package google.events.cloud.certificatemanager.v1
Get desktop application:
View/edit binary Protocol Buffers messages
message
data.proto:92Defines TLS certificate.
Used in:
string name = 1
A user-defined name of the certificate. Certificate names must be unique globally and match pattern `projects/*/locations/*/certificates/*`.
string description = 8
One or more paragraphs of text description of a certificate.
optional create_time = 2
Output only. The creation timestamp of a Certificate.
optional update_time = 3
Output only. The last update timestamp of a Certificate.
map<string, string> labels = 4
Set of labels associated with a Certificate.
oneof type
self_managed = 5
If set, defines data of a self-managed certificate.
managed = 11
If set, contains configuration and state of a managed certificate.
repeated string san_dnsnames = 6
Output only. The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven't been provisioned yet have this field populated with a value of the managed.domains field.
string pem_certificate = 9
Output only. The PEM-encoded certificate chain.
optional expire_time = 7
Output only. The expiry timestamp of a Certificate.
Certificate.Scope scope = 12
Immutable. The scope of the certificate.
message
data.proto:101Configuration and state of a Managed Certificate. Certificate Manager provisions and renews Managed Certificates automatically, for as long as it's authorized to do so.
Used in:
repeated string domains = 1
Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
repeated string dns_authorizations = 2
Immutable. Authorizations that will be used for performing domain authorization.
string issuance_config = 6
Immutable. The resource name for a [CertificateIssuanceConfig][google.cloud.certificatemanager.v1.CertificateIssuanceConfig] used to configure private PKI certificates in the format `projects/*/locations/*/certificateIssuanceConfigs/*`. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.
ManagedCertificate.State state = 4
Output only. State of the managed certificate resource.
optional provisioning_issue = 3
Output only. Information about issues with provisioning a Managed Certificate.
repeated authorization_attempt_info = 5
Output only. Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.
message
data.proto:129State of the latest attempt to authorize a domain for certificate issuance.
Used in:
string domain = 1
Domain name of the authorization attempt.
AuthorizationAttemptInfo.State state = 2
Output only. State of the domain for managed certificate issuance.
AuthorizationAttemptInfo.FailureReason failure_reason = 3
Output only. Reason for failure of the authorization attempt for the domain.
string details = 4
Output only. Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.
Used in:
FAILURE_REASON_UNSPECIFIED = 0
CONFIG = 1
There was a problem with the user's DNS or load balancer configuration for this domain.
CAA = 2
Certificate issuance forbidden by an explicit CAA record for the domain or a failure to check CAA records for the domain.
RATE_LIMITED = 3
Reached a CA or internal rate-limit for the domain, e.g. for certificates per top-level private domain.
Used in:
STATE_UNSPECIFIED = 0
AUTHORIZING = 1
Certificate provisioning for this domain is under way. GCP will attempt to authorize the domain.
AUTHORIZED = 6
A managed certificate can be provisioned, no issues for this domain.
FAILED = 7
Attempt to authorize the domain failed. This prevents the Managed Certificate from being issued. See `failure_reason` and `details` fields for more information.
message
data.proto:103Information about issues with provisioning a Managed Certificate.
Used in:
ProvisioningIssue.Reason reason = 1
Output only. Reason for provisioning failures.
string details = 2
Output only. Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use Reason enum.
Used in:
REASON_UNSPECIFIED = 0
AUTHORIZATION_ISSUE = 1
Certificate provisioning failed due to an issue with one or more of the domains on the certificate. For details of which domains failed, consult the `authorization_attempt_info` field.
RATE_LIMITED = 2
Exceeded Certificate Authority quotas or internal rate limits of the system. Provisioning may take longer to complete.
Used in:
STATE_UNSPECIFIED = 0
PROVISIONING = 1
Certificate Manager attempts to provision or renew the certificate. If the process takes longer than expected, consult the `provisioning_issue` field.
FAILED = 2
Multiple certificate provisioning attempts failed and Certificate Manager gave up. To try again, delete and create a new managed Certificate resource. For details see the `provisioning_issue` field.
ACTIVE = 3
The certificate management is working, and a certificate has been provisioned.
Certificate scope.
Used in:
DEFAULT = 0
Certificates with default scope are served from core Google data centers. If unsure, choose this option.
EDGE_CACHE = 1
Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers.
message
data.proto:96Certificate data for a SelfManaged Certificate. SelfManaged Certificates are uploaded by the user. Updating such certificates before they expire remains the user's responsibility.
Used in:
(message has no fields)
message
events.proto:52The CloudEvent raised when a Certificate is created.
optional data = 1
The data associated with the event.
message
events.proto:72The CloudEvent raised when a Certificate is deleted.
optional data = 1
The data associated with the event.
message
data.proto:466The data within all Certificate events.
Used in: , ,
optional payload = 1
Optional. The Certificate event payload. Unset for deletion events.
message
data.proto:27CertificateIssuanceConfig specifies how to issue and manage a certificate.
Used in:
string name = 1
A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally and match pattern `projects/*/locations/*/certificateIssuanceConfigs/*`.
optional create_time = 2
Output only. The creation timestamp of a CertificateIssuanceConfig.
optional update_time = 3
Output only. The last update timestamp of a CertificateIssuanceConfig.
map<string, string> labels = 4
Set of labels associated with a CertificateIssuanceConfig.
string description = 5
One or more paragraphs of text description of a CertificateIssuanceConfig.
optional certificate_authority_config = 6
Required. The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc.
optional lifetime = 7
Required. Workload certificate lifetime requested.
int32 rotation_window_percentage = 8
Required. Specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive.
CertificateIssuanceConfig.KeyAlgorithm key_algorithm = 9
Required. The key algorithm to use when generating the private key.
message
data.proto:30The CA that issues the workload certificate. It includes CA address, type, authentication to CA service, etc.
Used in:
oneof kind
certificate_authority_service_config = 1
Defines a CertificateAuthorityServiceConfig.
message
data.proto:32Contains information required to contact CA service.
Used in:
string ca_pool = 1
Required. A CA pool resource used to issue a certificate. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{ca_pool}".
The type of keypair to generate.
Used in:
KEY_ALGORITHM_UNSPECIFIED = 0
Unspecified key algorithm.
RSA_2048 = 1
Specifies RSA with a 2048-bit modulus.
ECDSA_P256 = 4
Specifies ECDSA with curve P256.
message
events.proto:175The CloudEvent raised when a CertificateIssuanceConfig is created.
optional data = 1
The data associated with the event.
message
events.proto:186The CloudEvent raised when a CertificateIssuanceConfig is deleted.
optional data = 1
The data associated with the event.
message
data.proto:447The data within all CertificateIssuanceConfig events.
Used in: ,
optional payload = 1
Optional. The CertificateIssuanceConfig event payload. Unset for deletion events.
message
data.proto:279Defines a collection of certificate configurations.
Used in:
string name = 1
A user-defined name of the Certificate Map. Certificate Map names must be unique globally and match pattern `projects/*/locations/*/certificateMaps/*`.
string description = 5
One or more paragraphs of text description of a certificate map.
optional create_time = 2
Output only. The creation timestamp of a Certificate Map.
optional update_time = 6
Output only. The update timestamp of a Certificate Map.
map<string, string> labels = 3
Set of labels associated with a Certificate Map.
repeated gclb_targets = 4
Output only. A list of GCLB targets that use this Certificate Map. A Target Proxy is only present on this list if it's attached to a Forwarding Rule.
message
data.proto:281Describes a Target Proxy that uses this Certificate Map.
Used in:
oneof target_proxy
A Target Proxy to which this map is attached to.
string target_https_proxy = 1
Output only. This field returns the resource name in the following format: `//compute.googleapis.com/projects/*/global/targetHttpsProxies/*`.
string target_ssl_proxy = 3
Output only. This field returns the resource name in the following format: `//compute.googleapis.com/projects/*/global/targetSslProxies/*`.
repeated ip_configs = 2
Output only. IP configurations for this Target Proxy where the Certificate Map is serving.
message
data.proto:283Defines IP configuration where this Certificate Map is serving.
Used in:
string ip_address = 1
Output only. An external IP address.
repeated uint32 ports = 3
Output only. Ports.
message
events.proto:82The CloudEvent raised when a CertificateMap is created.
optional data = 1
The data associated with the event.
message
events.proto:102The CloudEvent raised when a CertificateMap is deleted.
optional data = 1
The data associated with the event.
message
data.proto:333Defines a certificate map entry.
Used in:
string name = 1
A user-defined name of the Certificate Map Entry. Certificate Map Entry names must be unique globally and match pattern `projects/*/locations/*/certificateMaps/*/certificateMapEntries/*`.
string description = 9
One or more paragraphs of text description of a certificate map entry.
optional create_time = 2
Output only. The creation timestamp of a Certificate Map Entry.
optional update_time = 3
Output only. The update timestamp of a Certificate Map Entry.
map<string, string> labels = 4
Set of labels associated with a Certificate Map Entry.
oneof match
string hostname = 5
A Hostname (FQDN, e.g. `example.com`) or a wildcard hostname expression (`*.example.com`) for a set of hostnames with common suffix. Used as Server Name Indication (SNI) for selecting a proper certificate.
CertificateMapEntry.Matcher matcher = 10
A predefined matcher for particular cases, other than SNI selection.
repeated string certificates = 7
A set of Certificates defines for the given `hostname`. There can be defined up to fifteen certificates in each Certificate Map Entry. Each certificate must match pattern `projects/*/locations/*/certificates/*`.
ServingState state = 8
Output only. A serving state of this Certificate Map Entry.
Defines predefined cases other than SNI-hostname match when this configuration should be applied.
Used in:
MATCHER_UNSPECIFIED = 0
A matcher has't been recognized.
PRIMARY = 1
A primary certificate that is served when SNI wasn't specified in the request or SNI couldn't be found in the map.
message
events.proto:112The CloudEvent raised when a CertificateMapEntry is created.
optional data = 1
The data associated with the event.
message
events.proto:134The CloudEvent raised when a CertificateMapEntry is deleted.
optional data = 1
The data associated with the event.
message
data.proto:454The data within all CertificateMapEntry events.
Used in: , ,
optional payload = 1
Optional. The CertificateMapEntry event payload. Unset for deletion events.
message
events.proto:123The CloudEvent raised when a CertificateMapEntry is updated.
optional data = 1
The data associated with the event.
message
data.proto:460The data within all CertificateMap events.
Used in: , ,
optional payload = 1
Optional. The CertificateMap event payload. Unset for deletion events.
message
events.proto:92The CloudEvent raised when a CertificateMap is updated.
optional data = 1
The data associated with the event.
message
events.proto:62The CloudEvent raised when a Certificate is updated.
optional data = 1
The data associated with the event.
message
data.proto:383A DnsAuthorization resource describes a way to perform domain authorization for certificate issuance.
Used in:
string name = 1
A user-defined name of the dns authorization. DnsAuthorization names must be unique globally and match pattern `projects/*/locations/*/dnsAuthorizations/*`.
optional create_time = 2
Output only. The creation timestamp of a DnsAuthorization.
optional update_time = 3
Output only. The last update timestamp of a DnsAuthorization.
map<string, string> labels = 4
Set of labels associated with a DnsAuthorization.
string description = 5
One or more paragraphs of text description of a DnsAuthorization.
string domain = 6
Required. Immutable. A domain that is being authorized. A DnsAuthorization resource covers a single domain and its wildcard, e.g. authorization for `example.com` can be used to issue certificates for `example.com` and `*.example.com`.
optional dns_resource_record = 10
Output only. DNS Resource Record that needs to be added to DNS configuration.
message
data.proto:387The structure describing the DNS Resource Record that needs to be added to DNS configuration for the authorization to be usable by certificate.
Used in:
string name = 1
Output only. Fully qualified name of the DNS Resource Record. e.g. `_acme-challenge.example.com`
string type = 2
Output only. Type of the DNS Resource Record. Currently always set to "CNAME".
string data = 3
Output only. Data of the DNS Resource Record.
message
events.proto:145The CloudEvent raised when a DnsAuthorization is created.
optional data = 1
The data associated with the event.
message
events.proto:165The CloudEvent raised when a DnsAuthorization is deleted.
optional data = 1
The data associated with the event.
message
data.proto:441The data within all DnsAuthorization events.
Used in: , ,
optional payload = 1
Optional. The DnsAuthorization event payload. Unset for deletion events.
message
events.proto:155The CloudEvent raised when a DnsAuthorization is updated.
optional data = 1
The data associated with the event.
Defines set of serving states associated with a resource.
Used in:
SERVING_STATE_UNSPECIFIED = 0
The status is undefined.
ACTIVE = 1
The configuration is serving.
PENDING = 2
Update is in progress. Some frontends may serve this configuration.