1d\n\x10min_modulus_size\x18\x01 \x01(\x03\x42\x03\xe0\x41\x01\x12\x1d\n\x10max_modulus_size\x18\x02 \x01(\x03\x42\x03\xe0\x41\x01\x1a\x88\x02\n\tEcKeyType\x12\x89\x01\n\x13signature_algorithm\x18\x01 \x01(\x0e\x32g.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.EcKeyType.EcSignatureAlgorithmB\x03\xe0\x41\x01\"o\n\x14\x45\x63SignatureAlgorithm\x12&\n\"EC_SIGNATURE_ALGORITHM_UNSPECIFIED\x10\x00\x12\x0e\n\nECDSA_P256\x10\x01\x12\x0e\n\nECDSA_P384\x10\x02\x12\x0f\n\x0b\x45\x44\x44SA_25519\x10\x03\x42\n\n\x08key_type\x1a`\n\rIssuanceModes\x12%\n\x18\x61llow_csr_based_issuance\x18\x01 \x01(\x08\x42\x03\xe0\x41\x01\x12(\n\x1b\x61llow_config_based_issuance\x18\x02 \x01(\x08\x42\x03\xe0\x41\x01\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"8\n\x04Tier\x12\x14\n\x10TIER_UNSPECIFIED\x10\x00\x12\x0e\n\nENTERPRISE\x10\x01\x12\n\n\x06\x44\x45VOPS\x10\x02:_\xea\x41\\\n\x1fprivateca.googleapis.com/CaPool\x12\x39projects/{project}/locations/{location}/caPools/{ca_pool}\"\'\n\x0e\x45ncryptionSpec\x12\x15\n\rcloud_kms_key\x18\x01 \x01(\t\"\xbc\x08\n\x19\x43\x65rtificateRevocationList\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x08\x12\x1c\n\x0fsequence_number\x18\x02 \x01(\x03\x42\x03\xe0\x41\x03\x12s\n\x14revoked_certificates\x18\x03 \x03(\x0b\x32P.google.cloud.security.privateca.v1.CertificateRevocationList.RevokedCertificateB\x03\xe0\x41\x03\x12\x14\n\x07pem_crl\x18\x04 \x01(\tB\x03\xe0\x41\x03\x12\x17\n\naccess_url\x18\x05 \x01(\tB\x03\xe0\x41\x03\x12W\n\x05state\x18\x06 \x01(\x0e\x32\x43.google.cloud.security.privateca.v1.CertificateRevocationList.StateB\x03\xe0\x41\x03\x12\x34\n\x0b\x63reate_time\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0bupdate_time\x18\x08 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x18\n\x0brevision_id\x18\t \x01(\tB\x03\xe0\x41\x03\x12^\n\x06labels\x18\n \x03(\x0b\x32I.google.cloud.security.privateca.v1.CertificateRevocationList.LabelsEntryB\x03\xe0\x41\x01\x1a\xc0\x01\n\x12RevokedCertificate\x12>\n\x0b\x63\x65rtificate\x18\x01 \x01(\tB)\xfa\x41&\n$privateca.googleapis.com/Certificate\x12\x19\n\x11hex_serial_number\x18\x02 \x01(\t\x12O\n\x11revocation_reason\x18\x03 \x01(\x0e\x32\x34.google.cloud.security.privateca.v1.RevocationReason\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\":\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\n\n\x06\x41\x43TIVE\x10\x01\x12\x0e\n\nSUPERSEDED\x10\x02:\xdc\x01\xea\x41\xd8\x01\n2privateca.googleapis.com/CertificateRevocationList\x12\xa1\x01projects/{project}/locations/{location}/caPools/{ca_pool}/certificateAuthorities/{certificate_authority}/certificateRevocationLists/{certificate_revocation_list}\"\xaa\n\n\x0b\x43\x65rtificate\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x08\x12\x16\n\x07pem_csr\x18\x02 \x01(\tB\x03\xe0\x41\x05H\x00\x12L\n\x06\x63onfig\x18\x03 \x01(\x0b\x32\x35.google.cloud.security.privateca.v1.CertificateConfigB\x03\xe0\x41\x05H\x00\x12[\n\x1cissuer_certificate_authority\x18\x04 \x01(\tB5\xe0\x41\x03\xfa\x41/\n-privateca.googleapis.com/CertificateAuthority\x12\x33\n\x08lifetime\x18\x05 \x01(\x0b\x32\x19.google.protobuf.DurationB\x06\xe0\x41\x02\xe0\x41\x05\x12R\n\x14\x63\x65rtificate_template\x18\x06 \x01(\tB4\xe0\x41\x05\xfa\x41.\n,privateca.googleapis.com/CertificateTemplate\x12Q\n\x0csubject_mode\x18\x07 \x01(\x0e\x32\x36.google.cloud.security.privateca.v1.SubjectRequestModeB\x03\xe0\x41\x05\x12\x62\n\x12revocation_details\x18\x08 \x01(\x0b\x32\x41.google.cloud.security.privateca.v1.Certificate.RevocationDetailsB\x03\xe0\x41\x03\x12\x1c\n\x0fpem_certificate\x18\t \x01(\tB\x03\xe0\x41\x03\x12`\n\x17\x63\x65rtificate_description\x18\n \x01(\x0b\x32:.google.cloud.security.privateca.v1.CertificateDescriptionB\x03\xe0\x41\x03\x12\"\n\x15pem_certificate_chain\x18\x0b \x03(\tB\x03\xe0\x41\x03\x12\x34\n\x0b\x63reate_time\x18\x0c \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0bupdate_time\x18\r \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12P\n\x06labels\x18\x0e \x03(\x0b\x32;.google.cloud.security.privateca.v1.Certificate.LabelsEntryB\x03\xe0\x41\x01\x12\x42\n\x19requested_not_before_time\x18\x0f \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x01\x1a\x98\x01\n\x11RevocationDetails\x12N\n\x10revocation_state\x18\x01 \x01(\x0e\x32\x34.google.cloud.security.privateca.v1.RevocationReason\x12\x33\n\x0frevocation_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01:\x7f\xea\x41|\n$privateca.googleapis.com/Certificate\x12Tprojects/{project}/locations/{location}/caPools/{ca_pool}/certificates/{certificate}B\x14\n\x12\x63\x65rtificate_config\"\xa0\x06\n\x13\x43\x65rtificateTemplate\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x08\x12\x38\n\x10maximum_lifetime\x18\t \x01(\x0b\x32\x19.google.protobuf.DurationB\x03\xe0\x41\x01\x12R\n\x11predefined_values\x18\x02 \x01(\x0b\x32\x32.google.cloud.security.privateca.v1.X509ParametersB\x03\xe0\x41\x01\x12\x65\n\x14identity_constraints\x18\x03 \x01(\x0b\x32\x42.google.cloud.security.privateca.v1.CertificateIdentityConstraintsB\x03\xe0\x41\x01\x12h\n\x16passthrough_extensions\x18\x04 \x01(\x0b\x32\x43.google.cloud.security.privateca.v1.CertificateExtensionConstraintsB\x03\xe0\x41\x01\x12\x18\n\x0b\x64\x65scription\x18\x05 \x01(\tB\x03\xe0\x41\x01\x12\x34\n\x0b\x63reate_time\x18\x06 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12\x34\n\x0bupdate_time\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12X\n\x06labels\x18\x08 \x03(\x0b\x32\x43.google.cloud.security.privateca.v1.CertificateTemplate.LabelsEntryB\x03\xe0\x41\x01\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01:\x87\x01\xea\x41\x83\x01\n,privateca.googleapis.com/CertificateTemplate\x12Sprojects/{project}/locations/{location}/certificateTemplates/{certificate_template}\"\xce\x06\n\x0eX509Parameters\x12\x44\n\tkey_usage\x18\x01 \x01(\x0b\x32,.google.cloud.security.privateca.v1.KeyUsageB\x03\xe0\x41\x01\x12U\n\nca_options\x18\x02 \x01(\x0b\x32<.google.cloud.security.privateca.v1.X509Parameters.CaOptionsB\x03\xe0\x41\x01\x12\x45\n\npolicy_ids\x18\x03 \x03(\x0b\x32,.google.cloud.security.privateca.v1.ObjectIdB\x03\xe0\x41\x01\x12\x1d\n\x10\x61ia_ocsp_servers\x18\x04 \x03(\tB\x03\xe0\x41\x01\x12\x61\n\x10name_constraints\x18\x06 \x01(\x0b\x32\x42.google.cloud.security.privateca.v1.X509Parameters.NameConstraintsB\x03\xe0\x41\x01\x12U\n\x15\x61\x64\x64itional_extensions\x18\x05 \x03(\x0b\x32\x31.google.cloud.security.privateca.v1.X509ExtensionB\x03\xe0\x41\x01\x1as\n\tCaOptions\x12\x17\n\x05is_ca\x18\x01 \x01(\x08\x42\x03\xe0\x41\x01H\x00\x88\x01\x01\x12(\n\x16max_issuer_path_length\x18\x02 \x01(\x05\x42\x03\xe0\x41\x01H\x01\x88\x01\x01\x42\x08\n\x06_is_caB\x19\n\x17_max_issuer_path_length\x1a\x89\x02\n\x0fNameConstraints\x12\x10\n\x08\x63ritical\x18\x01 \x01(\x08\x12\x1b\n\x13permitted_dns_names\x18\x02 \x03(\t\x12\x1a\n\x12\x65xcluded_dns_names\x18\x03 \x03(\t\x12\x1b\n\x13permitted_ip_ranges\x18\x04 \x03(\t\x12\x1a\n\x12\x65xcluded_ip_ranges\x18\x05 \x03(\t\x12!\n\x19permitted_email_addresses\x18\x06 \x03(\t\x12 \n\x18\x65xcluded_email_addresses\x18\x07 \x03(\t\x12\x16\n\x0epermitted_uris\x18\x08 \x03(\t\x12\x15\n\rexcluded_uris\x18\t \x03(\t\"\xa9\x02\n\x11SubordinateConfig\x12V\n\x15\x63\x65rtificate_authority\x18\x01 \x01(\tB5\xe0\x41\x02\xfa\x41/\n-privateca.googleapis.com/CertificateAuthorityH\x00\x12m\n\x10pem_issuer_chain\x18\x02 \x01(\x0b\x32L.google.cloud.security.privateca.v1.SubordinateConfig.SubordinateConfigChainB\x03\xe0\x41\x02H\x00\x1a\x37\n\x16SubordinateConfigChain\x12\x1d\n\x10pem_certificates\x18\x01 \x03(\tB\x03\xe0\x41\x02\x42\x14\n\x12subordinate_config\"\x9d\x01\n\tPublicKey\x12\x10\n\x03key\x18\x01 \x01(\x0c\x42\x03\xe0\x41\x02\x12L\n\x06\x66ormat\x18\x02 \x01(\x0e\x32\x37.google.cloud.security.privateca.v1.PublicKey.KeyFormatB\x03\xe0\x41\x02\"0\n\tKeyFormat\x12\x1a\n\x16KEY_FORMAT_UNSPECIFIED\x10\x00\x12\x07\n\x03PEM\x10\x01\"\xac\x04\n\x11\x43\x65rtificateConfig\x12`\n\x0esubject_config\x18\x01 \x01(\x0b\x32\x43.google.cloud.security.privateca.v1.CertificateConfig.SubjectConfigB\x03\xe0\x41\x02\x12L\n\x0bx509_config\x18\x02 \x01(\x0b\x32\x32.google.cloud.security.privateca.v1.X509ParametersB\x03\xe0\x41\x02\x12\x46\n\npublic_key\x18\x03 \x01(\x0b\x32-.google.cloud.security.privateca.v1.PublicKeyB\x03\xe0\x41\x01\x12X\n\x0esubject_key_id\x18\x04 \x01(\x0b\x32;.google.cloud.security.privateca.v1.CertificateConfig.KeyIdB\x03\xe0\x41\x01\x1a\xa6\x01\n\rSubjectConfig\x12\x41\n\x07subject\x18\x01 \x01(\x0b\x32+.google.cloud.security.privateca.v1.SubjectB\x03\xe0\x41\x01\x12R\n\x10subject_alt_name\x18\x02 \x01(\x0b\x32\x33.google.cloud.security.privateca.v1.SubjectAltNamesB\x03\xe0\x41\x01\x1a\x1c\n\x05KeyId\x12\x13\n\x06key_id\x18\x01 \x01(\tB\x03\xe0\x41\x02\"\xc1\x08\n\x16\x43\x65rtificateDescription\x12j\n\x13subject_description\x18\x01 \x01(\x0b\x32M.google.cloud.security.privateca.v1.CertificateDescription.SubjectDescription\x12L\n\x10x509_description\x18\x02 \x01(\x0b\x32\x32.google.cloud.security.privateca.v1.X509Parameters\x12\x41\n\npublic_key\x18\x03 \x01(\x0b\x32-.google.cloud.security.privateca.v1.PublicKey\x12X\n\x0esubject_key_id\x18\x04 \x01(\x0b\x32@.google.cloud.security.privateca.v1.CertificateDescription.KeyId\x12Z\n\x10\x61uthority_key_id\x18\x05 \x01(\x0b\x32@.google.cloud.security.privateca.v1.CertificateDescription.KeyId\x12\x1f\n\x17\x63rl_distribution_points\x18\x06 \x03(\t\x12$\n\x1c\x61ia_issuing_certificate_urls\x18\x07 \x03(\t\x12k\n\x10\x63\x65rt_fingerprint\x18\x08 \x01(\x0b\x32Q.google.cloud.security.privateca.v1.CertificateDescription.CertificateFingerprint\x12\x1e\n\x16tbs_certificate_digest\x18\t \x01(\t\x1a\xd2\x02\n\x12SubjectDescription\x12<\n\x07subject\x18\x01 \x01(\x0b\x32+.google.cloud.security.privateca.v1.Subject\x12M\n\x10subject_alt_name\x18\x02 \x01(\x0b\x32\x33.google.cloud.security.privateca.v1.SubjectAltNames\x12\x19\n\x11hex_serial_number\x18\x03 \x01(\t\x12+\n\x08lifetime\x18\x04 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x33\n\x0fnot_before_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x32\n\x0enot_after_time\x18\x06 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x1a\x1c\n\x05KeyId\x12\x13\n\x06key_id\x18\x01 \x01(\tB\x03\xe0\x41\x01\x1a-\n\x16\x43\x65rtificateFingerprint\x12\x13\n\x0bsha256_hash\x18\x01 \x01(\t\"\'\n\x08ObjectId\x12\x1b\n\x0eobject_id_path\x18\x01 \x03(\x05\x42\x03\xe0\x41\x02\"\x80\x01\n\rX509Extension\x12\x44\n\tobject_id\x18\x01 \x01(\x0b\x32,.google.cloud.security.privateca.v1.ObjectIdB\x03\xe0\x41\x02\x12\x15\n\x08\x63ritical\x18\x02 \x01(\x08\x42\x03\xe0\x41\x01\x12\x12\n\x05value\x18\x03 \x01(\x0c\x42\x03\xe0\x41\x02\"\xa2\x05\n\x08KeyUsage\x12T\n\x0e\x62\x61se_key_usage\x18\x01 \x01(\x0b\x32<.google.cloud.security.privateca.v1.KeyUsage.KeyUsageOptions\x12`\n\x12\x65xtended_key_usage\x18\x02 \x01(\x0b\x32\x44.google.cloud.security.privateca.v1.KeyUsage.ExtendedKeyUsageOptions\x12Q\n\x1bunknown_extended_key_usages\x18\x03 \x03(\x0b\x32,.google.cloud.security.privateca.v1.ObjectId\x1a\xe7\x01\n\x0fKeyUsageOptions\x12\x19\n\x11\x64igital_signature\x18\x01 \x01(\x08\x12\x1a\n\x12\x63ontent_commitment\x18\x02 \x01(\x08\x12\x18\n\x10key_encipherment\x18\x03 \x01(\x08\x12\x19\n\x11\x64\x61ta_encipherment\x18\x04 \x01(\x08\x12\x15\n\rkey_agreement\x18\x05 \x01(\x08\x12\x11\n\tcert_sign\x18\x06 \x01(\x08\x12\x10\n\x08\x63rl_sign\x18\x07 \x01(\x08\x12\x15\n\rencipher_only\x18\x08 \x01(\x08\x12\x15\n\rdecipher_only\x18\t \x01(\x08\x1a\xa0\x01\n\x17\x45xtendedKeyUsageOptions\x12\x13\n\x0bserver_auth\x18\x01 \x01(\x08\x12\x13\n\x0b\x63lient_auth\x18\x02 \x01(\x08\x12\x14\n\x0c\x63ode_signing\x18\x03 \x01(\x08\x12\x18\n\x10\x65mail_protection\x18\x04 \x01(\x08\x12\x15\n\rtime_stamping\x18\x05 \x01(\x08\x12\x14\n\x0cocsp_signing\x18\x06 \x01(\x08\"\xbe\x01\n\x15\x41ttributeTypeAndValue\x12\x41\n\x04type\x18\x01 \x01(\x0e\x32\x31.google.cloud.security.privateca.v1.AttributeTypeH\x00\x12\x41\n\tobject_id\x18\x02 \x01(\x0b\x32,.google.cloud.security.privateca.v1.ObjectIdH\x00\x12\r\n\x05value\x18\x03 \x01(\tB\x10\n\x0e\x61ttribute_type\"j\n\x19RelativeDistinguishedName\x12M\n\nattributes\x18\x01 \x03(\x0b\x32\x39.google.cloud.security.privateca.v1.AttributeTypeAndValue\"\x8d\x02\n\x07Subject\x12\x13\n\x0b\x63ommon_name\x18\x01 \x01(\t\x12\x14\n\x0c\x63ountry_code\x18\x02 \x01(\t\x12\x14\n\x0corganization\x18\x03 \x01(\t\x12\x1b\n\x13organizational_unit\x18\x04 \x01(\t\x12\x10\n\x08locality\x18\x05 \x01(\t\x12\x10\n\x08province\x18\x06 \x01(\t\x12\x16\n\x0estreet_address\x18\x07 \x01(\t\x12\x13\n\x0bpostal_code\x18\x08 \x01(\t\x12S\n\x0crdn_sequence\x18\t \x03(\x0b\x32=.google.cloud.security.privateca.v1.RelativeDistinguishedName\"\xa9\x01\n\x0fSubjectAltNames\x12\x11\n\tdns_names\x18\x01 \x03(\t\x12\x0c\n\x04uris\x18\x02 \x03(\t\x12\x17\n\x0f\x65mail_addresses\x18\x03 \x03(\t\x12\x14\n\x0cip_addresses\x18\x04 \x03(\t\x12\x46\n\x0b\x63ustom_sans\x18\x05 \x03(\x0b\x32\x31.google.cloud.security.privateca.v1.X509Extension\"\xfa\x01\n\x1e\x43\x65rtificateIdentityConstraints\x12.\n\x0e\x63\x65l_expression\x18\x01 \x01(\x0b\x32\x11.google.type.ExprB\x03\xe0\x41\x01\x12+\n\x19\x61llow_subject_passthrough\x18\x02 \x01(\x08\x42\x03\xe0\x41\x02H\x00\x88\x01\x01\x12\x35\n#allow_subject_alt_names_passthrough\x18\x03 \x01(\x08\x42\x03\xe0\x41\x02H\x01\x88\x01\x01\x42\x1c\n\x1a_allow_subject_passthroughB&\n$_allow_subject_alt_names_passthrough\"\xb4\x03\n\x1f\x43\x65rtificateExtensionConstraints\x12|\n\x10known_extensions\x18\x01 \x03(\x0e\x32].google.cloud.security.privateca.v1.CertificateExtensionConstraints.KnownCertificateExtensionB\x03\xe0\x41\x01\x12P\n\x15\x61\x64\x64itional_extensions\x18\x02 \x03(\x0b\x32,.google.cloud.security.privateca.v1.ObjectIdB\x03\xe0\x41\x01\"\xc0\x01\n\x19KnownCertificateExtension\x12+\n\'KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED\x10\x00\x12\x12\n\x0e\x42\x41SE_KEY_USAGE\x10\x01\x12\x16\n\x12\x45XTENDED_KEY_USAGE\x10\x02\x12\x0e\n\nCA_OPTIONS\x10\x03\x12\x0e\n\nPOLICY_IDS\x10\x04\x12\x14\n\x10\x41IA_OCSP_SERVERS\x10\x05\x12\x14\n\x10NAME_CONSTRAINTS\x10\x06*\xbe\x01\n\rAttributeType\x12\x1e\n\x1a\x41TTRIBUTE_TYPE_UNSPECIFIED\x10\x00\x12\x0f\n\x0b\x43OMMON_NAME\x10\x01\x12\x10\n\x0c\x43OUNTRY_CODE\x10\x02\x12\x10\n\x0cORGANIZATION\x10\x03\x12\x17\n\x13ORGANIZATIONAL_UNIT\x10\x04\x12\x0c\n\x08LOCALITY\x10\x05\x12\x0c\n\x08PROVINCE\x10\x06\x12\x12\n\x0eSTREET_ADDRESS\x10\x07\x12\x0f\n\x0bPOSTAL_CODE\x10\x08*\x87\x02\n\x10RevocationReason\x12!\n\x1dREVOCATION_REASON_UNSPECIFIED\x10\x00\x12\x12\n\x0eKEY_COMPROMISE\x10\x01\x12$\n CERTIFICATE_AUTHORITY_COMPROMISE\x10\x02\x12\x17\n\x13\x41\x46\x46ILIATION_CHANGED\x10\x03\x12\x0e\n\nSUPERSEDED\x10\x04\x12\x1a\n\x16\x43\x45SSATION_OF_OPERATION\x10\x05\x12\x14\n\x10\x43\x45RTIFICATE_HOLD\x10\x06\x12\x17\n\x13PRIVILEGE_WITHDRAWN\x10\x07\x12\"\n\x1e\x41TTRIBUTE_AUTHORITY_COMPROMISE\x10\x08*o\n\x12SubjectRequestMode\x12$\n SUBJECT_REQUEST_MODE_UNSPECIFIED\x10\x00\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x01\x12\x10\n\x0cRDN_SEQUENCE\x10\x03\x12\x14\n\x10REFLECTED_SPIFFE\x10\x02\x42\xfc\x01\n&com.google.cloud.security.privateca.v1B\x17PrivateCaResourcesProtoP\x01ZDcloud.google.com/go/security/privateca/apiv1/privatecapb;privatecapb\xaa\x02\"Google.Cloud.Security.PrivateCA.V1\xca\x02\"Google\\Cloud\\Security\\PrivateCA\\V1\xea\x02&Google::Cloud::Security::PrivateCA::V1b\x06proto3"
 pool = ::Google::Protobuf::DescriptorPool.generated_pool
 pool.add_serialized_file(descriptor_data)
@@ -38,6 +38,7 @@ module Google
           CaPool::IssuancePolicy::AllowedKeyType::EcKeyType::EcSignatureAlgorithm = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType.EcKeyType.EcSignatureAlgorithm").enummodule
           CaPool::IssuancePolicy::IssuanceModes = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes").msgclass
           CaPool::Tier = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.CaPool.Tier").enummodule
+          EncryptionSpec = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.EncryptionSpec").msgclass
           CertificateRevocationList = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.CertificateRevocationList").msgclass
           CertificateRevocationList::RevokedCertificate = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.CertificateRevocationList.RevokedCertificate").msgclass
           CertificateRevocationList::State = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.CertificateRevocationList.State").enummodule

data/proto_docs/google/api/client.rb CHANGED Viewed

@@ -31,6 +31,8 @@ module Google
     # @!attribute [rw] selective_gapic_generation
     #   @return [::Google::Api::SelectiveGapicGeneration]
     #     Configuration for which RPCs should be generated in the GAPIC client.
+    #
+    #     Note: This field should not be used in most cases.
     class CommonLanguageSettings
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -441,6 +443,8 @@ module Google
     # This message is used to configure the generation of a subset of the RPCs in
     # a service for client libraries.
+    #
+    # Note: This feature should not be used in most cases.
     # @!attribute [rw] methods
     #   @return [::Array<::String>]
     #     An allowlist of the fully qualified names of RPCs that should be included

data/proto_docs/google/cloud/security/privateca/v1/resources.rb CHANGED Viewed

@@ -357,6 +357,13 @@ module Google
           #     {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificates} from any
           #     {::Google::Cloud::Security::PrivateCA::V1::CertificateAuthority CertificateAuthority}
           #     in this {::Google::Cloud::Security::PrivateCA::V1::CaPool CaPool}.
+          # @!attribute [rw] encryption_spec
+          #   @return [::Google::Cloud::Security::PrivateCA::V1::EncryptionSpec]
+          #     Optional. When
+          #     {::Google::Cloud::Security::PrivateCA::V1::EncryptionSpec EncryptionSpec} is
+          #     provided, the {::Google::Cloud::Security::PrivateCA::V1::Subject Subject},
+          #     {::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames SubjectAltNames}, and
+          #     the PEM-encoded certificate fields will be encrypted at rest.
           # @!attribute [rw] labels
           #   @return [::Google::Protobuf::Map{::String => ::String}]
           #     Optional. Labels with user-defined metadata.
@@ -428,13 +435,29 @@ module Google
             #     the key types listed here. Otherwise, any key may be used.
             # @!attribute [rw] backdate_duration
             #   @return [::Google::Protobuf::Duration]
-            #     Optional. The duration to backdate all certificates issued from this
-            #     {::Google::Cloud::Security::PrivateCA::V1::CaPool CaPool}. If not set, the
-            #     certificates will be issued with a not_before_time of the issuance time
-            #     (i.e. the current time). If set, the certificates will be issued with a
-            #     not_before_time of the issuance time minus the backdate_duration. The
-            #     not_after_time will be adjusted to preserve the requested lifetime. The
-            #     backdate_duration must be less than or equal to 48 hours.
+            #     Optional. If set, all certificates issued from this
+            #     {::Google::Cloud::Security::PrivateCA::V1::CaPool CaPool} will be backdated by
+            #     this duration. The 'not_before_time' will be the issuance time minus this
+            #     {::Google::Cloud::Security::PrivateCA::V1::CaPool::IssuancePolicy#backdate_duration backdate_duration},
+            #     and the 'not_after_time' will be adjusted to preserve the requested
+            #     lifetime. The maximum duration that a certificate can be backdated with
+            #     these options is 48 hours in the past.
+            #     This option cannot be set if
+            #     {::Google::Cloud::Security::PrivateCA::V1::CaPool::IssuancePolicy#allow_requester_specified_not_before_time allow_requester_specified_not_before_time}
+            #     is set.
+            # @!attribute [rw] allow_requester_specified_not_before_time
+            #   @return [::Boolean]
+            #     Optional. If set to true, allows requesters to specify the
+            #     {::Google::Cloud::Security::PrivateCA::V1::Certificate#requested_not_before_time requested_not_before_time}
+            #     field when creating a
+            #     {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificate}.
+            #     Certificates requested with this option enabled will have a
+            #     'not_before_time' equal to the value specified in the request. The
+            #     'not_after_time' will be adjusted to preserve the requested lifetime. The
+            #     maximum time that a certificate can be backdated with these options is 48
+            #     hours in the past. This option cannot be set if
+            #     {::Google::Cloud::Security::PrivateCA::V1::CaPool::IssuancePolicy#backdate_duration backdate_duration}
+            #     is set.
             # @!attribute [rw] maximum_lifetime
             #   @return [::Google::Protobuf::Duration]
             #     Optional. The maximum lifetime allowed for issued
@@ -607,6 +630,16 @@ module Google
             end
           end
+          # The configuration used for encrypting data at rest.
+          # @!attribute [rw] cloud_kms_key
+          #   @return [::String]
+          #     The resource name for a Cloud KMS key in the format
+          #     `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
+          class EncryptionSpec
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
           # A
           # {::Google::Cloud::Security::PrivateCA::V1::CertificateRevocationList CertificateRevocationList}
           # corresponds to a signed X.509 certificate Revocation List (CRL). A CRL
@@ -780,6 +813,22 @@ module Google
           # @!attribute [rw] labels
           #   @return [::Google::Protobuf::Map{::String => ::String}]
           #     Optional. Labels with user-defined metadata.
+          # @!attribute [rw] requested_not_before_time
+          #   @return [::Google::Protobuf::Timestamp]
+          #     Optional. The requested
+          #     {::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::SubjectDescription#not_before_time not_before_time}
+          #     of this {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificate}. This
+          #     field may only be set if the
+          #     {::Google::Cloud::Security::PrivateCA::V1::CaPool::IssuancePolicy#allow_requester_specified_not_before_time CaPool.IssuancePolicy.allow_requester_specified_not_before_time}
+          #     field is set to true for the issuing
+          #     {::Google::Cloud::Security::PrivateCA::V1::CaPool CaPool}.
+          #
+          #     If this field is specified, the certificate will be issued with this
+          #     'not_before_time'. If this is not specified, the 'not_before_time' will be
+          #     set to the issuance time or issuance time minus
+          #     {::Google::Cloud::Security::PrivateCA::V1::CaPool::IssuancePolicy#backdate_duration backdate_duration}
+          #     depending on the {::Google::Cloud::Security::PrivateCA::V1::CaPool CaPool}
+          #     configuration.
           class Certificate
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/security/privateca/v1/service.rb CHANGED Viewed

@@ -109,9 +109,18 @@ module Google
           # {::Google::Cloud::Security::PrivateCA::V1::CertificateAuthorityService::Client#list_certificates CertificateAuthorityService.ListCertificates}.
           # @!attribute [rw] parent
           #   @return [::String]
-          #     Required. The resource name of the location associated with the
+          #     Required. The resource name of the parent associated with the
           #     {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificates}, in the
-          #     format `projects/*/locations/*/caPools/*`.
+          #     format `projects/*/locations/*/caPools/*`. The parent resource name can be
+          #     in one of two forms:
+          #
+          #     1.  **Specific CA Pool:** To list certificates within a single CA Pool:
+          #         `projects/*/locations/*/caPools/*`
+          #
+          #     2.  **All CA Pools in a Location:** To list certificates across *all* CA
+          #         Pools in a given project and location, use the wildcard character (`-`)
+          #         in place of the CA Pool ID.
+          #         Example: `projects/*/locations/*/caPools/-`
           # @!attribute [rw] page_size
           #   @return [::Integer]
           #     Optional. Limit on the number of

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-security-private_ca-v1
 version: !ruby/object:Gem::Version
-  version: 2.6.0
+  version: 2.7.0
 platform: ruby
 authors:
 - Google LLC