Struct googapis::google::cloud::security::privateca::v1beta1::certificate_authority::CertificateAuthorityPolicy [−][src]
pub struct CertificateAuthorityPolicy {
pub allowed_locations_and_organizations: Vec<Subject>,
pub allowed_common_names: Vec<String>,
pub allowed_sans: Option<AllowedSubjectAltNames>,
pub maximum_lifetime: Option<Duration>,
pub allowed_issuance_modes: Option<IssuanceModes>,
pub config_policy: Option<ConfigPolicy>,
}
Expand description
The issuing policy for a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]. [Certificates][google.cloud.security.privateca.v1beta1.Certificate] will not be successfully issued from this [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] if they violate the policy.
Fields
allowed_locations_and_organizations: Vec<Subject>
Optional. If any [Subject][google.cloud.security.privateca.v1beta1.Subject] is specified here, then all [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must match at least one listed [Subject][google.cloud.security.privateca.v1beta1.Subject]. If a [Subject][google.cloud.security.privateca.v1beta1.Subject] has an empty field, any value will be allowed for that field.
allowed_common_names: Vec<String>
Optional. If any value is specified here, then all [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must match at least one listed value. If no value is specified, all values will be allowed for this fied. Glob patterns are also supported.
allowed_sans: Option<AllowedSubjectAltNames>
Optional. If a [AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames] is specified here, then all [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] must match [AllowedSubjectAltNames][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.AllowedSubjectAltNames]. If no value or an empty value is specified, any value will be allowed for the [SubjectAltNames][google.cloud.security.privateca.v1beta1.SubjectAltNames] field.
maximum_lifetime: Option<Duration>
Optional. The maximum lifetime allowed by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]. Note that if the any part if the issuing chain expires before a [Certificate][google.cloud.security.privateca.v1beta1.Certificate]’s requested maximum_lifetime, the effective lifetime will be explicitly truncated.
allowed_issuance_modes: Option<IssuanceModes>
Optional. If specified, then only methods allowed in the [IssuanceModes][google.cloud.security.privateca.v1beta1.CertificateAuthority.CertificateAuthorityPolicy.IssuanceModes] may be used to issue [Certificates][google.cloud.security.privateca.v1beta1.Certificate].
config_policy: Option<ConfigPolicy>
Allowed configurations or a single configuration for all issued certificates.
Trait Implementations
fn merge_field<B>(
&mut self,
tag: u32,
wire_type: WireType,
buf: &mut B,
ctx: DecodeContext
) -> Result<(), DecodeError> where
B: Buf,
Returns the encoded length of the message without a length delimiter.
Encodes the message to a buffer. Read more
Encodes the message to a newly allocated buffer.
Encodes the message with a length-delimiter to a buffer. Read more
Encodes the message with a length-delimiter to a newly allocated buffer.
Decodes an instance of the message from a buffer. Read more
fn decode_length_delimited<B>(buf: B) -> Result<Self, DecodeError> where
Self: Default,
B: Buf,
fn decode_length_delimited<B>(buf: B) -> Result<Self, DecodeError> where
Self: Default,
B: Buf,
Decodes a length-delimited instance of the message from the buffer.
Decodes an instance of the message from a buffer, and merges it into self
. Read more
Decodes a length-delimited instance of the message from buffer, and
merges it into self
. Read more
This method tests for self
and other
values to be equal, and is used
by ==
. Read more
This method tests for !=
.
Auto Trait Implementations
impl RefUnwindSafe for CertificateAuthorityPolicy
impl Send for CertificateAuthorityPolicy
impl Sync for CertificateAuthorityPolicy
impl Unpin for CertificateAuthorityPolicy
impl UnwindSafe for CertificateAuthorityPolicy
Blanket Implementations
Mutably borrows from an owned value. Read more
Wrap the input message T
in a tonic::Request
pub fn vzip(self) -> V
Attaches the provided Subscriber
to this type, returning a
WithDispatch
wrapper. Read more
Attaches the current default Subscriber
to this type, returning a
WithDispatch
wrapper. Read more