proto_docs/google/cloud/security/privateca/v1/resources.rb in google-cloud-security-private_ca-v1-0.1.1 vs proto_docs/google/cloud/security/privateca/v1/resources.rb in google-cloud-security-private_ca-v1-0.1.2
- old
+ new
@@ -259,18 +259,18 @@
# certificate and CRLs and their inclusion as extensions in issued
# {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificates}. The options set here apply to certificates
# issued by any {::Google::Cloud::Security::PrivateCA::V1::CertificateAuthority CertificateAuthority} in the {::Google::Cloud::Security::PrivateCA::V1::CaPool CaPool}.
# @!attribute [rw] publish_ca_cert
# @return [::Boolean]
- # Required. When true, publishes each {::Google::Cloud::Security::PrivateCA::V1::CertificateAuthority CertificateAuthority}'s CA certificate and
+ # Optional. When true, publishes each {::Google::Cloud::Security::PrivateCA::V1::CertificateAuthority CertificateAuthority}'s CA certificate and
# includes its URL in the "Authority Information Access" X.509 extension
# in all issued {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificates}. If this is false, the CA
# certificate will not be published and the corresponding X.509 extension
# will not be written in issued certificates.
# @!attribute [rw] publish_crl
# @return [::Boolean]
- # Required. When true, publishes each {::Google::Cloud::Security::PrivateCA::V1::CertificateAuthority CertificateAuthority}'s CRL and includes its
+ # Optional. When true, publishes each {::Google::Cloud::Security::PrivateCA::V1::CertificateAuthority CertificateAuthority}'s CRL and includes its
# URL in the "CRL Distribution Points" X.509 extension in all issued
# {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificates}. If this is false, CRLs will not be published
# and the corresponding X.509 extension will not be written in issued
# certificates.
# CRLs will expire 7 days from their creation. However, we will rebuild
@@ -393,15 +393,15 @@
# {::Google::Cloud::Security::PrivateCA::V1::CaPool::IssuancePolicy::IssuanceModes IssuanceModes} specifies the allowed ways in which
# {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificates} may be requested from this
# {::Google::Cloud::Security::PrivateCA::V1::CaPool CaPool}.
# @!attribute [rw] allow_csr_based_issuance
# @return [::Boolean]
- # Required. When true, allows callers to create {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificates} by
+ # Optional. When true, allows callers to create {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificates} by
# specifying a CSR.
# @!attribute [rw] allow_config_based_issuance
# @return [::Boolean]
- # Required. When true, allows callers to create {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificates} by
+ # Optional. When true, allows callers to create {::Google::Cloud::Security::PrivateCA::V1::Certificate Certificates} by
# specifying a {::Google::Cloud::Security::PrivateCA::V1::CertificateConfig CertificateConfig}.
class IssuanceModes
include ::Google::Protobuf::MessageExts
extend ::Google::Protobuf::MessageExts::ClassMethods
end
@@ -843,17 +843,19 @@
# @return [::String]
# The serial number encoded in lowercase hexadecimal.
# @!attribute [rw] lifetime
# @return [::Google::Protobuf::Duration]
# For convenience, the actual lifetime of an issued certificate.
- # Corresponds to 'not_after_time' - 'not_before_time'.
# @!attribute [rw] not_before_time
# @return [::Google::Protobuf::Timestamp]
# The time at which the certificate becomes valid.
# @!attribute [rw] not_after_time
# @return [::Google::Protobuf::Timestamp]
- # The time at which the certificate expires.
+ # The time after which the certificate is expired.
+ # Per RFC 5280, the validity period for a certificate is the period of time
+ # from not_before_time through not_after_time, inclusive.
+ # Corresponds to 'not_before_time' + 'lifetime' - 1 second.
class SubjectDescription
include ::Google::Protobuf::MessageExts
extend ::Google::Protobuf::MessageExts::ClassMethods
end
@@ -894,11 +896,11 @@
# @!attribute [rw] object_id
# @return [::Google::Cloud::Security::PrivateCA::V1::ObjectId]
# Required. The OID for this X.509 extension.
# @!attribute [rw] critical
# @return [::Boolean]
- # Required. Indicates whether or not this extension is critical (i.e., if the client
+ # Optional. Indicates whether or not this extension is critical (i.e., if the client
# does not know how to handle this extension, the client should consider this
# to be an error).
# @!attribute [rw] value
# @return [::String]
# Required. The value of this X.509 extension.
@@ -1049,21 +1051,20 @@
# @!attribute [rw] cel_expression
# @return [::Google::Type::Expr]
# Optional. A CEL expression that may be used to validate the resolved X.509 Subject
# and/or Subject Alternative Name before a certificate is signed.
# To see the full allowed syntax and some examples, see
- # https://cloud.google.com/certificate-authority-service/docs/cel-guide
+ # https://cloud.google.com/certificate-authority-service/docs/using-cel
# @!attribute [rw] allow_subject_passthrough
# @return [::Boolean]
# Required. If this is true, the {::Google::Cloud::Security::PrivateCA::V1::Subject Subject} field may be copied from a certificate
# request into the signed certificate. Otherwise, the requested {::Google::Cloud::Security::PrivateCA::V1::Subject Subject}
- # will be discarded. The bool is optional to indicate an unset field, which suggests a forgotten value that needs to be set by the caller.
+ # will be discarded.
# @!attribute [rw] allow_subject_alt_names_passthrough
# @return [::Boolean]
# Required. If this is true, the {::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames SubjectAltNames} extension may be copied from a
# certificate request into the signed certificate. Otherwise, the requested
# {::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames SubjectAltNames} will be discarded.
- # The bool is optional to indicate an unset field, which suggests a forgotten value that needs to be set by the caller.
class CertificateIdentityConstraints
include ::Google::Protobuf::MessageExts
extend ::Google::Protobuf::MessageExts::ClassMethods
end