...

Text file src/github.com/GoogleCloudPlatform/k8s-config-connector/config/cloudcodesnippets/privateca_v1beta1_privatecacapool.yaml

Documentation: github.com/GoogleCloudPlatform/k8s-config-connector/config/cloudcodesnippets 

     1label: Config Connector PrivateCACAPool
     2markdownDescription: Creates yaml for a PrivateCACAPool resource
     3insertText: |
     4  apiVersion: privateca.cnrm.cloud.google.com/v1beta1
     5  kind: PrivateCACAPool
     6  metadata:
     7    labels:
     8      \${1:label-two}: \${2:value-two}
     9    name: \${3:privatecacapool-name}
    10  spec:
    11    projectRef:
    12      external: \${4:projects/[PROJECT_ID?]}
    13    location: \${5:us-central1}
    14    tier: \${6:ENTERPRISE}
    15    issuancePolicy:
    16      allowedKeyTypes:
    17      - rsa:
    18          minModulusSize: \${7:64}
    19          maxModulusSize: \${8:128}
    20      - ellipticCurve:
    21          signatureAlgorithm: \${9:ECDSA_P384}
    22      maximumLifetime: \${10:43200s}
    23      allowedIssuanceModes:
    24        allowCsrBasedIssuance: \${11:true}
    25        allowConfigBasedIssuance: \${12:false}
    26      baselineValues:
    27        keyUsage:
    28          baseKeyUsage:
    29            digitalSignature: \${13:false}
    30            contentCommitment: \${14:false}
    31            keyEncipherment: \${15:false}
    32            dataEncipherment: \${16:false}
    33            keyAgreement: \${17:false}
    34            certSign: \${18:false}
    35            crlSign: \${19:false}
    36            encipherOnly: \${20:false}
    37            decipherOnly: \${21:false}
    38          extendedKeyUsage:
    39            serverAuth: \${22:false}
    40            clientAuth: \${23:false}
    41            codeSigning: \${24:false}
    42            emailProtection: \${25:false}
    43            timeStamping: \${26:false}
    44            ocspSigning: \${27:false}
    45          unknownExtendedKeyUsages:
    46          - objectIdPath:
    47            - \${28:1}
    48            - \${29:7}
    49        caOptions:
    50          isCa: \${30:false}
    51          maxIssuerPathLength: \${31:7}
    52        policyIds:
    53        - objectIdPath:
    54          - \${32:1}
    55          - \${33:7}
    56        aiaOcspServers:
    57        - \${34:string}
    58        additionalExtensions:
    59        - objectId:
    60            objectIdPath:
    61            - \${35:1}
    62            - \${36:7}
    63          critical: \${37:false}
    64          value: \${38:c3RyaW5nCg==}
    65      identityConstraints:
    66        celExpression:
    67          title: \${39:Sample expression}
    68          description: \${40:Always false}
    69          expression: \${41:false}
    70          location: \${42:devops.ca_pool.json}
    71        allowSubjectPassthrough: \${43:false}
    72        allowSubjectAltNamesPassthrough: \${44:false}
    73      passthroughExtensions:
    74        knownExtensions:
    75        - \${45:BASE_KEY_USAGE}
    76        additionalExtensions:
    77        - objectIdPath:
    78          - \${46:1}
    79          - \${47:7}

View as plain text