certificate_templates
Creates, updates, deletes, gets or lists a certificate_templates resource.
Overview
| Name | certificate_templates |
| Type | Resource |
| Id | google.privateca.certificate_templates |
Fields
| Name | Datatype | Description |
|---|---|---|
name | string | Output only. The resource name for this CertificateTemplate in the format projects/*/locations/*/certificateTemplates/*. |
description | string | Optional. A human-readable description of scenarios this template is intended for. |
createTime | string | Output only. The time at which this CertificateTemplate was created. |
identityConstraints | object | Describes constraints on a Certificate's Subject and SubjectAltNames. |
labels | object | Optional. Labels with user-defined metadata. |
maximumLifetime | string | Optional. The maximum lifetime allowed for issued Certificates that use this template. If the issuing CaPool resource's IssuancePolicy specifies a maximum_lifetime the minimum of the two durations will be the maximum lifetime for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it. |
passthroughExtensions | object | Describes a set of X.509 extensions that may be part of some certificate issuance controls. |
predefinedValues | object | An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. |
updateTime | string | Output only. The time at which this CertificateTemplate was updated. |
Methods
| Name | Accessible by | Required Params | Description |
|---|---|---|---|
get | SELECT | certificateTemplatesId, locationsId, projectsId | Returns a CertificateTemplate. |
list | SELECT | locationsId, projectsId | Lists CertificateTemplates. |
create | INSERT | locationsId, projectsId | Create a new CertificateTemplate in a given Project and Location. |
delete | DELETE | certificateTemplatesId, locationsId, projectsId | DeleteCertificateTemplate deletes a CertificateTemplate. |
patch | UPDATE | certificateTemplatesId, locationsId, projectsId | Update a CertificateTemplate. |
SELECT examples
Lists CertificateTemplates.
SELECT
name,
description,
createTime,
identityConstraints,
labels,
maximumLifetime,
passthroughExtensions,
predefinedValues,
updateTime
FROM google.privateca.certificate_templates
WHERE locationsId = '{{ locationsId }}'
AND projectsId = '{{ projectsId }}';
INSERT example
Use the following StackQL query and manifest file to create a new certificate_templates resource.
- All Properties
- Manifest
/*+ create */
INSERT INTO google.privateca.certificate_templates (
locationsId,
projectsId,
maximumLifetime,
predefinedValues,
identityConstraints,
passthroughExtensions,
description,
labels
)
SELECT
'{{ locationsId }}',
'{{ projectsId }}',
'{{ maximumLifetime }}',
'{{ predefinedValues }}',
'{{ identityConstraints }}',
'{{ passthroughExtensions }}',
'{{ description }}',
'{{ labels }}'
;
- name: your_resource_model_name
props:
- name: name
value: string
- name: maximumLifetime
value: string
- name: predefinedValues
value:
- name: keyUsage
value:
- name: baseKeyUsage
value:
- name: digitalSignature
value: boolean
- name: contentCommitment
value: boolean
- name: keyEncipherment
value: boolean
- name: dataEncipherment
value: boolean
- name: keyAgreement
value: boolean
- name: certSign
value: boolean
- name: crlSign
value: boolean
- name: encipherOnly
value: boolean
- name: decipherOnly
value: boolean
- name: extendedKeyUsage
value:
- name: serverAuth
value: boolean
- name: clientAuth
value: boolean
- name: codeSigning
value: boolean
- name: emailProtection
value: boolean
- name: timeStamping
value: boolean
- name: ocspSigning
value: boolean
- name: unknownExtendedKeyUsages
value:
- - name: objectIdPath
value:
- integer
- name: caOptions
value:
- name: isCa
value: boolean
- name: maxIssuerPathLength
value: integer
- name: policyIds
value:
- - name: objectIdPath
value:
- integer
- name: aiaOcspServers
value:
- string
- name: nameConstraints
value:
- name: critical
value: boolean
- name: permittedDnsNames
value:
- string
- name: excludedDnsNames
value:
- string
- name: permittedIpRanges
value:
- string
- name: excludedIpRanges
value:
- string
- name: permittedEmailAddresses
value:
- string
- name: excludedEmailAddresses
value:
- string
- name: permittedUris
value:
- string
- name: excludedUris
value:
- string
- name: additionalExtensions
value:
- - name: objectId
value:
- name: objectIdPath
value:
- integer
- name: critical
value: boolean
- name: value
value: string
- name: identityConstraints
value:
- name: celExpression
value:
- name: expression
value: string
- name: title
value: string
- name: description
value: string
- name: location
value: string
- name: allowSubjectPassthrough
value: boolean
- name: allowSubjectAltNamesPassthrough
value: boolean
- name: passthroughExtensions
value:
- name: knownExtensions
value:
- string
- name: additionalExtensions
value:
- - name: objectIdPath
value:
- integer
- name: description
value: string
- name: createTime
value: string
- name: updateTime
value: string
- name: labels
value: object
UPDATE example
Updates a certificate_templates resource.
/*+ update */
UPDATE google.privateca.certificate_templates
SET
maximumLifetime = '{{ maximumLifetime }}',
predefinedValues = '{{ predefinedValues }}',
identityConstraints = '{{ identityConstraints }}',
passthroughExtensions = '{{ passthroughExtensions }}',
description = '{{ description }}',
labels = '{{ labels }}'
WHERE
certificateTemplatesId = '{{ certificateTemplatesId }}'
AND locationsId = '{{ locationsId }}'
AND projectsId = '{{ projectsId }}';
DELETE example
Deletes the specified certificate_templates resource.
/*+ delete */
DELETE FROM google.privateca.certificate_templates
WHERE certificateTemplatesId = '{{ certificateTemplatesId }}'
AND locationsId = '{{ locationsId }}'
AND projectsId = '{{ projectsId }}';