Text file src/github.com/GoogleCloudPlatform/k8s-config-connector/config/samples/resources/privatecacertificate/basic-certificate/privateca_v1beta1_privatecacapool.yaml

Documentation: github.com/GoogleCloudPlatform/k8s-config-connector/config/samples/resources/privatecacertificate/basic-certificate

     1# Copyright 2021 Google LLC
     2#
     3# Licensed under the Apache License, Version 2.0 (the "License");
     4# you may not use this file except in compliance with the License.
     5# You may obtain a copy of the License at
     6#
     7#     http://www.apache.org/licenses/LICENSE-2.0
     8#
     9# Unless required by applicable law or agreed to in writing, software
    10# distributed under the License is distributed on an "AS IS" BASIS,
    11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12# See the License for the specific language governing permissions and
    13# limitations under the License.
    14
    15apiVersion: privateca.cnrm.cloud.google.com/v1beta1
    16kind: PrivateCACAPool
    17metadata:
    18  labels:
    19    label-two: "value-two"
    20  name: privatecacertificate-dep-basic
    21  # PrivateCACertificateAuthority cannot be deleted immediately, and must wait
    22  # 30 days in a 'DELETED' status before it is fully deleted. Since a PrivateCACAPool
    23  # with a PrivateCACertificateAuthority in 'DELETED' status cannot be deleted
    24  # itself, we abandon this resource on deletion.
    25  annotations:
    26    cnrm.cloud.google.com/deletion-policy: "abandon"
    27spec:
    28  projectRef:
    29    # Replace ${PROJECT_ID?} with your project ID.
    30    external: projects/${PROJECT_ID?}
    31  location: us-central1
    32  tier: ENTERPRISE
    33  issuancePolicy:
    34    maximumLifetime: 43200s
    35    baselineValues:
    36      keyUsage:
    37        baseKeyUsage:
    38          digitalSignature: false
    39          contentCommitment: false
    40          keyEncipherment: false
    41          dataEncipherment: false
    42          keyAgreement: false
    43          certSign: false
    44          crlSign: false
    45          encipherOnly: false
    46          decipherOnly: false
    47        extendedKeyUsage:
    48          serverAuth: false
    49          clientAuth: false
    50          codeSigning: false
    51          emailProtection: false
    52          timeStamping: false
    53          ocspSigning: false
    54        unknownExtendedKeyUsages:
    55        - objectIdPath:
    56          - 1
    57          - 7
    58      caOptions:
    59        isCa: false
    60        maxIssuerPathLength: 7
    61      policyIds:
    62      - objectIdPath:
    63        - 1
    64        - 7
    65      aiaOcspServers:
    66      - string
    67      additionalExtensions:
    68      - objectId:
    69          objectIdPath:
    70          - 1
    71          - 7
    72        critical: false
    73        value: c3RyaW5nCg==
    74    passthroughExtensions:
    75      knownExtensions:
    76      - BASE_KEY_USAGE
    77      additionalExtensions:
    78      - objectIdPath:
    79        - 1
    80        - 7

View as plain text