Package com.google.cloud.security.privateca.v1beta1

Class CertificateAuthority.CertificateAuthorityPolicy

  • All Implemented Interfaces:
    CertificateAuthority.CertificateAuthorityPolicyOrBuilder, com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, Serializable
    Enclosing class:
    CertificateAuthority
    public static final class CertificateAuthority.CertificateAuthorityPolicy
extends com.google.protobuf.GeneratedMessageV3
implements CertificateAuthority.CertificateAuthorityPolicyOrBuilder
     The issuing policy for a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
 [Certificates][google.cloud.security.privateca.v1beta1.Certificate] will not be successfully issued from this
 [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] if they violate the policy.
    Protobuf type google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy
    See Also:
    Serialized Form

    • Field Detail

      • ALLOWED_CONFIG_LIST_FIELD_NUMBER

        public static final int ALLOWED_CONFIG_LIST_FIELD_NUMBER
        See Also:
        Constant Field Values

      • OVERWRITE_CONFIG_VALUES_FIELD_NUMBER

        public static final int OVERWRITE_CONFIG_VALUES_FIELD_NUMBER
        See Also:
        Constant Field Values

      • ALLOWED_LOCATIONS_AND_ORGANIZATIONS_FIELD_NUMBER

        public static final int ALLOWED_LOCATIONS_AND_ORGANIZATIONS_FIELD_NUMBER
        See Also:
        Constant Field Values

      • ALLOWED_COMMON_NAMES_FIELD_NUMBER

        public static final int ALLOWED_COMMON_NAMES_FIELD_NUMBER
        See Also:
        Constant Field Values

      • ALLOWED_SANS_FIELD_NUMBER

        public static final int ALLOWED_SANS_FIELD_NUMBER
        See Also:
        Constant Field Values

      • MAXIMUM_LIFETIME_FIELD_NUMBER

        public static final int MAXIMUM_LIFETIME_FIELD_NUMBER
        See Also:
        Constant Field Values

      • ALLOWED_ISSUANCE_MODES_FIELD_NUMBER

        public static final int ALLOWED_ISSUANCE_MODES_FIELD_NUMBER
        See Also:
        Constant Field Values

    • Method Detail

      • newInstance

        protected Object newInstance​(com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter unused)
        Overrides:
        newInstance in class com.google.protobuf.GeneratedMessageV3

      • getDescriptor

        public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

      • internalGetFieldAccessorTable

        protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
        Specified by:
        internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3

      • hasAllowedConfigList

        public boolean hasAllowedConfigList()
         Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
 must match at least one listed [ReusableConfigWrapper][google.cloud.security.privateca.v1beta1.ReusableConfigWrapper] in the list.
        .google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedConfigList allowed_config_list = 1 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        hasAllowedConfigList in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder
        Returns:
        Whether the allowedConfigList field is set.

      • getAllowedConfigList

        public CertificateAuthority.CertificateAuthorityPolicy.AllowedConfigList getAllowedConfigList()
         Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
 must match at least one listed [ReusableConfigWrapper][google.cloud.security.privateca.v1beta1.ReusableConfigWrapper] in the list.
        .google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedConfigList allowed_config_list = 1 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getAllowedConfigList in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder
        Returns:
        The allowedConfigList.

      • hasOverwriteConfigValues

        public boolean hasOverwriteConfigValues()
         Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
 will use the provided configuration values, overwriting any requested
 configuration values.
        .google.cloud.security.privateca.v1beta1.ReusableConfigWrapper overwrite_config_values = 2 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        hasOverwriteConfigValues in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder
        Returns:
        Whether the overwriteConfigValues field is set.

      • getOverwriteConfigValues

        public ReusableConfigWrapper getOverwriteConfigValues()
         Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
 will use the provided configuration values, overwriting any requested
 configuration values.
        .google.cloud.security.privateca.v1beta1.ReusableConfigWrapper overwrite_config_values = 2 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getOverwriteConfigValues in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder
        Returns:
        The overwriteConfigValues.

      • getOverwriteConfigValuesOrBuilder

        public ReusableConfigWrapperOrBuilder getOverwriteConfigValuesOrBuilder()
         Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
 will use the provided configuration values, overwriting any requested
 configuration values.
        .google.cloud.security.privateca.v1beta1.ReusableConfigWrapper overwrite_config_values = 2 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getOverwriteConfigValuesOrBuilder in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder

      • getAllowedLocationsAndOrganizationsList

        public List<Subject> getAllowedLocationsAndOrganizationsList()
         Optional. If any [Subject][google.cloud.security.privateca.v1beta1.Subject] is specified here, then all
 [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must
 match at least one listed [Subject][google.cloud.security.privateca.v1beta1.Subject]. If a [Subject][google.cloud.security.privateca.v1beta1.Subject] has an empty
 field, any value will be allowed for that field.
        repeated .google.cloud.security.privateca.v1beta1.Subject allowed_locations_and_organizations = 3 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getAllowedLocationsAndOrganizationsList in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder

      • getAllowedLocationsAndOrganizationsOrBuilderList

        public List<? extends SubjectOrBuilder> getAllowedLocationsAndOrganizationsOrBuilderList()
         Optional. If any [Subject][google.cloud.security.privateca.v1beta1.Subject] is specified here, then all
 [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must
 match at least one listed [Subject][google.cloud.security.privateca.v1beta1.Subject]. If a [Subject][google.cloud.security.privateca.v1beta1.Subject] has an empty
 field, any value will be allowed for that field.
        repeated .google.cloud.security.privateca.v1beta1.Subject allowed_locations_and_organizations = 3 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getAllowedLocationsAndOrganizationsOrBuilderList in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder

      • getAllowedLocationsAndOrganizationsCount

        public int getAllowedLocationsAndOrganizationsCount()
         Optional. If any [Subject][google.cloud.security.privateca.v1beta1.Subject] is specified here, then all
 [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must
 match at least one listed [Subject][google.cloud.security.privateca.v1beta1.Subject]. If a [Subject][google.cloud.security.privateca.v1beta1.Subject] has an empty
 field, any value will be allowed for that field.
        repeated .google.cloud.security.privateca.v1beta1.Subject allowed_locations_and_organizations = 3 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getAllowedLocationsAndOrganizationsCount in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder

      • getAllowedLocationsAndOrganizations

        public Subject getAllowedLocationsAndOrganizations​(int index)
         Optional. If any [Subject][google.cloud.security.privateca.v1beta1.Subject] is specified here, then all
 [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must
 match at least one listed [Subject][google.cloud.security.privateca.v1beta1.Subject]. If a [Subject][google.cloud.security.privateca.v1beta1.Subject] has an empty
 field, any value will be allowed for that field.
        repeated .google.cloud.security.privateca.v1beta1.Subject allowed_locations_and_organizations = 3 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getAllowedLocationsAndOrganizations in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder

      • getAllowedLocationsAndOrganizationsOrBuilder

        public SubjectOrBuilder getAllowedLocationsAndOrganizationsOrBuilder​(int index)
         Optional. If any [Subject][google.cloud.security.privateca.v1beta1.Subject] is specified here, then all
 [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must
 match at least one listed [Subject][google.cloud.security.privateca.v1beta1.Subject]. If a [Subject][google.cloud.security.privateca.v1beta1.Subject] has an empty
 field, any value will be allowed for that field.
        repeated .google.cloud.security.privateca.v1beta1.Subject allowed_locations_and_organizations = 3 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getAllowedLocationsAndOrganizationsOrBuilder in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder

      • getAllowedCommonNamesList

        public com.google.protobuf.ProtocolStringList getAllowedCommonNamesList()
         Optional. If any value is specified here, then all
 [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must
 match at least one listed value. If no value is specified, all values
 will be allowed for this fied. Glob patterns are also supported.
        repeated string allowed_common_names = 4 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getAllowedCommonNamesList in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder
        Returns:
        A list containing the allowedCommonNames.

      • getAllowedCommonNamesCount

        public int getAllowedCommonNamesCount()
         Optional. If any value is specified here, then all
 [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must
 match at least one listed value. If no value is specified, all values
 will be allowed for this fied. Glob patterns are also supported.
        repeated string allowed_common_names = 4 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getAllowedCommonNamesCount in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder
        Returns:
        The count of allowedCommonNames.

      • getAllowedCommonNames

        public String getAllowedCommonNames​(int index)
         Optional. If any value is specified here, then all
 [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must
 match at least one listed value. If no value is specified, all values
 will be allowed for this fied. Glob patterns are also supported.
        repeated string allowed_common_names = 4 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getAllowedCommonNames in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder
        Parameters:
        index - The index of the element to return.
        Returns:
        The allowedCommonNames at the given index.

      • getAllowedCommonNamesBytes

        public com.google.protobuf.ByteString getAllowedCommonNamesBytes​(int index)
         Optional. If any value is specified here, then all
 [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must
 match at least one listed value. If no value is specified, all values
 will be allowed for this fied. Glob patterns are also supported.
        repeated string allowed_common_names = 4 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getAllowedCommonNamesBytes in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder
        Parameters:
        index - The index of the value to return.
        Returns:
        The bytes of the allowedCommonNames at the given index.

      • hasAllowedSans

        public boolean hasAllowedSans()
         Optional. If a [AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames] is specified here, then all
 [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must
 match [AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames]. If no value or an empty value
 is specified, any value will be allowed for the [SubjectAltNames][google.cloud.security.privateca.v1beta1.SubjectAltNames]
 field.
        .google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames allowed_sans = 5 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        hasAllowedSans in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder
        Returns:
        Whether the allowedSans field is set.

      • getAllowedSans

        public CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames getAllowedSans()
         Optional. If a [AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames] is specified here, then all
 [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must
 match [AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames]. If no value or an empty value
 is specified, any value will be allowed for the [SubjectAltNames][google.cloud.security.privateca.v1beta1.SubjectAltNames]
 field.
        .google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames allowed_sans = 5 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getAllowedSans in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder
        Returns:
        The allowedSans.

      • getAllowedSansOrBuilder

        public CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNamesOrBuilder getAllowedSansOrBuilder()
         Optional. If a [AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames] is specified here, then all
 [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must
 match [AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames]. If no value or an empty value
 is specified, any value will be allowed for the [SubjectAltNames][google.cloud.security.privateca.v1beta1.SubjectAltNames]
 field.
        .google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames allowed_sans = 5 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getAllowedSansOrBuilder in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder

      • hasMaximumLifetime

        public boolean hasMaximumLifetime()
         Optional. The maximum lifetime allowed by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]. Note that
 if the any part if the issuing chain expires before a [Certificate][google.cloud.security.privateca.v1beta1.Certificate]'s
 requested maximum_lifetime, the effective lifetime will be explicitly
 truncated.
        .google.protobuf.Duration maximum_lifetime = 6 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        hasMaximumLifetime in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder
        Returns:
        Whether the maximumLifetime field is set.

      • getMaximumLifetime

        public com.google.protobuf.Duration getMaximumLifetime()
         Optional. The maximum lifetime allowed by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]. Note that
 if the any part if the issuing chain expires before a [Certificate][google.cloud.security.privateca.v1beta1.Certificate]'s
 requested maximum_lifetime, the effective lifetime will be explicitly
 truncated.
        .google.protobuf.Duration maximum_lifetime = 6 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getMaximumLifetime in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder
        Returns:
        The maximumLifetime.

      • getMaximumLifetimeOrBuilder

        public com.google.protobuf.DurationOrBuilder getMaximumLifetimeOrBuilder()
         Optional. The maximum lifetime allowed by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]. Note that
 if the any part if the issuing chain expires before a [Certificate][google.cloud.security.privateca.v1beta1.Certificate]'s
 requested maximum_lifetime, the effective lifetime will be explicitly
 truncated.
        .google.protobuf.Duration maximum_lifetime = 6 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getMaximumLifetimeOrBuilder in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder

      • hasAllowedIssuanceModes

        public boolean hasAllowedIssuanceModes()
         Optional. If specified, then only methods allowed in the [IssuanceModes][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.IssuanceModes] may be
 used to issue [Certificates][google.cloud.security.privateca.v1beta1.Certificate].
        .google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.IssuanceModes allowed_issuance_modes = 8 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        hasAllowedIssuanceModes in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder
        Returns:
        Whether the allowedIssuanceModes field is set.

      • getAllowedIssuanceModes

        public CertificateAuthority.CertificateAuthorityPolicy.IssuanceModes getAllowedIssuanceModes()
         Optional. If specified, then only methods allowed in the [IssuanceModes][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.IssuanceModes] may be
 used to issue [Certificates][google.cloud.security.privateca.v1beta1.Certificate].
        .google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.IssuanceModes allowed_issuance_modes = 8 [(.google.api.field_behavior) = OPTIONAL];
        Specified by:
        getAllowedIssuanceModes in interface CertificateAuthority.CertificateAuthorityPolicyOrBuilder
        Returns:
        The allowedIssuanceModes.

      • isInitialized

        public final boolean isInitialized()
        Specified by:
        isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
        Overrides:
        isInitialized in class com.google.protobuf.GeneratedMessageV3

      • writeTo

        public void writeTo​(com.google.protobuf.CodedOutputStream output)
             throws IOException
        Specified by:
        writeTo in interface com.google.protobuf.MessageLite
        Overrides:
        writeTo in class com.google.protobuf.GeneratedMessageV3
        Throws:
        IOException

      • getSerializedSize

        public int getSerializedSize()
        Specified by:
        getSerializedSize in interface com.google.protobuf.MessageLite
        Overrides:
        getSerializedSize in class com.google.protobuf.GeneratedMessageV3

      • equals

        public boolean equals​(Object obj)
        Specified by:
        equals in interface com.google.protobuf.Message
        Overrides:
        equals in class com.google.protobuf.AbstractMessage

      • hashCode

        public int hashCode()
        Specified by:
        hashCode in interface com.google.protobuf.Message
        Overrides:
        hashCode in class com.google.protobuf.AbstractMessage

      • parseFrom

        public static CertificateAuthority.CertificateAuthorityPolicy parseFrom​(ByteBuffer data,
                                                                        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                                                 throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static CertificateAuthority.CertificateAuthorityPolicy parseFrom​(com.google.protobuf.ByteString data)
                                                                 throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static CertificateAuthority.CertificateAuthorityPolicy parseFrom​(com.google.protobuf.ByteString data,
                                                                        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                                                 throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static CertificateAuthority.CertificateAuthorityPolicy parseFrom​(byte[] data,
                                                                        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                                                 throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • getParserForType

        public com.google.protobuf.Parser<CertificateAuthority.CertificateAuthorityPolicy> getParserForType()
        Specified by:
        getParserForType in interface com.google.protobuf.Message
        Specified by:
        getParserForType in interface com.google.protobuf.MessageLite
        Overrides:
        getParserForType in class com.google.protobuf.GeneratedMessageV3

      • getDefaultInstanceForType

        public CertificateAuthority.CertificateAuthorityPolicy getDefaultInstanceForType()
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder