1{
2 "auth": {
3 "oauth2": {
4 "scopes": {
5 "https://www.googleapis.com/auth/cloud-platform": {
6 "description": "See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account."
7 }
8 }
9 }
10 },
11 "basePath": "",
12 "baseUrl": "https://certificatemanager.googleapis.com/",
13 "batchPath": "batch",
14 "canonicalName": "Certificate Manager",
15 "description": "",
16 "discoveryVersion": "v1",
17 "documentationLink": "https://cloud.google.com/certificate-manager",
18 "fullyEncodeReservedExpansion": true,
19 "icons": {
20 "x16": "http://www.google.com/images/icons/product/search-16.gif",
21 "x32": "http://www.google.com/images/icons/product/search-32.gif"
22 },
23 "id": "certificatemanager:v1",
24 "kind": "discovery#restDescription",
25 "mtlsRootUrl": "https://certificatemanager.mtls.googleapis.com/",
26 "name": "certificatemanager",
27 "ownerDomain": "google.com",
28 "ownerName": "Google",
29 "parameters": {
30 "$.xgafv": {
31 "description": "V1 error format.",
32 "enum": [
33 "1",
34 "2"
35 ],
36 "enumDescriptions": [
37 "v1 error format",
38 "v2 error format"
39 ],
40 "location": "query",
41 "type": "string"
42 },
43 "access_token": {
44 "description": "OAuth access token.",
45 "location": "query",
46 "type": "string"
47 },
48 "alt": {
49 "default": "json",
50 "description": "Data format for response.",
51 "enum": [
52 "json",
53 "media",
54 "proto"
55 ],
56 "enumDescriptions": [
57 "Responses with Content-Type of application/json",
58 "Media download with context-dependent Content-Type",
59 "Responses with Content-Type of application/x-protobuf"
60 ],
61 "location": "query",
62 "type": "string"
63 },
64 "callback": {
65 "description": "JSONP",
66 "location": "query",
67 "type": "string"
68 },
69 "fields": {
70 "description": "Selector specifying which fields to include in a partial response.",
71 "location": "query",
72 "type": "string"
73 },
74 "key": {
75 "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
76 "location": "query",
77 "type": "string"
78 },
79 "oauth_token": {
80 "description": "OAuth 2.0 token for the current user.",
81 "location": "query",
82 "type": "string"
83 },
84 "prettyPrint": {
85 "default": "true",
86 "description": "Returns response with indentations and line breaks.",
87 "location": "query",
88 "type": "boolean"
89 },
90 "quotaUser": {
91 "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.",
92 "location": "query",
93 "type": "string"
94 },
95 "uploadType": {
96 "description": "Legacy upload protocol for media (e.g. \"media\", \"multipart\").",
97 "location": "query",
98 "type": "string"
99 },
100 "upload_protocol": {
101 "description": "Upload protocol for media (e.g. \"raw\", \"multipart\").",
102 "location": "query",
103 "type": "string"
104 }
105 },
106 "protocol": "rest",
107 "resources": {
108 "projects": {
109 "resources": {
110 "locations": {
111 "methods": {
112 "get": {
113 "description": "Gets information about a location.",
114 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}",
115 "httpMethod": "GET",
116 "id": "certificatemanager.projects.locations.get",
117 "parameterOrder": [
118 "name"
119 ],
120 "parameters": {
121 "name": {
122 "description": "Resource name for the location.",
123 "location": "path",
124 "pattern": "^projects/[^/]+/locations/[^/]+$",
125 "required": true,
126 "type": "string"
127 }
128 },
129 "path": "v1/{+name}",
130 "response": {
131 "$ref": "Location"
132 },
133 "scopes": [
134 "https://www.googleapis.com/auth/cloud-platform"
135 ]
136 },
137 "list": {
138 "description": "Lists information about the supported locations for this service.",
139 "flatPath": "v1/projects/{projectsId}/locations",
140 "httpMethod": "GET",
141 "id": "certificatemanager.projects.locations.list",
142 "parameterOrder": [
143 "name"
144 ],
145 "parameters": {
146 "filter": {
147 "description": "A filter to narrow down results to a preferred subset. The filtering language accepts strings like `\"displayName=tokyo\"`, and is documented in more detail in [AIP-160](https://google.aip.dev/160).",
148 "location": "query",
149 "type": "string"
150 },
151 "name": {
152 "description": "The resource that owns the locations collection, if applicable.",
153 "location": "path",
154 "pattern": "^projects/[^/]+$",
155 "required": true,
156 "type": "string"
157 },
158 "pageSize": {
159 "description": "The maximum number of results to return. If not set, the service selects a default.",
160 "format": "int32",
161 "location": "query",
162 "type": "integer"
163 },
164 "pageToken": {
165 "description": "A page token received from the `next_page_token` field in the response. Send that page token to receive the subsequent page.",
166 "location": "query",
167 "type": "string"
168 }
169 },
170 "path": "v1/{+name}/locations",
171 "response": {
172 "$ref": "ListLocationsResponse"
173 },
174 "scopes": [
175 "https://www.googleapis.com/auth/cloud-platform"
176 ]
177 }
178 },
179 "resources": {
180 "certificateIssuanceConfigs": {
181 "methods": {
182 "create": {
183 "description": "Creates a new CertificateIssuanceConfig in a given project and location.",
184 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateIssuanceConfigs",
185 "httpMethod": "POST",
186 "id": "certificatemanager.projects.locations.certificateIssuanceConfigs.create",
187 "parameterOrder": [
188 "parent"
189 ],
190 "parameters": {
191 "certificateIssuanceConfigId": {
192 "description": "Required. A user-provided name of the certificate config.",
193 "location": "query",
194 "type": "string"
195 },
196 "parent": {
197 "description": "Required. The parent resource of the certificate issuance config. Must be in the format `projects/*/locations/*`.",
198 "location": "path",
199 "pattern": "^projects/[^/]+/locations/[^/]+$",
200 "required": true,
201 "type": "string"
202 }
203 },
204 "path": "v1/{+parent}/certificateIssuanceConfigs",
205 "request": {
206 "$ref": "CertificateIssuanceConfig"
207 },
208 "response": {
209 "$ref": "Operation"
210 },
211 "scopes": [
212 "https://www.googleapis.com/auth/cloud-platform"
213 ]
214 },
215 "delete": {
216 "description": "Deletes a single CertificateIssuanceConfig.",
217 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateIssuanceConfigs/{certificateIssuanceConfigsId}",
218 "httpMethod": "DELETE",
219 "id": "certificatemanager.projects.locations.certificateIssuanceConfigs.delete",
220 "parameterOrder": [
221 "name"
222 ],
223 "parameters": {
224 "name": {
225 "description": "Required. A name of the certificate issuance config to delete. Must be in the format `projects/*/locations/*/certificateIssuanceConfigs/*`.",
226 "location": "path",
227 "pattern": "^projects/[^/]+/locations/[^/]+/certificateIssuanceConfigs/[^/]+$",
228 "required": true,
229 "type": "string"
230 }
231 },
232 "path": "v1/{+name}",
233 "response": {
234 "$ref": "Operation"
235 },
236 "scopes": [
237 "https://www.googleapis.com/auth/cloud-platform"
238 ]
239 },
240 "get": {
241 "description": "Gets details of a single CertificateIssuanceConfig.",
242 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateIssuanceConfigs/{certificateIssuanceConfigsId}",
243 "httpMethod": "GET",
244 "id": "certificatemanager.projects.locations.certificateIssuanceConfigs.get",
245 "parameterOrder": [
246 "name"
247 ],
248 "parameters": {
249 "name": {
250 "description": "Required. A name of the certificate issuance config to describe. Must be in the format `projects/*/locations/*/certificateIssuanceConfigs/*`.",
251 "location": "path",
252 "pattern": "^projects/[^/]+/locations/[^/]+/certificateIssuanceConfigs/[^/]+$",
253 "required": true,
254 "type": "string"
255 }
256 },
257 "path": "v1/{+name}",
258 "response": {
259 "$ref": "CertificateIssuanceConfig"
260 },
261 "scopes": [
262 "https://www.googleapis.com/auth/cloud-platform"
263 ]
264 },
265 "list": {
266 "description": "Lists CertificateIssuanceConfigs in a given project and location.",
267 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateIssuanceConfigs",
268 "httpMethod": "GET",
269 "id": "certificatemanager.projects.locations.certificateIssuanceConfigs.list",
270 "parameterOrder": [
271 "parent"
272 ],
273 "parameters": {
274 "filter": {
275 "description": "Filter expression to restrict the Certificates Configs returned.",
276 "location": "query",
277 "type": "string"
278 },
279 "orderBy": {
280 "description": "A list of Certificate Config field names used to specify the order of the returned results. The default sorting order is ascending. To specify descending order for a field, add a suffix `\" desc\"`.",
281 "location": "query",
282 "type": "string"
283 },
284 "pageSize": {
285 "description": "Maximum number of certificate configs to return per call.",
286 "format": "int32",
287 "location": "query",
288 "type": "integer"
289 },
290 "pageToken": {
291 "description": "The value returned by the last `ListCertificateIssuanceConfigsResponse`. Indicates that this is a continuation of a prior `ListCertificateIssuanceConfigs` call, and that the system should return the next page of data.",
292 "location": "query",
293 "type": "string"
294 },
295 "parent": {
296 "description": "Required. The project and location from which the certificate should be listed, specified in the format `projects/*/locations/*`.",
297 "location": "path",
298 "pattern": "^projects/[^/]+/locations/[^/]+$",
299 "required": true,
300 "type": "string"
301 }
302 },
303 "path": "v1/{+parent}/certificateIssuanceConfigs",
304 "response": {
305 "$ref": "ListCertificateIssuanceConfigsResponse"
306 },
307 "scopes": [
308 "https://www.googleapis.com/auth/cloud-platform"
309 ]
310 }
311 }
312 },
313 "certificateMaps": {
314 "methods": {
315 "create": {
316 "description": "Creates a new CertificateMap in a given project and location.",
317 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateMaps",
318 "httpMethod": "POST",
319 "id": "certificatemanager.projects.locations.certificateMaps.create",
320 "parameterOrder": [
321 "parent"
322 ],
323 "parameters": {
324 "certificateMapId": {
325 "description": "Required. A user-provided name of the certificate map.",
326 "location": "query",
327 "type": "string"
328 },
329 "parent": {
330 "description": "Required. The parent resource of the certificate map. Must be in the format `projects/*/locations/*`.",
331 "location": "path",
332 "pattern": "^projects/[^/]+/locations/[^/]+$",
333 "required": true,
334 "type": "string"
335 }
336 },
337 "path": "v1/{+parent}/certificateMaps",
338 "request": {
339 "$ref": "CertificateMap"
340 },
341 "response": {
342 "$ref": "Operation"
343 },
344 "scopes": [
345 "https://www.googleapis.com/auth/cloud-platform"
346 ]
347 },
348 "delete": {
349 "description": "Deletes a single CertificateMap. A Certificate Map can't be deleted if it contains Certificate Map Entries. Remove all the entries from the map before calling this method.",
350 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateMaps/{certificateMapsId}",
351 "httpMethod": "DELETE",
352 "id": "certificatemanager.projects.locations.certificateMaps.delete",
353 "parameterOrder": [
354 "name"
355 ],
356 "parameters": {
357 "name": {
358 "description": "Required. A name of the certificate map to delete. Must be in the format `projects/*/locations/*/certificateMaps/*`.",
359 "location": "path",
360 "pattern": "^projects/[^/]+/locations/[^/]+/certificateMaps/[^/]+$",
361 "required": true,
362 "type": "string"
363 }
364 },
365 "path": "v1/{+name}",
366 "response": {
367 "$ref": "Operation"
368 },
369 "scopes": [
370 "https://www.googleapis.com/auth/cloud-platform"
371 ]
372 },
373 "get": {
374 "description": "Gets details of a single CertificateMap.",
375 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateMaps/{certificateMapsId}",
376 "httpMethod": "GET",
377 "id": "certificatemanager.projects.locations.certificateMaps.get",
378 "parameterOrder": [
379 "name"
380 ],
381 "parameters": {
382 "name": {
383 "description": "Required. A name of the certificate map to describe. Must be in the format `projects/*/locations/*/certificateMaps/*`.",
384 "location": "path",
385 "pattern": "^projects/[^/]+/locations/[^/]+/certificateMaps/[^/]+$",
386 "required": true,
387 "type": "string"
388 }
389 },
390 "path": "v1/{+name}",
391 "response": {
392 "$ref": "CertificateMap"
393 },
394 "scopes": [
395 "https://www.googleapis.com/auth/cloud-platform"
396 ]
397 },
398 "list": {
399 "description": "Lists CertificateMaps in a given project and location.",
400 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateMaps",
401 "httpMethod": "GET",
402 "id": "certificatemanager.projects.locations.certificateMaps.list",
403 "parameterOrder": [
404 "parent"
405 ],
406 "parameters": {
407 "filter": {
408 "description": "Filter expression to restrict the Certificates Maps returned.",
409 "location": "query",
410 "type": "string"
411 },
412 "orderBy": {
413 "description": "A list of Certificate Map field names used to specify the order of the returned results. The default sorting order is ascending. To specify descending order for a field, add a suffix `\" desc\"`.",
414 "location": "query",
415 "type": "string"
416 },
417 "pageSize": {
418 "description": "Maximum number of certificate maps to return per call.",
419 "format": "int32",
420 "location": "query",
421 "type": "integer"
422 },
423 "pageToken": {
424 "description": "The value returned by the last `ListCertificateMapsResponse`. Indicates that this is a continuation of a prior `ListCertificateMaps` call, and that the system should return the next page of data.",
425 "location": "query",
426 "type": "string"
427 },
428 "parent": {
429 "description": "Required. The project and location from which the certificate maps should be listed, specified in the format `projects/*/locations/*`.",
430 "location": "path",
431 "pattern": "^projects/[^/]+/locations/[^/]+$",
432 "required": true,
433 "type": "string"
434 }
435 },
436 "path": "v1/{+parent}/certificateMaps",
437 "response": {
438 "$ref": "ListCertificateMapsResponse"
439 },
440 "scopes": [
441 "https://www.googleapis.com/auth/cloud-platform"
442 ]
443 },
444 "patch": {
445 "description": "Updates a CertificateMap.",
446 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateMaps/{certificateMapsId}",
447 "httpMethod": "PATCH",
448 "id": "certificatemanager.projects.locations.certificateMaps.patch",
449 "parameterOrder": [
450 "name"
451 ],
452 "parameters": {
453 "name": {
454 "description": "A user-defined name of the Certificate Map. Certificate Map names must be unique globally and match pattern `projects/*/locations/*/certificateMaps/*`.",
455 "location": "path",
456 "pattern": "^projects/[^/]+/locations/[^/]+/certificateMaps/[^/]+$",
457 "required": true,
458 "type": "string"
459 },
460 "updateMask": {
461 "description": "Required. The update mask applies to the resource. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask.",
462 "format": "google-fieldmask",
463 "location": "query",
464 "type": "string"
465 }
466 },
467 "path": "v1/{+name}",
468 "request": {
469 "$ref": "CertificateMap"
470 },
471 "response": {
472 "$ref": "Operation"
473 },
474 "scopes": [
475 "https://www.googleapis.com/auth/cloud-platform"
476 ]
477 }
478 },
479 "resources": {
480 "certificateMapEntries": {
481 "methods": {
482 "create": {
483 "description": "Creates a new CertificateMapEntry in a given project and location.",
484 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateMaps/{certificateMapsId}/certificateMapEntries",
485 "httpMethod": "POST",
486 "id": "certificatemanager.projects.locations.certificateMaps.certificateMapEntries.create",
487 "parameterOrder": [
488 "parent"
489 ],
490 "parameters": {
491 "certificateMapEntryId": {
492 "description": "Required. A user-provided name of the certificate map entry.",
493 "location": "query",
494 "type": "string"
495 },
496 "parent": {
497 "description": "Required. The parent resource of the certificate map entry. Must be in the format `projects/*/locations/*/certificateMaps/*`.",
498 "location": "path",
499 "pattern": "^projects/[^/]+/locations/[^/]+/certificateMaps/[^/]+$",
500 "required": true,
501 "type": "string"
502 }
503 },
504 "path": "v1/{+parent}/certificateMapEntries",
505 "request": {
506 "$ref": "CertificateMapEntry"
507 },
508 "response": {
509 "$ref": "Operation"
510 },
511 "scopes": [
512 "https://www.googleapis.com/auth/cloud-platform"
513 ]
514 },
515 "delete": {
516 "description": "Deletes a single CertificateMapEntry.",
517 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateMaps/{certificateMapsId}/certificateMapEntries/{certificateMapEntriesId}",
518 "httpMethod": "DELETE",
519 "id": "certificatemanager.projects.locations.certificateMaps.certificateMapEntries.delete",
520 "parameterOrder": [
521 "name"
522 ],
523 "parameters": {
524 "name": {
525 "description": "Required. A name of the certificate map entry to delete. Must be in the format `projects/*/locations/*/certificateMaps/*/certificateMapEntries/*`.",
526 "location": "path",
527 "pattern": "^projects/[^/]+/locations/[^/]+/certificateMaps/[^/]+/certificateMapEntries/[^/]+$",
528 "required": true,
529 "type": "string"
530 }
531 },
532 "path": "v1/{+name}",
533 "response": {
534 "$ref": "Operation"
535 },
536 "scopes": [
537 "https://www.googleapis.com/auth/cloud-platform"
538 ]
539 },
540 "get": {
541 "description": "Gets details of a single CertificateMapEntry.",
542 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateMaps/{certificateMapsId}/certificateMapEntries/{certificateMapEntriesId}",
543 "httpMethod": "GET",
544 "id": "certificatemanager.projects.locations.certificateMaps.certificateMapEntries.get",
545 "parameterOrder": [
546 "name"
547 ],
548 "parameters": {
549 "name": {
550 "description": "Required. A name of the certificate map entry to describe. Must be in the format `projects/*/locations/*/certificateMaps/*/certificateMapEntries/*`.",
551 "location": "path",
552 "pattern": "^projects/[^/]+/locations/[^/]+/certificateMaps/[^/]+/certificateMapEntries/[^/]+$",
553 "required": true,
554 "type": "string"
555 }
556 },
557 "path": "v1/{+name}",
558 "response": {
559 "$ref": "CertificateMapEntry"
560 },
561 "scopes": [
562 "https://www.googleapis.com/auth/cloud-platform"
563 ]
564 },
565 "list": {
566 "description": "Lists CertificateMapEntries in a given project and location.",
567 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateMaps/{certificateMapsId}/certificateMapEntries",
568 "httpMethod": "GET",
569 "id": "certificatemanager.projects.locations.certificateMaps.certificateMapEntries.list",
570 "parameterOrder": [
571 "parent"
572 ],
573 "parameters": {
574 "filter": {
575 "description": "Filter expression to restrict the returned Certificate Map Entries.",
576 "location": "query",
577 "type": "string"
578 },
579 "orderBy": {
580 "description": "A list of Certificate Map Entry field names used to specify the order of the returned results. The default sorting order is ascending. To specify descending order for a field, add a suffix `\" desc\"`.",
581 "location": "query",
582 "type": "string"
583 },
584 "pageSize": {
585 "description": "Maximum number of certificate map entries to return. The service may return fewer than this value. If unspecified, at most 50 certificate map entries will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.",
586 "format": "int32",
587 "location": "query",
588 "type": "integer"
589 },
590 "pageToken": {
591 "description": "The value returned by the last `ListCertificateMapEntriesResponse`. Indicates that this is a continuation of a prior `ListCertificateMapEntries` call, and that the system should return the next page of data.",
592 "location": "query",
593 "type": "string"
594 },
595 "parent": {
596 "description": "Required. The project, location and certificate map from which the certificate map entries should be listed, specified in the format `projects/*/locations/*/certificateMaps/*`.",
597 "location": "path",
598 "pattern": "^projects/[^/]+/locations/[^/]+/certificateMaps/[^/]+$",
599 "required": true,
600 "type": "string"
601 }
602 },
603 "path": "v1/{+parent}/certificateMapEntries",
604 "response": {
605 "$ref": "ListCertificateMapEntriesResponse"
606 },
607 "scopes": [
608 "https://www.googleapis.com/auth/cloud-platform"
609 ]
610 },
611 "patch": {
612 "description": "Updates a CertificateMapEntry.",
613 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateMaps/{certificateMapsId}/certificateMapEntries/{certificateMapEntriesId}",
614 "httpMethod": "PATCH",
615 "id": "certificatemanager.projects.locations.certificateMaps.certificateMapEntries.patch",
616 "parameterOrder": [
617 "name"
618 ],
619 "parameters": {
620 "name": {
621 "description": "A user-defined name of the Certificate Map Entry. Certificate Map Entry names must be unique globally and match pattern `projects/*/locations/*/certificateMaps/*/certificateMapEntries/*`.",
622 "location": "path",
623 "pattern": "^projects/[^/]+/locations/[^/]+/certificateMaps/[^/]+/certificateMapEntries/[^/]+$",
624 "required": true,
625 "type": "string"
626 },
627 "updateMask": {
628 "description": "Required. The update mask applies to the resource. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask.",
629 "format": "google-fieldmask",
630 "location": "query",
631 "type": "string"
632 }
633 },
634 "path": "v1/{+name}",
635 "request": {
636 "$ref": "CertificateMapEntry"
637 },
638 "response": {
639 "$ref": "Operation"
640 },
641 "scopes": [
642 "https://www.googleapis.com/auth/cloud-platform"
643 ]
644 }
645 }
646 }
647 }
648 },
649 "certificates": {
650 "methods": {
651 "create": {
652 "description": "Creates a new Certificate in a given project and location.",
653 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificates",
654 "httpMethod": "POST",
655 "id": "certificatemanager.projects.locations.certificates.create",
656 "parameterOrder": [
657 "parent"
658 ],
659 "parameters": {
660 "certificateId": {
661 "description": "Required. A user-provided name of the certificate.",
662 "location": "query",
663 "type": "string"
664 },
665 "parent": {
666 "description": "Required. The parent resource of the certificate. Must be in the format `projects/*/locations/*`.",
667 "location": "path",
668 "pattern": "^projects/[^/]+/locations/[^/]+$",
669 "required": true,
670 "type": "string"
671 }
672 },
673 "path": "v1/{+parent}/certificates",
674 "request": {
675 "$ref": "Certificate"
676 },
677 "response": {
678 "$ref": "Operation"
679 },
680 "scopes": [
681 "https://www.googleapis.com/auth/cloud-platform"
682 ]
683 },
684 "delete": {
685 "description": "Deletes a single Certificate.",
686 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificates/{certificatesId}",
687 "httpMethod": "DELETE",
688 "id": "certificatemanager.projects.locations.certificates.delete",
689 "parameterOrder": [
690 "name"
691 ],
692 "parameters": {
693 "name": {
694 "description": "Required. A name of the certificate to delete. Must be in the format `projects/*/locations/*/certificates/*`.",
695 "location": "path",
696 "pattern": "^projects/[^/]+/locations/[^/]+/certificates/[^/]+$",
697 "required": true,
698 "type": "string"
699 }
700 },
701 "path": "v1/{+name}",
702 "response": {
703 "$ref": "Operation"
704 },
705 "scopes": [
706 "https://www.googleapis.com/auth/cloud-platform"
707 ]
708 },
709 "get": {
710 "description": "Gets details of a single Certificate.",
711 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificates/{certificatesId}",
712 "httpMethod": "GET",
713 "id": "certificatemanager.projects.locations.certificates.get",
714 "parameterOrder": [
715 "name"
716 ],
717 "parameters": {
718 "name": {
719 "description": "Required. A name of the certificate to describe. Must be in the format `projects/*/locations/*/certificates/*`.",
720 "location": "path",
721 "pattern": "^projects/[^/]+/locations/[^/]+/certificates/[^/]+$",
722 "required": true,
723 "type": "string"
724 }
725 },
726 "path": "v1/{+name}",
727 "response": {
728 "$ref": "Certificate"
729 },
730 "scopes": [
731 "https://www.googleapis.com/auth/cloud-platform"
732 ]
733 },
734 "list": {
735 "description": "Lists Certificates in a given project and location.",
736 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificates",
737 "httpMethod": "GET",
738 "id": "certificatemanager.projects.locations.certificates.list",
739 "parameterOrder": [
740 "parent"
741 ],
742 "parameters": {
743 "filter": {
744 "description": "Filter expression to restrict the Certificates returned.",
745 "location": "query",
746 "type": "string"
747 },
748 "orderBy": {
749 "description": "A list of Certificate field names used to specify the order of the returned results. The default sorting order is ascending. To specify descending order for a field, add a suffix `\" desc\"`.",
750 "location": "query",
751 "type": "string"
752 },
753 "pageSize": {
754 "description": "Maximum number of certificates to return per call.",
755 "format": "int32",
756 "location": "query",
757 "type": "integer"
758 },
759 "pageToken": {
760 "description": "The value returned by the last `ListCertificatesResponse`. Indicates that this is a continuation of a prior `ListCertificates` call, and that the system should return the next page of data.",
761 "location": "query",
762 "type": "string"
763 },
764 "parent": {
765 "description": "Required. The project and location from which the certificate should be listed, specified in the format `projects/*/locations/*`.",
766 "location": "path",
767 "pattern": "^projects/[^/]+/locations/[^/]+$",
768 "required": true,
769 "type": "string"
770 }
771 },
772 "path": "v1/{+parent}/certificates",
773 "response": {
774 "$ref": "ListCertificatesResponse"
775 },
776 "scopes": [
777 "https://www.googleapis.com/auth/cloud-platform"
778 ]
779 },
780 "patch": {
781 "description": "Updates a Certificate.",
782 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificates/{certificatesId}",
783 "httpMethod": "PATCH",
784 "id": "certificatemanager.projects.locations.certificates.patch",
785 "parameterOrder": [
786 "name"
787 ],
788 "parameters": {
789 "name": {
790 "description": "A user-defined name of the certificate. Certificate names must be unique globally and match pattern `projects/*/locations/*/certificates/*`.",
791 "location": "path",
792 "pattern": "^projects/[^/]+/locations/[^/]+/certificates/[^/]+$",
793 "required": true,
794 "type": "string"
795 },
796 "updateMask": {
797 "description": "Required. The update mask applies to the resource. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask.",
798 "format": "google-fieldmask",
799 "location": "query",
800 "type": "string"
801 }
802 },
803 "path": "v1/{+name}",
804 "request": {
805 "$ref": "Certificate"
806 },
807 "response": {
808 "$ref": "Operation"
809 },
810 "scopes": [
811 "https://www.googleapis.com/auth/cloud-platform"
812 ]
813 }
814 }
815 },
816 "dnsAuthorizations": {
817 "methods": {
818 "create": {
819 "description": "Creates a new DnsAuthorization in a given project and location.",
820 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/dnsAuthorizations",
821 "httpMethod": "POST",
822 "id": "certificatemanager.projects.locations.dnsAuthorizations.create",
823 "parameterOrder": [
824 "parent"
825 ],
826 "parameters": {
827 "dnsAuthorizationId": {
828 "description": "Required. A user-provided name of the dns authorization.",
829 "location": "query",
830 "type": "string"
831 },
832 "parent": {
833 "description": "Required. The parent resource of the dns authorization. Must be in the format `projects/*/locations/*`.",
834 "location": "path",
835 "pattern": "^projects/[^/]+/locations/[^/]+$",
836 "required": true,
837 "type": "string"
838 }
839 },
840 "path": "v1/{+parent}/dnsAuthorizations",
841 "request": {
842 "$ref": "DnsAuthorization"
843 },
844 "response": {
845 "$ref": "Operation"
846 },
847 "scopes": [
848 "https://www.googleapis.com/auth/cloud-platform"
849 ]
850 },
851 "delete": {
852 "description": "Deletes a single DnsAuthorization.",
853 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/dnsAuthorizations/{dnsAuthorizationsId}",
854 "httpMethod": "DELETE",
855 "id": "certificatemanager.projects.locations.dnsAuthorizations.delete",
856 "parameterOrder": [
857 "name"
858 ],
859 "parameters": {
860 "name": {
861 "description": "Required. A name of the dns authorization to delete. Must be in the format `projects/*/locations/*/dnsAuthorizations/*`.",
862 "location": "path",
863 "pattern": "^projects/[^/]+/locations/[^/]+/dnsAuthorizations/[^/]+$",
864 "required": true,
865 "type": "string"
866 }
867 },
868 "path": "v1/{+name}",
869 "response": {
870 "$ref": "Operation"
871 },
872 "scopes": [
873 "https://www.googleapis.com/auth/cloud-platform"
874 ]
875 },
876 "get": {
877 "description": "Gets details of a single DnsAuthorization.",
878 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/dnsAuthorizations/{dnsAuthorizationsId}",
879 "httpMethod": "GET",
880 "id": "certificatemanager.projects.locations.dnsAuthorizations.get",
881 "parameterOrder": [
882 "name"
883 ],
884 "parameters": {
885 "name": {
886 "description": "Required. A name of the dns authorization to describe. Must be in the format `projects/*/locations/*/dnsAuthorizations/*`.",
887 "location": "path",
888 "pattern": "^projects/[^/]+/locations/[^/]+/dnsAuthorizations/[^/]+$",
889 "required": true,
890 "type": "string"
891 }
892 },
893 "path": "v1/{+name}",
894 "response": {
895 "$ref": "DnsAuthorization"
896 },
897 "scopes": [
898 "https://www.googleapis.com/auth/cloud-platform"
899 ]
900 },
901 "list": {
902 "description": "Lists DnsAuthorizations in a given project and location.",
903 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/dnsAuthorizations",
904 "httpMethod": "GET",
905 "id": "certificatemanager.projects.locations.dnsAuthorizations.list",
906 "parameterOrder": [
907 "parent"
908 ],
909 "parameters": {
910 "filter": {
911 "description": "Filter expression to restrict the Dns Authorizations returned.",
912 "location": "query",
913 "type": "string"
914 },
915 "orderBy": {
916 "description": "A list of Dns Authorization field names used to specify the order of the returned results. The default sorting order is ascending. To specify descending order for a field, add a suffix `\" desc\"`.",
917 "location": "query",
918 "type": "string"
919 },
920 "pageSize": {
921 "description": "Maximum number of dns authorizations to return per call.",
922 "format": "int32",
923 "location": "query",
924 "type": "integer"
925 },
926 "pageToken": {
927 "description": "The value returned by the last `ListDnsAuthorizationsResponse`. Indicates that this is a continuation of a prior `ListDnsAuthorizations` call, and that the system should return the next page of data.",
928 "location": "query",
929 "type": "string"
930 },
931 "parent": {
932 "description": "Required. The project and location from which the dns authorizations should be listed, specified in the format `projects/*/locations/*`.",
933 "location": "path",
934 "pattern": "^projects/[^/]+/locations/[^/]+$",
935 "required": true,
936 "type": "string"
937 }
938 },
939 "path": "v1/{+parent}/dnsAuthorizations",
940 "response": {
941 "$ref": "ListDnsAuthorizationsResponse"
942 },
943 "scopes": [
944 "https://www.googleapis.com/auth/cloud-platform"
945 ]
946 },
947 "patch": {
948 "description": "Updates a DnsAuthorization.",
949 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/dnsAuthorizations/{dnsAuthorizationsId}",
950 "httpMethod": "PATCH",
951 "id": "certificatemanager.projects.locations.dnsAuthorizations.patch",
952 "parameterOrder": [
953 "name"
954 ],
955 "parameters": {
956 "name": {
957 "description": "A user-defined name of the dns authorization. DnsAuthorization names must be unique globally and match pattern `projects/*/locations/*/dnsAuthorizations/*`.",
958 "location": "path",
959 "pattern": "^projects/[^/]+/locations/[^/]+/dnsAuthorizations/[^/]+$",
960 "required": true,
961 "type": "string"
962 },
963 "updateMask": {
964 "description": "Required. The update mask applies to the resource. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask.",
965 "format": "google-fieldmask",
966 "location": "query",
967 "type": "string"
968 }
969 },
970 "path": "v1/{+name}",
971 "request": {
972 "$ref": "DnsAuthorization"
973 },
974 "response": {
975 "$ref": "Operation"
976 },
977 "scopes": [
978 "https://www.googleapis.com/auth/cloud-platform"
979 ]
980 }
981 }
982 },
983 "operations": {
984 "methods": {
985 "cancel": {
986 "description": "Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.",
987 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel",
988 "httpMethod": "POST",
989 "id": "certificatemanager.projects.locations.operations.cancel",
990 "parameterOrder": [
991 "name"
992 ],
993 "parameters": {
994 "name": {
995 "description": "The name of the operation resource to be cancelled.",
996 "location": "path",
997 "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
998 "required": true,
999 "type": "string"
1000 }
1001 },
1002 "path": "v1/{+name}:cancel",
1003 "request": {
1004 "$ref": "CancelOperationRequest"
1005 },
1006 "response": {
1007 "$ref": "Empty"
1008 },
1009 "scopes": [
1010 "https://www.googleapis.com/auth/cloud-platform"
1011 ]
1012 },
1013 "delete": {
1014 "description": "Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`.",
1015 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}",
1016 "httpMethod": "DELETE",
1017 "id": "certificatemanager.projects.locations.operations.delete",
1018 "parameterOrder": [
1019 "name"
1020 ],
1021 "parameters": {
1022 "name": {
1023 "description": "The name of the operation resource to be deleted.",
1024 "location": "path",
1025 "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
1026 "required": true,
1027 "type": "string"
1028 }
1029 },
1030 "path": "v1/{+name}",
1031 "response": {
1032 "$ref": "Empty"
1033 },
1034 "scopes": [
1035 "https://www.googleapis.com/auth/cloud-platform"
1036 ]
1037 },
1038 "get": {
1039 "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.",
1040 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}",
1041 "httpMethod": "GET",
1042 "id": "certificatemanager.projects.locations.operations.get",
1043 "parameterOrder": [
1044 "name"
1045 ],
1046 "parameters": {
1047 "name": {
1048 "description": "The name of the operation resource.",
1049 "location": "path",
1050 "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
1051 "required": true,
1052 "type": "string"
1053 }
1054 },
1055 "path": "v1/{+name}",
1056 "response": {
1057 "$ref": "Operation"
1058 },
1059 "scopes": [
1060 "https://www.googleapis.com/auth/cloud-platform"
1061 ]
1062 },
1063 "list": {
1064 "description": "Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`.",
1065 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations",
1066 "httpMethod": "GET",
1067 "id": "certificatemanager.projects.locations.operations.list",
1068 "parameterOrder": [
1069 "name"
1070 ],
1071 "parameters": {
1072 "filter": {
1073 "description": "The standard list filter.",
1074 "location": "query",
1075 "type": "string"
1076 },
1077 "name": {
1078 "description": "The name of the operation's parent resource.",
1079 "location": "path",
1080 "pattern": "^projects/[^/]+/locations/[^/]+$",
1081 "required": true,
1082 "type": "string"
1083 },
1084 "pageSize": {
1085 "description": "The standard list page size.",
1086 "format": "int32",
1087 "location": "query",
1088 "type": "integer"
1089 },
1090 "pageToken": {
1091 "description": "The standard list page token.",
1092 "location": "query",
1093 "type": "string"
1094 }
1095 },
1096 "path": "v1/{+name}/operations",
1097 "response": {
1098 "$ref": "ListOperationsResponse"
1099 },
1100 "scopes": [
1101 "https://www.googleapis.com/auth/cloud-platform"
1102 ]
1103 }
1104 }
1105 },
1106 "trustConfigs": {
1107 "methods": {
1108 "create": {
1109 "description": "Creates a new TrustConfig in a given project and location.",
1110 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/trustConfigs",
1111 "httpMethod": "POST",
1112 "id": "certificatemanager.projects.locations.trustConfigs.create",
1113 "parameterOrder": [
1114 "parent"
1115 ],
1116 "parameters": {
1117 "parent": {
1118 "description": "Required. The parent resource of the TrustConfig. Must be in the format `projects/*/locations/*`.",
1119 "location": "path",
1120 "pattern": "^projects/[^/]+/locations/[^/]+$",
1121 "required": true,
1122 "type": "string"
1123 },
1124 "trustConfigId": {
1125 "description": "Required. A user-provided name of the TrustConfig. Must match the regexp `[a-z0-9-]{1,63}`.",
1126 "location": "query",
1127 "type": "string"
1128 }
1129 },
1130 "path": "v1/{+parent}/trustConfigs",
1131 "request": {
1132 "$ref": "TrustConfig"
1133 },
1134 "response": {
1135 "$ref": "Operation"
1136 },
1137 "scopes": [
1138 "https://www.googleapis.com/auth/cloud-platform"
1139 ]
1140 },
1141 "delete": {
1142 "description": "Deletes a single TrustConfig.",
1143 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/trustConfigs/{trustConfigsId}",
1144 "httpMethod": "DELETE",
1145 "id": "certificatemanager.projects.locations.trustConfigs.delete",
1146 "parameterOrder": [
1147 "name"
1148 ],
1149 "parameters": {
1150 "etag": {
1151 "description": "The current etag of the TrustConfig. If an etag is provided and does not match the current etag of the resource, deletion will be blocked and an ABORTED error will be returned.",
1152 "location": "query",
1153 "type": "string"
1154 },
1155 "name": {
1156 "description": "Required. A name of the TrustConfig to delete. Must be in the format `projects/*/locations/*/trustConfigs/*`.",
1157 "location": "path",
1158 "pattern": "^projects/[^/]+/locations/[^/]+/trustConfigs/[^/]+$",
1159 "required": true,
1160 "type": "string"
1161 }
1162 },
1163 "path": "v1/{+name}",
1164 "response": {
1165 "$ref": "Operation"
1166 },
1167 "scopes": [
1168 "https://www.googleapis.com/auth/cloud-platform"
1169 ]
1170 },
1171 "get": {
1172 "description": "Gets details of a single TrustConfig.",
1173 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/trustConfigs/{trustConfigsId}",
1174 "httpMethod": "GET",
1175 "id": "certificatemanager.projects.locations.trustConfigs.get",
1176 "parameterOrder": [
1177 "name"
1178 ],
1179 "parameters": {
1180 "name": {
1181 "description": "Required. A name of the TrustConfig to describe. Must be in the format `projects/*/locations/*/trustConfigs/*`.",
1182 "location": "path",
1183 "pattern": "^projects/[^/]+/locations/[^/]+/trustConfigs/[^/]+$",
1184 "required": true,
1185 "type": "string"
1186 }
1187 },
1188 "path": "v1/{+name}",
1189 "response": {
1190 "$ref": "TrustConfig"
1191 },
1192 "scopes": [
1193 "https://www.googleapis.com/auth/cloud-platform"
1194 ]
1195 },
1196 "list": {
1197 "description": "Lists TrustConfigs in a given project and location.",
1198 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/trustConfigs",
1199 "httpMethod": "GET",
1200 "id": "certificatemanager.projects.locations.trustConfigs.list",
1201 "parameterOrder": [
1202 "parent"
1203 ],
1204 "parameters": {
1205 "filter": {
1206 "description": "Filter expression to restrict the TrustConfigs returned.",
1207 "location": "query",
1208 "type": "string"
1209 },
1210 "orderBy": {
1211 "description": "A list of TrustConfig field names used to specify the order of the returned results. The default sorting order is ascending. To specify descending order for a field, add a suffix `\" desc\"`.",
1212 "location": "query",
1213 "type": "string"
1214 },
1215 "pageSize": {
1216 "description": "Maximum number of TrustConfigs to return per call.",
1217 "format": "int32",
1218 "location": "query",
1219 "type": "integer"
1220 },
1221 "pageToken": {
1222 "description": "The value returned by the last `ListTrustConfigsResponse`. Indicates that this is a continuation of a prior `ListTrustConfigs` call, and that the system should return the next page of data.",
1223 "location": "query",
1224 "type": "string"
1225 },
1226 "parent": {
1227 "description": "Required. The project and location from which the TrustConfigs should be listed, specified in the format `projects/*/locations/*`.",
1228 "location": "path",
1229 "pattern": "^projects/[^/]+/locations/[^/]+$",
1230 "required": true,
1231 "type": "string"
1232 }
1233 },
1234 "path": "v1/{+parent}/trustConfigs",
1235 "response": {
1236 "$ref": "ListTrustConfigsResponse"
1237 },
1238 "scopes": [
1239 "https://www.googleapis.com/auth/cloud-platform"
1240 ]
1241 },
1242 "patch": {
1243 "description": "Updates a TrustConfig.",
1244 "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/trustConfigs/{trustConfigsId}",
1245 "httpMethod": "PATCH",
1246 "id": "certificatemanager.projects.locations.trustConfigs.patch",
1247 "parameterOrder": [
1248 "name"
1249 ],
1250 "parameters": {
1251 "name": {
1252 "description": "A user-defined name of the trust config. TrustConfig names must be unique globally and match pattern `projects/*/locations/*/trustConfigs/*`.",
1253 "location": "path",
1254 "pattern": "^projects/[^/]+/locations/[^/]+/trustConfigs/[^/]+$",
1255 "required": true,
1256 "type": "string"
1257 },
1258 "updateMask": {
1259 "description": "Required. The update mask applies to the resource. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask.",
1260 "format": "google-fieldmask",
1261 "location": "query",
1262 "type": "string"
1263 }
1264 },
1265 "path": "v1/{+name}",
1266 "request": {
1267 "$ref": "TrustConfig"
1268 },
1269 "response": {
1270 "$ref": "Operation"
1271 },
1272 "scopes": [
1273 "https://www.googleapis.com/auth/cloud-platform"
1274 ]
1275 }
1276 }
1277 }
1278 }
1279 }
1280 }
1281 }
1282 },
1283 "revision": "20240417",
1284 "rootUrl": "https://certificatemanager.googleapis.com/",
1285 "schemas": {
1286 "AllowlistedCertificate": {
1287 "description": "Defines an allowlisted certificate.",
1288 "id": "AllowlistedCertificate",
1289 "properties": {
1290 "pemCertificate": {
1291 "description": "Required. PEM certificate that is allowlisted. The certificate can be up to 5k bytes, and must be a parseable X.509 certificate.",
1292 "type": "string"
1293 }
1294 },
1295 "type": "object"
1296 },
1297 "AuthorizationAttemptInfo": {
1298 "description": "State of the latest attempt to authorize a domain for certificate issuance.",
1299 "id": "AuthorizationAttemptInfo",
1300 "properties": {
1301 "details": {
1302 "description": "Output only. Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.",
1303 "readOnly": true,
1304 "type": "string"
1305 },
1306 "domain": {
1307 "description": "Domain name of the authorization attempt.",
1308 "type": "string"
1309 },
1310 "failureReason": {
1311 "description": "Output only. Reason for failure of the authorization attempt for the domain.",
1312 "enum": [
1313 "FAILURE_REASON_UNSPECIFIED",
1314 "CONFIG",
1315 "CAA",
1316 "RATE_LIMITED"
1317 ],
1318 "enumDescriptions": [
1319 "FailureReason is unspecified.",
1320 "There was a problem with the user's DNS or load balancer configuration for this domain.",
1321 "Certificate issuance forbidden by an explicit CAA record for the domain or a failure to check CAA records for the domain.",
1322 "Reached a CA or internal rate-limit for the domain, e.g. for certificates per top-level private domain."
1323 ],
1324 "readOnly": true,
1325 "type": "string"
1326 },
1327 "state": {
1328 "description": "Output only. State of the domain for managed certificate issuance.",
1329 "enum": [
1330 "STATE_UNSPECIFIED",
1331 "AUTHORIZING",
1332 "AUTHORIZED",
1333 "FAILED"
1334 ],
1335 "enumDescriptions": [
1336 "State is unspecified.",
1337 "Certificate provisioning for this domain is under way. Google Cloud will attempt to authorize the domain.",
1338 "A managed certificate can be provisioned, no issues for this domain.",
1339 "Attempt to authorize the domain failed. This prevents the Managed Certificate from being issued. See `failure_reason` and `details` fields for more information."
1340 ],
1341 "readOnly": true,
1342 "type": "string"
1343 }
1344 },
1345 "type": "object"
1346 },
1347 "CancelOperationRequest": {
1348 "description": "The request message for Operations.CancelOperation.",
1349 "id": "CancelOperationRequest",
1350 "properties": {},
1351 "type": "object"
1352 },
1353 "Certificate": {
1354 "description": "Defines TLS certificate.",
1355 "id": "Certificate",
1356 "properties": {
1357 "createTime": {
1358 "description": "Output only. The creation timestamp of a Certificate.",
1359 "format": "google-datetime",
1360 "readOnly": true,
1361 "type": "string"
1362 },
1363 "description": {
1364 "description": "One or more paragraphs of text description of a certificate.",
1365 "type": "string"
1366 },
1367 "expireTime": {
1368 "description": "Output only. The expiry timestamp of a Certificate.",
1369 "format": "google-datetime",
1370 "readOnly": true,
1371 "type": "string"
1372 },
1373 "labels": {
1374 "additionalProperties": {
1375 "type": "string"
1376 },
1377 "description": "Set of labels associated with a Certificate.",
1378 "type": "object"
1379 },
1380 "managed": {
1381 "$ref": "ManagedCertificate",
1382 "description": "If set, contains configuration and state of a managed certificate."
1383 },
1384 "name": {
1385 "description": "A user-defined name of the certificate. Certificate names must be unique globally and match pattern `projects/*/locations/*/certificates/*`.",
1386 "type": "string"
1387 },
1388 "pemCertificate": {
1389 "description": "Output only. The PEM-encoded certificate chain.",
1390 "readOnly": true,
1391 "type": "string"
1392 },
1393 "sanDnsnames": {
1394 "description": "Output only. The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven't been provisioned yet have this field populated with a value of the managed.domains field.",
1395 "items": {
1396 "type": "string"
1397 },
1398 "readOnly": true,
1399 "type": "array"
1400 },
1401 "scope": {
1402 "description": "Immutable. The scope of the certificate.",
1403 "enum": [
1404 "DEFAULT",
1405 "EDGE_CACHE",
1406 "ALL_REGIONS"
1407 ],
1408 "enumDescriptions": [
1409 "Certificates with default scope are served from core Google data centers. If unsure, choose this option.",
1410 "Certificates with scope EDGE_CACHE are special-purposed certificates, served from Edge Points of Presence. See https://cloud.google.com/vpc/docs/edge-locations.",
1411 "Certificates with ALL_REGIONS scope are served from all Google Cloud regions. See https://cloud.google.com/compute/docs/regions-zones."
1412 ],
1413 "type": "string"
1414 },
1415 "selfManaged": {
1416 "$ref": "SelfManagedCertificate",
1417 "description": "If set, defines data of a self-managed certificate."
1418 },
1419 "updateTime": {
1420 "description": "Output only. The last update timestamp of a Certificate.",
1421 "format": "google-datetime",
1422 "readOnly": true,
1423 "type": "string"
1424 }
1425 },
1426 "type": "object"
1427 },
1428 "CertificateAuthorityConfig": {
1429 "description": "The CA that issues the workload certificate. It includes CA address, type, authentication to CA service, etc.",
1430 "id": "CertificateAuthorityConfig",
1431 "properties": {
1432 "certificateAuthorityServiceConfig": {
1433 "$ref": "CertificateAuthorityServiceConfig",
1434 "description": "Defines a CertificateAuthorityServiceConfig."
1435 }
1436 },
1437 "type": "object"
1438 },
1439 "CertificateAuthorityServiceConfig": {
1440 "description": "Contains information required to contact CA service.",
1441 "id": "CertificateAuthorityServiceConfig",
1442 "properties": {
1443 "caPool": {
1444 "description": "Required. A CA pool resource used to issue a certificate. The CA pool string has a relative resource path following the form \"projects/{project}/locations/{location}/caPools/{ca_pool}\".",
1445 "type": "string"
1446 }
1447 },
1448 "type": "object"
1449 },
1450 "CertificateIssuanceConfig": {
1451 "description": "CertificateIssuanceConfig specifies how to issue and manage a certificate.",
1452 "id": "CertificateIssuanceConfig",
1453 "properties": {
1454 "certificateAuthorityConfig": {
1455 "$ref": "CertificateAuthorityConfig",
1456 "description": "Required. The CA that issues the workload certificate. It includes the CA address, type, authentication to CA service, etc."
1457 },
1458 "createTime": {
1459 "description": "Output only. The creation timestamp of a CertificateIssuanceConfig.",
1460 "format": "google-datetime",
1461 "readOnly": true,
1462 "type": "string"
1463 },
1464 "description": {
1465 "description": "One or more paragraphs of text description of a CertificateIssuanceConfig.",
1466 "type": "string"
1467 },
1468 "keyAlgorithm": {
1469 "description": "Required. The key algorithm to use when generating the private key.",
1470 "enum": [
1471 "KEY_ALGORITHM_UNSPECIFIED",
1472 "RSA_2048",
1473 "ECDSA_P256"
1474 ],
1475 "enumDescriptions": [
1476 "Unspecified key algorithm.",
1477 "Specifies RSA with a 2048-bit modulus.",
1478 "Specifies ECDSA with curve P256."
1479 ],
1480 "type": "string"
1481 },
1482 "labels": {
1483 "additionalProperties": {
1484 "type": "string"
1485 },
1486 "description": "Set of labels associated with a CertificateIssuanceConfig.",
1487 "type": "object"
1488 },
1489 "lifetime": {
1490 "description": "Required. Workload certificate lifetime requested.",
1491 "format": "google-duration",
1492 "type": "string"
1493 },
1494 "name": {
1495 "description": "A user-defined name of the certificate issuance config. CertificateIssuanceConfig names must be unique globally and match pattern `projects/*/locations/*/certificateIssuanceConfigs/*`.",
1496 "type": "string"
1497 },
1498 "rotationWindowPercentage": {
1499 "description": "Required. Specifies the percentage of elapsed time of the certificate lifetime to wait before renewing the certificate. Must be a number between 1-99, inclusive.",
1500 "format": "int32",
1501 "type": "integer"
1502 },
1503 "updateTime": {
1504 "description": "Output only. The last update timestamp of a CertificateIssuanceConfig.",
1505 "format": "google-datetime",
1506 "readOnly": true,
1507 "type": "string"
1508 }
1509 },
1510 "type": "object"
1511 },
1512 "CertificateMap": {
1513 "description": "Defines a collection of certificate configurations.",
1514 "id": "CertificateMap",
1515 "properties": {
1516 "createTime": {
1517 "description": "Output only. The creation timestamp of a Certificate Map.",
1518 "format": "google-datetime",
1519 "readOnly": true,
1520 "type": "string"
1521 },
1522 "description": {
1523 "description": "One or more paragraphs of text description of a certificate map.",
1524 "type": "string"
1525 },
1526 "gclbTargets": {
1527 "description": "Output only. A list of GCLB targets that use this Certificate Map. A Target Proxy is only present on this list if it's attached to a Forwarding Rule.",
1528 "items": {
1529 "$ref": "GclbTarget"
1530 },
1531 "readOnly": true,
1532 "type": "array"
1533 },
1534 "labels": {
1535 "additionalProperties": {
1536 "type": "string"
1537 },
1538 "description": "Set of labels associated with a Certificate Map.",
1539 "type": "object"
1540 },
1541 "name": {
1542 "description": "A user-defined name of the Certificate Map. Certificate Map names must be unique globally and match pattern `projects/*/locations/*/certificateMaps/*`.",
1543 "type": "string"
1544 },
1545 "updateTime": {
1546 "description": "Output only. The update timestamp of a Certificate Map.",
1547 "format": "google-datetime",
1548 "readOnly": true,
1549 "type": "string"
1550 }
1551 },
1552 "type": "object"
1553 },
1554 "CertificateMapEntry": {
1555 "description": "Defines a certificate map entry.",
1556 "id": "CertificateMapEntry",
1557 "properties": {
1558 "certificates": {
1559 "description": "A set of Certificates defines for the given `hostname`. There can be defined up to four certificates in each Certificate Map Entry. Each certificate must match pattern `projects/*/locations/*/certificates/*`.",
1560 "items": {
1561 "type": "string"
1562 },
1563 "type": "array"
1564 },
1565 "createTime": {
1566 "description": "Output only. The creation timestamp of a Certificate Map Entry.",
1567 "format": "google-datetime",
1568 "readOnly": true,
1569 "type": "string"
1570 },
1571 "description": {
1572 "description": "One or more paragraphs of text description of a certificate map entry.",
1573 "type": "string"
1574 },
1575 "hostname": {
1576 "description": "A Hostname (FQDN, e.g. `example.com`) or a wildcard hostname expression (`*.example.com`) for a set of hostnames with common suffix. Used as Server Name Indication (SNI) for selecting a proper certificate.",
1577 "type": "string"
1578 },
1579 "labels": {
1580 "additionalProperties": {
1581 "type": "string"
1582 },
1583 "description": "Set of labels associated with a Certificate Map Entry.",
1584 "type": "object"
1585 },
1586 "matcher": {
1587 "description": "A predefined matcher for particular cases, other than SNI selection.",
1588 "enum": [
1589 "MATCHER_UNSPECIFIED",
1590 "PRIMARY"
1591 ],
1592 "enumDescriptions": [
1593 "A matcher has't been recognized.",
1594 "A primary certificate that is served when SNI wasn't specified in the request or SNI couldn't be found in the map."
1595 ],
1596 "type": "string"
1597 },
1598 "name": {
1599 "description": "A user-defined name of the Certificate Map Entry. Certificate Map Entry names must be unique globally and match pattern `projects/*/locations/*/certificateMaps/*/certificateMapEntries/*`.",
1600 "type": "string"
1601 },
1602 "state": {
1603 "description": "Output only. A serving state of this Certificate Map Entry.",
1604 "enum": [
1605 "SERVING_STATE_UNSPECIFIED",
1606 "ACTIVE",
1607 "PENDING"
1608 ],
1609 "enumDescriptions": [
1610 "The status is undefined.",
1611 "The configuration is serving.",
1612 "Update is in progress. Some frontends may serve this configuration."
1613 ],
1614 "readOnly": true,
1615 "type": "string"
1616 },
1617 "updateTime": {
1618 "description": "Output only. The update timestamp of a Certificate Map Entry.",
1619 "format": "google-datetime",
1620 "readOnly": true,
1621 "type": "string"
1622 }
1623 },
1624 "type": "object"
1625 },
1626 "DnsAuthorization": {
1627 "description": "A DnsAuthorization resource describes a way to perform domain authorization for certificate issuance.",
1628 "id": "DnsAuthorization",
1629 "properties": {
1630 "createTime": {
1631 "description": "Output only. The creation timestamp of a DnsAuthorization.",
1632 "format": "google-datetime",
1633 "readOnly": true,
1634 "type": "string"
1635 },
1636 "description": {
1637 "description": "One or more paragraphs of text description of a DnsAuthorization.",
1638 "type": "string"
1639 },
1640 "dnsResourceRecord": {
1641 "$ref": "DnsResourceRecord",
1642 "description": "Output only. DNS Resource Record that needs to be added to DNS configuration.",
1643 "readOnly": true
1644 },
1645 "domain": {
1646 "description": "Required. Immutable. A domain that is being authorized. A DnsAuthorization resource covers a single domain and its wildcard, e.g. authorization for `example.com` can be used to issue certificates for `example.com` and `*.example.com`.",
1647 "type": "string"
1648 },
1649 "labels": {
1650 "additionalProperties": {
1651 "type": "string"
1652 },
1653 "description": "Set of labels associated with a DnsAuthorization.",
1654 "type": "object"
1655 },
1656 "name": {
1657 "description": "A user-defined name of the dns authorization. DnsAuthorization names must be unique globally and match pattern `projects/*/locations/*/dnsAuthorizations/*`.",
1658 "type": "string"
1659 },
1660 "type": {
1661 "description": "Immutable. Type of DnsAuthorization. If unset during resource creation the following default will be used: - in location global: FIXED_RECORD.",
1662 "enum": [
1663 "TYPE_UNSPECIFIED",
1664 "FIXED_RECORD",
1665 "PER_PROJECT_RECORD"
1666 ],
1667 "enumDescriptions": [
1668 "Type is unspecified.",
1669 "FIXED_RECORD DNS authorization uses DNS-01 validation method.",
1670 "PER_PROJECT_RECORD DNS authorization allows for independent management of Google-managed certificates with DNS authorization across multiple projects."
1671 ],
1672 "type": "string"
1673 },
1674 "updateTime": {
1675 "description": "Output only. The last update timestamp of a DnsAuthorization.",
1676 "format": "google-datetime",
1677 "readOnly": true,
1678 "type": "string"
1679 }
1680 },
1681 "type": "object"
1682 },
1683 "DnsResourceRecord": {
1684 "description": "The structure describing the DNS Resource Record that needs to be added to DNS configuration for the authorization to be usable by certificate.",
1685 "id": "DnsResourceRecord",
1686 "properties": {
1687 "data": {
1688 "description": "Output only. Data of the DNS Resource Record.",
1689 "readOnly": true,
1690 "type": "string"
1691 },
1692 "name": {
1693 "description": "Output only. Fully qualified name of the DNS Resource Record. e.g. `_acme-challenge.example.com`",
1694 "readOnly": true,
1695 "type": "string"
1696 },
1697 "type": {
1698 "description": "Output only. Type of the DNS Resource Record. Currently always set to \"CNAME\".",
1699 "readOnly": true,
1700 "type": "string"
1701 }
1702 },
1703 "type": "object"
1704 },
1705 "Empty": {
1706 "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }",
1707 "id": "Empty",
1708 "properties": {},
1709 "type": "object"
1710 },
1711 "GclbTarget": {
1712 "description": "Describes a Target Proxy that uses this Certificate Map.",
1713 "id": "GclbTarget",
1714 "properties": {
1715 "ipConfigs": {
1716 "description": "Output only. IP configurations for this Target Proxy where the Certificate Map is serving.",
1717 "items": {
1718 "$ref": "IpConfig"
1719 },
1720 "readOnly": true,
1721 "type": "array"
1722 },
1723 "targetHttpsProxy": {
1724 "description": "Output only. This field returns the resource name in the following format: `//compute.googleapis.com/projects/*/global/targetHttpsProxies/*`.",
1725 "readOnly": true,
1726 "type": "string"
1727 },
1728 "targetSslProxy": {
1729 "description": "Output only. This field returns the resource name in the following format: `//compute.googleapis.com/projects/*/global/targetSslProxies/*`.",
1730 "readOnly": true,
1731 "type": "string"
1732 }
1733 },
1734 "type": "object"
1735 },
1736 "IntermediateCA": {
1737 "description": "Defines an intermediate CA.",
1738 "id": "IntermediateCA",
1739 "properties": {
1740 "pemCertificate": {
1741 "description": "PEM intermediate certificate used for building up paths for validation. Each certificate provided in PEM format may occupy up to 5kB.",
1742 "type": "string"
1743 }
1744 },
1745 "type": "object"
1746 },
1747 "IpConfig": {
1748 "description": "Defines IP configuration where this Certificate Map is serving.",
1749 "id": "IpConfig",
1750 "properties": {
1751 "ipAddress": {
1752 "description": "Output only. An external IP address.",
1753 "readOnly": true,
1754 "type": "string"
1755 },
1756 "ports": {
1757 "description": "Output only. Ports.",
1758 "items": {
1759 "format": "uint32",
1760 "type": "integer"
1761 },
1762 "readOnly": true,
1763 "type": "array"
1764 }
1765 },
1766 "type": "object"
1767 },
1768 "ListCertificateIssuanceConfigsResponse": {
1769 "description": "Response for the `ListCertificateIssuanceConfigs` method.",
1770 "id": "ListCertificateIssuanceConfigsResponse",
1771 "properties": {
1772 "certificateIssuanceConfigs": {
1773 "description": "A list of certificate configs for the parent resource.",
1774 "items": {
1775 "$ref": "CertificateIssuanceConfig"
1776 },
1777 "type": "array"
1778 },
1779 "nextPageToken": {
1780 "description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
1781 "type": "string"
1782 },
1783 "unreachable": {
1784 "description": "Locations that could not be reached.",
1785 "items": {
1786 "type": "string"
1787 },
1788 "type": "array"
1789 }
1790 },
1791 "type": "object"
1792 },
1793 "ListCertificateMapEntriesResponse": {
1794 "description": "Response for the `ListCertificateMapEntries` method.",
1795 "id": "ListCertificateMapEntriesResponse",
1796 "properties": {
1797 "certificateMapEntries": {
1798 "description": "A list of certificate map entries for the parent resource.",
1799 "items": {
1800 "$ref": "CertificateMapEntry"
1801 },
1802 "type": "array"
1803 },
1804 "nextPageToken": {
1805 "description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
1806 "type": "string"
1807 },
1808 "unreachable": {
1809 "description": "Locations that could not be reached.",
1810 "items": {
1811 "type": "string"
1812 },
1813 "type": "array"
1814 }
1815 },
1816 "type": "object"
1817 },
1818 "ListCertificateMapsResponse": {
1819 "description": "Response for the `ListCertificateMaps` method.",
1820 "id": "ListCertificateMapsResponse",
1821 "properties": {
1822 "certificateMaps": {
1823 "description": "A list of certificate maps for the parent resource.",
1824 "items": {
1825 "$ref": "CertificateMap"
1826 },
1827 "type": "array"
1828 },
1829 "nextPageToken": {
1830 "description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
1831 "type": "string"
1832 },
1833 "unreachable": {
1834 "description": "Locations that could not be reached.",
1835 "items": {
1836 "type": "string"
1837 },
1838 "type": "array"
1839 }
1840 },
1841 "type": "object"
1842 },
1843 "ListCertificatesResponse": {
1844 "description": "Response for the `ListCertificates` method.",
1845 "id": "ListCertificatesResponse",
1846 "properties": {
1847 "certificates": {
1848 "description": "A list of certificates for the parent resource.",
1849 "items": {
1850 "$ref": "Certificate"
1851 },
1852 "type": "array"
1853 },
1854 "nextPageToken": {
1855 "description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
1856 "type": "string"
1857 },
1858 "unreachable": {
1859 "description": "A list of locations that could not be reached.",
1860 "items": {
1861 "type": "string"
1862 },
1863 "type": "array"
1864 }
1865 },
1866 "type": "object"
1867 },
1868 "ListDnsAuthorizationsResponse": {
1869 "description": "Response for the `ListDnsAuthorizations` method.",
1870 "id": "ListDnsAuthorizationsResponse",
1871 "properties": {
1872 "dnsAuthorizations": {
1873 "description": "A list of dns authorizations for the parent resource.",
1874 "items": {
1875 "$ref": "DnsAuthorization"
1876 },
1877 "type": "array"
1878 },
1879 "nextPageToken": {
1880 "description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
1881 "type": "string"
1882 },
1883 "unreachable": {
1884 "description": "Locations that could not be reached.",
1885 "items": {
1886 "type": "string"
1887 },
1888 "type": "array"
1889 }
1890 },
1891 "type": "object"
1892 },
1893 "ListLocationsResponse": {
1894 "description": "The response message for Locations.ListLocations.",
1895 "id": "ListLocationsResponse",
1896 "properties": {
1897 "locations": {
1898 "description": "A list of locations that matches the specified filter in the request.",
1899 "items": {
1900 "$ref": "Location"
1901 },
1902 "type": "array"
1903 },
1904 "nextPageToken": {
1905 "description": "The standard List next-page token.",
1906 "type": "string"
1907 }
1908 },
1909 "type": "object"
1910 },
1911 "ListOperationsResponse": {
1912 "description": "The response message for Operations.ListOperations.",
1913 "id": "ListOperationsResponse",
1914 "properties": {
1915 "nextPageToken": {
1916 "description": "The standard List next-page token.",
1917 "type": "string"
1918 },
1919 "operations": {
1920 "description": "A list of operations that matches the specified filter in the request.",
1921 "items": {
1922 "$ref": "Operation"
1923 },
1924 "type": "array"
1925 }
1926 },
1927 "type": "object"
1928 },
1929 "ListTrustConfigsResponse": {
1930 "description": "Response for the `ListTrustConfigs` method.",
1931 "id": "ListTrustConfigsResponse",
1932 "properties": {
1933 "nextPageToken": {
1934 "description": "If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.",
1935 "type": "string"
1936 },
1937 "trustConfigs": {
1938 "description": "A list of TrustConfigs for the parent resource.",
1939 "items": {
1940 "$ref": "TrustConfig"
1941 },
1942 "type": "array"
1943 },
1944 "unreachable": {
1945 "description": "Locations that could not be reached.",
1946 "items": {
1947 "type": "string"
1948 },
1949 "type": "array"
1950 }
1951 },
1952 "type": "object"
1953 },
1954 "Location": {
1955 "description": "A resource that represents a Google Cloud location.",
1956 "id": "Location",
1957 "properties": {
1958 "displayName": {
1959 "description": "The friendly name for this location, typically a nearby city name. For example, \"Tokyo\".",
1960 "type": "string"
1961 },
1962 "labels": {
1963 "additionalProperties": {
1964 "type": "string"
1965 },
1966 "description": "Cross-service attributes for the location. For example {\"cloud.googleapis.com/region\": \"us-east1\"}",
1967 "type": "object"
1968 },
1969 "locationId": {
1970 "description": "The canonical id for this location. For example: `\"us-east1\"`.",
1971 "type": "string"
1972 },
1973 "metadata": {
1974 "additionalProperties": {
1975 "description": "Properties of the object. Contains field @type with type URL.",
1976 "type": "any"
1977 },
1978 "description": "Service-specific metadata. For example the available capacity at the given location.",
1979 "type": "object"
1980 },
1981 "name": {
1982 "description": "Resource name for the location, which may vary between implementations. For example: `\"projects/example-project/locations/us-east1\"`",
1983 "type": "string"
1984 }
1985 },
1986 "type": "object"
1987 },
1988 "ManagedCertificate": {
1989 "description": "Configuration and state of a Managed Certificate. Certificate Manager provisions and renews Managed Certificates automatically, for as long as it's authorized to do so.",
1990 "id": "ManagedCertificate",
1991 "properties": {
1992 "authorizationAttemptInfo": {
1993 "description": "Output only. Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.",
1994 "items": {
1995 "$ref": "AuthorizationAttemptInfo"
1996 },
1997 "readOnly": true,
1998 "type": "array"
1999 },
2000 "dnsAuthorizations": {
2001 "description": "Immutable. Authorizations that will be used for performing domain authorization.",
2002 "items": {
2003 "type": "string"
2004 },
2005 "type": "array"
2006 },
2007 "domains": {
2008 "description": "Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.",
2009 "items": {
2010 "type": "string"
2011 },
2012 "type": "array"
2013 },
2014 "issuanceConfig": {
2015 "description": "Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format `projects/*/locations/*/certificateIssuanceConfigs/*`. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.",
2016 "type": "string"
2017 },
2018 "provisioningIssue": {
2019 "$ref": "ProvisioningIssue",
2020 "description": "Output only. Information about issues with provisioning a Managed Certificate.",
2021 "readOnly": true
2022 },
2023 "state": {
2024 "description": "Output only. State of the managed certificate resource.",
2025 "enum": [
2026 "STATE_UNSPECIFIED",
2027 "PROVISIONING",
2028 "FAILED",
2029 "ACTIVE"
2030 ],
2031 "enumDescriptions": [
2032 "State is unspecified.",
2033 "Certificate Manager attempts to provision or renew the certificate. If the process takes longer than expected, consult the `provisioning_issue` field.",
2034 "Multiple certificate provisioning attempts failed and Certificate Manager gave up. To try again, delete and create a new managed Certificate resource. For details see the `provisioning_issue` field.",
2035 "The certificate management is working, and a certificate has been provisioned."
2036 ],
2037 "readOnly": true,
2038 "type": "string"
2039 }
2040 },
2041 "type": "object"
2042 },
2043 "Operation": {
2044 "description": "This resource represents a long-running operation that is the result of a network API call.",
2045 "id": "Operation",
2046 "properties": {
2047 "done": {
2048 "description": "If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.",
2049 "type": "boolean"
2050 },
2051 "error": {
2052 "$ref": "Status",
2053 "description": "The error result of the operation in case of failure or cancellation."
2054 },
2055 "metadata": {
2056 "additionalProperties": {
2057 "description": "Properties of the object. Contains field @type with type URL.",
2058 "type": "any"
2059 },
2060 "description": "Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.",
2061 "type": "object"
2062 },
2063 "name": {
2064 "description": "The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.",
2065 "type": "string"
2066 },
2067 "response": {
2068 "additionalProperties": {
2069 "description": "Properties of the object. Contains field @type with type URL.",
2070 "type": "any"
2071 },
2072 "description": "The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.",
2073 "type": "object"
2074 }
2075 },
2076 "type": "object"
2077 },
2078 "OperationMetadata": {
2079 "description": "Represents the metadata of the long-running operation. Output only.",
2080 "id": "OperationMetadata",
2081 "properties": {
2082 "apiVersion": {
2083 "description": "API version used to start the operation.",
2084 "type": "string"
2085 },
2086 "createTime": {
2087 "description": "The time the operation was created.",
2088 "format": "google-datetime",
2089 "type": "string"
2090 },
2091 "endTime": {
2092 "description": "The time the operation finished running.",
2093 "format": "google-datetime",
2094 "type": "string"
2095 },
2096 "requestedCancellation": {
2097 "description": "Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.",
2098 "type": "boolean"
2099 },
2100 "statusMessage": {
2101 "description": "Human-readable status of the operation, if any.",
2102 "type": "string"
2103 },
2104 "target": {
2105 "description": "Server-defined resource path for the target of the operation.",
2106 "type": "string"
2107 },
2108 "verb": {
2109 "description": "Name of the verb executed by the operation.",
2110 "type": "string"
2111 }
2112 },
2113 "type": "object"
2114 },
2115 "ProvisioningIssue": {
2116 "description": "Information about issues with provisioning a Managed Certificate.",
2117 "id": "ProvisioningIssue",
2118 "properties": {
2119 "details": {
2120 "description": "Output only. Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use Reason enum.",
2121 "readOnly": true,
2122 "type": "string"
2123 },
2124 "reason": {
2125 "description": "Output only. Reason for provisioning failures.",
2126 "enum": [
2127 "REASON_UNSPECIFIED",
2128 "AUTHORIZATION_ISSUE",
2129 "RATE_LIMITED"
2130 ],
2131 "enumDescriptions": [
2132 "Reason is unspecified.",
2133 "Certificate provisioning failed due to an issue with one or more of the domains on the certificate. For details of which domains failed, consult the `authorization_attempt_info` field.",
2134 "Exceeded Certificate Authority quotas or internal rate limits of the system. Provisioning may take longer to complete."
2135 ],
2136 "readOnly": true,
2137 "type": "string"
2138 }
2139 },
2140 "type": "object"
2141 },
2142 "SelfManagedCertificate": {
2143 "description": "Certificate data for a SelfManaged Certificate. SelfManaged Certificates are uploaded by the user. Updating such certificates before they expire remains the user's responsibility.",
2144 "id": "SelfManagedCertificate",
2145 "properties": {
2146 "pemCertificate": {
2147 "description": "Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.",
2148 "type": "string"
2149 },
2150 "pemPrivateKey": {
2151 "description": "Input only. The PEM-encoded private key of the leaf certificate.",
2152 "type": "string"
2153 }
2154 },
2155 "type": "object"
2156 },
2157 "Status": {
2158 "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).",
2159 "id": "Status",
2160 "properties": {
2161 "code": {
2162 "description": "The status code, which should be an enum value of google.rpc.Code.",
2163 "format": "int32",
2164 "type": "integer"
2165 },
2166 "details": {
2167 "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use.",
2168 "items": {
2169 "additionalProperties": {
2170 "description": "Properties of the object. Contains field @type with type URL.",
2171 "type": "any"
2172 },
2173 "type": "object"
2174 },
2175 "type": "array"
2176 },
2177 "message": {
2178 "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.",
2179 "type": "string"
2180 }
2181 },
2182 "type": "object"
2183 },
2184 "TrustAnchor": {
2185 "description": "Defines a trust anchor.",
2186 "id": "TrustAnchor",
2187 "properties": {
2188 "pemCertificate": {
2189 "description": "PEM root certificate of the PKI used for validation. Each certificate provided in PEM format may occupy up to 5kB.",
2190 "type": "string"
2191 }
2192 },
2193 "type": "object"
2194 },
2195 "TrustConfig": {
2196 "description": "Defines a trust config.",
2197 "id": "TrustConfig",
2198 "properties": {
2199 "allowlistedCertificates": {
2200 "description": "Optional. A certificate matching an allowlisted certificate is always considered valid as long as the certificate is parseable, proof of private key possession is established, and constraints on the certificate's SAN field are met.",
2201 "items": {
2202 "$ref": "AllowlistedCertificate"
2203 },
2204 "type": "array"
2205 },
2206 "createTime": {
2207 "description": "Output only. The creation timestamp of a TrustConfig.",
2208 "format": "google-datetime",
2209 "readOnly": true,
2210 "type": "string"
2211 },
2212 "description": {
2213 "description": "One or more paragraphs of text description of a TrustConfig.",
2214 "type": "string"
2215 },
2216 "etag": {
2217 "description": "This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.",
2218 "type": "string"
2219 },
2220 "labels": {
2221 "additionalProperties": {
2222 "type": "string"
2223 },
2224 "description": "Set of labels associated with a TrustConfig.",
2225 "type": "object"
2226 },
2227 "name": {
2228 "description": "A user-defined name of the trust config. TrustConfig names must be unique globally and match pattern `projects/*/locations/*/trustConfigs/*`.",
2229 "type": "string"
2230 },
2231 "trustStores": {
2232 "description": "Set of trust stores to perform validation against. This field is supported when TrustConfig is configured with Load Balancers, currently not supported for SPIFFE certificate validation. Only one TrustStore specified is currently allowed.",
2233 "items": {
2234 "$ref": "TrustStore"
2235 },
2236 "type": "array"
2237 },
2238 "updateTime": {
2239 "description": "Output only. The last update timestamp of a TrustConfig.",
2240 "format": "google-datetime",
2241 "readOnly": true,
2242 "type": "string"
2243 }
2244 },
2245 "type": "object"
2246 },
2247 "TrustStore": {
2248 "description": "Defines a trust store.",
2249 "id": "TrustStore",
2250 "properties": {
2251 "intermediateCas": {
2252 "description": "Set of intermediate CA certificates used for the path building phase of chain validation. The field is currently not supported if TrustConfig is used for the workload certificate feature.",
2253 "items": {
2254 "$ref": "IntermediateCA"
2255 },
2256 "type": "array"
2257 },
2258 "trustAnchors": {
2259 "description": "List of Trust Anchors to be used while performing validation against a given TrustStore.",
2260 "items": {
2261 "$ref": "TrustAnchor"
2262 },
2263 "type": "array"
2264 }
2265 },
2266 "type": "object"
2267 }
2268 },
2269 "servicePath": "",
2270 "title": "Certificate Manager API",
2271 "version": "v1",
2272 "version_module": true
2273}View as plain text