ca_pools
Creates, updates, deletes, gets or lists a ca_pools resource.
Overview
| Name | ca_pools |
| Type | Resource |
| Id | google.privateca.ca_pools |
Fields
| Name | Datatype | Description |
|---|---|---|
name | string | Output only. The resource name for this CaPool in the format projects/*/locations/*/caPools/*. |
issuancePolicy | object | Defines controls over all certificate issuance within a CaPool. |
labels | object | Optional. Labels with user-defined metadata. |
publishingOptions | object | Options relating to the publication of each CertificateAuthority's CA certificate and CRLs and their inclusion as extensions in issued Certificates. The options set here apply to certificates issued by any CertificateAuthority in the CaPool. |
tier | string | Required. Immutable. The Tier of this CaPool. |
Methods
| Name | Accessible by | Required Params | Description |
|---|---|---|---|
get | SELECT | caPoolsId, locationsId, projectsId | Returns a CaPool. |
list | SELECT | locationsId, projectsId | Lists CaPools. |
create | INSERT | locationsId, projectsId | Create a CaPool. |
delete | DELETE | caPoolsId, locationsId, projectsId | Delete a CaPool. |
patch | UPDATE | caPoolsId, locationsId, projectsId | Update a CaPool. |
SELECT examples
Lists CaPools.
SELECT
name,
issuancePolicy,
labels,
publishingOptions,
tier
FROM google.privateca.ca_pools
WHERE locationsId = '{{ locationsId }}'
AND projectsId = '{{ projectsId }}';
INSERT example
Use the following StackQL query and manifest file to create a new ca_pools resource.
- All Properties
- Manifest
/*+ create */
INSERT INTO google.privateca.ca_pools (
locationsId,
projectsId,
tier,
issuancePolicy,
publishingOptions,
labels
)
SELECT
'{{ locationsId }}',
'{{ projectsId }}',
'{{ tier }}',
'{{ issuancePolicy }}',
'{{ publishingOptions }}',
'{{ labels }}'
;
- name: your_resource_model_name
props:
- name: name
value: string
- name: tier
value: string
- name: issuancePolicy
value:
- name: allowedKeyTypes
value:
- - name: rsa
value:
- name: minModulusSize
value: string
- name: maxModulusSize
value: string
- name: ellipticCurve
value:
- name: signatureAlgorithm
value: string
- name: maximumLifetime
value: string
- name: allowedIssuanceModes
value:
- name: allowCsrBasedIssuance
value: boolean
- name: allowConfigBasedIssuance
value: boolean
- name: baselineValues
value:
- name: keyUsage
value:
- name: baseKeyUsage
value:
- name: digitalSignature
value: boolean
- name: contentCommitment
value: boolean
- name: keyEncipherment
value: boolean
- name: dataEncipherment
value: boolean
- name: keyAgreement
value: boolean
- name: certSign
value: boolean
- name: crlSign
value: boolean
- name: encipherOnly
value: boolean
- name: decipherOnly
value: boolean
- name: extendedKeyUsage
value:
- name: serverAuth
value: boolean
- name: clientAuth
value: boolean
- name: codeSigning
value: boolean
- name: emailProtection
value: boolean
- name: timeStamping
value: boolean
- name: ocspSigning
value: boolean
- name: unknownExtendedKeyUsages
value:
- - name: objectIdPath
value:
- integer
- name: caOptions
value:
- name: isCa
value: boolean
- name: maxIssuerPathLength
value: integer
- name: policyIds
value:
- - name: objectIdPath
value:
- integer
- name: aiaOcspServers
value:
- string
- name: nameConstraints
value:
- name: critical
value: boolean
- name: permittedDnsNames
value:
- string
- name: excludedDnsNames
value:
- string
- name: permittedIpRanges
value:
- string
- name: excludedIpRanges
value:
- string
- name: permittedEmailAddresses
value:
- string
- name: excludedEmailAddresses
value:
- string
- name: permittedUris
value:
- string
- name: excludedUris
value:
- string
- name: additionalExtensions
value:
- - name: objectId
value:
- name: objectIdPath
value:
- integer
- name: critical
value: boolean
- name: value
value: string
- name: identityConstraints
value:
- name: celExpression
value:
- name: expression
value: string
- name: title
value: string
- name: description
value: string
- name: location
value: string
- name: allowSubjectPassthrough
value: boolean
- name: allowSubjectAltNamesPassthrough
value: boolean
- name: passthroughExtensions
value:
- name: knownExtensions
value:
- string
- name: additionalExtensions
value:
- - name: objectIdPath
value:
- integer
- name: publishingOptions
value:
- name: publishCaCert
value: boolean
- name: publishCrl
value: boolean
- name: encodingFormat
value: string
- name: labels
value: object
UPDATE example
Updates a ca_pools resource.
/*+ update */
UPDATE google.privateca.ca_pools
SET
tier = '{{ tier }}',
issuancePolicy = '{{ issuancePolicy }}',
publishingOptions = '{{ publishingOptions }}',
labels = '{{ labels }}'
WHERE
caPoolsId = '{{ caPoolsId }}'
AND locationsId = '{{ locationsId }}'
AND projectsId = '{{ projectsId }}';
DELETE example
Deletes the specified ca_pools resource.
/*+ delete */
DELETE FROM google.privateca.ca_pools
WHERE caPoolsId = '{{ caPoolsId }}'
AND locationsId = '{{ locationsId }}'
AND projectsId = '{{ projectsId }}';